lhim-qa.ea.holcim.net
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 07:95:bb:63:fd:9b:69:a7:57:d1:c5:be:dd:0c:b3:de was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=lhim-qa.ea.holcim.net
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 07:95:bb:63:fd:9b:69:a7:57:d1:c5:be:dd:0c:b3:deSerial Number (int): 10082048935087662123771981178524709854
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: dc:f8:95:eb:0a:bd:9c:83:5b:07:3e:39:c2:dc:3b:f1:dd:60:39:5c
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 96:68:df:6d:8f:9f:d6:d2:f0:28:b3:2b:53:1a:08:04:f7:ac:e7:75
Fingerprint (sha256): 41:d0:6d:1d:31:f2:5f:08:c1:40:4d:1f:79:63:b3:be:b3:89:28:2b:ee:44:00:85:c5:44:0e:68:df:7b:55:39
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate lhim-qa.ea.holcim.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lhim-qa.ea.holcim.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lhim-qa.ea.holcim.net
Other certificates including the domain name holcim.net
(limited to 100 certificates)
corporate-ise2.hgrs.holcim.net
holporsso.holcim.net
webmail02.ea.holcim.net
hanzsapdev.oc.holcim.net
VPNFBNL.EA.holcim.net
holporsso.holcim.net
hnaadc501.extq.na.holcim.net
lassxp2cip02v.la.holcim.net
*.oc.holcim.net
HEAB-ITSC-A007.ap.holcim.net
nasnctxappd01.na.holcim.net
vpn.au.holcim.net
nasnctxapqa01.na.holcim.net
hnamgw001.na.holcim.net
integration-pmw.ea.holcim.net
emea-webmail.ea.holcim.net
holporsso.holcim.net
usa-dund1-ise3.na.holcim.net
HEAB-ITSC-A006.ap.holcim.net
emea-webmail.ea.holcim.net
amanpmpinpd51.na.holcim.net
hanzappsdev.oc.holcim.net
eurnediappd01.ea.holcim.net
hnaadc001.ebusiness.na.holcim.net
AP-SGS-SP901.in.holcim.net
carrierportal.oc.holcim.net
hnaadc501.ebusinessq.na.holcim.net
amanpmpinpd01.na.holcim.net
deuha-webmail.ea.holcim.net
holcimconecta.ea.holcim.net
hnaadc502.extqa.na.holcim.net
nasnwfmwspd01.na.holcim.net
qlikview.na.holcim.net
*.ea.holcim.net
holporsso-qa.holcim.net
hnaadc501.ext.na.holcim.net
integration-bmw.ea.holcim.net
hnaadc501.ebusiness.na.holcim.net
glosxp1appd01.hgrs.holcim.net
usa-dund1-ise3.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
AP-SGS-VH141.in.holcim.net
hgrsuhep.hgrs.holcim.net
holporsso-qa.holcim.net
hnaadc001.ext.na.holcim.net
vnmds03.ap.holcim.net
usa-dund1-ise4.na.holcim.net
NAWFMSP01.na.holcim.net
gloshspasp01v.hgrs.holcim.net
lhim-qa.ea.holcim.net
hgrs-hbk-s0230.hgrs.holcim.net
holporsso-qa.holcim.net
vpn.au.holcim.net
nasnctxappd03.na.holcim.net
webmail02.ea.holcim.net
usa-dund1-ise3.na.holcim.net
nasnctxappd02.na.holcim.net
holcimconecta.ea.holcim.net
imperva.com
qlikview.na.holcim.net
NACTXP076.na.holcim.net
ita-webmail.ea.holcim.net
AP-SGS-SP901.in.holcim.net
hgrsuhep.hgrs.holcim.net
holq176.ea.holcim.net
qua-vpn.ap.holcim.net
AP-SGS-S5200.in.holcim.net
amanpmpinpd51.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
integration-immw.ea.holcim.net
esp-webmail.ea.holcim.net
AP-SGS-SP902.in.holcim.net
webmail.ea.holcim.net
integration-dmw.ea.holcim.net
hnaadc502.extqa.na.holcim.net
integration-bmw.ea.holcim.net
svk-webmail.ea.holcim.net
webmeetingmx.laseritsc.net
hanzappsdev.oc.holcim.net
AP-SGS-VH141.in.holcim.net
glossccappd03.hgrs.holcim.net
hanzapps.oc.holcim.net
qvwprod.ea.holcim.net
webmail05.ea.holcim.net
AP-SGS-SP902.in.holcim.net
