assets.ipcdigital.co.uk
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 09:54:a4:31:dd:a2:fb:22:5b:02:d0:3b:20:7e:cf:3b was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=assets.ipcdigital.co.uk
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 09:54:a4:31:dd:a2:fb:22:5b:02:d0:3b:20:7e:cf:3bSerial Number (int): 12402535164129349550862256528366161723
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 2f:02:fa:52:b6:7c:95:f7:32:7f:b9:0f:65:32:93:7b:12:ed:ce:4f
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 37:68:23:b0:25:82:c3:41:3c:b1:83:ec:64:c2:51:ec:fb:c9:2d:b2
Fingerprint (sha256): 59:70:e9:e8:d9:01:a3:e7:f6:a6:e3:81:00:f3:de:2c:9d:03:59:89:e8:75:5c:fc:d6:9e:8d:df:cc:44:86:96
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate assets.ipcdigital.co.uk
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for assets.ipcdigital.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
assets.ipcdigital.co.uk
assets.ti-media.net
secure.assets.ipcdigital.co.uk
assets.ti-media.net
secure.assets.ipcdigital.co.uk
Other certificates including the domain name ipcdigital.co.uk
(limited to 100 certificates)
office.timeinc.com
cms2.ipcmediasecure.com
keystone.wp.timeincuk.net
campaign.ipcdigital.co.uk
office.timeinc.com
campaign.ipcdigital.co.uk
*.ti-media.net
tmpcaa.enterprise.corpad.timeinc.com
*.amateurgardening.com
keystone.ti-media.net
ti-media.map.fastly.net
test01.ti-media.net
keystone.ti-media.net
office.timeinc.com
dcs.secure.media.ipcdigital.co.uk
connect.secure.media.ipcdigital.co.uk
ti-media.map.fastly.net
keystone.ti-media.net
keystone.wp.timeincuk.net
cms2.ipcmediasecure.com
cms2.ipcmediasecure.com
*.bfb1.services.ipcdigital.co.uk
campaign.ipcdigital.co.uk
assets.ipcdigital.co.uk
*.bfb1.services.ipcdigital.co.uk
office.timeinc.com
keystone.ti-media.net
ipcdigital.co.uk
assets.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
office.timeinc.com
connect.secure.media.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
secure.trustedreviews.com
*.amateurgardening.com
keystone.wp.timeincuk.net
campaign.ipcdigital.co.uk
test01.ti-media.net
assets.ipcdigital.co.uk
keystone.ti-media.net
cms2.ipcmediasecure.com
test1.ti-media.net
ti-media.map.fastly.net
dcs.secure.media.ipcdigital.co.uk
*.ti-media.net
ti-media.map.fastly.net
dcs.secure.media.ipcdigital.co.uk
campaign.ipcdigital.co.uk
assets.ipcdigital.co.uk
secure.trustedreviews.com
marieclaire.ipcmediasecure.com
assets.ipcdigital.co.uk
office.timeinc.com
office.timeinc.com
ti-media.map.fastly.net
office.timeinc.com
dcs.secure.media.ipcdigital.co.uk
connect.secure.media.ipcdigital.co.uk
campaign.ipcdigital.co.uk
campaign.ipcdigital.co.uk
secure.trustedreviews.com
*.ipcdigital.co.uk
secure.stage.zardoz.ipcdigital.co.uk
*.secure.media.ipcdigital.co.uk
*.ti-media.net
test01.ti-media.net
ti-media.map.fastly.net
office.timeinc.com
ti-media.map.fastly.net
ti-media.map.fastly.net
keystone.wp.timeincuk.net
ti-media.map.fastly.net
dcs.secure.media.ipcdigital.co.uk
marieclaire.ipcmediasecure.com
keystone.wp.timeincuk.net
keystone.wp.timeincuk.net
campaign.ipcdigital.co.uk
campaign.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
keystone.wp.timeincuk.net
keystone.ti-media.net
campaign.ipcdigital.co.uk
office.timeinc.com
keystone.ti-media.net
connect.secure.media.ipcdigital.co.uk
campaign.ipcdigital.co.uk
secure.trustedreviews.com
campaign.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
test01.ti-media.net
ipcdigital.co.uk
marieclaire.ipcmediasecure.com
campaign.ipcdigital.co.uk
campaign.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
marieclaire.ipcmediasecure.com
office.timeinc.com
internal.timeincuk.net
secure.trustedreviews.com
marieclaire.ipcmediasecure.com
