td.cosmopolitan.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0a:d8:ba:cd:27:b3:36:46:fe:5e:94:a1:00:44:22:ba was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=td.cosmopolitan.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0a:d8:ba:cd:27:b3:36:46:fe:5e:94:a1:00:44:22:baSerial Number (int): 14417604861538845553823606050872631994
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: a4:f2:93:69:78:ce:51:4e:01:64:5e:b5:46:9c:7e:28:eb:f9:4e:eb
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 9f:f0:51:d9:df:55:31:55:0b:50:23:8c:ea:c5:30:c4:68:bb:37:f8
Fingerprint (sha256): 36:eb:2f:8e:07:71:99:09:55:88:00:11:e1:b3:86:d7:00:52:62:9d:44:d9:e7:9f:57:43:42:26:cd:31:34:af
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate td.cosmopolitan.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for td.cosmopolitan.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
td.cosmopolitan.com
Other certificates including the domain name cosmopolitan.com
(limited to 100 certificates)
*.25ans.jp
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
cosmopolitan.com
mcstaging-shop.elle.com
hearst-prod.actioniq.mr-in.com
mcstaging-shop.elle.com
shop.elle.com
*.hearstapps.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
secure.hdmtools.com
dns-vetting1-mims-pawel.map.fastly.net
shop.elle.com
cosmopolitan.com
shop.elle.com
actieabonnement.live.hearst.aubergine-it.nl
actieabonnement.live.hearst.aubergine-it.nl
dns-vetting1-mims-pawel.map.fastly.net
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
sli.esquire.com
mcstaging-shop.elle.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
shop.cosmopolitan.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
actieabonnement.live.hearst.aubergine-it.nl
sli.esquire.com
cosmopolitan.com
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
magentocloud55.map.fastly.net
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
mcstaging-store.delish.com
shop.elle.com
shop.elle.com
hearst-prod.actioniq.mr-in.com
shop.elledecor.com
mcstaging-shop.elle.com
actieabonnement.live.hearst.aubergine-it.nl
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
actieabonnement.live.hearst.aubergine-it.nl
shop.elle.com
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
abonnement.bicycling.nl
actieabonnement.live.hearst.aubergine-it.nl
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-store.delish.com
actieabonnement.live.hearst.aubergine-it.nl
cosmopolitan.com
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
link.cosmopolitan.com
shop.elle.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-store.delish.com
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
shop.elle.com
shop.elle.com
link.cosmopolitan.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
sli.esquire.com
td.cosmopolitan.com
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
mcstaging-shop.elle.com
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-prod.actioniq.mr-in.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
cosmopolitan.com
mcstaging-shop.elle.com
hearst-prod.actioniq.mr-in.com
mcstaging-shop.elle.com
shop.elle.com
*.hearstapps.com
dns-vetting1-mims-pawel.map.fastly.net
dns-vetting1-mims-pawel.map.fastly.net
secure.hdmtools.com
dns-vetting1-mims-pawel.map.fastly.net
shop.elle.com
cosmopolitan.com
shop.elle.com
actieabonnement.live.hearst.aubergine-it.nl
actieabonnement.live.hearst.aubergine-it.nl
dns-vetting1-mims-pawel.map.fastly.net
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
sli.esquire.com
mcstaging-shop.elle.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
shop.cosmopolitan.com
shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
actieabonnement.live.hearst.aubergine-it.nl
sli.esquire.com
cosmopolitan.com
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
magentocloud55.map.fastly.net
subscribe.hearstmags.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
mcstaging-store.delish.com
shop.elle.com
shop.elle.com
hearst-prod.actioniq.mr-in.com
shop.elledecor.com
mcstaging-shop.elle.com
actieabonnement.live.hearst.aubergine-it.nl
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
subscribe.hearstmags.com
sli.esquire.com
actieabonnement.live.hearst.aubergine-it.nl
shop.elle.com
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
abonnement.bicycling.nl
actieabonnement.live.hearst.aubergine-it.nl
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-store.delish.com
actieabonnement.live.hearst.aubergine-it.nl
cosmopolitan.com
store.caranddriver.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
link.cosmopolitan.com
shop.elle.com
shop.elle.com
sli.esquire.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-store.delish.com
hearst-hdm.map.fastly.net
subscribe.hearstmags.com
cosmopolitan.com
dns-vetting1-mims-pawel.map.fastly.net
mcstaging-shop.elle.com
mcstaging-shop.elle.com
dns-vetting1-mims-pawel.map.fastly.net
shop.elle.com
shop.elle.com
link.cosmopolitan.com
dns-vetting1-mims-pawel.map.fastly.net