apacsepm.ap.holcim.net
holporsso-qa.holcim.net
mail.au.holcim.net
HEAB-ITSC-A006.ap.holcim.net
hnaadc501.extqa.na.holcim.net
hnaadc501.ebusiness.na.holcim.net
nasnwfmwsqa02.na.holcim.net
svk-webstorage.ea.holcim.net
comms.oc.holcim.net
hnaadc501.ebusinessq.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
htsx-hbk-s1457.hgrs.holcim.net
esp-logis.ea.holcim.net
sysmon.hgrs.holcim.net
comms.oc.holcim.net
holporsso.holcim.net
webmail02.ea.holcim.net
hanzsapdev.oc.holcim.net
VPNFBNL.EA.holcim.net
holporsso.holcim.net
hnaadc501.extq.na.holcim.net
lassxp2cip02v.la.holcim.net
*.oc.holcim.net
HEAB-ITSC-A007.ap.holcim.net
nasnctxappd01.na.holcim.net
vpn.au.holcim.net
nasnctxapqa01.na.holcim.net
hnamgw001.na.holcim.net
integration-pmw.ea.holcim.net
emea-webmail.ea.holcim.net
holporsso.holcim.net
usa-dund1-ise3.na.holcim.net
HEAB-ITSC-A006.ap.holcim.net
emea-webmail.ea.holcim.net
amanpmpinpd51.na.holcim.net
hanzappsdev.oc.holcim.net
eurnediappd01.ea.holcim.net
hnaadc001.ebusiness.na.holcim.net
AP-SGS-SP901.in.holcim.net
carrierportal.oc.holcim.net
hnaadc501.ebusinessq.na.holcim.net
amanpmpinpd01.na.holcim.net
deuha-webmail.ea.holcim.net
holcimconecta.ea.holcim.net
hnaadc502.extqa.na.holcim.net
nasnwfmwspd01.na.holcim.net
qlikview.na.holcim.net
*.ea.holcim.net
holporsso-qa.holcim.net
hnaadc501.ext.na.holcim.net
integration-bmw.ea.holcim.net
hnaadc501.ebusiness.na.holcim.net
glosxp1appd01.hgrs.holcim.net
usa-dund1-ise3.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
AP-SGS-VH141.in.holcim.net
hgrsuhep.hgrs.holcim.net
holporsso-qa.holcim.net
hnaadc001.ext.na.holcim.net
vnmds03.ap.holcim.net
usa-dund1-ise4.na.holcim.net
NAWFMSP01.na.holcim.net
gloshspasp01v.hgrs.holcim.net
lhim-qa.ea.holcim.net
hgrs-hbk-s0230.hgrs.holcim.net
holporsso-qa.holcim.net
vpn.au.holcim.net
nasnctxappd03.na.holcim.net
webmail02.ea.holcim.net
usa-dund1-ise3.na.holcim.net
nasnctxappd02.na.holcim.net
holcimconecta.ea.holcim.net
imperva.com
qlikview.na.holcim.net
NACTXP076.na.holcim.net
ita-webmail.ea.holcim.net
AP-SGS-SP901.in.holcim.net
hgrsuhep.hgrs.holcim.net
holq176.ea.holcim.net
qua-vpn.ap.holcim.net
AP-SGS-S5200.in.holcim.net
amanpmpinpd51.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
integration-immw.ea.holcim.net
esp-webmail.ea.holcim.net
AP-SGS-SP902.in.holcim.net
webmail.ea.holcim.net
integration-dmw.ea.holcim.net
hnaadc502.extqa.na.holcim.net
integration-bmw.ea.holcim.net
svk-webmail.ea.holcim.net
webmeetingmx.laseritsc.net
hanzappsdev.oc.holcim.net
AP-SGS-VH141.in.holcim.net
glossccappd03.hgrs.holcim.net
hanzapps.oc.holcim.net
qvwprod.ea.holcim.net
webmail05.ea.holcim.net
AP-SGS-SP902.in.holcim.net
apacsepm.ap.holcim.net
holporsso-qa.holcim.net
mail.au.holcim.net
HEAB-ITSC-A006.ap.holcim.net
hnaadc501.extqa.na.holcim.net
hnaadc501.ebusiness.na.holcim.net
nasnwfmwsqa02.na.holcim.net
svk-webstorage.ea.holcim.net
comms.oc.holcim.net
hnaadc501.ebusinessq.na.holcim.net
hnaadc502.ebusinessq.na.holcim.net
htsx-hbk-s1457.hgrs.holcim.net
esp-logis.ea.holcim.net
sysmon.hgrs.holcim.net
comms.oc.holcim.net
Certificate
