direct.client-api.getpocket.dev
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0d:63:60:2a:dd:96:84:96:a3:8a:f7:1a:49:e1:60:90 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=direct.client-api.getpocket.dev
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0d:63:60:2a:dd:96:84:96:a3:8a:f7:1a:49:e1:60:90Serial Number (int): 17795951841681782617068196266439172240
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 3d:03:5c:89:b4:5a:2e:d1:78:fc:5a:02:ed:bf:55:63:4a:0c:0a:ba
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 9a:cf:db:2a:95:cc:f0:12:96:84:11:e9:f3:d9:82:58:e1:ae:70:29
Fingerprint (sha256): 45:93:bb:85:9f:88:39:8f:53:d3:22:11:f3:21:5c:fd:c0:a6:a9:b0:3b:b7:b3:2e:a6:54:ca:c9:79:e9:1d:99
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate direct.client-api.getpocket.dev
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for direct.client-api.getpocket.dev
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
direct.client-api.getpocket.dev
Other certificates including the domain name getpocket.dev
(limited to 100 certificates)
firefox-newtab-proxy.getpocket.dev
blog-staging.getpocket.dev
acme.getpocket.dev
web-client.getpocket.dev
acme.getpocket.dev
mozilla-auth-proxy.getpocket.dev
cdktf-backup.getpocket.dev
blog.getpocket.dev
*.admin.getpocket.dev
dotcom-gateway-dev.getpocket.dev
dotcom-gateway-dev.getpocket.dev
collection-api.getpocket.dev
team.getpocket.dev
*.webapp.getpocket.dev
new-tab-assets.getpocket.dev
*.webapp.getpocket.dev
*.mlflow-private.getpocket.dev
apigtest.getpocket.dev
*.webapp.getpocket.dev
admin.getpocket.dev
*.web-marketing.getpocket.dev
web-discover.getpocket.dev
recommendation-api.getpocket.dev
backstage.getpocket.dev
direct.daniel-client-api.getpocket.dev
cdktf-unleash.getpocket.dev
auth.getpocket.dev
recommendation-api.getpocket.dev
blog-staging.getpocket.dev
team.getpocket.dev
*.mlflow-dev1.getpocket.dev
admin.getpocket.dev
blog.getpocket.dev
spocs.getpocket.dev
cdktf.getpocket.dev
*.getpocket.dev
text.getpocket.dev
direct.client-api.getpocket.dev
cdktf-backup.getpocket.dev
direct.client-api.getpocket.dev
auth.getpocket.dev
web-marketing.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
blog.getpocket.dev
*.feature.getpocket.dev
acme.getpocket.dev
*.web-discover.getpocket.dev
apig-test.getpocket.dev
recit.getpocket.dev
collection-api.getpocket.dev
clicks.getpocket.dev
backstage.getpocket.dev
blog.getpocket.dev
blog-staging.getpocket.dev
cdktf.getpocket.dev
cdktf.getpocket.dev
*.web-client.getpocket.dev
web-client.getpocket.dev
mozilla-auth-proxy.getpocket.dev
image-api.getpocket.dev
curation-admin-tools.getpocket.dev
*.web-discover.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
exampleapi.getpocket.dev
web-discover.getpocket.dev
list-api.getpocket.dev
cdktf-unleash.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.client-api.getpocket.dev
acme.getpocket.dev
*.feature.getpocket.dev
*.mlflow-private.getpocket.dev
*.admin.getpocket.dev
team.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
exampleapi.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
blog.getpocket.dev
acme-good.getpocket.dev
acme.getpocket.dev
direct.client-api.getpocket.dev
text.getpocket.dev
blog.getpocket.dev
web-ui.getpocket.dev
