*.health.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0e:a1:01:2c:68:71:cc:3d:24:58:ed:e7:d2:1e:c6:0c was issued on by Amazon.
With 25 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=*.health.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:a1:01:2c:68:71:cc:3d:24:58:ed:e7:d2:1e:c6:0cSerial Number (int): 19445175535985697877817325727374034444
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 45:09:c0:e1:db:db:47:05:8d:42:41:f7:23:37:42:08:2d:a1:20:89
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 5f:24:0d:29:d0:38:64:17:4f:1c:81:08:ba:7e:ea:55:ff:b4:41:45
Fingerprint (sha256): 64:fd:30:1f:27:f3:af:99:c4:77:2b:37:4a:3e:c5:3e:de:dd:61:c6:3a:25:a0:eb:9e:df:eb:4d:91:9b:e2:93
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl
Check the revocation status for certificate *.health.com
25
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.health.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.health.com
*.dailypaws.com
*.shape.com
*.allrecipes.com
*.woodmagazine.com
*.ew.com
*.allpeoplequilt.com
*.hellogiggles.com
*.people.com
*.mywedding.com
*.realsimple.com
*.midwestliving.com
*.peopleenespanol.com
*.more.com
*.eatingwell.com
*.foodandwine.com
*.parenting.com
*.southernliving.com
*.instyle.com
*.myrecipes.com
*.agriculture.com
*.cookinglight.com
*.bhg.com
*.marthastewart.com
*.parents.com
*.dailypaws.com
*.shape.com
*.allrecipes.com
*.woodmagazine.com
*.ew.com
*.allpeoplequilt.com
*.hellogiggles.com
*.people.com
*.mywedding.com
*.realsimple.com
*.midwestliving.com
*.peopleenespanol.com
*.more.com
*.eatingwell.com
*.foodandwine.com
*.parenting.com
*.southernliving.com
*.instyle.com
*.myrecipes.com
*.agriculture.com
*.cookinglight.com
*.bhg.com
*.marthastewart.com
*.parents.com
Other certificates including the domain name health.com
(limited to 100 certificates)
*.allyou.com
office.timeinc.com
subscription.timeinc.com
subscription.timeinc.com
qa-subscription.ecommerce.timeinc.com
accounts.bhg.com
*.secure.meredith.com
secure.meredith.com
www.timeinclistrental.com
qa-subscription.ecommerce.timeinc.com
qa-subscription.ecommerce.timeinc.com
smetrics.health.com
*.health.com
sli.dailypaws.com
sli.dailypaws.com
office.timeinc.com
sli.health.com
qa-subscription.ecommerce.timeinc.com
dev-dcms.www.timeinc.net
prod-dcms.www.timeinc.net
subscription.timeinc.com
app.dreader.timeinc.net
www.meredith.com
health.com
specialoffers.meredith.com
*.meredithperformancemarketing.com
smetrics.health.com
qa-profiles-uat.timeinc.net
tmpcaa.enterprise.corpad.timeinc.com
sli.dailypaws.com
www.timeinclistrental.com
rails.timeinc.net
sli.dailypaws.com
xid.coastalliving.com
*.meredithperformancemarketing.com
xid.coastalliving.com
prod-dcms.www.timeinc.net
xid.coastalliving.com
sli.dailypaws.com
*.health.com
www.reference.dcms-sa.timeinc.net
news.health.com
secure.meredith.com
*.health.com
pages.email.coastalliving.com
accounts.bhg.com
office.timeinc.com
xid.coastalliving.com
subscription.timeinc.com
accounts.bhg.com
prod-dcms.www.timeinc.net
subscription.timeinc.com
health.com
www.timeinclistrental.com
health.com
prod-dcms.www.timeinc.net
subscription.timeinc.com
www.meredith.com
dev-dcms.www.timeinc.net
subscription.timeinc.com
qa-profiles.timeinc.net
secure.meredith.com
accounts.bhg.com
www.timeinclistrental.com
recipes-admin.health.com
amp.health.com
health.com
secure.meredith.com
*.allyou.com
subscription-assets.timeinc.com
subscription.timeinc.com
subscription.timeinc.com
www.reference.dcms-sa.timeinc.net
*.health.com
a-ue1.dotdash.com
smetrics.health.com
health.com
sli.dailypaws.com
dev-app.dreader.timeinc.net
rails.timeinc.net
rails.timeinc.net
subscription.timeinc.com
*.health.com
sli.dailypaws.com
*.health.com
pages.email.time.com
*.health.com
www.timeinclistrental.com
subscription.timeinc.com
links.allrecipes.com
sli.dailypaws.com
*.health.com
office.timeinc.com
smetrics.health.com
www.timeinclistrental.com
pages.email.coastalliving.com
subscription.timeinc.com
