pennsylvania.usvitalrecords.org
Issued by Amazon
About this certificate
This digital certificate with serial number 0d:f7:34:92:a4:66:4e:ce:4f:4b:83:2c:37:4b:a5:c3 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=pennsylvania.usvitalrecords.org
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:f7:34:92:a4:66:4e:ce:4f:4b:83:2c:37:4b:a5:c3Serial Number (int): 18563527572752349936081889532802999747
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 3c:10:3a:ce:c1:0b:a8:f5:f9:21:de:3c:b4:a0:9c:95:57:88:ce:b5
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 29:a5:27:51:41:24:f8:a9:1c:d2:4d:e9:0d:11:68:67:fd:3f:16:e1
Fingerprint (sha256): 76:23:b6:b7:57:6e:0a:7a:ff:b6:27:85:2f:bb:b7:50:4f:88:a5:b3:68:3a:a4:85:76:8a:93:ac:85:fd:5f:73
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate pennsylvania.usvitalrecords.org
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pennsylvania.usvitalrecords.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
pennsylvania.usvitalrecords.org
new-york.usvitalrecords.org
california.usvitalrecords.org
new-york.usvitalrecords.org
california.usvitalrecords.org
Other certificates including the domain name usvitalrecords.org
(limited to 100 certificates)
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
checkout.usvitalrecords.org
ssl391011.cloudflaressl.com
www.usvitalrecords.org
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
usvitalrecords.org
ssl391011.cloudflaressl.com
sni.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
checkout.usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
usvitalrecords.org
usvitalrecords.org
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
sni.cloudflaressl.com
pennsylvania.usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
usvitalrecords.org
ssl391013.cloudflaressl.com
legaldocspdq.com
usvitalrecords.org
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
sni.cloudflaressl.com
www.usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
usvitalrecords.org
legaldocspdq.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
sni.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
legaldocspdq.com
ssl391011.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
pennsylvania.usvitalrecords.org
legaldocspdq.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
checkout.usvitalrecords.org
ssl391011.cloudflaressl.com
www.usvitalrecords.org
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
usvitalrecords.org
ssl391011.cloudflaressl.com
sni.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
checkout.usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
usvitalrecords.org
usvitalrecords.org
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
sni.cloudflaressl.com
pennsylvania.usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
usvitalrecords.org
ssl391013.cloudflaressl.com
legaldocspdq.com
usvitalrecords.org
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
sni.cloudflaressl.com
www.usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
usvitalrecords.org
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
usvitalrecords.org
legaldocspdq.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
sni.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
legaldocspdq.com
ssl391011.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391011.cloudflaressl.com
ssl391012.cloudflaressl.com
ssl391013.cloudflaressl.com
ssl391012.cloudflaressl.com
pennsylvania.usvitalrecords.org
legaldocspdq.com
ssl391012.cloudflaressl.com
ssl391012.cloudflaressl.com
Certificate
