marthastewart.com
Issued by Amazon
About this certificate
This digital certificate with serial number 09:01:38:a6:89:9c:32:4a:e8:c7:f4:a5:68:3d:2e:23 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=marthastewart.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 09:01:38:a6:89:9c:32:4a:e8:c7:f4:a5:68:3d:2e:23Serial Number (int): 11969393268323835818727581444957089315
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 90:80:58:e4:c9:2d:8b:c6:1c:ff:e0:df:8f:b9:23:3b:9a:b2:a7:74
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): b9:b1:dd:30:d8:50:5e:46:9c:37:af:21:fc:d1:26:14:f0:a6:08:73
Fingerprint (sha256): 3b:3b:66:07:17:61:eb:72:c0:4c:71:27:dc:3e:bf:68:04:69:cc:66:21:4e:bd:09:01:00:91:0c:97:54:95:66
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate marthastewart.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for marthastewart.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
marthastewart.com
*.element.marthastewart.com
*.marthastewart.com
*.element.marthastewart.com
*.marthastewart.com
Other certificates including the domain name marthastewart.com
(limited to 100 certificates)
payments.meredith.com
qa4.ugc.marthastewart.com
ssl.1.damoh.marthastewart.com
securemetrics.marthastewart.com
accounts.bhg.com
*.secure.meredith.com
secure.meredith.com
ssl.1.damoh.marthastewart.com
my.meredith.com
sli.dailypaws.com
sli.dailypaws.com
a-ue1.mydomaine.com
payments.meredith.com
gigya.marthastewart.com
www.meredith.com
images.marthastewart.com
qa4.ugc.marthastewart.com
specialoffers.meredith.com
qa3.my.marthastewart.com
resolute.digital
globalrunningday.org
images.marthastewart.com
sli.dailypaws.com
*.agriculture.com
dev.secure.meredith.com
ssl.1.damoh.marthastewart.com
sli.dailypaws.com
ssl.1.damoh.marthastewart.com
sli.dailypaws.com
secure.meredith.com
accounts.bhg.com
accounts.bhg.com
www.timeinclistrental.com
mywedding.com
secure.meredith.com
mywedding.com
qa2.ugc.marthastewart.com
www.meredith.com
a-uw2.mydomaine.com
mdp.api.meredith.com
secure.meredith.com
accounts.bhg.com
www.timeinclistrental.com
marthastewart.com
a-ue1.mydomaine.com
qa4.ugc.marthastewart.com
ugc.marthastewart.com
secure.meredith.com
marthastewart.com
globalrunningday.org
test.payments.meredith.com
secure.meredith.com
sli.dailypaws.com
a-ue1.mydomaine.com
resolute.digital
qa3.ugc.marthastewart.com
ugc.marthastewart.com
sli.dailypaws.com
test.secure.meredith.com
ssl.1.damoh.marthastewart.com
qa3.ugc.marthastewart.com
marthastewart.com
ugc.marthastewart.com
images.marthastewart.com
www.timeinclistrental.com
links.allrecipes.com
sli.dailypaws.com
win.bhg.com
cr-iframe.magazine.store
secure.meredith.com
payments.meredith.com
*.marthastewart.com
*.secure.meredith.com
accounts.marthastewart.com
win.bhg.com
gigya.marthastewart.com
www.timeinclistrental.com
secure.meredith.com
ssl.1.damoh.marthastewart.com
marthastewart.com
www.meredith.com
qa3.ugc.marthastewart.com
ssl.1.damoh.marthastewart.com
cr-iframe.magazine.store
api.meredith.com
ssl.1.damoh.marthastewart.com
payments.meredith.com
qa.my.marthastewart.com
ugc.marthastewart.com
qa2.ugc.marthastewart.com
*.secure.meredith.com
ssl.1.damoh.marthastewart.com
metrics.marthastewart.com
secure.meredith.com
ugc.marthastewart.com
ssl.1.damoh.marthastewart.com
accounts.bhg.com
www.marthastewart.com
my.meredith.com
test.payments.meredith.com
qa4.ugc.marthastewart.com
ssl.1.damoh.marthastewart.com
securemetrics.marthastewart.com
accounts.bhg.com
*.secure.meredith.com
secure.meredith.com