hearst-hdm.map.fastly.net
sli.esquire.com
td.cosmopolitan.com
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
mcstaging-shop.elle.com
hearst-hdm.map.fastly.net
hearst-hdm.map.fastly.net
Certificate
The complete raw certificate details for td.cosmopolitan.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF0TCCBLmgAwIBAgIQCti6zSezNkb+XpShAEQiujANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDMwODAwMDAwMFoXDTI1MDQwNzIzNTk1OVowHjEc MBoGA1UEAxMTdGQuY29zbW9wb2xpdGFuLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAMeIOixNNrFsUeUcPu9UhYHjkmGY48bD8HfN2VHKQSkhAl8b Rut31PAE9NqP6qnql94qMo/AMZ+ZyzbtArJtTg26gEqHzolL21Le92yNG5lA55B0 vUveMRGlWVMK1QWTGIM3xoQL7zvslZAT7RG7uUFTAqjQ6bYdfxY3aHqIxtZp1ssC 9cnzOIOs7fhGOOUWsNUhalq1Ds6OJTSrwPNtVNVV5oQBDelQWhbfi1YB1g2tpbbC ol65lIgVwuWQcZbjpNHU2DOKd41D3ls8bJtOLUVHsyyr6C07UaDfrWx/PS2g8EWl qj+oN9ufxkfgQO7drtmyEFznR0K2RIGXtsl1qwsCAwEAAaOCAuswggLnMB8GA1Ud IwQYMBaAFFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQWBBSk8pNpeM5RTgFk XrVGnH4o6/lO6zAeBgNVHREEFzAVghN0ZC5jb3Ntb3BvbGl0YW4uY29tMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0w My5hbWF6b250cnVzdC5jb20vcjJtMDMuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggr BgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDMuYW1hem9udHJ1c3QuY29tMDYGCCsG AQUFBzAChipodHRwOi8vY3J0LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5j ZXIwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYATnWj J1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGOG5dGCgAABAMARzBFAiAL mkgQEAliacogHwkDXZYupexWlOZvdUviaAtg4/Z/UwIhALoxDFeV8Ex3/Pj88z67 SIggl/SOWqMb/DjrAwsdgJfQAHUAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/Z DowuebgAAAGOG5dGQwAABAMARjBEAiBXX8OuHBEQWO8wgtuW9bd3HzheHx7lBWSX MBunRVJaQwIgfQG6xtFnxzoQymdmKI+Fp1CZY4cEVNREvbAs1Ou8K1EAdgDm0jFj QHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY4bl0ZuAAAEAwBHMEUCIQDi KPmxC1QQdnlhvkAv7vILlPr8tzbRiUWi/2OzMlpAlQIgNnn9XIxbt2qM/3OieHU8 FzpwyFEcb7kvnU3UTTKBQD0wDQYJKoZIhvcNAQELBQADggEBAIT14jKOMYqsIRXc yebDX/wd6FEnjw8TXHkdavpQ0m9iRmr1/1WGdNMv/I6yZlzybDOGCqLr57LIfyQp FtGeVQOVWbN/rFSEWpeLtSJ47HlacZJTV49n1ChG8QAMma0hnABascgcTDK2Z9d8 hl9FxTWPio8CN8d6pkv1W/qfEFkYXqyny4PTdi3g0hGmR62OEZkTh1Kq21ZetYi8 UEm2oOaXVsioHSD977hk5sLGTWXFPKZ0seUWrVB4V8Haka2nxXGrMDI5OaZuszYU Y0wyzI8xxWP+ZjJrchcen0AdNeFoygSwhZ7Zp8SHmAWHmZ3KBHx89waCsJlrwpiO +gVvaPQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4g6LE02sWxR5Rw+71SF geOSYZjjxsPwd83ZUcpBKSECXxtG63fU8AT02o/qqeqX3ioyj8Axn5nLNu0Csm1O DbqASofOiUvbUt73bI0bmUDnkHS9S94xEaVZUwrVBZMYgzfGhAvvO+yVkBPtEbu5 QVMCqNDpth1/FjdoeojG1mnWywL1yfM4g6zt+EY45Raw1SFqWrUOzo4lNKvA821U 1VXmhAEN6VBaFt+LVgHWDa2ltsKiXrmUiBXC5ZBxluOk0dTYM4p3jUPeWzxsm04t RUezLKvoLTtRoN+tbH89LaDwRaWqP6g325/GR+BA7t2u2bIQXOdHQrZEgZe2yXWr CwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 14417604861538845553823606050872631994 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'td.cosmopolitan.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25188598843234180368001138316071506183799205932444447580268847978964519570035393850420940203244320174294979348722951535873597699638705769402559863936121300380423525606916223103153575128559957276804021885832610574665871134653815180823419983703330427812981676143742406680126140886505702634993531521567755679367173946678031436248414720166236881147293164441662743515854313335392513372748899472066525863244325683579362014122711908425754348450473323031823443392602124976470447094285488472798356079652180576637370054155943030446672991045928595908873765727005031033747901233087479389260029339917357719392331778675184896420619 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a4f2936978ce514e01645eb5469c7e28ebf94eeb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'td.cosmopolitan.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e1b97460a000004030047304502200b9a481010096269ca201f09035d962ea5ec5694e66f754be2680b60e3f67f53022100ba310c5795f04c77fcf8fcf33ebb48882097f48e5aa31bfc38eb030b1d8097d00075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018e1b97464300000403004630440220575fc3ae1c111058ef3082db96f5b7771f385e1f1ee5056497301ba745525a4302207d01bac6d167c73a10ca6766288f85a7509963870454d444bdb02cd4ebbc2b51007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018e1b97466e0000040300473045022100e228f9b10b5410767961be402feef20b94fafcb736d18945a2ff63b3325a409502203679fd5c8c5bb76a8cff73a278753c173a70c8511c6fb92f9d4dd44d3281403d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0084f5e2328e318aac2115dcc9e6c35ffc1de851278f0f135c791d6afa50d26f62466af5ff558674d32ffc8eb2665cf26c33860aa2ebe7b2c87f242916d19e55039559b37fac54845a978bb52278ec795a719253578f67d42846f1000c99ad219c005ab1c81c4c32b667d77c865f45c5358f8a8f0237c77aa64bf55bfa9f1059185eaca7cb83d3762de0d211a647ad8e1199138752aadb565eb588bc5049b6a0e69756c8a81d20fdefb864e6c2c64d65c53ca674b1e516ad507857c1da91ada7c571ab30323939a66eb33614634c32cc8f31c563fe66326b72171e9f401d35e168ca04b0859ed9a7c487980587999dca047c7cf70682b0996bc2988efa056f68f4