*.promotions.dev.greetz-nl.net
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 03:06:83:3f:4a:06:23:e1:69:c5:95:b5:2e:52:fb:2f was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.promotions.dev.greetz-nl.net
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:06:83:3f:4a:06:23:e1:69:c5:95:b5:2e:52:fb:2fSerial Number (int): 4021499778447587074624612074710563631
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: db:c9:2f:a2:af:44:aa:54:a9:ba:62:5c:9e:3c:ce:a1:ff:0b:cd:a7
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 67:bd:b1:aa:68:aa:ec:d8:a7:2c:db:20:fb:4d:85:08:d1:5b:8f:88
Fingerprint (sha256): 6f:fc:c7:b5:a1:05:47:5d:c3:d4:09:55:8e:37:41:42:ca:b1:98:0b:29:74:44:94:4a:7e:0c:8e:5a:27:dc:d0
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate *.promotions.dev.greetz-nl.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.promotions.dev.greetz-nl.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.promotions.dev.greetz-nl.net
*.api.promotions.dev.greetz-nl.net
*.api.promotions.dev.greetz-nl.net
Other certificates including the domain name greetz-nl.net
(limited to 100 certificates)
*.suggestions.uat.greetz-nl.net
*.renderer.uat.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.web-explore-server.prod.greetz-nl.net
*.promotions.dev.greetz-nl.net
*.devrepo.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.renderer.uat.greetz-nl.net
*.web-flags.dev.greetz-nl.net
*.content.uat.greetz-nl.net
*.renderer.uat.greetz-nl.net
*.consignments.dev.greetz-nl.net
*.web-purchase-server.uat.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.consignments.dev.greetz-nl.net
*.reviews.dev.greetz-nl.net
*.consignments.uat.greetz-nl.net
*.web-flags.uat.greetz-nl.net
*.web-personalise-server.prod.greetz-nl.net
*.renderer.prod.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.deliveryconfiguration.uat.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.prod.greetz-nl.net
*.content.dev.greetz-nl.net
api.prod.greetz-nl.net
*.product.dev.greetz-nl.net
*.deliveryconfiguration.prod.greetz-nl.net
*.web-explore-server.uat.greetz-nl.net
*.deliveries.prod.greetz-nl.net
*.studio.uat.greetz-nl.net
*.suggestions.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.renderer.prod.greetz-nl.net
*.promotions.prod.greetz-nl.net
*.favourites.prod.greetz-nl.net
*.studio.dev.greetz-nl.net
www.greetz.nl
*.customer-services.uat.greetz-nl.net
*.content.uat.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.web-customer-server.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.deliveryconfiguration.dev.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.deliveries.uat.greetz-nl.net
*.deliveryconfiguration.uat.greetz-nl.net
*.consignments.uat.greetz-nl.net
*.web-personalise-server.prod.greetz-nl.net
*.web-explore-server.prod.greetz-nl.net
*.web-personalise-server.dev.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.design.prod.greetz-nl.net
*.product.dev.greetz-nl.net
*.favourites.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.content.uat.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.web-explore.prod.greetz-nl.net
*.reviews.prod.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.web-flags.dev.greetz-nl.net
*.deliveryconfiguration.dev.greetz-nl.net
*.deliveryconfiguration.dev.greetz-nl.net
*.ui-events.uat.greetz-nl.net
*.content.uat.greetz-nl.net
*.web-customer-server.prod.greetz-nl.net
*.addresses.prod.greetz-nl.net
*.product.dev.greetz-nl.net
*.suggested-messages.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.template.uat.greetz-nl.net
*.webhook-v2.content.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.authentication.dev.greetz-nl.net
*.favourites.uat.greetz-nl.net
