client-cf-secure-client-business2.mrpdns.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 03:d4:2e:91:97:23:3c:5a:ce:9b:7b:09:96:66:50:53 was issued on by Amazon.
With 29 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=client-cf-secure-client-business2.mrpdns.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:d4:2e:91:97:23:3c:5a:ce:9b:7b:09:96:66:50:53Serial Number (int): 5089395447064297524921523525508288595
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 22:6d:23:7a:7e:96:88:e1:5e:44:c7:80:87:39:b7:2f:61:79:ec:3c
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): f7:74:60:09:84:aa:8a:4b:73:58:2c:4d:f6:33:84:f7:59:91:ce:74
Fingerprint (sha256): 79:68:e3:0b:e3:b6:d1:05:90:0c:8f:e1:b4:fa:70:30:fc:2d:12:a9:4b:58:4c:83:d9:52:39:cb:22:4a:cc:ee
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate client-cf-secure-client-business2.mrpdns.com
29
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for client-cf-secure-client-business2.mrpdns.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
client-cf-secure-client-business2.mrpdns.com
*.dirtdraft.com
bestenginestexas.com
*.dirt2media.com
fcseptic.com
*.springpro1.com
5150racetrailers.com
*.trailer-alarms.com
*.promotersnewsletter.com
*.aaadumpsterdemolition.com
*.joeprovoracewear.com
*.5150racetrailers.com
promotersnewsletter.com
*.shocksbyhammer.com
dirtdraft.com
*.pwaire.com
trailer-alarms.com
*.bestenginestexas.com
pwaire.com
shocksbyhammer.com
dirt2media.com
aaadumpsterdemolition.com
*.fcseptic.com
springpro1.com
*.cctransportationllc.com
cctransportationllc.com
cleanairduct.com
joeprovoracewear.com
*.cleanairduct.com
*.dirtdraft.com
bestenginestexas.com
*.dirt2media.com
fcseptic.com
*.springpro1.com
5150racetrailers.com
*.trailer-alarms.com
*.promotersnewsletter.com
*.aaadumpsterdemolition.com
*.joeprovoracewear.com
*.5150racetrailers.com
promotersnewsletter.com
*.shocksbyhammer.com
dirtdraft.com
*.pwaire.com
trailer-alarms.com
*.bestenginestexas.com
pwaire.com
shocksbyhammer.com
dirt2media.com
aaadumpsterdemolition.com
*.fcseptic.com
springpro1.com
*.cctransportationllc.com
cctransportationllc.com
cleanairduct.com
joeprovoracewear.com
*.cleanairduct.com
Other certificates including the domain name mrpdns.com
(limited to 100 certificates)
*.myracepass.com
client-cf-secure-client-track3.mrpdns.com
client-cf-secure-client-track4.mrpdns.com
client-cf-secure-client-business2.mrpdns.com
*.myracepass.com
*.myracepass.com
client-cf-secure-client-track4.mrpdns.com
api.myracepass.com
client-cf-secure-client-business2.mrpdns.com
*.myracepass.com
client-cf-secure-client-track3.mrpdns.com
*.myracepass.com
client-cf-secure-client-track4.mrpdns.com
*.myracepass.com
client-cf-secure-client-driver5.mrpdns.com
client-cf-secure-client-business2.mrpdns.com
client-cf-secure-client-track3.mrpdns.com
client-cf-secure-client-track4.mrpdns.com
client-cf-secure-client-track3.mrpdns.com
client-cf-secure-client-track4.mrpdns.com
client-cf-secure-client-business2.mrpdns.com
*.myracepass.com
*.myracepass.com
client-cf-secure-client-track4.mrpdns.com
api.myracepass.com
client-cf-secure-client-business2.mrpdns.com
*.myracepass.com
client-cf-secure-client-track3.mrpdns.com
*.myracepass.com
client-cf-secure-client-track4.mrpdns.com
*.myracepass.com
client-cf-secure-client-driver5.mrpdns.com
client-cf-secure-client-business2.mrpdns.com
client-cf-secure-client-track3.mrpdns.com
client-cf-secure-client-track4.mrpdns.com
Certificate
