*.hes-prod-1.humanesources.com

Issued by Amazon

About this certificate

This digital certificate with serial number 02:8f:7f:41:42:4b:7b:7a:ea:f0:87:33:97:46:18:d0 was issued on by Amazon.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.hes-prod-1.humanesources.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:8f:7f:41:42:4b:7b:7a:ea:f0:87:33:97:46:18:d0
Serial Number (int): 3403535478707802489202481314711083216
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: d1:19:c3:27:ef:93:93:df:19:f9:d1:35:8f:70:0e:1b:28:9b:6a:ea
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): 2f:19:25:3d:b2:24:ff:b3:0d:64:90:f5:de:26:7d:24:07:ef:40:79
Fingerprint (sha256): 46:7c:e4:18:51:d8:8b:b8:c8:70:74:26:64:6d:ff:fb:36:41:b4:83:5d:1b:f2:f8:a7:8b:96:ef:c4:e0:b2:0e

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate *.hes-prod-1.humanesources.com

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.hes-prod-1.humanesources.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.hes-prod-1.humanesources.com
*.staging.humanesources.com
*.test.humanesources.com
*.hes-prod-1.publish1st.com
*.humanesources.com
*.publish1st.com
*.staging.publish1st.com
*.test.publish1st.com

Other certificates including the domain name humanesources.com

(limited to 100 certificates)
humanesources.com
md-api.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
reports.app.hes-edu.pre-prod.aws.us-west-2.humanesources.com
helpdesk.lamundial.com
humanesources.com
meeting.strongdallas.com
help.uafrica.com
hes-api.app.hes-edu.pre-prod.aws.us-west-2.humanesources.com
nonprod.humanesources.com
meeting.strongdallas.com
support.nextconnex.com
support.carpay.com
humanesources.com
*.app.hes-edu.prod.aws.ap-southeast-1.humanesources.com
humanesources.com
*.humanesources.com
md-api.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
*.app.hes-edu.pre-prod.aws.us-west-2.humanesources.com
hes-hyp.app.hes-edu.prod.aws.eu-west-1.humanesources.com
pkg.dev.humanesources.com
suporte.mindify.net
meet.mysocalhealth.com
md-api.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
support.nextconnex.com
jd-api.app.hes-wf.prod.aws.us-west-2.humanesources.com
support.carpay.com
hes-api-docs.app.hes-edu.prod.aws.eu-west-1.humanesources.com
humanesources.com
apitest.staging.humanesources.com
support.labmoneta.com
humanesources.com
meeting.kreate.agency
sos.123assist.me
meeting.kreate.agency
md-api.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
jobs.humanesources.com
webinar.engys.com
*.app.hes-edu.prod.aws.eu-west-1.humanesources.com
staging.humanesources.com
portal.ibizarentals.be
pkg.humanesources.com
help.bettermlo.com
suporte.mindify.net
help.dakcs.com
meet.keterna.com
meeting.kreate.agency
nonprod.humanesources.com
cdn.dev.humanesources.com
academy.teamlink.com.br
apitest.staging.humanesources.com
*.humanesources.com
meeting.kreate.agency
jd.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
meeting.kreate.agency
www.humanesources.com
meeting.tradefy.com.br
www.humanesources.com
meeting.theholdingbox.com
humanesources.com
humanesources.com
*.app.hes-edu.prod.aws.ap-southeast-1.humanesources.com
meeting.kreate.agency
suporte.jumba.com.br
helpdesk.abra.io
md.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
help.dakcs.com
humanesources.com
jd-api.app.hes-wf.prod.aws.us-west-2.humanesources.com
support.thenextlevel.co.uk
hes-hyp.app.hes-edu.prod.aws.ap-southeast-1.humanesources.com
meeting.abrahamsenfinancial.com
apitest.staging.humanesources.com
dev.humanesources.com
meeting.kreate.agency
pkg.humanesources.com
meeting.kreate.agency
md.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
*.hes-prod-1.humanesources.com
support.shopafix.com
hes-api.app.hes-edu.prod.aws.eu-west-1.humanesources.com
meet.mysocalhealth.com
apitest.staging.humanesources.com
suporte.mindify.net
corporateapplication.lendme.co.ke
*.humanesources.com
jd-api.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
humanesources.com
suporte.tradefy.cloud
md.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
hes-api.app.hes-edu.pre-prod.aws.us-west-2.humanesources.com
md-api.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
meet.keterna.com
jd.app.hes-wf.pre-prod.aws.us-west-2.humanesources.com
destek.visiott.com
meeting.kreate.agency
meeting.kreate.agency
support.labmoneta.com
reports.app.hes-edu.pre-prod.aws.us-west-2.humanesources.com
meetings.bopyx.com
ajuda.naveia.com.br