webhook-v2.content.prod.greetz-nl.net
api.uat.greetz-nl.net
*.web-personalise-server.uat.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.content.prod.greetz-nl.net
*.web-explore-server.uat.greetz-nl.net
*.product.dev.greetz-nl.net
*.web-purchase-server.uat.greetz-nl.net
*.promotions.dev.greetz-nl.net
*.aichatbot.dev.greetz-nl.net
*.web-purchase-server.prod.greetz-nl.net
*.web-explore-server.dev.greetz-nl.net
*.ui-events.prod.greetz-nl.net
*.content.uat.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.ui-events.prod.greetz-nl.net
*.renderer.uat.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.web-explore-server.prod.greetz-nl.net
*.promotions.dev.greetz-nl.net
*.devrepo.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.renderer.uat.greetz-nl.net
*.web-flags.dev.greetz-nl.net
*.content.uat.greetz-nl.net
*.renderer.uat.greetz-nl.net
*.consignments.dev.greetz-nl.net
*.web-purchase-server.uat.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.consignments.dev.greetz-nl.net
*.reviews.dev.greetz-nl.net
*.consignments.uat.greetz-nl.net
*.web-flags.uat.greetz-nl.net
*.web-personalise-server.prod.greetz-nl.net
*.renderer.prod.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.deliveryconfiguration.uat.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.product.prod.greetz-nl.net
*.content.dev.greetz-nl.net
api.prod.greetz-nl.net
*.product.dev.greetz-nl.net
*.deliveryconfiguration.prod.greetz-nl.net
*.web-explore-server.uat.greetz-nl.net
*.deliveries.prod.greetz-nl.net
*.studio.uat.greetz-nl.net
*.suggestions.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.renderer.prod.greetz-nl.net
*.promotions.prod.greetz-nl.net
*.favourites.prod.greetz-nl.net
*.studio.dev.greetz-nl.net
www.greetz.nl
*.customer-services.uat.greetz-nl.net
*.content.uat.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.web-customer-server.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.deliveryconfiguration.dev.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.deliveries.uat.greetz-nl.net
*.deliveryconfiguration.uat.greetz-nl.net
*.consignments.uat.greetz-nl.net
*.web-personalise-server.prod.greetz-nl.net
*.web-explore-server.prod.greetz-nl.net
*.web-personalise-server.dev.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.design.prod.greetz-nl.net
*.product.dev.greetz-nl.net
*.favourites.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.content.uat.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.web-explore.prod.greetz-nl.net
*.reviews.prod.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.web-flags.dev.greetz-nl.net
*.deliveryconfiguration.dev.greetz-nl.net
*.deliveryconfiguration.dev.greetz-nl.net
*.ui-events.uat.greetz-nl.net
*.content.uat.greetz-nl.net
*.web-customer-server.prod.greetz-nl.net
*.addresses.prod.greetz-nl.net
*.product.dev.greetz-nl.net
*.suggested-messages.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.template.uat.greetz-nl.net
*.webhook-v2.content.dev.greetz-nl.net
*.product.dev.greetz-nl.net
*.authentication.dev.greetz-nl.net
*.favourites.uat.greetz-nl.net
webhook-v2.content.prod.greetz-nl.net
api.uat.greetz-nl.net
*.web-personalise-server.uat.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.content.prod.greetz-nl.net
*.web-explore-server.uat.greetz-nl.net
*.product.dev.greetz-nl.net
*.web-purchase-server.uat.greetz-nl.net
*.promotions.dev.greetz-nl.net
*.aichatbot.dev.greetz-nl.net
*.web-purchase-server.prod.greetz-nl.net
*.web-explore-server.dev.greetz-nl.net
*.ui-events.prod.greetz-nl.net
*.content.uat.greetz-nl.net
*.products-lookup.dev.greetz-nl.net
*.ui-events.prod.greetz-nl.net
Certificate
