dsf.kronos-web.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 09:56:41:7f:fb:51:e7:2b:81:2c:15:aa:2a:5f:4c:39 was issued on by Amazon.
With 23 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=dsf.kronos-web.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 09:56:41:7f:fb:51:e7:2b:81:2c:15:aa:2a:5f:4c:39Serial Number (int): 12410917988278866828058090799345126457
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 1e:b0:77:a8:2a:f0:8b:da:51:c9:91:0e:99:14:a3:0b:d1:c0:1f:32
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): fd:55:2b:aa:9a:42:42:9c:35:a7:ca:23:cb:7a:8f:a3:48:42:c1:8b
Fingerprint (sha256): 46:31:98:e1:16:b9:48:40:85:ac:b7:04:5c:be:87:64:c5:6e:d0:ca:01:34:d6:69:5e:52:30:9f:f9:8d:e7:ef
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate dsf.kronos-web.com
23
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dsf.kronos-web.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dsf.kronos-web.com
*.dsf.kronos-web.com
*.accp.desjardins.kronos-web.com
www.kronos-finance.ca
desjardins.kronos-web.com
www.kronos-web.com
accp.desjardins.kronos-web.com
kronostechnologies.com
kronos-finance.ca
www.kronos-abf.ca
*.accp.dsf.kronos-web.com
*.accp.kronos-web.com
*.desjardins.kronos-web.com
*.kronos-web.com
*.kronostechnologies.com
kronos-mail.com
www.kronos-fna.ca
kronos-abf.ca
kronos-web.com
kronos-fna.ca
*.kronos-mail.com
accp.dsf.kronos-web.com
*.wiki-crm.kronos-web.com
*.dsf.kronos-web.com
*.accp.desjardins.kronos-web.com
www.kronos-finance.ca
desjardins.kronos-web.com
www.kronos-web.com
accp.desjardins.kronos-web.com
kronostechnologies.com
kronos-finance.ca
www.kronos-abf.ca
*.accp.dsf.kronos-web.com
*.accp.kronos-web.com
*.desjardins.kronos-web.com
*.kronos-web.com
*.kronostechnologies.com
kronos-mail.com
www.kronos-fna.ca
kronos-abf.ca
kronos-web.com
kronos-fna.ca
*.kronos-mail.com
accp.dsf.kronos-web.com
*.wiki-crm.kronos-web.com
Other certificates including the domain name kronos-web.com
(limited to 100 certificates)
secure.accp.dfs.kronos-web.com
*.accp.dsf.kronos-web.com
fr.wiki-crm.kronos-web.com
secure.fnct.kronos-web.com
*.accp.dsf.kronos-web.com
kronos-web.com
kronos-web.com
*.kronos-crm.com
edge.fnct.kronos-web.com
secure.dfs.kronos-web.com
*.kronos-crm.com
depot.kronos-web.com
kronos-web.com
*.accp.kronos-web.com
fr.wiki-crm.kronos-web.com
dsf.kronos-web.com
secure.accp.dsf.kronos-web.com
auth-accp.kronos-web.com
*.kronos-crm.com
*.kronos-crm.com
fr.wiki-crm.kronos-web.com
static.kronos-web.com
*.kronos-web.com
*.kronos-web.com
*.accp.kronos-web.com
*.kronos-crm.com
*.kronos-crm.com
fr.wiki-crm.kronos-web.com
*.dsf.kronos-web.com
static.kronos-web.com
fr.wiki-crm.kronos-web.com
*.kronos-crm.com
secure.dfs.kronos-web.com
*.accp.dsf.kronos-web.com
*.kronos-web.com
kronos-web.com
depot.kronos-web.com
secure.dsf.kronos-web.com
kronos-web.com
*.kronos-web.com
secure.accp.dfs.kronos-web.com
depot.kronos-web.com
fr.wiki-crm.kronos-web.com
kronos-web.com
*.accp.kronos-web.com
cache.kronos-web.com
*.kronos-web.com
*.dsf.kronos-web.com
*.kronos-crm.com
dsf.kronos-web.com
fr.wiki-crm.kronos-web.com
*.kronos-crm.com
secure.accp.kronos-web.com
*.kronos-web.com
*.kronos-web.com
*.accp.kronos-web.com
dsf.kronos-web.com
static.kronos-web.com
*.dsf.kronos-web.com
cache.kronos-web.com
*.kronos-crm.com
*.accp.dsf.kronos-web.com
fr.wiki-crm.kronos-web.com
secure.fnct.kronos-web.com
*.accp.dsf.kronos-web.com
kronos-web.com
kronos-web.com
*.kronos-crm.com
edge.fnct.kronos-web.com
secure.dfs.kronos-web.com
*.kronos-crm.com
depot.kronos-web.com
kronos-web.com
*.accp.kronos-web.com
fr.wiki-crm.kronos-web.com
dsf.kronos-web.com
secure.accp.dsf.kronos-web.com
auth-accp.kronos-web.com
*.kronos-crm.com
*.kronos-crm.com
fr.wiki-crm.kronos-web.com
static.kronos-web.com
*.kronos-web.com
