www.crosscountry.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0d:5a:12:6c:e1:90:b2:22:11:d9:a2:a2:c0:83:65:37 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.crosscountry.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:5a:12:6c:e1:90:b2:22:11:d9:a2:a2:c0:83:65:37Serial Number (int): 17747644372295511842469961962239518007
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 48:3e:29:62:04:da:54:a7:66:a5:ad:d9:2b:b4:6e:a8:40:8d:00:5d
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 79:e4:24:04:3b:5a:83:3c:c8:25:d0:ec:be:e3:65:51:39:92:bc:36
Fingerprint (sha256): 2c:16:b1:27:9a:fd:e8:c0:c1:e0:6c:4e:47:7c:db:0a:6b:cc:31:a6:2c:2d:87:f5:f2:0e:33:3d:65:90:28:a5
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate www.crosscountry.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.crosscountry.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.crosscountry.com
crosscountry.com
crosscountry.com
Other certificates including the domain name crosscountry.com
(limited to 100 certificates)
leapfrog-ssl-21.gcs-web.com
cross-country-boston.monstermediaworks.ca
www.cross-country-walnut-creek.monstermediaworks.ca
www.cross-country-walnut-creek.monstermediaworks.ca
salesforceservice.crosscountry.com
leapfrog-ssl-21.gcs-web.com
leapfrog-ssl-21.gcs-web.com
cross-country-chicago.monstermediaworks.ca
salesforceservice.crosscountry.com
cross-country-baltimore.monstermediaworks.ca
tsswebsvc.msnhealth.net
npv2.crosscountry.com
rds.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
cross-country-baltimore.monstermediaworks.ca
go.crosscountry.com
cross-country-sayre.monstermediaworks.ca
smsgateway.crosscountry.com
cross-country-sayre.monstermediaworks.ca
opportunities.m.crosscountry.com
salesforceservice.crosscountry.com
tsswebsvc.msnhealth.net
cross-country-chicago.monstermediaworks.ca
lyncweb.ccrn.com
cross-country-boston.monstermediaworks.ca
www.crosscountrytravcorps.com
npv3.crosscountry.com
apps.crosscountry.com
evaluation.crosscountry.com
leapfrog-ssl-21.gcs-web.com
evaluation.crosscountry.com
npv.crosscountry.com
cross-country-boston.monstermediaworks.ca
hybrid.crosscountry.com
cross-country-chicago.monstermediaworks.ca
tsswebsvc.msnhealth.net
npv3.crosscountry.com
shop.crosscountry.com
tsswebsvc.msnhealth.net
mail.crosscountry.com
npv.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
go.crosscountry.com
cross-country-sayre.monstermediaworks.ca
app.crosscountry.com
www.crosscountry.com
cross-country-boston.monstermediaworks.ca
evaluation.crosscountry.com
cross-country-chicago.monstermediaworks.ca
sso.crosscountry.com
cross-country-boston.monstermediaworks.ca
cross-country-chicago.monstermediaworks.ca
tsswebsvc.msnhealth.net
cross-country-boston.monstermediaworks.ca
cross-country-boston.monstermediaworks.ca
*.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
cross-country-baltimore.monstermediaworks.ca
evaluation.crosscountry.com
sharefile.crosscountry.com
cross-country-chicago.monstermediaworks.ca
survey.crosscountry.com
leapfrog-ssl-21.gcs-web.com
salesforceservice.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
leapfrog-ssl-21.gcs-web.com
*.crosscountry.com
cross-country-sayre.monstermediaworks.ca
cross-country-baltimore.monstermediaworks.ca
cross-country-boston.monstermediaworks.ca
go.crosscountry.com
www.crosscountrytravcorps.com
shop.crosscountry.com
cross-country-baltimore.monstermediaworks.ca
assets.crosscountry.com
*.crosscountry.com
sso.crosscountry.com
devcssis.crosscountry.com
hybrid.crosscountry.com
leapfrog-ssl-21.gcs-web.com
cross-country-baltimore.monstermediaworks.ca
www.prod.crosscountry.com
maintenance.crosscountry.com
cross-country-boston.monstermediaworks.ca
hybrid.crosscountry.com
mail.crosscountry.com
cross-country-baltimore.monstermediaworks.ca
smsgateway.crosscountry.com
salesforceservice.crosscountry.com
npv.crosscountry.com
files.crosscountry.com
www.dev.crosscountry.com
mobilegateway.crosscountry.com
app.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
