alfred-prod-us-west-2.system1.company
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 05:d5:a1:0f:53:3b:10:30:d4:9e:a2:5f:65:9f:01:da was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=alfred-prod-us-west-2.system1.company
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 05:d5:a1:0f:53:3b:10:30:d4:9e:a2:5f:65:9f:01:daSerial Number (int): 7755365891919782179456557220959814106
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 44:cc:a8:05:5f:aa:51:b1:66:a0:1b:cd:17:86:19:ae:28:47:2e:92
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 26:04:46:b9:5c:2d:34:80:84:c9:2b:10:06:99:1a:7c:ec:3c:9d:ca
Fingerprint (sha256): 81:35:64:0b:15:ff:7a:1e:1b:21:ae:d6:1c:2d:c6:e1:c0:a0:49:53:70:fa:60:40:8e:ff:15:59:c4:d9:14:9a
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate alfred-prod-us-west-2.system1.company
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for alfred-prod-us-west-2.system1.company
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
alfred-prod-us-west-2.system1.company
alfred.system1.com
alfred.system1.com
Other certificates including the domain name system1.company
(limited to 100 certificates)
stage.play.howstuffworks.com
jenkins-stage-jaimguer-us-west-2.system1.company
system1.company
stage.play.howstuffworks.com
system1.company
s1-sp.com
stage.play.howstuffworks.com
s1-sp.com
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
*.howstuffworks.com
stage.howstuffworks.com
*.howstuffworks.com
howstuffworks.com
argocd-us-west-2.k8s-sandbox-stage.system1.company
s1-sp.com
grafana-us-west-2.k8s-sandbox-stage.system1.company
pubwp-origin-prod.k.system1.company
s1-sp.com
prometheus-us-west-2.k8s-sandbox-stage.system1.company
*.data-science-prod.system1.company
report-api-stage-cert-us-west-2.system1.company
atlantis.system1.company
system1.company
system1.company
pubwp-admin-prod.k.system1.company
makesparkv2-stage-us-west-2.system1.company
report-api-prod-us-west-2.system1.company
howstuffworks.com
pubwp-origin-stage-terry1.k.system1.company
howstuffworks.com
atlantis.system1.company
system1.company
howstuffworks.com
argocd-us-west-2.platform-stage.system1.company
argoworkflows-eu-west-1.platform-prod.system1.company
grafana-us-west-2.k8s-sandbox-stage.system1.company
s1-sp.com
stage.play.howstuffworks.com
s1-sp.com
*.play.howstuffworks.com
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
argocd-eu-west-1.platform-prod.system1.company
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
argocd-us-west-2.k8s-sandbox-stage.system1.company
system1.company
*.howstuffworks.com
argocd-us-west-2.k8s-sandbox-stage.system1.company
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
makesparkv2-stage-us-west-2.system1.company
system1.company
argoworkflows-us-west-2.platform-prod.system1.company
argocd-us-east-1.platform-prod.system1.company
s1-sp.com
s1-sp.com
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
howstuffworks.com
system1.company
platform-api-us-west-2.platform-stage.system1.company
argocd-us-west-2.k8s-sandbox-stage.system1.company
*.howstuffworks.com
s1-sp.com
*.howstuffworks.com
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
openmail.com
report-api-stage-us-west-2.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
s1-sp.com
search-us-east-1.platform-prod.system1.company
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
argocd-us-west-2.k8s-sandbox-stage.system1.company
argocd-eu-west-1.platform-prod.system1.company
layout-makespark-stage.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
grafana-us-west-2.k8s-sandbox-stage.system1.company
atlantis.system1.company
pubwp-admin-stage.k.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
s1-sp.com
system1.company
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
alfred-prod-us-west-2.system1.company
system1.company
system1.company
makesparkv2-prod-us-west-2.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
howstuffworks.com
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
jenkins-stage-us-west-2.srpc-s.system1.company
stage.howstuffworks.com
makesparkv2-canary-us-west-2.system1.company
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
platform-api-us-west-2.platform-prod.system1.company
atlantis.system1.company
argocd-us-west-2.k8s-sandbox-stage.system1.company
