seoul.ohchr.org
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 07:a5:7e:87:f2:23:f7:e4:a3:33:3e:d3:24:5d:d5:28 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=seoul.ohchr.org
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 07:a5:7e:87:f2:23:f7:e4:a3:33:3e:d3:24:5d:d5:28Serial Number (int): 10163891306503512627783922187599992104
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 42:d4:b7:0a:2b:ed:50:24:16:d1:48:76:cc:69:a9:21:94:f3:2a:9c
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 84:3b:39:2e:0e:e9:d6:e1:c9:f3:a1:12:1a:3f:87:f7:b5:25:9c:5d
Fingerprint (sha256): 45:f3:79:ad:af:bb:38:a0:68:cc:c3:39:44:e5:58:54:39:ac:09:03:e6:93:b0:0d:74:c4:64:13:70:6e:23:2e
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate seoul.ohchr.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for seoul.ohchr.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
seoul.ohchr.org
Other certificates including the domain name ohchr.org
(limited to 100 certificates)
*.prod.ohchr.un-icc.cloud
sm.ohchr.org
*.test.ohchr.un-icc.cloud
cambodia.ohchr.org
romena.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
sm.ohchr.org
sm.ohchr.org
bangkok.ohchr.org
*.prod.ohchr.un-icc.cloud
digitalhub.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
bangkok.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
romena.ohchr.org
europe.ohchr.org
dreamlighthelper.com
digitalhub.ohchr.org
webmail2.ohchr.org
auth.kindo.staging.boik.dev
www.westafrica.ohchr.org
webmail.ohchr.org
testrightsview.ohchr.org
webmail.ohchr.org
sm.ohchr.org
remote.ohchr.org
cambodia.ohchr.org
digitalhub.ohchr.org
cambodia.ohchr.org
*.prod.ohchr.un-icc.cloud
seoul.ohchr.org
*.ohchr.org
sm.ohchr.org
seoul.ohchr.org
westafrica.ohchr.org
searchlibrary.ohchr.org
sm.ohchr.org
waps.ohchr.org
fifa.shapegames.dev
seoul.ohchr.org
ngopub.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
seoul.ohchr.org
*.in.ohchr.org
login.ohchr.org
sm.ohchr.org
sanctionsplatform.ohchr.org
www.westafrica.ohchr.org
webmail.ohchr.org
romena.ohchr.org
westafrica.ohchr.org
cambodia.ohchr.org
www.westafrica.ohchr.org
extranet.ohchr.org
rightsview.ohchr.org
webmail.ohchr.org
sm.ohchr.org
*.ohchr.org
spdb.ohchr.org
easset.ohchr.org
grants.ohchr.org
esurvey.ohchr.org
www.fotoramausa.com
pms.ohchr.org
testrightsview.ohchr.org
rightsviewtest.ohchr.org
grants.ohchr.org
www.digitalbharati.org
*.ohchr.org
sm.ohchr.org
digitalhub.ohchr.org
sm.ohchr.org
ngopub.ohchr.org
sm.ohchr.org
uganda.ohchr.org
*.ohchr.org
cambodia.ohchr.org
rightsviewtest.ohchr.org
rightsview.ohchr.org
fieldsmail.ohchr.org
*.prod.ohchr.un-icc.cloud
sm.ohchr.org
cambodia.ohchr.org
share.ohchr.org
CSWEB.OHCHR.ORG
romena.ohchr.org
sni.cloudflaressl.com
westafrica.ohchr.org
esurvey.ohchr.org
sm.ohchr.org
searchlibrary.ohchr.org
romena.ohchr.org
sm.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
*.test.ohchr.un-icc.cloud
cambodia.ohchr.org
romena.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
sm.ohchr.org
sm.ohchr.org
bangkok.ohchr.org
*.prod.ohchr.un-icc.cloud
digitalhub.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