The complete raw certificate details for *.promotions.dev.greetz-nl.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEnzCCA4egAwIBAgIQAwaDP0oGI+FpxZW1LlL7LzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIxNzAwMDAwMFoXDTI1MDExNTIzNTk1OVowKTEn MCUGA1UEAwweKi5wcm9tb3Rpb25zLmRldi5ncmVldHotbmwubmV0MIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Tdc5fkDEk7+hrHPYUZ9eRNfDkLBQq+s KXG7JS+Xz0ehohCTqnzd6SdMPFcwTvRTzxBitQUDE+Z6BquksQSN7SUgq8Nj1pnH HG9PdZIxBWscC6WU9G9tHYA8ZrM1Ma1QJ96YqbcMbxY7vEM1jnl08engEkHHMNz1 9zTSoeqCtZK7LO76x1ORRFqwD9olCtdei6gmGuUdIi4iZV9rg5QajwOcaB1uzBBM RSQu4T7X5lAWkPCqXaK+sl/Ypz5W6uzoh6rELnjffyo0bu+tW7bYmVH9y3gj61q1 hitlovNTjZrdeC2nhAG9QCsy/hNpHjaZw+CPqesPRm2E3HEXJs43oQIDAQABo4IB rjCCAaowHwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYE FNvJL6KvRKpUqbpiXJ48zqH/C82nME0GA1UdEQRGMESCHioucHJvbW90aW9ucy5k ZXYuZ3JlZXR6LW5sLm5ldIIiKi5hcGkucHJvbW90aW9ucy5kZXYuZ3JlZXR6LW5s Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6 Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNybDB1BggrBgEFBQcB AQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAyLmFtYXpvbnRydXN0 LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5hbWF6b250cnVzdC5j b20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB/wQCBQAw DQYJKoZIhvcNAQELBQADggEBAIsBc3sekgsvjU35zhVZGE1y/Q0JHSKhPMQDjBqS wOe50GjzZzBZsHElD0n7BUcAygv6j0Wa47g1zrpFEtTzhcdsA0+juFIEJm+KgLEU oa+Y0DWJNsc6g93AsRTxmZfdDiHzfqh7m2pOaMl7Q+vVbdfeU7RYiUsQbppzrSCR 2ltuS085MIrWJsBT6fddFx3RhfwkTaeqgdUsmAfamk5qOPfi7eBehiCq8FPpiNz2 kM4sSfGqxNVg5ks7i0dbHJNY5WBEkl58+GtPYZH8Bv1y85GG/IlPX2NmwJG8Yri1 meByH74lxv62otObw2QaTyOeguFG5COtkXUcXedjKxLH7+w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Tdc5fkDEk7+hrHPYUZ9 eRNfDkLBQq+sKXG7JS+Xz0ehohCTqnzd6SdMPFcwTvRTzxBitQUDE+Z6BquksQSN 7SUgq8Nj1pnHHG9PdZIxBWscC6WU9G9tHYA8ZrM1Ma1QJ96YqbcMbxY7vEM1jnl0 8engEkHHMNz19zTSoeqCtZK7LO76x1ORRFqwD9olCtdei6gmGuUdIi4iZV9rg5Qa jwOcaB1uzBBMRSQu4T7X5lAWkPCqXaK+sl/Ypz5W6uzoh6rELnjffyo0bu+tW7bY mVH9y3gj61q1hitlovNTjZrdeC2nhAG9QCsy/hNpHjaZw+CPqesPRm2E3HEXJs43 oQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4021499778447587074624612074710563631 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-15 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.promotions.dev.greetz-nl.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29440825512745734708216850235155216693702960025507391565735275659506728670574167897682101455107276817530399662549030855365642043159628428182011829658384078963700874868799647351508210357891137244177480323947401871841721169111631972751115275474537424840438547274226866897748038408056776398244009589102521130310914034429593545386984650658823929716960347339123726640521769357555784488638095039319086574804369673113036410487248507217214107946824127233068593938488290024709278225069950241987027226042009461401630814262528841379095455428250348621133678435598563132771340897620204406865001691532343741376455952048842534172577 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dbc92fa2af44aa54a9ba625c9e3ccea1ff0bcda7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.promotions.dev.greetz-nl.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.api.promotions.dev.greetz-nl.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008b01737b1e920b2f8d4df9ce1559184d72fd0d091d22a13cc4038c1a92c0e7b9d068f3673059b071250f49fb054700ca0bfa8f459ae3b835ceba4512d4f385c76c034fa3b85204266f8a80b114a1af98d0358936c73a83ddc0b114f19997dd0e21f37ea87b9b6a4e68c97b43ebd56dd7de53b458894b106e9a73ad2091da5b6e4b4f39308ad626c053e9f75d171dd185fc244da7aa81d52c9807da9a4e6a38f7e2ede05e8620aaf053e988dcf690ce2c49f1aac4d560e64b3b8b475b1c9358e56044925e7cf86b4f6191fc06fd72f39186fc894f5f6366c091bc62b8b599e0721fbe25c6feb6a2d39bc3641a4f239e82e146e423ad91751c5de7632b12c7efec