*.kronos-web.com
*.accp.kronos-web.com
*.kronos-crm.com
*.kronos-crm.com
fr.wiki-crm.kronos-web.com
*.dsf.kronos-web.com
static.kronos-web.com
fr.wiki-crm.kronos-web.com
*.kronos-crm.com
secure.dfs.kronos-web.com
*.accp.dsf.kronos-web.com
*.kronos-web.com
kronos-web.com
depot.kronos-web.com
secure.dsf.kronos-web.com
kronos-web.com
*.kronos-web.com
secure.accp.dfs.kronos-web.com
depot.kronos-web.com
fr.wiki-crm.kronos-web.com
kronos-web.com
*.accp.kronos-web.com
cache.kronos-web.com
*.kronos-web.com
*.dsf.kronos-web.com
*.kronos-crm.com
dsf.kronos-web.com
fr.wiki-crm.kronos-web.com
*.kronos-crm.com
secure.accp.kronos-web.com
*.kronos-web.com
*.kronos-web.com
*.accp.kronos-web.com
dsf.kronos-web.com
static.kronos-web.com
*.dsf.kronos-web.com
cache.kronos-web.com
*.kronos-crm.com
Certificate
The complete raw certificate details for dsf.kronos-web.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHxjCCBq6gAwIBAgIQCVZBf/tR5yuBLBWqKl9MOTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDMyMDAwMDAwMFoXDTI1MDQxOTIzNTk1OVowHTEb MBkGA1UEAxMSZHNmLmtyb25vcy13ZWIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAjIfz4d6txsJV9eaOaL60jJcquv9DUEMd1PqcjL4xE5fCRSwl 6JGduDIY9tB3549Cyt8Sa2U6OyDMeHOfoJ4b4AEe42SvjMX6WNjJ/UyNpMM8gYYU kq6Xp62ILeEpm14HbsLpruaJqmFYXbxa/G/p/X4YA29ddQKUh580593LSzaR5bw6 eh93xUa0tIGvZZaiIzGNLrICk92pCt3clwJ3R5jp32wXyZHE78j1ZA40R8Ulvy42 flaRm3M648g/4txHDfUzoZsjIYjn8a+Cmz+KBkPi2vXqKYvkXhZvX3H1I0S4uJez 2JFclDL4pZ3yTZOju2X3VOwOim5Tgn+Hfy7XOwIDAQABo4IE4TCCBN0wHwYDVR0j BBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFB6wd6gq8IvaUcmR DpkUowvRwB8yMIICEQYDVR0RBIICCDCCAgSCEmRzZi5rcm9ub3Mtd2ViLmNvbYIU Ki5kc2Yua3Jvbm9zLXdlYi5jb22CICouYWNjcC5kZXNqYXJkaW5zLmtyb25vcy13 ZWIuY29tghV3d3cua3Jvbm9zLWZpbmFuY2UuY2GCGWRlc2phcmRpbnMua3Jvbm9z LXdlYi5jb22CEnd3dy5rcm9ub3Mtd2ViLmNvbYIeYWNjcC5kZXNqYXJkaW5zLmty b25vcy13ZWIuY29tghZrcm9ub3N0ZWNobm9sb2dpZXMuY29tghFrcm9ub3MtZmlu YW5jZS5jYYIRd3d3Lmtyb25vcy1hYmYuY2GCGSouYWNjcC5kc2Yua3Jvbm9zLXdl Yi5jb22CFSouYWNjcC5rcm9ub3Mtd2ViLmNvbYIbKi5kZXNqYXJkaW5zLmtyb25v cy13ZWIuY29tghAqLmtyb25vcy13ZWIuY29tghgqLmtyb25vc3RlY2hub2xvZ2ll cy5jb22CD2tyb25vcy1tYWlsLmNvbYIRd3d3Lmtyb25vcy1mbmEuY2GCDWtyb25v cy1hYmYuY2GCDmtyb25vcy13ZWIuY29tgg1rcm9ub3MtZm5hLmNhghEqLmtyb25v cy1tYWlsLmNvbYIXYWNjcC5kc2Yua3Jvbm9zLXdlYi5jb22CGSoud2lraS1jcm0u a3Jvbm9zLXdlYi5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCg LqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmww dQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5h bWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1h em9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHW eQIEAgSCAW4EggFqAWgAdQBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo5 3wAAAY5ZobGvAAAEAwBGMEQCIQCg5l8I29GWQ6ryfgsNSbArhhxb8hC0Zqz+j1Kf MMsvZQIfNKv8+SvNRNF3o6x3uxn3qdc5StbdDMTDjTAPUVgLzQB2AH1ZHhLheCp7 HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABjlmhsewAAAQDAEcwRQIhAOWMb9gP NU6wbuJk8m33hdbS7vpw2zJJtYVQbs/EXUR8AiBwWnKiEem1wNTGt0YQVA06F+/r B5u5em4GeKoZwRQE9wB3AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45Q AAABjlmhsfkAAAQDAEgwRgIhAM/WGBvXlZkyFzSVutwSaDSH02e2zhXCI2Gz1n2h /32mAiEA21PdwIAnuKCZkFYLzcbQNWCCp5jOsGYMs6bmmsmDQSMwDQYJKoZIhvcN AQELBQADggEBAEYF0czscvwWUas9GXJPOEY6ATUuP2GNSIi4I2CQhFZOFKvHgztj 5lEQCbVR2GjOuN982royIR6Z0OBH7kIlt4TpL0a5UobO1FSTT1YWnukFTdHrsENf fKgDH96rdK/rkljyfre2Bk06hjvDKxt1U+yV9OKLJ6wTIntOr47cdufbM8qdQDEy Hiv8188OlDkuWVAExt29vwYxvNHJGwnfZgwU7aMSvmB4tghzhDpIBLGFrr28g0wE wvSdyShibnpYxDOkJnsem9xcr2WM8kJSgKLbtg92UGgj4vJ+36oFv+2wfYrSSsXs GuT5lt4LWD5TYjAmvViKhN+eu5Qczm6T5Xg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIfz4d6txsJV9eaOaL60 jJcquv9DUEMd1PqcjL4xE5fCRSwl6JGduDIY9tB3549Cyt8Sa2U6OyDMeHOfoJ4b 4AEe42SvjMX6WNjJ/UyNpMM8gYYUkq6Xp62ILeEpm14HbsLpruaJqmFYXbxa/G/p /X4YA29ddQKUh580593LSzaR5bw6eh93xUa0tIGvZZaiIzGNLrICk92pCt3clwJ3 R5jp32wXyZHE78j1ZA40R8Ulvy42flaRm3M648g/4txHDfUzoZsjIYjn8a+Cmz+K BkPi2vXqKYvkXhZvX3H1I0S4uJez2JFclDL4pZ3yTZOju2X3VOwOim5Tgn+Hfy7X OwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12410917988278866828058090799345126457 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-20 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-19 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dsf.kronos-web.