bangkok.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
romena.ohchr.org
europe.ohchr.org
dreamlighthelper.com
digitalhub.ohchr.org
webmail2.ohchr.org
auth.kindo.staging.boik.dev
www.westafrica.ohchr.org
webmail.ohchr.org
testrightsview.ohchr.org
webmail.ohchr.org
sm.ohchr.org
remote.ohchr.org
cambodia.ohchr.org
digitalhub.ohchr.org
cambodia.ohchr.org
*.prod.ohchr.un-icc.cloud
seoul.ohchr.org
*.ohchr.org
sm.ohchr.org
seoul.ohchr.org
westafrica.ohchr.org
searchlibrary.ohchr.org
sm.ohchr.org
waps.ohchr.org
fifa.shapegames.dev
seoul.ohchr.org
ngopub.ohchr.org
cambodia.ohchr.org
sm.ohchr.org
seoul.ohchr.org
*.in.ohchr.org
login.ohchr.org
sm.ohchr.org
sanctionsplatform.ohchr.org
www.westafrica.ohchr.org
webmail.ohchr.org
romena.ohchr.org
westafrica.ohchr.org
cambodia.ohchr.org
www.westafrica.ohchr.org
extranet.ohchr.org
rightsview.ohchr.org
webmail.ohchr.org
sm.ohchr.org
*.ohchr.org
spdb.ohchr.org
easset.ohchr.org
grants.ohchr.org
esurvey.ohchr.org
www.fotoramausa.com
pms.ohchr.org
testrightsview.ohchr.org
rightsviewtest.ohchr.org
grants.ohchr.org
www.digitalbharati.org
*.ohchr.org
sm.ohchr.org
digitalhub.ohchr.org
sm.ohchr.org
ngopub.ohchr.org
sm.ohchr.org
uganda.ohchr.org
*.ohchr.org
cambodia.ohchr.org
rightsviewtest.ohchr.org
rightsview.ohchr.org
fieldsmail.ohchr.org
*.prod.ohchr.un-icc.cloud
sm.ohchr.org
cambodia.ohchr.org
share.ohchr.org
CSWEB.OHCHR.ORG
romena.ohchr.org
sni.cloudflaressl.com
westafrica.ohchr.org
esurvey.ohchr.org
sm.ohchr.org
searchlibrary.ohchr.org
romena.ohchr.org
sm.ohchr.org
sm.ohchr.org
cambodia.ohchr.org
Certificate
The complete raw certificate details for seoul.ohchr.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIQB6V+h/Ij9+SjMz7TJF3VKDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIyODAwMDAwMFoXDTI1MDEyNjIzNTk1OVowGjEY MBYGA1UEAxMPc2VvdWwub2hjaHIub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA4LlGk8qhyqM3RWVgP8ywiXwuEa9JKMxoRnpsHU7WHCl8OwsbUger fdGkNs1To+/HWwq2vjKeDSh2r/dXoiwDXUjoRkCiioJFO7iDQTkrRPqOADsA7qFA 7UTyYXCVH9SKyvGeLE3zMdehfDWbADXIZdefV/J1WWauHjUcaUkR7voCFlSkRZEU Vo9UxUmCYC9EzngUUO+AeX9bhLTY4ISYP9Jdbug2+TFwySRtGyZheF0qX4tzEkYH VXoFAKnj3YG+Ka5iPcpGa9gq6G2AmcxaYbpGwBEMrhLRC7k7lXhlkVeNaZSisuUf 9Lk+32WMzHmxGcG9ptg2NaWrrh41SlR8DwIDAQABo4IC5zCCAuMwHwYDVR0jBBgw FoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFELUtwor7VAkFtFIdsxp qSGU8yqcMBoGA1UdEQQTMBGCD3Nlb3VsLm9oY2hyLm9yZzATBgNVHSAEDDAKMAgG BmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9u dHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG IWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq aHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1Ud EwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AE51oydcmhDDOFts 1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjK3fCasAAAQDAEcwRQIhAOEQ4wm1J/9q jYgldfRjAoB/juuVN+D7AVC7S3bGgE98AiAYYq+idSqY4kxhrVWJjM25JRMeFvzt VFOuUvl7cFac4AB1AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAAB jK3fCYIAAAQDAEYwRAIgCRvR9NMaw+x/PxagQrE1shIZG/yzT2b3iJEgKrKOcM4C IBnHMi3NV5KGWf4TWiMeaa+u/5hfmENo8+EXJ3cg+wT9AHYA5tIxY0B3jMEQQQbX cbnOwdJA9paEhvu6hzId/R43jlAAAAGMrd8JqQAABAMARzBFAiAr7rsi2EzDe9fk