*.pfm.getpocket.dev
Issued by Amazon
About this certificate
This digital certificate with serial number 03:22:01:98:a9:43:e2:60:f9:12:c0:f5:f8:d2:61:fe was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.pfm.getpocket.dev
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:22:01:98:a9:43:e2:60:f9:12:c0:f5:f8:d2:61:feSerial Number (int): 4164254458020271311312872234793722366
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: f1:18:3e:c4:00:4d:7e:bd:f3:5b:45:b0:f3:96:9b:c7:9f:4b:a5:28
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 8a:4d:3a:fe:44:0c:91:69:70:49:bd:08:31:89:c8:19:9b:0a:eb:4f
Fingerprint (sha256): 53:27:32:c9:ce:76:ff:99:af:48:8e:d2:8d:5b:fd:bf:85:5f:7a:27:67:69:d1:f3:42:9f:de:f7:95:11:c7:32
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate *.pfm.getpocket.dev
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.pfm.getpocket.dev
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.pfm.getpocket.dev
Other certificates including the domain name getpocket.dev
(limited to 100 certificates)
firefox-newtab-proxy.getpocket.dev
blog-staging.getpocket.dev
acme.getpocket.dev
web-client.getpocket.dev
acme.getpocket.dev
mozilla-auth-proxy.getpocket.dev
cdktf-backup.getpocket.dev
blog.getpocket.dev
*.admin.getpocket.dev
dotcom-gateway-dev.getpocket.dev
dotcom-gateway-dev.getpocket.dev
collection-api.getpocket.dev
team.getpocket.dev
*.webapp.getpocket.dev
new-tab-assets.getpocket.dev
*.webapp.getpocket.dev
*.mlflow-private.getpocket.dev
apigtest.getpocket.dev
*.webapp.getpocket.dev
admin.getpocket.dev
*.web-marketing.getpocket.dev
web-discover.getpocket.dev
recommendation-api.getpocket.dev
backstage.getpocket.dev
direct.daniel-client-api.getpocket.dev
cdktf-unleash.getpocket.dev
auth.getpocket.dev
recommendation-api.getpocket.dev
blog-staging.getpocket.dev
team.getpocket.dev
*.mlflow-dev1.getpocket.dev
admin.getpocket.dev
blog.getpocket.dev
spocs.getpocket.dev
cdktf.getpocket.dev
*.getpocket.dev
text.getpocket.dev
direct.client-api.getpocket.dev
cdktf-backup.getpocket.dev
direct.client-api.getpocket.dev
auth.getpocket.dev
web-marketing.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
blog.getpocket.dev
*.feature.getpocket.dev
acme.getpocket.dev
*.web-discover.getpocket.dev
apig-test.getpocket.dev
recit.getpocket.dev
collection-api.getpocket.dev
backstage.getpocket.dev
blog.getpocket.dev
blog-staging.getpocket.dev
cdktf.getpocket.dev
cdktf.getpocket.dev
*.web-client.getpocket.dev
web-client.getpocket.dev
mozilla-auth-proxy.getpocket.dev
image-api.getpocket.dev
curation-admin-tools.getpocket.dev
*.web-discover.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
exampleapi.getpocket.dev
web-discover.getpocket.dev
list-api.getpocket.dev
cdktf-unleash.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.client-api.getpocket.dev
acme.getpocket.dev
*.feature.getpocket.dev
*.mlflow-private.getpocket.dev
*.admin.getpocket.dev
team.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
exampleapi.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
blog.getpocket.dev
acme-good.getpocket.dev
acme.getpocket.dev
text.getpocket.dev
blog.getpocket.dev
web-ui.getpocket.dev
apig-test.getpocket.dev
admin-api.getpocket.dev
companion-proxy.getpocket.dev
blog-staging.getpocket.dev
recit.getpocket.dev
recit.getpocket.dev
*.feature.getpocket.dev
mozilla-auth-proxy.getpocket.dev
firefox-android-home-recommendations.getpocket.dev
*.web-client.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.firefox-android-home-recommendations.getpocket.dev
blog-staging.getpocket.dev
acme.getpocket.dev
web-client.getpocket.dev