cms2.ipcmediasecure.com
keystone.wp.timeincuk.net
campaign.ipcdigital.co.uk
office.timeinc.com
campaign.ipcdigital.co.uk
*.ti-media.net
tmpcaa.enterprise.corpad.timeinc.com
*.amateurgardening.com
keystone.ti-media.net
ti-media.map.fastly.net
test01.ti-media.net
keystone.ti-media.net
office.timeinc.com
dcs.secure.media.ipcdigital.co.uk
connect.secure.media.ipcdigital.co.uk
ti-media.map.fastly.net
keystone.ti-media.net
keystone.wp.timeincuk.net
cms2.ipcmediasecure.com
cms2.ipcmediasecure.com
*.bfb1.services.ipcdigital.co.uk
campaign.ipcdigital.co.uk
assets.ipcdigital.co.uk
*.bfb1.services.ipcdigital.co.uk
office.timeinc.com
keystone.ti-media.net
ipcdigital.co.uk
assets.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
office.timeinc.com
connect.secure.media.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
secure.trustedreviews.com
*.amateurgardening.com
keystone.wp.timeincuk.net
campaign.ipcdigital.co.uk
test01.ti-media.net
assets.ipcdigital.co.uk
keystone.ti-media.net
cms2.ipcmediasecure.com
test1.ti-media.net
ti-media.map.fastly.net
dcs.secure.media.ipcdigital.co.uk
*.ti-media.net
ti-media.map.fastly.net
dcs.secure.media.ipcdigital.co.uk
campaign.ipcdigital.co.uk
assets.ipcdigital.co.uk
secure.trustedreviews.com
marieclaire.ipcmediasecure.com
assets.ipcdigital.co.uk
office.timeinc.com
office.timeinc.com
ti-media.map.fastly.net
office.timeinc.com
dcs.secure.media.ipcdigital.co.uk
connect.secure.media.ipcdigital.co.uk
campaign.ipcdigital.co.uk
campaign.ipcdigital.co.uk
secure.trustedreviews.com
*.ipcdigital.co.uk
secure.stage.zardoz.ipcdigital.co.uk
*.secure.media.ipcdigital.co.uk
*.ti-media.net
test01.ti-media.net
ti-media.map.fastly.net
office.timeinc.com
ti-media.map.fastly.net
ti-media.map.fastly.net
keystone.wp.timeincuk.net
ti-media.map.fastly.net
dcs.secure.media.ipcdigital.co.uk
marieclaire.ipcmediasecure.com
keystone.wp.timeincuk.net
keystone.wp.timeincuk.net
campaign.ipcdigital.co.uk
campaign.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
keystone.wp.timeincuk.net
keystone.ti-media.net
campaign.ipcdigital.co.uk
office.timeinc.com
keystone.ti-media.net
connect.secure.media.ipcdigital.co.uk
campaign.ipcdigital.co.uk
secure.trustedreviews.com
campaign.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
test01.ti-media.net
ipcdigital.co.uk
marieclaire.ipcmediasecure.com
campaign.ipcdigital.co.uk
campaign.ipcdigital.co.uk
dcs.secure.media.ipcdigital.co.uk
marieclaire.ipcmediasecure.com
office.timeinc.com
internal.timeincuk.net
secure.trustedreviews.com
marieclaire.ipcmediasecure.com
Certificate
The complete raw certificate details for assets.ipcdigital.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDjCCBPagAwIBAgIQCVSkMd2i+yJbAtA7IH7POzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTEwODAwMDAwMFoXDTI0MTIwNjIzNTk1OVowIjEg MB4GA1UEAxMXYXNzZXRzLmlwY2RpZ2l0YWwuY28udWswggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQDU8VGe/vYaauBCFUrkiAaYqKrvzajR5PqmDwowTHIZ ddtcpwHy4HefBFhkUOGN0lmEEyLxag2qt/5xACHxY5/+3z7NVpxqATAWv9SXoyxo mUHjORHDpA9gCt/iyxCUkTou6Bx0nzzAWW5Tdz/QvgZllTPaJ4+hebtZsoZXQeyx bxexKjzE+fAN9q6cWOFnVCjzzn/U6aQCXpsJF6sL2ordC7i2PRYMIe2A/yzrrZdF 9fPxjkr9txtw9/e6C+1JMPDAFU2Zpg17J0JoZsUxzuYKRMVCxwxcO23NBD+W8Kzx 3iy004KJ/GdtFI85QpUMUxKb/8brgSg5kBx4YysxPyxDAgMBAAGjggMkMIIDIDAf BgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQULwL6UrZ8 lfcyf7kPZTKTexLtzk8wVwYDVR0RBFAwToIXYXNzZXRzLmlwY2RpZ2l0YWwuY28u dWuCE2Fzc2V0cy50aS1tZWRpYS5uZXSCHnNlY3VyZS5hc3NldHMuaXBjZGlnaXRh bC5jby51azATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0 dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEF BQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRy dXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVz dC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIB bQSCAWkBZwB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABi65W vNsAAAQDAEcwRQIhAJgrXezes4s6JtYTtMdrkeYnRdK81Tkqtj3shc6nt9IMAiBe XICSALBFCs05IJpSTOfKUFfnpj6lcO3RGz2GRLABjAB1AEiw42vapkc0D+VqAvqd MOscUgHLVt0sgdm7v6s52IRzAAABi65WvP4AAAQDAEYwRAIgTSmt62I8HAVfty70 C+2MnGMeCFOsXxa0SfQSMNM9ge0CIBURwlI6NMqoHsApfr6J0anEFnvR5byHzofX 1+w3hLVBAHYAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGLrla9 RAAABAMARzBFAiBq7040jhjj9AzG2tijBL5tfz/h4ei6KFV4As0sejPt9QIhAO10 wmHz8lxnl6iJtJhMOou5cGMNKvfITS5ng0KFP4A1MA0GCSqGSIb3DQEBCwUAA4IB AQBOQrRqjUBui/ImBb8S19pYOYhHJE1pJUcs2HwgxKd8OWYHQE1mqoObCfN7e8IC Grx+PwuZBwFbhPmJaSV9j5wxUpgpKz6CiUXge4SOhWT7MoyocnDv1TTt/7YYHZEu XumdUd5vpUQPxMw+7cXuQ+uLfNUhetoqJTYNGsoqC64CKhObQ/od76Qr+GsmIYnM /rj4x0om+U7z5ZUkw9y4Ip8o1kZwb30dDL7MS59CwVoiK0ARyR23bpz3pQotOFay Z9SIOZqWQ1rm0TtJ7s21gcvWPrCjAFFMT5hQHOjbNkUdBYSW5S+KwbHThvdu+ln/ BDy4F8t8kpbtB1eOORN6OmIy -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PFRnv72GmrgQhVK5IgG mKiq782o0eT6pg8KMExyGXXbXKcB8uB3nwRYZFDhjdJZhBMi8WoNqrf+cQAh8WOf /t8+zVacagEwFr/Ul6MsaJlB4zkRw6QPYArf4ssQlJE6LugcdJ88wFluU3c/0L4G ZZUz2iePoXm7WbKGV0HssW8XsSo8xPnwDfaunFjhZ1Qo885/1OmkAl6bCRerC9qK 3Qu4tj0WDCHtgP8s662XRfXz8Y5K/bcbcPf3ugvtSTDwwBVNmaYNeydCaGbFMc7m CkTFQscMXDttzQQ/lvCs8d4stNOCifxnbRSPOUKVDFMSm//G64EoOZAceGMrMT8s QwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12402535164129349550862256528366161723 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-06 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'assets.ipcdigital.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26881519404173289575980674178204989126874359640011106256591446116219771780800925864565479458083725001055067106715615348560504355408971988263556131031988008312140712703123695502273157702140510958700681051268458890620491596764575221564930785537330898270207957592862064471744171347290488133418781478193488219568630205939689753254642089762150334708367658138057530456602703132281622622848078169240476817763881821270282864177967276893391163186506204234088731431916992857570266489651452777868284510845186762052103929004016023746263448075815223355507901868540335091787631473264748513839023991280282493863588863345234370571331 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2f02fa52b67c95f7327fb90f6532937b12edce4f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.ipcdigital.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.ti-media.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.assets.ipcdigital.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bae56bcdb0000040300473045022100982b5decdeb38b3a26d613b4c76b91e62745d2bcd5392ab63dec85cea7b7d20c02205e5c809200b0450acd39209a524ce7ca5057e7a63ea570edd11b3d8644b0018c00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bae56bcfe000004030046304402204d29adeb623c1c055fb72ef40bed8c9c631e0853ac5f16b449f41230d33d81ed02201511c2523a34caa81ec0297ebe89d1a9c4167bd1e5bc87ce87d7d7ec3784b5410076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bae56bd44000004030047304502206aef4e348e18e3f40cc6dad8a304be6d7f3fe1e1e8ba28557802cd2c7a33edf5022100ed74c261f3f25c6797a889b4984c3a8bb970630d2af7c84d2e678342853f8035 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004e42b46a8d406e8bf22605bf12d7da58398847244d6925472cd87c20c4a77c396607404d66aa839b09f37b7bc2021abc7e3f0b9907015b84f98969257d8f9c315298292b3e828945e07b848e8564fb328ca87270efd534edffb6181d912e5ee99d51de6fa5440fc4cc3eedc5ee43eb8b7cd5217ada2a25360d1aca2a0bae022a139b43fa1defa42bf86b262189ccfeb8f8c74a26f94ef3e59524c3dcb8229f28d646706f7d1d0cbecc4b9f42c15a222b4011c91db76e9cf7a50a2d3856b267d488399a96435ae6d13b49eecdb581cbd63eb0a300514c4f98501ce8db36451d058496e52f8ac1b1d386f76efa59ff043cb817cb7c9296ed07578e39137a3a6232