The complete raw certificate details for client-cf-secure-client-business2.mrpdns.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIRzCCBy+gAwIBAgIQA9QukZcjPFrOm3sJlmZQUzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDQwOTAwMDAwMFoXDTI1MDUwODIzNTk1OVowNzE1 MDMGA1UEAxMsY2xpZW50LWNmLXNlY3VyZS1jbGllbnQtYnVzaW5lc3MyLm1ycGRu cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzfDBYEDbpClEF suDvRjL4Kh9zECFDBFeTvRNWGzHwhMXEfc0NrbWMgCzgGTqhkWTkc1XG+bcWLTD2 lJrtV5x23cnXMIZYTixm0EWB6kl09lTRt/pazyl+tZxpHy9y7YJaUyfgyULRS51/ o4jNcLFLuSaePkNS7qt5/5sNQZ7WgGuy4+7azULoJZw8o9R/W45sdRtqXJrlSifT n0lQxoN9x/1QmSO2v8bA4VPLudwkI9RoJ7KdFYXzIqHpF2VVkMUeoN+U6Dusb8dP BlOA9cJFVDQj7ggUFz69HDgh7GhYYNG5M407laP/WRPPHbGcjYQgm+/jz8bReM0c QOMV3RgnAgMBAAGjggVIMIIFRDAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5 euuC4jAdBgNVHQ4EFgQUIm0jen6WiOFeRMeAhzm3L2F57DwwggJ7BgNVHREEggJy MIICboIsY2xpZW50LWNmLXNlY3VyZS1jbGllbnQtYnVzaW5lc3MyLm1ycGRucy5j b22CDyouZGlydGRyYWZ0LmNvbYIUYmVzdGVuZ2luZXN0ZXhhcy5jb22CECouZGly dDJtZWRpYS5jb22CDGZjc2VwdGljLmNvbYIQKi5zcHJpbmdwcm8xLmNvbYIUNTE1 MHJhY2V0cmFpbGVycy5jb22CFCoudHJhaWxlci1hbGFybXMuY29tghkqLnByb21v dGVyc25ld3NsZXR0ZXIuY29tghsqLmFhYWR1bXBzdGVyZGVtb2xpdGlvbi5jb22C Fiouam9lcHJvdm9yYWNld2Vhci5jb22CFiouNTE1MHJhY2V0cmFpbGVycy5jb22C F3Byb21vdGVyc25ld3NsZXR0ZXIuY29tghQqLnNob2Nrc2J5aGFtbWVyLmNvbYIN ZGlydGRyYWZ0LmNvbYIMKi5wd2FpcmUuY29tghJ0cmFpbGVyLWFsYXJtcy5jb22C FiouYmVzdGVuZ2luZXN0ZXhhcy5jb22CCnB3YWlyZS5jb22CEnNob2Nrc2J5aGFt bWVyLmNvbYIOZGlydDJtZWRpYS5jb22CGWFhYWR1bXBzdGVyZGVtb2xpdGlvbi5j b22CDiouZmNzZXB0aWMuY29tgg5zcHJpbmdwcm8xLmNvbYIZKi5jY3RyYW5zcG9y dGF0aW9ubGxjLmNvbYIXY2N0cmFuc3BvcnRhdGlvbmxsYy5jb22CEGNsZWFuYWly ZHVjdC5jb22CFGpvZXByb3ZvcmFjZXdlYXIuY29tghIqLmNsZWFuYWlyZHVjdC5j b20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v Y3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEE aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5j b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29t L3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBewYKKwYBBAHWeQIEAgSCAWsEggFn AWUAdQBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY7D9rldAAAE AwBGMEQCIFCQ8sBKSMh77m7cDdKj8HnW2I1D5KdzP637uN/heiQrAiAC3Yj+RxFc AyMsjpodQCQX/IcdPZZ7xqALuO9VuC4RDgB1AH1ZHhLheCp7HGFnfF79+NCHXBSg TpWeuQMv2Q6MLnm4AAABjsP2uZcAAAQDAEYwRAIgSatfr1lHJCmQY9PVApc8muy9 AxvSjZgpdPjZVkx2q+oCIEkX68bfPszPOQaLP2/FEBD83bcExyCsPPmKX/E+i5P+ AHUA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGOw/a5pwAABAMA RjBEAiB+3Ht02PrmVV+yNs2VBQyADHljmIBDlEiLx0KRaSRZSQIgFioM3KgGd/XG qheNuVKdNDn/sn3oX6odikBYKF2vCSYwDQYJKoZIhvcNAQELBQADggEBAJcw2O5d VugThs3s1vuZEbXSNub9TYpcLS1bsUdMvPij5LTb9j56aGBuU09Xw/TfYFKv97EA e4M4MmsIxjusI0ZmSFIwJOro/5FHRAZuXGcN3GBefeueCUc4K8+vV1aehB1Lv/DM Yki6ZVTcCjEO3/BLugI+VafG2nUF0iuYBA8F0nqzg0TDRIOaen20FzVuNcKHEoR9 /1fPeAzhDDvRtchX4EoFJTLOIwDlTGrpXfN3pEGn2RswDEhhHdv3QPu4Qdqi7Bvh 5+nd53HKw4xll28HloxFixEupgl2zaIcXxfPMd7GWmqkhNMMPDLOxdPiU7rJTuJE Lpzy8ALb7wr4AmM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3wwWBA26QpRBbLg70Yy +CofcxAhQwRXk70TVhsx8ITFxH3NDa21jIAs4Bk6oZFk5HNVxvm3Fi0w9pSa7Vec dt3J1zCGWE4sZtBFgepJdPZU0bf6Ws8pfrWcaR8vcu2CWlMn4MlC0Uudf6OIzXCx S7kmnj5DUu6ref+bDUGe1oBrsuPu2s1C6CWcPKPUf1uObHUbalya5Uon059JUMaD fcf9UJkjtr/GwOFTy7ncJCPUaCeynRWF8yKh6RdlVZDFHqDflOg7rG/HTwZTgPXC RVQ0I+4IFBc+vRw4IexoWGDRuTONO5Wj/1kTzx2xnI2EIJvv48/G0XjNHEDjFd0Y JwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5089395447064297524921523525508288595 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-09 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-08 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'client-cf-secure-client-business2.mrpdns.