acme.getpocket.dev
mozilla-auth-proxy.getpocket.dev
cdktf-backup.getpocket.dev
blog.getpocket.dev
*.admin.getpocket.dev
dotcom-gateway-dev.getpocket.dev
dotcom-gateway-dev.getpocket.dev
collection-api.getpocket.dev
team.getpocket.dev
*.webapp.getpocket.dev
new-tab-assets.getpocket.dev
*.webapp.getpocket.dev
*.mlflow-private.getpocket.dev
apigtest.getpocket.dev
*.webapp.getpocket.dev
admin.getpocket.dev
*.web-marketing.getpocket.dev
web-discover.getpocket.dev
recommendation-api.getpocket.dev
backstage.getpocket.dev
direct.daniel-client-api.getpocket.dev
cdktf-unleash.getpocket.dev
auth.getpocket.dev
recommendation-api.getpocket.dev
blog-staging.getpocket.dev
team.getpocket.dev
*.mlflow-dev1.getpocket.dev
admin.getpocket.dev
blog.getpocket.dev
spocs.getpocket.dev
cdktf.getpocket.dev
*.getpocket.dev
text.getpocket.dev
direct.client-api.getpocket.dev
cdktf-backup.getpocket.dev
direct.client-api.getpocket.dev
auth.getpocket.dev
web-marketing.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
blog.getpocket.dev
*.feature.getpocket.dev
acme.getpocket.dev
*.web-discover.getpocket.dev
apig-test.getpocket.dev
recit.getpocket.dev
collection-api.getpocket.dev
backstage.getpocket.dev
blog.getpocket.dev
blog-staging.getpocket.dev
cdktf.getpocket.dev
cdktf.getpocket.dev
*.web-client.getpocket.dev
web-client.getpocket.dev
mozilla-auth-proxy.getpocket.dev
image-api.getpocket.dev
curation-admin-tools.getpocket.dev
*.web-discover.getpocket.dev
client-api.getpocket.dev
acme.getpocket.dev
exampleapi.getpocket.dev
web-discover.getpocket.dev
list-api.getpocket.dev
cdktf-unleash.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.client-api.getpocket.dev
acme.getpocket.dev
*.feature.getpocket.dev
*.mlflow-private.getpocket.dev
*.admin.getpocket.dev
team.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
exampleapi.getpocket.dev
acme.getpocket.dev
user-list-search.getpocket.dev
blog.getpocket.dev
acme-good.getpocket.dev
acme.getpocket.dev
text.getpocket.dev
blog.getpocket.dev
web-ui.getpocket.dev
apig-test.getpocket.dev
admin-api.getpocket.dev
companion-proxy.getpocket.dev
blog-staging.getpocket.dev
recit.getpocket.dev
recit.getpocket.dev
*.feature.getpocket.dev
mozilla-auth-proxy.getpocket.dev
firefox-android-home-recommendations.getpocket.dev
*.web-client.getpocket.dev
recit.getpocket.dev
blog.getpocket.dev
direct.firefox-android-home-recommendations.getpocket.dev
Certificate
The complete raw certificate details for *.pfm.getpocket.dev in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF3TCCBMWgAwIBAgIQAyIBmKlD4mD5EsD1+NJh/jANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMTEwMDcwMDAwMDBaFw0yMjExMDQy MzU5NTlaMB4xHDAaBgNVBAMMEyoucGZtLmdldHBvY2tldC5kZXYwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu/lNxmnwnqjlzAyIg4ZceTtyxEPmnImM+ /Hgwzggh/t+ARqqsrT2JlnAqn3LD24EYtiQJbE05bdNuRndA0Cs+ab1/58SdnMhy xmaqER5N0jMu84rElCVFCiwkkWmxLUVA++RpG+Rhhxzk8qf5DGRZijf9N66Cx1Eu 04vZvVLEDJIaOFJJhlWKL7qrykoHYyhtIfX8OjE29cC1oa9hZixNnHRE9KIgFi9H JKRvAW/wx/vAObkNTbfWonDrIzKUE0FfC3hN4Zyszz7pvLuee5aNn0Q2KR7pRIVk 19bQBM4bfVPcnGIKpqQUZe+2qReIJzSf43SwM4DU4VdTdNpNM7xjAgMBAAGjggLt MIIC6TAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU 8Rg+xABNfr3zW0Ww85abx59LpSgwHgYDVR0RBBcwFYITKi5wZm0uZ2V0cG9ja2V0 LmRldjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1 c3QuY29tL3NjYTFiLTEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUF BwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1 c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0 LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFt BIIBaQFnAHYAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAF8WSLB 