ssl.1.damoh.marthastewart.com
my.meredith.com
sli.dailypaws.com
sli.dailypaws.com
a-ue1.mydomaine.com
payments.meredith.com
gigya.marthastewart.com
www.meredith.com
images.marthastewart.com
qa4.ugc.marthastewart.com
specialoffers.meredith.com
qa3.my.marthastewart.com
resolute.digital
globalrunningday.org
images.marthastewart.com
sli.dailypaws.com
*.agriculture.com
dev.secure.meredith.com
ssl.1.damoh.marthastewart.com
sli.dailypaws.com
ssl.1.damoh.marthastewart.com
sli.dailypaws.com
secure.meredith.com
accounts.bhg.com
accounts.bhg.com
www.timeinclistrental.com
mywedding.com
secure.meredith.com
mywedding.com
qa2.ugc.marthastewart.com
www.meredith.com
a-uw2.mydomaine.com
mdp.api.meredith.com
secure.meredith.com
accounts.bhg.com
www.timeinclistrental.com
marthastewart.com
a-ue1.mydomaine.com
qa4.ugc.marthastewart.com
ugc.marthastewart.com
secure.meredith.com
marthastewart.com
globalrunningday.org
test.payments.meredith.com
secure.meredith.com
sli.dailypaws.com
a-ue1.mydomaine.com
resolute.digital
qa3.ugc.marthastewart.com
ugc.marthastewart.com
sli.dailypaws.com
test.secure.meredith.com
ssl.1.damoh.marthastewart.com
qa3.ugc.marthastewart.com
marthastewart.com
ugc.marthastewart.com
images.marthastewart.com
www.timeinclistrental.com
links.allrecipes.com
sli.dailypaws.com
win.bhg.com
cr-iframe.magazine.store
secure.meredith.com
payments.meredith.com
*.marthastewart.com
*.secure.meredith.com
accounts.marthastewart.com
win.bhg.com
gigya.marthastewart.com
www.timeinclistrental.com
secure.meredith.com
ssl.1.damoh.marthastewart.com
marthastewart.com
www.meredith.com
qa3.ugc.marthastewart.com
ssl.1.damoh.marthastewart.com
cr-iframe.magazine.store
api.meredith.com
ssl.1.damoh.marthastewart.com
payments.meredith.com
qa.my.marthastewart.com
ugc.marthastewart.com
qa2.ugc.marthastewart.com
*.secure.meredith.com
ssl.1.damoh.marthastewart.com
metrics.marthastewart.com
secure.meredith.com
ugc.marthastewart.com
ssl.1.damoh.marthastewart.com
accounts.bhg.com
www.marthastewart.com
my.meredith.com
test.payments.meredith.com
Certificate
The complete raw certificate details for marthastewart.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDDCCBPSgAwIBAgIQCQE4pomcMkrox/SlaD0uIzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjAzMjQwMDAwMDBaFw0yMzA0MjIy MzU5NTlaMBwxGjAYBgNVBAMTEW1hcnRoYXN0ZXdhcnQuY29tMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhEtdJGvKzcaCtrVtOx7/eqYpxUuBYXvSv8t fQh55GyANOiJwbebLyA+ARtMsoNlMS+txs2zloPEX4sodTVzuoinXmLT7vuAMUgo TdvOAhFmulr1CaKWEvIafEiUIBTPqXsrtOnlGdpgJcCSr0iJ34q2FCsarcRliesH bvdyCpe+svV/1oO71aztnw52CzIiWaHu6lyiwNicE5P6SaccXI2cfWiOYBCPUNv3 JXFLFCA25KEduSglXDWDe+i72LwwxVVZvyAuwgdKs6LhFtq7Bx7CWr+TaucollRX pAWFpbFAc4qKEEHv8HOxUJPmaCmDTgIk2GUQGDUjmafZh2fIiwIDAQABo4IDHjCC AxowHwYDVR0jBBgwFoAUWaRmBlKge5WSPKOUByeWdFv5PdAwHQYDVR0OBBYEFJCA WOTJLYvGHP/g34+5Izuasqd0ME4GA1UdEQRHMEWCEW1hcnRoYXN0ZXdhcnQuY29t ghsqLmVsZW1lbnQubWFydGhhc3Rld2FydC5jb22CEyoubWFydGhhc3Rld2FydC5j b20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD AjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0 LmNvbS9zY2ExYi0xLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcB AQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0 LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5j b20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSC AWoBaAB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABf7m/IogA AAQDAEcwRQIgapuqCV09Ye8FblTo9S+qTk/TuOYFb5sPJEXCamzEClMCIQCFe9Q2 m1xhB50Ik1FRsOvwEfn5GZb7O8KgkECO12nLWAB3ADXPGRu/sWxXvw+tTG1Cy7u2 