The complete raw certificate details for lhim-qa.ea.holcim.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEaTCCA1GgAwIBAgIQB5W7Y/2baadX0cW+3Qyz3jANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIxODAwMDAwMFoXDTI1MDExNjIzNTk1OVowIDEe MBwGA1UEAxMVbGhpbS1xYS5lYS5ob2xjaW0ubmV0MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAn1FgVUsREmk1VxVM072JP3uYFDeew/Dmfqdrhu0KGXKt mKkod5czzR+dfwJKD49wawylykEZjPu3hfAgiv+tFpQ5F1hJL1MzNcV/925/f5fY A/8uEMEIVhMUZKPTbGB7ruOPKm43+PT1ITILWsq4cxtef8Zgrze9ZcniF/yOYRwY nwbiPExJrbcEOXQdPfBOSShLRdBZr8NjgKwMMsEt8f6CCkgLjNlCX8NNKu3i9jaZ yvJv+zbY9n386JtOSVrl5k0I29aCRhf5az+mvV3H07VP3psz+nXFDTfUgCyXSC4d ziNCoORigKeuAqVsCUYtvtjN7TxUkVUA+RVNgDTY4wIDAQABo4IBgTCCAX0wHwYD VR0jBBgwFoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFNz4lesKvZyD Wwc+OcLcO/HdYDlcMCAGA1UdEQQZMBeCFWxoaW0tcWEuZWEuaG9sY2ltLm5ldDAT BgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu cjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcw LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2 BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJt MDMuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZI hvcNAQELBQADggEBAK7RdGhhSV0U+DvP+436j6NmmtCN4n8e/rZsB+CSAh87luy+ P2kYelhp78WLzmOFK84SCW2sapUr6MiJSWpbJNdsSrYlBqHUuzjGXqrEYNYr+B/X 9SpHK9KUjR+w8f2pu3O1iivB0tvg+v/sM1CGbt8FT4/jWaNvqDw+aa4U7MoQyu1b xic0r2QQCBU1ggWy7DWIF+yvk1w6eMqcXW9jh7ywJP+2bxqYS98I/zq50kqyaae1 A6z7SmT1mjruRjhGsQL8+hh/HbeqIF1OmVm1K748z2BgDuA2iX7IIB0FUdK+InV8 F8dNYo2JcN/z4Xq1X8KSrHE2zEGZ+tbUj7yDy44= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1FgVUsREmk1VxVM072J P3uYFDeew/Dmfqdrhu0KGXKtmKkod5czzR+dfwJKD49wawylykEZjPu3hfAgiv+t FpQ5F1hJL1MzNcV/925/f5fYA/8uEMEIVhMUZKPTbGB7ruOPKm43+PT1ITILWsq4 cxtef8Zgrze9ZcniF/yOYRwYnwbiPExJrbcEOXQdPfBOSShLRdBZr8NjgKwMMsEt 8f6CCkgLjNlCX8NNKu3i9jaZyvJv+zbY9n386JtOSVrl5k0I29aCRhf5az+mvV3H 07VP3psz+nXFDTfUgCyXSC4dziNCoORigKeuAqVsCUYtvtjN7TxUkVUA+RVNgDTY 4wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10082048935087662123771981178524709854 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-16 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lhim-qa.ea.holcim.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20112018639455491652478485430998355045399192940338465001794159299751779122311093818108994937925097834584647961351073601796645477192765882086769488730103482439475318806123439621039686022664019315163053815652521718817358100703014011200577818629388680732457305281040956436405941397250081336010132822135881960835918283623411749212714815372657482629375569064153262270555903899123959287671488927537300622904708238203291480474780194427852997333323943280974026629542793309161426544979009672729305428064116970596330920420858477587184829423775517726970168439605818426446138237380329180518226960298330290254385317705851640010979 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dcf895eb0abd9c835b073e39c2dc3bf1dd60395c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lhim-qa.ea.holcim.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00aed1746861495d14f83bcffb8dfa8fa3669ad08de27f1efeb66c07e092021f3b96ecbe3f69187a5869efc58bce63852bce12096dac6a952be8c889496a5b24d76c4ab62506a1d4bb38c65eaac460d62bf81fd7f52a472bd2948d1fb0f1fda9bb73b58a2bc1d2dbe0faffec3350866edf054f8fe359a36fa83c3e69ae14ecca10caed5bc62734af64100815358205b2ec358817ecaf935c3a78ca9c5d6f6387bcb024ffb66f1a984bdf08ff3ab9d24ab269a7b503acfb4a64f59a3aee463846b102fcfa187f1db7aa205d4e9959b52bbe3ccf60600ee036897ec8201d0551d2be22757c17c74d628d8970dff3e17ab55fc292ac7136cc4199fad6d48fbc83cb8e