apig-test.getpocket.dev
admin-api.getpocket.dev
companion-proxy.getpocket.dev
blog-staging.getpocket.dev
recit.getpocket.dev
recit.getpocket.dev
*.feature.getpocket.dev
mozilla-auth-proxy.getpocket.dev
firefox-android-home-recommendations.getpocket.dev
*.web-client.getpocket.dev
recit.getpocket.dev
blog-staging.getpocket.dev
acme.getpocket.dev
web-client.getpocket.dev
acme.getpocket.dev
mozilla-auth-proxy.getpocket.dev
cdktf-backup.getpocket.dev
blog.getpocket.dev
*.admin.getpocket.dev
dotcom-gateway-dev.getpocket.dev
dotcom-gateway-dev.getpocket.dev
collection-api.getpocket.dev
team.getpocket.dev
*.webapp.getpocket.dev
new-tab-assets.getpocket.dev
*.webapp.getpocket.dev
*.mlflow-private.getpocket.dev
apigtest.getpocket.dev
*.webapp.getpocket.dev
admin.getpocket.dev
*.web-marketing.getpocket.dev
web-discover.getpocket.dev
recommendation-api.getpocket.dev
backstage.getpocket.dev
direct.daniel-client-api.getpocket.dev
cdktf-unleash.getpocket.dev
auth.getpocket.dev
recommendation-api.getpocket.dev
blog-staging.getpocket.dev
team.getpocket.dev
*.mlflow-dev1.getpocket.dev
admin.getpocket.dev
blog.getpocket.dev
spocs.getpocket.dev
cdktf.getpocket.dev
*.getpocket.dev
text.getpocket.dev
direct.client-api.getpocket.dev
cdktf-backup.getpocket.dev
direct.client-api.getpocket.dev
auth.getpocket.dev
web-marketing.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
blog.getpocket.dev
*.feature.getpocket.dev
acme.getpocket.dev
*.web-discover.getpocket.dev
apig-test.getpocket.dev
recit.getpocket.dev
collection-api.getpocket.dev
clicks.getpocket.dev
backstage.getpocket.dev
blog.getpocket.dev
blog-staging.getpocket.dev
cdktf.getpocket.dev
cdktf.getpocket.dev
*.web-client.getpocket.dev
web-client.getpocket.dev
mozilla-auth-proxy.getpocket.dev
image-api.getpocket.dev
curation-admin-tools.getpocket.dev
*.web-discover.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
exampleapi.getpocket.dev
web-discover.getpocket.dev
list-api.getpocket.dev
cdktf-unleash.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.client-api.getpocket.dev
acme.getpocket.dev
*.feature.getpocket.dev
*.mlflow-private.getpocket.dev
*.admin.getpocket.dev
team.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
exampleapi.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
blog.getpocket.dev
acme-good.getpocket.dev
acme.getpocket.dev
direct.client-api.getpocket.dev
text.getpocket.dev
blog.getpocket.dev
web-ui.getpocket.dev
apig-test.getpocket.dev
admin-api.getpocket.dev
companion-proxy.getpocket.dev
blog-staging.getpocket.dev
recit.getpocket.dev
recit.getpocket.dev
*.feature.getpocket.dev
mozilla-auth-proxy.getpocket.dev
firefox-android-home-recommendations.getpocket.dev
*.web-client.getpocket.dev
recit.getpocket.dev
Certificate
The complete raw certificate details for direct.client-api.getpocket.dev in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEfTCCA2WgAwIBAgIQDWNgKt2WhJajivcaSeFgkDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIxMTAwMDAwMFoXDTI1MDEwODIzNTk1OVowKjEo MCYGA1UEAxMfZGlyZWN0LmNsaWVudC1hcGkuZ2V0cG9ja2V0LmRldjCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBALY8lvHB7cy5HjNGfxDvuaNpHahCq+sU caend1cPJVKy+ZUGQOUK1JyQ8AmvhPkB5X5ZkVjyRM74klaMu0mZ7Zoe27nBvM2m