JyAmUeo/4SrvqAPDO9ZMAAABf7m/ItYAAAQDAEgwRgIhANsw9OEYmNLEtuEp/JAk xonb/K8Ii808N7hyaRvPXGtgAiEA04vAGf/wyAYf/y9S22SGmjCCiTSFZ/l9J9er gGuWDvgAdQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAX+5vyMN AAAEAwBGMEQCICgN8KjGW0wPtETOiJOfi2mJcbBOa2lCzPwsHPl9MX6YAiAWYaZ5 nAfOjT/rrxu8NvOpGesduWzVxYEObavDQKm/fzANBgkqhkiG9w0BAQsFAAOCAQEA N8N1WUiU1N8zNVgkLpyy0VBOl58NYWJK7EBN5W9U9YPrCHJJkTszfcVTYwKC28mz XtxKRtqU4bL4AsZIAaS56B9OOmiaoP3U78gBTk9ai6LhYL2tUlCwZcLt1ghL7Kmi wlv5t7s00ojTq6nPr793ofY9uF/F8roYm4Ah3SlZMcXjHoqIeY1BtwFTL3pUPEOb AwHe76UD/5tfZ/vQjQF9kWPzPn00sLIKMilVCa5QgT8uwO0beAC9B8NowM0H3sn3 aNW8shH/76TcmInCiwDz5CfrlRTJIXQZCXjaA3sY/1EyeTd9npy9w2XfVsplVVPo TM4rrwJD26Fmdme0jWBTyg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhEtdJGvKzcaCtrVtOx7 /eqYpxUuBYXvSv8tfQh55GyANOiJwbebLyA+ARtMsoNlMS+txs2zloPEX4sodTVz uoinXmLT7vuAMUgoTdvOAhFmulr1CaKWEvIafEiUIBTPqXsrtOnlGdpgJcCSr0iJ 34q2FCsarcRliesHbvdyCpe+svV/1oO71aztnw52CzIiWaHu6lyiwNicE5P6Sacc XI2cfWiOYBCPUNv3JXFLFCA25KEduSglXDWDe+i72LwwxVVZvyAuwgdKs6LhFtq7 Bx7CWr+TaucollRXpAWFpbFAc4qKEEHv8HOxUJPmaCmDTgIk2GUQGDUjmafZh2fI iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11969393268323835818727581444957089315 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'marthastewart.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19449169535288333425575970776255800773674037577829392275595228415971775248379290246826919218608740193606399114751535903068206963360555593152154293562405396590560283779832956274248959697128126411813444319760362065546651668951229369292648140587294547968077110765013887454996778342705277422673105839023018618711030881778564366816734467154407619183679060278742925315163558801019493119783664992633587976787179739145986842127118461617435828558351662096700940293065478686062952428790952168163012856539423869538652213160848794145322221200018641702884549677832715229712525648521954968703304527221758332969750759298242265467019 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 908058e4c92d8bc61cffe0df8fb9233b9ab2a774 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marthastewart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.element.marthastewart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.marthastewart.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017fb9bf2288000004030047304502206a9baa095d3d61ef056e54e8f52faa4e4fd3b8e6056f9b0f2445c26a6cc40a53022100857bd4369b5c61079d08935151b0ebf011f9f91996fb3bc2a090408ed769cb5800770035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017fb9bf22d60000040300483046022100db30f4e11898d2c4b6e129fc9024c689dbfcaf088bcd3c37b872691bcf5c6b60022100d38bc019fff0c8061fff2f52db64869a308289348567f97d27d7ab806b960ef8007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017fb9bf230d00000403004630440220280df0a8c65b4c0fb444ce88939f8b698971b04e6b6942ccfc2c1cf97d317e9802201661a6799c07ce8d3febaf1bbc36f3a919eb1db96cd5c5810e6dabc340a9bf7f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0037c375594894d4df333558242e9cb2d1504e979f0d61624aec404de56f54f583eb087249913b337dc553630282dbc9b35edc4a46da94e1b2f802c64801a4b9e81f4e3a689aa0fdd4efc8014e4f5a8ba2e160bdad5250b065c2edd6084beca9a2c25bf9b7bb34d288d3aba9cfafbf77a1f63db85fc5f2ba189b8021dd295931c5e31e8a88798d41b701532f7a543c439b0301deefa503ff9b5f67fbd08d017d9163f33e7d34b0b20a32295509ae50813f2ec0ed1b7800bd07c368c0cd07dec9f768d5bcb211ffefa4dc9889c28b00f3e427eb9514c92174190978da037b18ff513279377d9e9cbdc365df56ca655553e84cce2baf0243dba1667667b48d6053ca