xTnGUwWRQjOCmZBD5jnT8VovaoBGoAIhAL1QOW0RQHinihBtFgEIhhhrwUgFV28T j0gLy6Tes4y8MA0GCSqGSIb3DQEBCwUAA4IBAQCmmvjjTqrkOvEkZlzPSLblF1MT IBxVnqyObBp7df9I9TABTe12JNtXv+w5DZyLAb+R303jzBJjW0OHhbecSkYgImrU vYocNr+XJvACsBzUP5FJ3X1F+9OZ4avaYKqA1Yx+AFwdecN/qMZMygu2GrBhpwOJ vbs42U78ICtt1GqFfr2WrJXTvfclcpqtnWBXQOrdSIHMqvRYORcvAS0atxrcLZP+ PK6oi6ARUhS4tkD73vbp3BqcAnGtH92lkVhqugGoGS5/K/OJzzR/qNwN1gPEpIjz nUe9LXZvJuBe58Yeb69CXy9m2Ej6gfGOFkrpC+UBuJ+Acr9/qR7ztZgS6bnt -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LlGk8qhyqM3RWVgP8yw iXwuEa9JKMxoRnpsHU7WHCl8OwsbUgerfdGkNs1To+/HWwq2vjKeDSh2r/dXoiwD XUjoRkCiioJFO7iDQTkrRPqOADsA7qFA7UTyYXCVH9SKyvGeLE3zMdehfDWbADXI ZdefV/J1WWauHjUcaUkR7voCFlSkRZEUVo9UxUmCYC9EzngUUO+AeX9bhLTY4ISY P9Jdbug2+TFwySRtGyZheF0qX4tzEkYHVXoFAKnj3YG+Ka5iPcpGa9gq6G2Amcxa YbpGwBEMrhLRC7k7lXhlkVeNaZSisuUf9Lk+32WMzHmxGcG9ptg2NaWrrh41SlR8 DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10163891306503512627783922187599992104 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-26 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'seoul.ohchr.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28368743161567975558784153447912050255956413419278039445452251319021554644378698099119533628134461247910295979999044691951758333740579276879432845488401681164652558901093569804832612048146539091327450828952425554989359672748311588713278354348540811360697884248765053231460646707397868775353551395669653071855653784846367742374111022017598589300172341016367116304407163519770602857774471519840736783466619804235598675132360629903748303755244230894911320117397500072618451420378662336213794025211862340855484355473634338428776621774529520131651521139012100337882120996763522166237227852142485509007365943586458158005263 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 42d4b70a2bed502416d14876cc69a92194f32a9c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seoul.ohchr.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018caddf09ab0000040300473045022100e110e309b527ff6a8d882575f46302807f8eeb9537e0fb0150bb4b76c6804f7c02201862afa2752a98e24c61ad55898ccdb925131e16fced5453ae52f97b70569ce00075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018caddf098200000403004630440220091bd1f4d31ac3ec7f3f16a042b135b212191bfcb34f66f78891202ab28e70ce022019c7322dcd57928659fe135a231e69afaeff985f984368f3e117277720fb04fd007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018caddf09a9000004030047304502202beebb22d84cc37bd7e4c539c6530591423382999043e639d3f15a2f6a8046a0022100bd50396d114078a78a106d16010886186bc14805576f138f480bcba4deb38cbc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a69af8e34eaae43af124665ccf48b6e5175313201c559eac8e6c1a7b75ff48f530014ded7624db57bfec390d9c8b01bf91df4de3cc12635b438785b79c4a4620226ad4bd8a1c36bf9726f002b01cd43f9149dd7d45fbd399e1abda60aa80d58c7e005c1d79c37fa8c64cca0bb61ab061a70389bdbb38d94efc202b6dd46a857ebd96ac95d3bdf725729aad9d605740eadd4881ccaaf45839172f012d1ab71adc2d93fe3caea88ba0115214b8b640fbdef6e9dc1a9c0271ad1fdda591586aba01a8192e7f2bf389cf347fa8dc0dd603c4a488f39d47bd2d766f26e05ee7c61e6faf425f2f66d848fa81f18e164ae90be501b89f8072bf7fa91ef3b59812e9b9ed