7gAABAMARzBFAiAiu6CUfZkHHHauqmfgi5HLtgakME36FLSQwkyVWvEaJQIhAPMQ zrxLcM4V5V5LaBcREeuINhp2Sbf476QOpt58ZC/nAHUAUaOw9f0BeZxWbbg3eI8M pHrMGyfL956IQpoN/tSLBeUAAAF8WSLB1wAABAMARjBEAiBW1CEyG458tn2XOzZO PErgX69bqhGaHEtSQ5JVFc64XwIgHsCwsgVWXBFrgjZORv2X0Ozq4A8sxhsBwz2y PVCxv0AAdgBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXxZIsGd AAAEAwBHMEUCIQCmYo7VBS0v8vyi0QkAZ4nE+RVTot61HCggLTo5d4gRYAIgRc1l Jy5r/UZk7oOwkgTAnipVBx65TjcooTP6GZAK610wDQYJKoZIhvcNAQELBQADggEB ALiwAII6S7sC9SJV0rXcfmNuHTL4/SwTboyF/JTEgWA9kFfrrZTAYroT7f2TFC2u 4Or/YNtRQyEzOqBPtDcNKgEjMl/FeiXcqZoJTDr6sCQqjfW48QKgs4dCCoF/qgaK RwsIovL1EvzzSBe3rY6dC+HPvfLpz97zKZcCfumD395dKZpaN7YMOsUDAULTQD3g NLD7Vtir50ln9YJq5pTUphu1Cx5sehdtuNx6qkZKBQnmtMs+Rsvlg5VD7ruMX82q 32r0lj7ruIjlNpL2Bw0wRaZv52Fm2KsXzvrqcDt85UxfTKdFLFi4bCWB8vwNaxFD dQM1KA9OdD3PnZM2JJZDgO4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv5TcZp8J6o5cwMiIOGX Hk7csRD5pyJjPvx4MM4IIf7fgEaqrK09iZZwKp9yw9uBGLYkCWxNOW3TbkZ3QNAr Pmm9f+fEnZzIcsZmqhEeTdIzLvOKxJQlRQosJJFpsS1FQPvkaRvkYYcc5PKn+Qxk WYo3/TeugsdRLtOL2b1SxAySGjhSSYZVii+6q8pKB2MobSH1/DoxNvXAtaGvYWYs TZx0RPSiIBYvRySkbwFv8Mf7wDm5DU231qJw6yMylBNBXwt4TeGcrM8+6by7nnuW jZ9ENike6USFZNfW0ATOG31T3JxiCqakFGXvtqkXiCc0n+N0sDOA1OFXU3TaTTO8 YwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4164254458020271311312872234793722366 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-07 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-04 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.pfm.getpocket.dev' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22090877865323718325688755033993687486357398535206207328115837073447875087938224800036631469688992886593198116936679350377395300473608598177298330422312314635202119398539431351804455472263729924964580869201979523308046175015764225564302478611286016209043265013672271648274300343909350203079771680144825740954341698024771039517056852926243280826366278774453676303491131774940277472023409837428203004294212101362401280707384772191057603955807204393818509577534468502563237174865884682951805633301880710637755656993441434474784446881340465131112782890154394758662163938648157287793985918058195139446925887925539940056163 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f1183ec4004d7ebdf35b45b0f3969bc79f4ba528 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pfm.getpocket.dev' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000017c5922c1ee0000040300473045022022bba0947d99071c76aeaa67e08b91cbb606a4304dfa14b490c24c955af11a25022100f310cebc4b70ce15e55e4b68171111eb88361a7649b7f8efa40ea6de7c642fe700750051a3b0f5fd01799c566db837788f0ca47acc1b27cbf79e88429a0dfed48b05e50000017c5922c1d70000040300463044022056d421321b8e7cb67d973b364e3c4ae05faf5baa119a1c4b5243925515ceb85f02201ec0b0b205565c116b82364e46fd97d0eceae00f2cc61b01c33db23d50b1bf4000760041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017c5922c19d0000040300473045022100a6628ed5052d2ff2fca2d109006789c4f91553a2deb51c28202d3a3977881160022045cd65272e6bfd4664ee83b09204c09e2a55071eb94e3728a133fa19900aeb5d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b8b000823a4bbb02f52255d2b5dc7e636e1d32f8fd2c136e8c85fc94c481603d9057ebad94c062ba13edfd93142daee0eaff60db514321333aa04fb4370d2a0123325fc57a25dca99a094c3afab0242a8df5b8f102a0b387420a817faa068a470b08a2f2f512fcf34817b7ad8e9d0be1cfbdf2e9cfdef32997027ee983dfde5d299a5a37b60c3ac5030142d3403de034b0fb56d8abe74967f5826ae694d4a61bb50b1e6c7a176db8dc7aaa464a0509e6b4cb3e46cbe5839543eebb8c5fcdaadf6af4963eebb888e53692f6070d3045a66fe76166d8ab17cefaea703b7ce54c5f4ca7452c58b86c2581f2fc0d6b1143750335280f4e743dcf9d933624964380ee