Certificate

The complete raw certificate details for *.hes-prod-1.humanesources.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgIQAo9/QUJLe3rq8Iczl0YY0DANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMDA4MzEwMDAwMDBaFw0yMTA5MzAx
MjAwMDBaMCkxJzAlBgNVBAMMHiouaGVzLXByb2QtMS5odW1hbmVzb3VyY2VzLmNv
bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKfme444CD8JVKphR4D6
XhXqIZbFNpSNgY+fhGyqVF5Gg0xQqinBEkWuv6xcBQ5nSGzpYRpjP7IaDDemdgT0
W4nBYkNWbsAxnVeLHFBbTXYrNcTWSvszdroasuV0SiZbjYicpB4fVQQHTt8oX/CI
SOrezGWAfOn9K6L97teubsMamMPtIfz/JrefTDWIJhSxrpVPsJF+wAD7IHTHJwKM
jEokzhfZ3txO3zjEXrjepGgVXoYt1unGHWittR7VuxClfx6jiqlVRi542twEh4oA
fsHV6FfDxTjJeCyAm2lekm6eH2CGYXORJv/DGyPvkdRK0ydi33R5kZIUvkKcQxS+
UxECAwEAAaOCAzkwggM1MB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3Q
MB0GA1UdDgQWBBTRGcMn75OT3xn50TWPcA4bKJtq6jCB1wYDVR0RBIHPMIHMgh4q
Lmhlcy1wcm9kLTEuaHVtYW5lc291cmNlcy5jb22CGyouc3RhZ2luZy5odW1hbmVz
b3VyY2VzLmNvbYIYKi50ZXN0Lmh1bWFuZXNvdXJjZXMuY29tghsqLmhlcy1wcm9k
LTEucHVibGlzaDFzdC5jb22CEyouaHVtYW5lc291cmNlcy5jb22CECoucHVibGlz
aDFzdC5jb22CGCouc3RhZ2luZy5wdWJsaXNoMXN0LmNvbYIVKi50ZXN0LnB1Ymxp
c2gxc3QuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zY2ExYi5hbWF6
b250cnVzdC5jb20vc2NhMWIuY3JsMCAGA1UdIAQZMBcwCwYJYIZIAYb9bAECMAgG
BmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3Nw
LnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5z
Y2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggEE
BgorBgEEAdZ5AgQCBIH1BIHyAPAAdQD2XJQv0XcwIhRUGAgwlFaO400TGTO/3wwv
IAvMTvFk4wAAAXRGvwMLAAAEAwBGMEQCIG2qtty/7nB7a4ecLDjgjDga279ETV0q
UWwr69aXCClZAiAi2yto4gNjw2Wq2zQqGC1wlVP4KR0HBUosB5S5SW9JSwB3AFzc
Q5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2xw7KAAABdEa/A1cAAAQDAEgwRgIh
ANeSOP0GJEh5APemzcTNB2KZkIyve9cj/PvEeufqLZrLAiEAldMJ0SvelziSummx
DCnentaaZfNUJhaXWUsihfEvTvkwDQYJKoZIhvcNAQELBQADggEBAGp07Wi7l0UL
1Ah1//TB7GmiQHs/AYfkt5Ls3YaZmhlRlfs3LZZG31z8VC5l3zZxaU/CCIoJhxGY
l0lS3dabzUnODcPzl9Z/lR0yGMoMq8g0UquJvjQGD8uFvyCcnoGU7Vk1WiMCcDJ5
k6zPoRu0mU2TVK6VITvJPv2MdIiWJKx9wClumfGBve4JyNtXRFDkNVUiZob8z95W
rWkOTcv0oL5cUXVEtXbArInKiE31bA9A7yAn00fwebkT4eQBGzBpT8uuwNJ/iSkp
B5A45TZxcTZSTv3DXXvXg1bpoMYI3OrVMBdBKCOrXhTfRSCMlmEltDUzehImxFK7
DiSiuOjMdk4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Z7jjgIPwlUqmFHgPpe
FeohlsU2lI2Bj5+EbKpUXkaDTFCqKcESRa6/rFwFDmdIbOlhGmM/shoMN6Z2BPRb
icFiQ1ZuwDGdV4scUFtNdis1xNZK+zN2uhqy5XRKJluNiJykHh9VBAdO3yhf8IhI
6t7MZYB86f0rov3u165uwxqYw+0h/P8mt59MNYgmFLGulU+wkX7AAPsgdMcnAoyM
SiTOF9ne3E7fOMReuN6kaBVehi3W6cYdaK21HtW7EKV/HqOKqVVGLnja3ASHigB+
wdXoV8PFOMl4LICbaV6Sbp4fYIZhc5Em/8MbI++R1ErTJ2LfdHmRkhS+QpxDFL5T
EQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3403535478707802489202481314711083216
