wallet.subsplash.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 01:04:72:8b:ea:e3:9f:5a:7f:d6:b0:0a:fa:24:b9:ef was issued on by Amazon.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=wallet.subsplash.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:04:72:8b:ea:e3:9f:5a:7f:d6:b0:0a:fa:24:b9:efSerial Number (int): 1352320463323131941525937995584420335
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: ce:fe:43:2b:8e:83:5e:d0:4e:d7:85:97:e2:85:00:f8:96:a6:0c:16
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 4d:11:fc:c5:21:de:e8:7a:98:c7:54:ca:a5:4f:b7:a0:69:58:0f:3d
Fingerprint (sha256): 69:d4:b7:23:67:2f:18:4c:db:fe:dd:b0:5d:b2:29:03:fb:22:ed:2d:58:fb:53:87:48:8d:74:0f:16:7e:f5:d8
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate wallet.subsplash.com
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for wallet.subsplash.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
wallet.subsplash.com
*.prod.giving.subsplash.net
prod.giving.subsplash.net
*.giving.subsplash.net
giving.subsplash.net
*.prod.giving.subsplash.net
prod.giving.subsplash.net
*.giving.subsplash.net
giving.subsplash.net
Other certificates including the domain name subsplash.com
(limited to 100 certificates)
*.subsplash.com
dashboard.dev.subsplash.com
cg-status.isr.co.jp
statuspage.io
cg-status.isr.co.jp
*.subsplash.com
*.static.subsplash.com
cg-status.isr.co.jp
cg-status.isr.co.jp
statuspage.io
cg-status.isr.co.jp
subsplash.com
statuspage.io
casb.status.symantec.com
statuspage.io
statuspage.io
casb.status.symantec.com
subsplash.com
statuspage.io
cg-status.isr.co.jp
*.ci.subsplash.com
statuspage.io
cg-status.isr.co.jp
statuspage.io
hello.subsplash.com
hello.subsplash.com
secure.subsplash.com
*.cdn.subsplash.com
statuspage.io
www.subsplash.com
secure.subsplash.com
cg-status.isr.co.jp
statuspage.io
statuspage.io
statuspage.io
statuspage.io
statuspage.io
*.dev.subsplash.com
statuspage.io
cg-status.isr.co.jp
www.subsplash.com
statuspage.io
*.dev.subsplash.com
*.subsplash.com
*.stage.subsplash.com
statuspage.io
wallet.subsplash.com
www.subsplash.com
secure.subsplash.com
hello.subsplash.com
www.subsplash.com
cg-status.isr.co.jp
*.subsplash.com
cg-status.isr.co.jp
statuspage.io
www.subsplash.com
www.subsplash.com
cg-status.isr.co.jp
statuspage.io
statuspage.io
statuspage.io
wallet.subsplash.com
*.subsplash.com
secure.subsplash.com
statuspage.io
statuspage.io
support.subsplash.com
cg-status.isr.co.jp
subsplash.com
cg-status.isr.co.jp
secure.subsplash.com
subsplash.com
statuspage.io
statuspage.io
cg-status.isr.co.jp
cg-status.isr.co.jp
hello.subsplash.com
www.subsplash.com
*.wallet.subsplash.com
statuspage.io
wallet.subsplash.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
support.subsplash.com
statuspage.io
statuspage.io
cg-status.isr.co.jp
pi.subsplash.com
cg-status.isr.co.jp
statuspage.io
cg-status.isr.co.jp
statuspage.io
cg-status.isr.co.jp
*.subsplash.com
*.thechurchapp.org
subsplash.com
support.subsplash.com
statuspage.io
dashboard.dev.subsplash.com
cg-status.isr.co.jp
statuspage.io
cg-status.isr.co.jp
*.subsplash.com
*.static.subsplash.com
cg-status.isr.co.jp
cg-status.isr.co.jp
statuspage.io
cg-status.isr.co.jp
subsplash.com
statuspage.io
casb.status.symantec.com
statuspage.io
statuspage.io
casb.status.symantec.com