olwGun8Xi2PdlaGX01qaiCXcIGz34riWzBypbznEJtijsSzLdWkDrrqqmqzWDe2Q 9nbxMXomknp8FByCOiK1Rqe0BoRE4FQKNnvVaTOhGZOUcRSXDkkkp4WZVdWvpRgA +fsEXQQf2ChcyITT2uztGV3lsLAUzxx67dNYURXtqSPTNJDdpP53f+NhQ4Ey+gCs xhXqx+p9tZ+Nekiz/F/x8VvbG70sBDlygSbHa2h34pC3J1GesWOxprcCAwEAAaOC AYswggGHMB8GA1UdIwQYMBaAFFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQW BBQ9A1yJtFou0Xj8WgLtv1VjSgwKujAqBgNVHREEIzAhgh9kaXJlY3QuY2xpZW50 LWFwaS5nZXRwb2NrZXQuZGV2MBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQw MjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMu Y3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJt MDMuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAz LmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jZXIwDAYDVR0TAQH/BAIwADATBgorBgEE AdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+kMc+zsWoKJrNk7NmqQ M9C/Xa+Y+Bqc0kMFEgDUDG3lsFlJkPZ+a55rv8t5qckAaCciCPqSpnbJVXPLsU/D CvQP5rm3oVQT+5AnSld1N4rCu1EUh6GxFLWYS64+/NBypgBwkVbRS8A7exkdcSg/ wI4HjS08DYAcAGRSY2a+MaWViEEMFoOwR84242V2HsBW33rm+/RU8vlb2I/TruIn btU/gczh6DOBnuU/Ot9ArGy4e0DRXzzASrB96SNRS/cAxKplky9RLbiWVWEwA7a5 Lz2P5B6gU4hi8lLQ4dyEhNcWWVp1luJPAtBjMDsinjWl1rOPDnpM8MBG4ukfgnJW tA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjyW8cHtzLkeM0Z/EO+5 o2kdqEKr6xRxp6d3Vw8lUrL5lQZA5QrUnJDwCa+E+QHlflmRWPJEzviSVoy7SZnt mh7bucG8zaaiXAa6fxeLY92VoZfTWpqIJdwgbPfiuJbMHKlvOcQm2KOxLMt1aQOu uqqarNYN7ZD2dvExeiaSenwUHII6IrVGp7QGhETgVAo2e9VpM6EZk5RxFJcOSSSn hZlV1a+lGAD5+wRdBB/YKFzIhNPa7O0ZXeWwsBTPHHrt01hRFe2pI9M0kN2k/nd/ 42FDgTL6AKzGFerH6n21n416SLP8X/HxW9sbvSwEOXKBJsdraHfikLcnUZ6xY7Gm twIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17795951841681782617068196266439172240 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-11 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-08 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'direct.client-api.getpocket.dev' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23005249362176965806714990396728618022726650639410628870836900589080475778284013630374812943710887650468357872964194585012426777643922419586473544825069594400490216652702636006949177948204443957720500494314032525128969517138102540285903160091792751695916186254592017427567125382513793113479295078195779318402773949456892693947461834202304516215121083555201263989998401699094251653083459630395975793485431090080062665172061425181342554620280967472769550663226320110711019807308455748894643458738997182994255097432026224876681990036868121472603147478470736839485937471586920013700602038921453549645312878802219543144119 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3d035c89b45a2ed178fc5a02edbf55634a0c0aba . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'direct.client-api.getpocket.dev' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0027e90c73ecec5a8289acd93b366a9033d0bf5daf98f81a9cd243051200d40c6de5b0594990f67e6b9e6bbfcb79a9c90068272208fa92a676c95573cbb14fc30af40fe6b9b7a15413fb90274a5775378ac2bb511487a1b114b5984bae3efcd072a600709156d14bc03b7b191d71283fc08e078d2d3c0d801c0064526366be31a59588410c1683b047ce36e365761ec056df7ae6fbf454f2f95bd88fd3aee2276ed53f81cce1e833819ee53f3adf40ac6cb87b40d15f3cc04ab07de923514bf700c4aa65932f512db89655613003b6b92f3d8fe41ea0538862f252d0e1dc8484d716595a7596e24f02d063303b229e35a5d6b38f0e7a4cf0c046e2e91f827256b4