bng-schlueter.diabrand.shop

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0e:eb:f6:a9:79:be:8e:20:cc:e1:f6:d9:bf:ca:fb:97 was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=bng-schlueter.diabrand.shop

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0e:eb:f6:a9:79:be:8e:20:cc:e1:f6:d9:bf:ca:fb:97
Serial Number (int): 19834384602744523210164572989837474711
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 34:3d:19:58:fe:1d:cf:95:4f:01:b8:49:b4:d4:71:a0:46:4b:10:f1
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 7e:80:70:30:ba:c5:1b:a4:79:11:60:f1:bf:7a:08:33:9f:c8:dd:97
Fingerprint (sha256): 34:c7:25:4f:ea:5a:a1:96:d4:87:63:b9:34:8e:e5:52:ee:9a:8f:e1:e9:44:fd:9a:16:e3:8d:44:d5:0c:69:bc

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate bng-schlueter.diabrand.shop

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bng-schlueter.diabrand.shop

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

bng-schlueter.diabrand.shop
*.bng.sms.brand.diarz.net
*.bng-schlueter.diabrand.shop
bng.sms.brand.diarz.net

Other certificates including the domain name diabrand.shop

(limited to 100 certificates)
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
st-alfeld.diabrand.shop
st-alfeld.diabrand.shop
gateway.s02.schmitter.brand.dia.ovh
shop.nordparts.lu
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
schmitter.demo.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
hbcs.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
hbcs.diabrand.shop
jasper-hydraulik.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
jasper-hydraulik.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
jasper-hydraulik.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
tih.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
st-alfeld.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
jasper-hydraulik.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
nordparts.diabrand.shop
schmitter.demo.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
ps-hydraulik.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
jasper-hydraulik.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
schmitter.demo.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
re-flexalsace.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
nordparts.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
schmitter.demo.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
tih.diabrand.shop
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh
meiseleder.s01.sandvik.brand.dia.ovh

Certificate

The complete raw certificate details for bng-schlueter.diabrand.shop in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIQDuv2qXm+jiDM4fbZv8r7lzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIwNTAwMDAwMFoXDTI1MDEwMjIzNTk1OVowJjEk
MCIGA1UEAxMbYm5nLXNjaGx1ZXRlci5kaWFicmFuZC5zaG9wMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1PWEdI+AIbCatnv1YKlWmpmCmr89pLCkVS4
2ClVPnCw544oTsxWcOOcqTz36XmMrahW/tD6LPaiCS3OvgUXDdoZklF4OMoSZlRB
jbBnq5swcRGJDSPUqlTR4WkBla6kwSXSPGTAF2EP+ohlglfzYbwruIrkl0CH29x8
/BoPdCY0S+DV0prUyreMzKFc6++BtIEP8knUu4+7g4hm4q72EX6iYNL6ZnewwM0O
i39ajbXW+Iu+x4sRif3uijr4FlJYg/AIU2osUNVDY8j0XHtcKTVhofwN75JApj91
VaRUzs/kX5I+pX7vOWI2QROT/ixUGiLtNyMNjA+VvFu5aQmx0QIDAQABo4IB2jCC
AdYwHwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFDQ9
GVj+Hc+VTwG4SbTUcaBGSxDxMHkGA1UdEQRyMHCCG2JuZy1zY2hsdWV0ZXIuZGlh
YnJhbmQuc2hvcIIZKi5ibmcuc21zLmJyYW5kLmRpYXJ6Lm5ldIIdKi5ibmctc2No
bHVldGVyLmRpYWJyYW5kLnNob3CCF2JuZy5zbXMuYnJhbmQuZGlhcnoubmV0MBMG
A1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5y
Mm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAt
BggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYG
CCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0w
Mi5jZXIwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG
9w0BAQsFAAOCAQEAS0J3LZSwo8U5KqSyKAWe1q5BTfQnO1VBYoyQSDtFr6apmLpO
Iy553upBIZhClM52oFr4cyMyZ1Ll416mJGTA6qM6wTAieNSjBOyJLKWy2GaOc0+R
CG+bE/FFCGVwCY0N8Z4XcgSDPchiBLA8JJk1iVPb2N31u2QG4Tj2LyCPXWaFPjYv
9/PxEWOYH8YZH39Fv11lIilLivmaCMJ+M1WoCPFtAnM8dqhownPEtGYWEjxoA7N4
101nt+WjHbjTKAhYXkMhLNDkM6/W9R/xj4dUtpbJ3b17Na6PKAvlfG1pAwlrrzeq
sTesvn+DhaNvYIx3XPho8XYeoczx9nWyoHUs9Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1PWEdI+AIbCatnv1YKl
WmpmCmr89pLCkVS42ClVPnCw544oTsxWcOOcqTz36XmMrahW/tD6LPaiCS3OvgUX
DdoZklF4OMoSZlRBjbBnq5swcRGJDSPUqlTR4WkBla6kwSXSPGTAF2EP+ohlglfz
YbwruIrkl0CH29x8/BoPdCY0S+DV0prUyreMzKFc6++BtIEP8knUu4+7g4hm4q72
EX6iYNL6ZnewwM0Oi39ajbXW+Iu+x4sRif3uijr4FlJYg/AIU2osUNVDY8j0XHtc
KTVhofwN75JApj91VaRUzs/kX5I+pX7vOWI2QROT/ixUGiLtNyMNjA+VvFu5aQmx
0QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 19834384602744523210164572989837474711
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bng-schlueter.diabrand.shop'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24657810644058489554644507603019498655827703807588046823642394889659684871654499054067230430837317970940816381158936360705274934132843704263629218254732026704125577935659530854300992069381837853073711523065498372304072014574921777629102390049226405235964218718114338993686081106841682109791565593171237082315798175238103049108013699573738800189020084586749931661865317457963623935300259740206900502624217599001724296866237109286682798428230962656864206482974829581815963088380800134796587813408850794438748972426122571343506720391940153345652961997126796532129754833693587041813887535937153205387073504553191349006801
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							343d1958fe1dcf954f01b849b4d471a0464b10f1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (114 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bng-schlueter.diabrand.shop'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bng.sms.brand.diarz.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bng-schlueter.diabrand.shop'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bng.sms.brand.diarz.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004b42772d94b0a3c5392aa4b228059ed6ae414df4273b5541628c90483b45afa6a998ba4e232e79deea4121984294ce76a05af87323326752e5e35ea62464c0eaa33ac1302278d4a304ec892ca5b2d8668e734f91086f9b13f145086570098d0df19e177204833dc86204b03c2499358953dbd8ddf5bb6406e138f62f208f5d66853e362ff7f3f11163981fc6191f7f45bf5d6522294b8af99a08c27e3355a808f16d02733c76a868c273c4b46616123c6803b378d74d67b7e5a31db8d32808585e43212cd0e433afd6f51ff18f8754b696c9ddbd7b35ae8f280be57c6d6903096baf37aab137acbe7f8385a36f608c775cf868f1761ea1ccf1f675b2a0752cf5