subsplash.com
statuspage.io
cg-status.isr.co.jp
*.ci.subsplash.com
statuspage.io
cg-status.isr.co.jp
statuspage.io
hello.subsplash.com
hello.subsplash.com
secure.subsplash.com
*.cdn.subsplash.com
statuspage.io
www.subsplash.com
secure.subsplash.com
cg-status.isr.co.jp
statuspage.io
statuspage.io
statuspage.io
statuspage.io
statuspage.io
*.dev.subsplash.com
statuspage.io
cg-status.isr.co.jp
www.subsplash.com
statuspage.io
*.dev.subsplash.com
*.subsplash.com
*.stage.subsplash.com
statuspage.io
wallet.subsplash.com
www.subsplash.com
secure.subsplash.com
hello.subsplash.com
www.subsplash.com
cg-status.isr.co.jp
*.subsplash.com
cg-status.isr.co.jp
statuspage.io
www.subsplash.com
www.subsplash.com
cg-status.isr.co.jp
statuspage.io
statuspage.io
statuspage.io
wallet.subsplash.com
*.subsplash.com
secure.subsplash.com
statuspage.io
statuspage.io
support.subsplash.com
cg-status.isr.co.jp
subsplash.com
cg-status.isr.co.jp
secure.subsplash.com
subsplash.com
statuspage.io
statuspage.io
cg-status.isr.co.jp
cg-status.isr.co.jp
hello.subsplash.com
www.subsplash.com
*.wallet.subsplash.com
statuspage.io
wallet.subsplash.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
support.subsplash.com
statuspage.io
statuspage.io
cg-status.isr.co.jp
pi.subsplash.com
cg-status.isr.co.jp
statuspage.io
cg-status.isr.co.jp
statuspage.io
cg-status.isr.co.jp
*.subsplash.com
*.thechurchapp.org
subsplash.com
support.subsplash.com
statuspage.io
Certificate
The complete raw certificate details for wallet.subsplash.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGOzCCBSOgAwIBAgIQAQRyi+rjn1p/1rAK+iS57zANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDMwNTAwMDAwMFoXDTI1MDQwMzIzNTk1OVowHzEd MBsGA1UEAxMUd2FsbGV0LnN1YnNwbGFzaC5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDCdvleurc6NjcrATYHh/b+0OlZeATV5baSI7zDH7DmCkJ1 CJIE3Zl+BwLzrjK42X0JBwYsIcaRWavMCtjOTiLQOjov5GdMS6VwwJG2Q+uiQP+A 0h9x7uzomjIv0xFfaey0XYmO4i7GznlCUKMLb7QQIGqFgikez86a7fFcBPvSwDmF lBCfWz1aemHQNufrufL65CEUGmhz6ml0mALhLlOieN/3RXuACUFptMwbLs6dNA5f hL918u8N/p79b8zv3Yzf7oTsRT3RtqfqJB/k0NhHS7cScY4yN3Cf2pMRSTy16FMO rTiQrS5RZ7IsylKXMyi3QR0sGZeOFEvrpRmxYAeLAgMBAAGjggNUMIIDUDAfBgNV HSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQUzv5DK46DXtBO 14WX4oUA+JamDBYwgYUGA1UdEQR+MHyCFHdhbGxldC5zdWJzcGxhc2guY29tghsq LnByb2QuZ2l2aW5nLnN1YnNwbGFzaC5uZXSCGXByb2QuZ2l2aW5nLnN1YnNwbGFz aC5uZXSCFiouZ2l2aW5nLnN1YnNwbGFzaC5uZXSCFGdpdmluZy5zdWJzcGxhc2gu bmV0MBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDov L2NybC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY3JsMHUGCCsGAQUFBwEB BGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDMuYW1hem9udHJ1c3Qu Y29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAzLmFtYXpvbnRydXN0LmNv bS9yMm0wMy5jZXIwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIB agFoAHcATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGODEb+ZAAA BAMASDBGAiEA7NBJdtUysHQYmDe/xfzB/M8ZlcopI2UM5uR8ZuCugIQCIQDUL4wP 5ljwTBYUs9ke77F7/tqmoNk8o4q0fh+4Ft+f+gB2AH1ZHhLheCp7HGFnfF79+NCH XBSgTpWeuQMv2Q6MLnm4AAABjgxG/mAAAAQDAEcwRQIhALvQBAk1b5fRvITJSnS9 Dvb6z2q+2VthksBqp9ZgDDGhAiAuNwzb25qf4tJm0pkGviIag0qCO3axP3JoA7Ww nBJm9wB1AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABjgxG/ogA AAQDAEYwRAIgebjTdARGyvAfFsCy71ndrhoxbXBIXC1dcJhzaGoMTRECIFWsl9Yh tAJnL5U+eWbqa6JuklGEEp77Ktu5rL3qAXE7MA0GCSqGSIb3DQEBCwUAA4IBAQCq