leapfrog-ssl-21.gcs-web.com
npv2.crosscountry.com
www.stage.crosscountry.com
leapfrog-ssl-21.gcs-web.com
assets.crosscountry.com
cross-country-boston.monstermediaworks.ca
www.cross-country-walnut-creek.monstermediaworks.ca
www.cross-country-walnut-creek.monstermediaworks.ca
salesforceservice.crosscountry.com
leapfrog-ssl-21.gcs-web.com
leapfrog-ssl-21.gcs-web.com
cross-country-chicago.monstermediaworks.ca
salesforceservice.crosscountry.com
cross-country-baltimore.monstermediaworks.ca
tsswebsvc.msnhealth.net
npv2.crosscountry.com
rds.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
cross-country-baltimore.monstermediaworks.ca
go.crosscountry.com
cross-country-sayre.monstermediaworks.ca
smsgateway.crosscountry.com
cross-country-sayre.monstermediaworks.ca
opportunities.m.crosscountry.com
salesforceservice.crosscountry.com
tsswebsvc.msnhealth.net
cross-country-chicago.monstermediaworks.ca
lyncweb.ccrn.com
cross-country-boston.monstermediaworks.ca
www.crosscountrytravcorps.com
npv3.crosscountry.com
apps.crosscountry.com
evaluation.crosscountry.com
leapfrog-ssl-21.gcs-web.com
evaluation.crosscountry.com
npv.crosscountry.com
cross-country-boston.monstermediaworks.ca
hybrid.crosscountry.com
cross-country-chicago.monstermediaworks.ca
tsswebsvc.msnhealth.net
npv3.crosscountry.com
shop.crosscountry.com
tsswebsvc.msnhealth.net
mail.crosscountry.com
npv.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
go.crosscountry.com
cross-country-sayre.monstermediaworks.ca
app.crosscountry.com
www.crosscountry.com
cross-country-boston.monstermediaworks.ca
evaluation.crosscountry.com
cross-country-chicago.monstermediaworks.ca
sso.crosscountry.com
cross-country-boston.monstermediaworks.ca
cross-country-chicago.monstermediaworks.ca
tsswebsvc.msnhealth.net
cross-country-boston.monstermediaworks.ca
cross-country-boston.monstermediaworks.ca
*.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
cross-country-baltimore.monstermediaworks.ca
evaluation.crosscountry.com
sharefile.crosscountry.com
cross-country-chicago.monstermediaworks.ca
survey.crosscountry.com
leapfrog-ssl-21.gcs-web.com
salesforceservice.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
leapfrog-ssl-21.gcs-web.com
*.crosscountry.com
cross-country-sayre.monstermediaworks.ca
cross-country-baltimore.monstermediaworks.ca
cross-country-boston.monstermediaworks.ca
go.crosscountry.com
www.crosscountrytravcorps.com
shop.crosscountry.com
cross-country-baltimore.monstermediaworks.ca
assets.crosscountry.com
*.crosscountry.com
sso.crosscountry.com
devcssis.crosscountry.com
hybrid.crosscountry.com
leapfrog-ssl-21.gcs-web.com
cross-country-baltimore.monstermediaworks.ca
www.prod.crosscountry.com
maintenance.crosscountry.com
cross-country-boston.monstermediaworks.ca
hybrid.crosscountry.com
mail.crosscountry.com
cross-country-baltimore.monstermediaworks.ca
smsgateway.crosscountry.com
salesforceservice.crosscountry.com
npv.crosscountry.com
files.crosscountry.com
www.dev.crosscountry.com
mobilegateway.crosscountry.com
app.crosscountry.com
www.cross-country-walnut-creek.monstermediaworks.ca
leapfrog-ssl-21.gcs-web.com
npv2.crosscountry.com
www.stage.crosscountry.com
leapfrog-ssl-21.gcs-web.com
assets.crosscountry.com
Certificate
The complete raw certificate details for www.crosscountry.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF8jCCBNqgAwIBAgIQDVoSbOGQsiIR2aKiwINlNzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjA4MDgwMDAwMDBaFw0yMzA5MDYy MzU5NTlaMB8xHTAbBgNVBAMTFHd3dy5jcm9zc2NvdW50cnkuY29tMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt19A5qDTsh2F5SBZ9uHF0R1SkJLWixhp 9uoiTYOLanxqD9w/50TCXzhXHFvEWQraHnuCzDOlw6DDJ9EfpRZF4MRyM995q/96 Z8Gu7TrixfIo5YGagjzio5Q7hq1qsUZVrM5JGIol8/zmSnG3DXSaZi964h1pE4dF q+M6RKLE7J8YwOfID4wZ3wiaLncloeOO/LS6xpixj0bI/kvajtprQR67EtkG+DGV a5JmhQQUYDMjYkXS4AAO+ktT/9b67iS901Rxv2nw+xLntYLI+73XdfhV/pGZFZSe 4nMz94BqiVQp3rkBD13z5fuqh+uihrzxvQu7QlzucUoHWtNDghS0vQIDAQABo4ID ATCCAv0wHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYE FEg+KWIE2lSnZqWt2Su0bqhAjQBdMDEGA1UdEQQqMCiCFHd3dy5jcm9zc2NvdW50 