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22657896390211287408463847159928409780248405878222853894706911569706693015945401346888402510460336661657634859610320058735312037035995602617789665896651198436210246518250937496382578683431949587494618352517405345193678579607691777944445565606475014769139321861372084556158598255206587239500221695238155068659370034257569474737719382286029057256461137918461138859202018472020485207707329796962504027679765761555141724764068724662810237491686108700133938578538966741437030701430499980006902528589323583625951013860628149831382855551113309502322804983949027753130772379984555741337603439238631320465194373867000053962791 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 226d237a7e9688e15e44c7808739b72f6179ec3c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (626 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client-cf-secure-client-business2.mrpdns.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dirtdraft.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bestenginestexas.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dirt2media.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fcseptic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.springpro1.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '5150racetrailers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.trailer-alarms.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.promotersnewsletter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aaadumpsterdemolition.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.joeprovoracewear.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.5150racetrailers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'promotersnewsletter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shocksbyhammer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dirtdraft.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pwaire.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'trailer-alarms.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bestenginestexas.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pwaire.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shocksbyhammer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dirt2media.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aaadumpsterdemolition.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fcseptic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'springpro1.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cctransportationllc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cctransportationllc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cleanairduct.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'joeprovoracewear.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cleanairduct.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (359 bytes) 01650075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ec3f6b95d000004030046304402205090f2c04a48c87bee6edc0dd2a3f079d6d88d43e4a7733fadfbb8dfe17a242b022002dd88fe47115c03232c8e9a1d402417fc871d3d967bc6a00bb8ef55b82e110e0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018ec3f6b9970000040300463044022049ab5faf594724299063d3d502973c9aecbd031bd28d982974f8d9564c76abea02204917ebc6df3ecccf39068b3f6fc51010fcddb704c720ac3cf98a5ff13e8b93fe007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018ec3f6b9a7000004030046304402207edc7b74d8fae6555fb236cd95050c800c796398804394488bc74291692459490220162a0cdca80677f5c6aa178db9529d3439ffb27de85faa1d8a4058285daf0926 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009730d8ee5d56e81386cdecd6fb9911b5d236e6fd4d8a5c2d2d5bb1474cbcf8a3e4b4dbf63e7a68606e534f57c3f4df6052aff7b1007b8338326b08c63bac23466648523024eae8ff914744066e5c670ddc605e7deb9e0947382bcfaf57569e841d4bbff0cc6248ba6554dc0a310edff04bba023e55a7c6da7505d22b98040f05d27ab38344c344839a7a7db417356e35c28712847dff57cf780ce10c3bd1b5c857e04a052532ce2300e54c6ae95df377a441a7d91b300c48611ddbf740fbb841daa2ec1be1e7e9dde771cac38c65976f07968c458b112ea60976cda21c5f17cf31dec65a6aa484d30c3c32cec5d3e253bac94ee2442e9cf2f002dbef0af80263