LTuSHNrFUP5aDKU5N2ctFh6hocxUh8ltx202jZ36MsynqNRfPvzSChPfZK6yF51T gVVFUJ/EeLmQtweWfGnaKO9NXzX30uaMPSxhiY8BuhZ9DNLjvi5X/S+qeo1nx7pF 4WZF74r6i+Qi4l80pmkoR9ZTuEFzhZvQzKQgF4JZs2Kws25OnK2QRMzsNO5NypNC GjuIO8y9CT0EFmYKHFvc8CSAIu9jpkwvYvDpkFzMFuTSZ1q3LMOmaO9bauP30iUk juhyx71l9zKrzHDcxrti65JsKbR9YFhlDnSgx5VvWpPMhIEo0QqBeG9/TKpNV9nw TveoDKjas4u4RJ5YlsSh -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnb5Xrq3OjY3KwE2B4f2 /tDpWXgE1eW2kiO8wx+w5gpCdQiSBN2ZfgcC864yuNl9CQcGLCHGkVmrzArYzk4i 0Do6L+RnTEulcMCRtkProkD/gNIfce7s6JoyL9MRX2nstF2JjuIuxs55QlCjC2+0 ECBqhYIpHs/Omu3xXAT70sA5hZQQn1s9Wnph0Dbn67ny+uQhFBpoc+ppdJgC4S5T onjf90V7gAlBabTMGy7OnTQOX4S/dfLvDf6e/W/M792M3+6E7EU90ban6iQf5NDY R0u3EnGOMjdwn9qTEUk8tehTDq04kK0uUWeyLMpSlzMot0EdLBmXjhRL66UZsWAH iwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1352320463323131941525937995584420335 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'wallet.subsplash.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24548899479564341965622285358581880500868190011732695479922135349417925539789020997743098968177168282748044517515929079177432216752380471304174592433524644459278548126354826648134405942312742970448616239360701036533627715058724412388902113157390472361349464884093564228872825344174982784333788346140252348395923638849264845920107303247853094222848882121224507909585953088531453285481818341159085320595354704488795720139109779414054224400366874397620962798804312483994600011549819193805665961547549392586750061764013962238596458247640542659881932913300110010683723962191774543343997641516931883220870240652714718529419 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cefe432b8e835ed04ed78597e28500f896a60c16 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wallet.subsplash.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prod.giving.subsplash.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.giving.subsplash.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.giving.subsplash.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'giving.subsplash.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e0c46fe640000040300483046022100ecd04976d532b074189837bfc5fcc1fccf1995ca2923650ce6e47c66e0ae8084022100d42f8c0fe658f04c1614b3d91eefb17bfedaa6a0d93ca38ab47e1fb816df9ffa0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018e0c46fe600000040300473045022100bbd00409356f97d1bc84c94a74bd0ef6facf6abed95b6192c06aa7d6600c31a102202e370cdbdb9a9fe2d266d29906be221a834a823b76b13f726803b5b09c1266f7007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018e0c46fe880000040300463044022079b8d3740446caf01f16c0b2ef59ddae1a316d70485c2d5d709873686a0c4d11022055ac97d621b402672f953e7966ea6ba26e925184129efb2adbb9acbdea01713b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00aa2d3b921cdac550fe5a0ca53937672d161ea1a1cc5487c96dc76d368d9dfa32cca7a8d45f3efcd20a13df64aeb2179d53815545509fc478b990b707967c69da28ef4d5f35f7d2e68c3d2c61898f01ba167d0cd2e3be2e57fd2faa7a8d67c7ba45e16645ef8afa8be422e25f34a6692847d653b84173859bd0cca420178259b362b0b36e4e9cad9044ccec34ee4dca93421a3b883bccbd093d0416660a1c5bdcf0248022ef63a64c2f62f0e9905ccc16e4d2675ab72cc3a668ef5b6ae3f7d225248ee872c7bd65f732abcc70dcc6bb62eb926c29b47d6058650e74a0c7956f5a93cc848128d10a81786f7f4caa4d57d9f04ef7a80ca8dab38bb8449e5896c4a1