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17740403453126359853614530329122078145686403242745797401110765765931523033364870245872725720637747894251223130504687089632574252826330729230215986827406250022077939373989280309486717100125940485061393705784719006151536637313156324808343577339294056335823127442298975457983349642437450561230769730748454673086049564744617819678610605370156528273743544929641547792972873540041592600389757587838366902682671229345016364183644848734113276974400632424997436734608317444581245634919910470136189174077436264676935242070852656747723492048657092346206740961773898428459954855228004133492224207549410241182784095399097228252987 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1eb077a82af08bda51c9910e9914a30bd1c01f32 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (520 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dsf.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dsf.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accp.desjardins.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kronos-finance.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'desjardins.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'accp.desjardins.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronostechnologies.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-finance.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kronos-abf.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accp.dsf.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accp.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.desjardins.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kronostechnologies.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-mail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kronos-fna.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-abf.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-fna.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kronos-mail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'accp.dsf.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wiki-crm.kronos-web.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e59a1b1af0000040300463044022100a0e65f08dbd19643aaf27e0b0d49b02b861c5bf210b466acfe8f529f30cb2f65021f34abfcf92bcd44d177a3ac77bb19f7a9d7394ad6dd0cc4c38d300f51580bcd0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018e59a1b1ec0000040300473045022100e58c6fd80f354eb06ee264f26df785d6d2eefa70db3249b585506ecfc45d447c0220705a72a211e9b5c0d4c6b74610540d3a17efeb079bb97a6e0678aa19c11404f7007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018e59a1b1f90000040300483046022100cfd6181bd7959932173495badc12683487d367b6ce15c22361b3d67da1ff7da6022100db53ddc08027b8a09990560bcdc6d0356082a798ceb0660cb3a6e69ac9834123 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004605d1ccec72fc1651ab3d19724f38463a01352e3f618d4888b823609084564e14abc7833b63e6511009b551d868ceb8df7cdaba32211e99d0e047ee4225b784e92f46b95286ced454934f56169ee9054dd1ebb0435f7ca8031fdeab74afeb9258f27eb7b6064d3a863bc32b1b7553ec95f4e28b27ac13227b4eaf8edc76e7db33ca9d4031321e2bfcd7cf0e94392e595004c6ddbdbf0631bcd1c91b09df660c14eda312be6078b60873843a4804b185aebdbc834c04c2f49dc928626e7a58c433a4267b1e9bdc5caf658cf2425280a2dbb60f76506823e2f27edfaa05bfedb07d8ad24ac5ec1ae4f996de0b583e53623026bd588a84df9ebb941cce6e93e578