The complete raw certificate details for pennsylvania.usvitalrecords.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIErjCCA5agAwIBAgIQDfc0kqRmTs5PS4MsN0ulwzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xNzA4MTUwMDAwMDBaFw0xODA5MTUx MjAwMDBaMCoxKDAmBgNVBAMTH3Blbm5zeWx2YW5pYS51c3ZpdGFscmVjb3Jkcy5v cmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwBccw6m8alR8SC+La 1cdZvKGrua/ecSPzpxAsnRk/XaNl1UOY88jzOMkDx+3P7gwyjqIZmnIzLX3+IdyP H9HMENlja4Pzxn8rqjvSMzV9EKxV7UfvrC2sjCE3TziN0YsslXl6ETsZYrNHhRAN kgAjCuGxHvb/gF7HKb4bSUjR+eYdowOIQromsc8LGfZ9RxVSq00PEmHBLI0yhBYY oh060hqu3nhx1EMgHEXcqMvYJYwMOkciBEolZEtdnca7yS2xsR89wSKTNKidY0tW R8x22eK7H2JUhDEQK830m/rtB5aMYFZKOtmbDUiHBvdsds4SwMY/+CLToO24OgbN lni5AgMBAAGjggGyMIIBrjAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k9 0DAdBgNVHQ4EFgQUPBA6zsELqPX5Id48tKCclVeIzrUwZgYDVR0RBF8wXYIfcGVu bnN5bHZhbmlhLnVzdml0YWxyZWNvcmRzLm9yZ4IbbmV3LXlvcmsudXN2aXRhbHJl Y29yZHMub3Jngh1jYWxpZm9ybmlhLnVzdml0YWxyZWNvcmRzLm9yZzAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0 MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFi LmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYB BQUHMAGGIWh0dHA6Ly9vY3NwLnNjYTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEF BQcwAoYqaHR0cDovL2NydC5zY2ExYi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0 MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBABmOubNsZy/FmdoP/W42 364yUxnKwuQ31icrAnYKKH7Imf4YefomogEnAV74HrCdq+/lrqtXEhRbNJQHZ1V9 zYdV75gyL+Y0XCS5ohXy/WmOmTz7n6QkCy7pNjjt8O2UR8QJKwRkY7FEAiDkqm29 94UjxihMNZDaulxPm15q/4gII9hQ5C3xsldJxubtsjPup8vuLX6V5XMXXlVQr/Sq 1uznqKmPvs9zhtmxlkT0BYzgSlqnnBmnQHyo1HzdGB82npQ9cW2s9qa7VPDIuISq 0xC+nm8zmuMawPsCglw9Dx1h2iPJFW3qmx14hapsiD8x+bvxlIx0JvOM70AWPskv GqI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAXHMOpvGpUfEgvi2tXH Wbyhq7mv3nEj86cQLJ0ZP12jZdVDmPPI8zjJA8ftz+4MMo6iGZpyMy19/iHcjx/R zBDZY2uD88Z/K6o70jM1fRCsVe1H76wtrIwhN084jdGLLJV5ehE7GWKzR4UQDZIA IwrhsR72/4Bexym+G0lI0fnmHaMDiEK6JrHPCxn2fUcVUqtNDxJhwSyNMoQWGKId OtIart54cdRDIBxF3KjL2CWMDDpHIgRKJWRLXZ3Gu8ktsbEfPcEikzSonWNLVkfM dtniux9iVIQxECvN9Jv67QeWjGBWSjrZmw1Ihwb3bHbOEsDGP/gi06DtuDoGzZZ4 uQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18563527572752349936081889532802999747 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-15 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pennsylvania.usvitalrecords.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22220790956471141562027565783006429100876895978476910966596584725480912538107002629463845719892020496577219291767736410389321403555604644185268072817537837624607940928970532562821151016235077745127707501240599904686610568090674601689617939516696323078443054485290502967814281108309788379624505628391358107605335090482244169030022946424840095564394530380693914537650375938370380142415982909902470473712518819494870057239263888701199661193211364315685691505849040282544608900652766629689749304089443111214371947229026358912883867820901767395419191707395331663109639315222696862352087677850901615910692197197565723572409 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3c103acec10ba8f5f921de3cb4a09c955788ceb5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pennsylvania.usvitalrecords.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'new-york.usvitalrecords.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'california.usvitalrecords.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00198eb9b36c672fc599da0ffd6e36dfae325319cac2e437d6272b02760a287ec899fe1879fa26a20127015ef81eb09dabefe5aeab5712145b34940767557dcd8755ef98322fe6345c24b9a215f2fd698e993cfb9fa4240b2ee93638edf0ed9447c4092b046463b1440220e4aa6dbdf78523c6284c3590daba5c4f9b5e6aff880823d850e42df1b25749c6e6edb233eea7cbee2d7e95e573175e5550aff4aad6ece7a8a98fbecf7386d9b19644f4058ce04a5aa79c19a7407ca8d47cdd181f369e943d716dacf6a6bb54f0c8b884aad310be9e6f339ae31ac0fb02825c3d0f1d61da23c9156dea9b1d7885aa6c883f31f9bbf1948c7426f38cef40163ec92f1aa2