secure.meredith.com
subscription.timeinc.com
subscription.timeinc.com
office.timeinc.com
subscription.timeinc.com
subscription.timeinc.com
qa-subscription.ecommerce.timeinc.com
accounts.bhg.com
*.secure.meredith.com
secure.meredith.com
www.timeinclistrental.com
qa-subscription.ecommerce.timeinc.com
qa-subscription.ecommerce.timeinc.com
smetrics.health.com
*.health.com
sli.dailypaws.com
sli.dailypaws.com
office.timeinc.com
sli.health.com
qa-subscription.ecommerce.timeinc.com
dev-dcms.www.timeinc.net
prod-dcms.www.timeinc.net
subscription.timeinc.com
app.dreader.timeinc.net
www.meredith.com
health.com
specialoffers.meredith.com
*.meredithperformancemarketing.com
smetrics.health.com
qa-profiles-uat.timeinc.net
tmpcaa.enterprise.corpad.timeinc.com
sli.dailypaws.com
www.timeinclistrental.com
rails.timeinc.net
sli.dailypaws.com
xid.coastalliving.com
*.meredithperformancemarketing.com
xid.coastalliving.com
prod-dcms.www.timeinc.net
xid.coastalliving.com
sli.dailypaws.com
*.health.com
www.reference.dcms-sa.timeinc.net
news.health.com
secure.meredith.com
*.health.com
pages.email.coastalliving.com
accounts.bhg.com
office.timeinc.com
xid.coastalliving.com
subscription.timeinc.com
accounts.bhg.com
prod-dcms.www.timeinc.net
subscription.timeinc.com
health.com
www.timeinclistrental.com
health.com
prod-dcms.www.timeinc.net
subscription.timeinc.com
www.meredith.com
dev-dcms.www.timeinc.net
subscription.timeinc.com
qa-profiles.timeinc.net
secure.meredith.com
accounts.bhg.com
www.timeinclistrental.com
recipes-admin.health.com
amp.health.com
health.com
secure.meredith.com
*.allyou.com
subscription-assets.timeinc.com
subscription.timeinc.com
subscription.timeinc.com
www.reference.dcms-sa.timeinc.net
*.health.com
a-ue1.dotdash.com
smetrics.health.com
health.com
sli.dailypaws.com
dev-app.dreader.timeinc.net
rails.timeinc.net
rails.timeinc.net
subscription.timeinc.com
*.health.com
sli.dailypaws.com
*.health.com
pages.email.time.com
*.health.com
www.timeinclistrental.com
subscription.timeinc.com
links.allrecipes.com
sli.dailypaws.com
*.health.com
office.timeinc.com
smetrics.health.com
www.timeinclistrental.com
pages.email.coastalliving.com
subscription.timeinc.com
secure.meredith.com
subscription.timeinc.com
subscription.timeinc.com
Certificate
The complete raw certificate details for *.health.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDDCCBPSgAwIBAgIQDqEBLGhxzD0kWO3n0h7GDDANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjA4MDUwMDAwMDBaFw0yMzA5MDMy MzU5NTlaMBcxFTATBgNVBAMMDCouaGVhbHRoLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAKiUVLa338zw1z8YWLJliq2NBRTFI12pGnQOizy6D1yY 6gOzv3ViWrDio1lTDs98IbRtvauCoEv1tw5qKNhpq4WgeQ6AQDp7GL/qRs7Q8wr3 6LIiP+wSUbYRoF9r6DIngp7WfsjHiMGcKXTksRlTbnbXzQa+EO+7rLRQdx5SEX/x S9/ooVYRGgPp4YiNILIESFBo72owD2hOOHYIMtUsUUVjRnQ9LP14y0AO4sR79Hc1 Epk0qdMthPe7MjLFkVsARyH/aqe6mB6qSpWiqlHZ7nv3IEQB4MtXYJUphm4ulRkg 9c4O7KaK+kNovdtEkg+WoObOkL6MmNmEtYXMrUta3U8CAwEAAaOCAyMwggMfMB8G A1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBRFCcDh29tH BY1CQfcjN0IILaEgiTCCAb4GA1UdEQSCAbUwggGxggwqLmhlYWx0aC5jb22CDyou ZGFpbHlwYXdzLmNvbYILKi5zaGFwZS5jb22CECouYWxscmVjaXBlcy5jb22CEiou d29vZG1hZ2F6aW5lLmNvbYIIKi5ldy5jb22CFCouYWxscGVvcGxlcXVpbHQuY29t ghIqLmhlbGxvZ2lnZ2xlcy5jb22CDCoucGVvcGxlLmNvbYIPKi5teXdlZGRpbmcu Y29tghAqLnJlYWxzaW1wbGUuY29tghMqLm1pZHdlc3RsaXZpbmcuY29tghUqLnBl b3BsZWVuZXNwYW5vbC5jb22CCioubW9yZS5jb22CECouZWF0aW5nd2VsbC5jb22C ESouZm9vZGFuZHdpbmUuY29tgg8qLnBhcmVudGluZy5jb22CFCouc291dGhlcm5s aXZpbmcuY29tgg0qLmluc3R5bGUuY29tgg8qLm15cmVjaXBlcy5jb22CESouYWdy aWN1bHR1cmUuY29tghIqLmNvb2tpbmdsaWdodC5jb22CCSouYmhnLmNvbYITKi5t YXJ0aGFzdGV3YXJ0LmNvbYINKi5wYXJlbnRzLmNvbTAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD0GA1UdHwQ2MDQwMqAwoC6G LGh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLTEuY3JsMBMG A1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYh aHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipo dHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcnQwDAYDVR0T AQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEA VbN+4yFkTuk/UrNDGs7gYz/Hnq5th7AOqH2PI3vYO104JSAPhffZQ8XTfY6PqWyg oomtBwBz90/p64dAqiqvL1TLAv71rJviKUhclYNtPmLklJsznrUWf9agS2baKJBT PeJZrZ9EtdfjWwtXHhhpBA9BZwbnLEuM9N+KlbTIPqWOqiD5y1flrGRX5W8bI8on /360QpNbP0Ye2AFNniHM3Z/j/i2Z+lYuSrXUMBnJXUP92ilAxZHIRyS2bzsdBYGN wlmTkl1xJKFAA/QXSXj1gtFO9yzbGMeuXedPDg0ds656jo84tGSASiJ3qwh0g8uB K0cpfwrw3on7mp9Sjuev8A== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJRUtrffzPDXPxhYsmWK rY0FFMUjXakadA6LPLoPXJjqA7O/dWJasOKjWVMOz3whtG29q4KgS/W3Dmoo2Gmr haB5DoBAOnsYv+pGztDzCvfosiI/7BJRthGgX2voMieCntZ+yMeIwZwpdOSxGVNu dtfNBr4Q77ustFB3HlIRf/FL3+ihVhEaA+nhiI0gsgRIUGjvajAPaE44dggy1SxR RWNGdD0s/XjLQA7ixHv0dzUSmTSp0y2E97syMsWRWwBHIf9qp7qYHqpKlaKqUdnu e/cgRAHgy1dglSmGbi6VGSD1zg7spor6Q2i920SSD5ag5s6QvoyY2YS1hcytS1rd TwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19445175535985697877817325727374034444 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.health.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21281179933667701268714927067060216903021651290669771247818250363621120962971965403288242190291161030639439046971637695097357053139942679166512366715998450407565304825554917768627375480166088929430610302008343536145515459206020685348069391602753601276449449836562831558688854871860410373933425204080797699296294592406430687504049823624529816979279307752023762582741941627677145010071904776608087227795235290367492768832982149757504868282713449757016356041606971658237776958236442075842777265998146485226798100976516315952873902576235452446812761543082868446692956031539588691119153353997168473253344029123363093536079 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4509c0e1dbdb47058d4241f7233742082da12089 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (437 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.health.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dailypaws.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shape.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.allrecipes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.woodmagazine.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ew.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.allpeoplequilt.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hellogiggles.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.people.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mywedding.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.realsimple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.midwestliving.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.peopleenespanol.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.more.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.eatingwell.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.foodandwine.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.parenting.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.southernliving.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.instyle.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.myrecipes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.agriculture.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cookinglight.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bhg.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.marthastewart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.parents.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0055b37ee321644ee93f52b3431acee0633fc79eae6d87b00ea87d8f237bd83b5d3825200f85f7d943c5d37d8e8fa96ca0a289ad070073f74fe9eb8740aa2aaf2f54cb02fef5ac9be229485c95836d3e62e4949b339eb5167fd6a04b66da2890533de259ad9f44b5d7e35b0b571e1869040f416706e72c4b8cf4df8a95b4c83ea58eaa20f9cb57e5ac6457e56f1b23ca27ff7eb442935b3f461ed8014d9e21ccdd9fe3fe2d99fa562e4ab5d43019c95d43fdda2940c591c84724b66f3b1d05818dc25993925d7124a14003f4174978f582d14ef72cdb18c7ae5de74f0e0d1db3ae7a8e8f38b464804a2277ab087483cb812b47297f0af0de89fb9a9f528ee7aff0