cnkuY29tghBjcm9zc2NvdW50cnkuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDov L2NybC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWItMS5jcmwwEwYDVR0gBAww CjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8v b2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9j cnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAA MIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgCt9776fP8QyIudPZwePhhqtGcp Xc+xDCTKhYY069yCigAAAYJ+tlzIAAAEAwBHMEUCICltI7teFPylRtj7ZYcWt8fb a+8KIIQBVIRpMpwbzrrfAiEAnqLJNpO6ciyk1N8TCgm29SNLHuemjKUbHe/mO77d DNYAdgA1zxkbv7FsV78PrUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAYJ+tlzLAAAE AwBHMEUCIDgUZtA4wcy+3139UX15pSwlFD+zVe90vssK9cMoWhhPAiEAjr/v8k4Q q5t38/SpYgg41YvP4cgvp1qs+uxJ11+4F/gAdgCzc3cH4YRQ+GOG1gWp3BEJSnkt sWcMC4fc8AMOeTalmgAAAYJ+tl0kAAAEAwBHMEUCIQCDhO5UwC7lVyeC0Qsn1Fav fHSiUD02g4z14T4cSiMfSgIgaCEuU0OCAr/NjgSeq7dwF2NGE0OH6v2Iy7KcMfKH vzkwDQYJKoZIhvcNAQELBQADggEBALeKwB94q7J3A9zMmMeKt1xrXTgmb2a5kErz nUrvtCdGeM53nlaUHV5xt7vKZXtkusdjsLlsfinFOG60EUA5MimKOKpOO0g0xW+X NkMAAcrolI7zg4Yuyc/eTXccEgWmI6IS25y+JEwpTi4wCam8LcfnQISTrR5YOgky ldcuHsysPo/TyWvlr7djdLnEfplf6JThYdbaP31cfheoNF3w3tx74uF9uKUkjxIa kBnXh7/p61BP+45uFGWc4fWEJ2nwjjb8a2o1FLZtZCgPZVV2keG5ONfqWImCNU9y fv2xGZkURmotfn5dEH+VlOQH6GqujcxbFKpw1ErmbxgrDOcWV/0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt19A5qDTsh2F5SBZ9uHF 0R1SkJLWixhp9uoiTYOLanxqD9w/50TCXzhXHFvEWQraHnuCzDOlw6DDJ9EfpRZF 4MRyM995q/96Z8Gu7TrixfIo5YGagjzio5Q7hq1qsUZVrM5JGIol8/zmSnG3DXSa Zi964h1pE4dFq+M6RKLE7J8YwOfID4wZ3wiaLncloeOO/LS6xpixj0bI/kvajtpr QR67EtkG+DGVa5JmhQQUYDMjYkXS4AAO+ktT/9b67iS901Rxv2nw+xLntYLI+73X dfhV/pGZFZSe4nMz94BqiVQp3rkBD13z5fuqh+uihrzxvQu7QlzucUoHWtNDghS0 vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17747644372295511842469961962239518007 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.crosscountry.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23148581069703513023150332327632683244409341297503872798169088311542631864689475557400585496534981065700482090798802735728085619080909173635636027286602303799068670000336567388028669812607470999071614712702458553920549393387306629057860079784589353508346228138947967793568975740707627484157761118477082025236147956426697707566079554647617801410155642018115089115045937367068613474313632839592613918534895246135505438049339975270931868492281833847314604914812226589956739338632573090828247791095485192496984283239084386688786655652663306208277783947893730588733971686315743683968706534750944205586502341279496076047549 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 483e296204da54a766a5add92bb46ea8408d005d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.crosscountry.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crosscountry.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001827eb65cc800000403004730450220296d23bb5e14fca546d8fb658716b7c7db6bef0a208401548469329c1bcebadf0221009ea2c93693ba722ca4d4df130a09b6f5234b1ee7a68ca51b1defe63bbedd0cd600760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c000001827eb65ccb00000403004730450220381466d038c1ccbedf5dfd517d79a52c25143fb355ef74becb0af5c3285a184f0221008ebfeff24e10ab9b77f3f4a9620838d58bcfe1c82fa75aacfaec49d75fb817f8007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001827eb65d2400000403004730450221008384ee54c02ee5572782d10b27d456af7c74a2503d36838cf5e13e1c4a231f4a022068212e53438202bfcd8e049eabb770176346134387eafd88cbb29c31f287bf39 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b78ac01f78abb27703dccc98c78ab75c6b5d38266f66b9904af39d4aefb4274678ce779e56941d5e71b7bbca657b64bac763b0b96c7e29c5386eb411403932298a38aa4e3b4834c56f9736430001cae8948ef383862ec9cfde4d771c1205a623a212db9cbe244c294e2e3009a9bc2dc7e7408493ad1e583a093295d72e1eccac3e8fd3c96be5afb76374b9c47e995fe894e161d6da3f7d5c7e17a8345df0dedc7be2e17db8a5248f121a9019d787bfe9eb504ffb8e6e14659ce1f5842769f08e36fc6b6a3514b66d64280f65557691e1b938d7ea588982354f727efdb1199914466a2d7e7e5d107f9594e407e86aae8dcc5b14aa70d44ae66f182b0ce71657fd