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-31 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-30 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.hes-prod-1.humanesources.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21195452154530975648778050500189844388617394982389482984026780676951187857112045916912529540270129620203720589985264704290593735802375456482237459425582188185357813316509706035781757386188947066746571178998593449431928965882753480353309438596243409682513269920367937358819692632666791182690037403900948078361023492588282538879173702525325176317772863077365915160052931172650571969364728777659911224031037736135770674279679259708963520344119636935247740645602124277788317218343976445936297104510912071685495227957438167050785443889156583071800341949581314223779831079490766454253377751410825046588745807203620498592529
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d119c327ef9393df19f9d1358f700e1b289b6aea
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (207 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hes-prod-1.humanesources.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.humanesources.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.test.humanesources.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hes-prod-1.publish1st.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.humanesources.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.publish1st.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.publish1st.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.test.publish1st.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000017446bf030b000004030046304402206daab6dcbfee707b6b879c2c38e08c381adbbf444d5d2a516c2bebd697082959022022db2b68e20363c365aadb342a182d709553f8291d07054a2c0794b9496f494b0077005cdc4392fee6ab4544b15e9ad456e61037fbd5fa47dca17394b25ee6f6c70eca0000017446bf03570000040300483046022100d79238fd0624487900f7a6cdc4cd076299908caf7bd723fcfbc47ae7ea2d9acb02210095d309d12bde973892ba69b10c29de9ed69a65f354261697594b2285f12f4ef9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006a74ed68bb97450bd40875fff4c1ec69a2407b3f0187e4b792ecdd86999a195195fb372d9646df5cfc542e65df3671694fc2088a09871198974952ddd69bcd49ce0dc3f397d67f951d3218ca0cabc83452ab89be34060fcb85bf209c9e8194ed59355a230270327993accfa11bb4994d9354ae95213bc93efd8c74889624ac7dc0296e99f181bdee09c8db574450e43555226686fccfde56ad690e4dcbf4a0be5c517544b576c0ac89ca884df56c0f40ef2027d347f079b913e1e4011b30694fcbaec0d27f892929079038e536717136524efdc35d7bd78356e9a0c608dcead53017412823ab5e14df45208c966125b435337a1226c452bb0e24a2b8e8cc764e