makesparkv2-canary-us-west-2.system1.company
*.data-science-prod.system1.company
grafana-us-west-2.k8s-sandbox-stage.system1.company
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
jenkins-stage-jaimguer-us-west-2.system1.company
system1.company
stage.play.howstuffworks.com
system1.company
s1-sp.com
stage.play.howstuffworks.com
s1-sp.com
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
*.howstuffworks.com
stage.howstuffworks.com
*.howstuffworks.com
howstuffworks.com
argocd-us-west-2.k8s-sandbox-stage.system1.company
s1-sp.com
grafana-us-west-2.k8s-sandbox-stage.system1.company
pubwp-origin-prod.k.system1.company
s1-sp.com
prometheus-us-west-2.k8s-sandbox-stage.system1.company
*.data-science-prod.system1.company
report-api-stage-cert-us-west-2.system1.company
atlantis.system1.company
system1.company
system1.company
pubwp-admin-prod.k.system1.company
makesparkv2-stage-us-west-2.system1.company
report-api-prod-us-west-2.system1.company
howstuffworks.com
pubwp-origin-stage-terry1.k.system1.company
howstuffworks.com
atlantis.system1.company
system1.company
howstuffworks.com
argocd-us-west-2.platform-stage.system1.company
argoworkflows-eu-west-1.platform-prod.system1.company
grafana-us-west-2.k8s-sandbox-stage.system1.company
s1-sp.com
stage.play.howstuffworks.com
s1-sp.com
*.play.howstuffworks.com
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
argocd-eu-west-1.platform-prod.system1.company
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
argocd-us-west-2.k8s-sandbox-stage.system1.company
system1.company
*.howstuffworks.com
argocd-us-west-2.k8s-sandbox-stage.system1.company
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
makesparkv2-stage-us-west-2.system1.company
system1.company
argoworkflows-us-west-2.platform-prod.system1.company
argocd-us-east-1.platform-prod.system1.company
s1-sp.com
s1-sp.com
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
howstuffworks.com
system1.company
platform-api-us-west-2.platform-stage.system1.company
argocd-us-west-2.k8s-sandbox-stage.system1.company
*.howstuffworks.com
s1-sp.com
*.howstuffworks.com
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
openmail.com
report-api-stage-us-west-2.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
s1-sp.com
search-us-east-1.platform-prod.system1.company
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
argocd-us-west-2.k8s-sandbox-stage.system1.company
argocd-eu-west-1.platform-prod.system1.company
layout-makespark-stage.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
grafana-us-west-2.k8s-sandbox-stage.system1.company
atlantis.system1.company
pubwp-admin-stage.k.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
s1-sp.com
system1.company
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
alfred-prod-us-west-2.system1.company
system1.company
system1.company
makesparkv2-prod-us-west-2.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
howstuffworks.com
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
jenkins-stage-us-west-2.srpc-s.system1.company
stage.howstuffworks.com
makesparkv2-canary-us-west-2.system1.company
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
alertmanager-us-west-2.k8s-sandbox-stage.system1.company
prometheus-us-west-2.k8s-sandbox-stage.system1.company
platform-api-us-west-2.platform-prod.system1.company
atlantis.system1.company
argocd-us-west-2.k8s-sandbox-stage.system1.company
makesparkv2-canary-us-west-2.system1.company
*.data-science-prod.system1.company
grafana-us-west-2.k8s-sandbox-stage.system1.company
argoworkflows-us-west-2.k8s-sandbox-stage.system1.company
Certificate
The complete raw certificate details for alfred-prod-us-west-2.system1.company in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEnTCCA4WgAwIBAgIQBdWhD1M7EDDUnqJfZZ8B2jANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIwODAwMDAwMFoXDTI1MDEwNTIzNTk1OVowMDEu MCwGA1UEAxMlYWxmcmVkLXByb2QtdXMtd2VzdC0yLnN5c3RlbTEuY29tcGFueTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO2p5IG5SOYkqyXBgw2GsOl9 SogEZwp7kWnx5GVHi4o+DHpw6AoA5aa7NS9/zFfr561VOM3tu5CbQiyuWqBBaUrF bPrhDuj3/U2t5HFIkuVmoKRfYZ3BVVLBHlXASljLkgRiIukjQHDkdmn7zJ5tSsSY Bb/3H+rYtM5II4odu5gbyTT+pwRaL+sbDnYXibdjt49Lr0UIavxTNCZwYtZwgcjS 5zYlK3MOVIAtitwiMaBB+0hFHVhjkLWp+kxHUsJcJQ4r4XejIXLZXjTAQ1IPU8DE hrCvmhJHLIVyN+/ohvrXmUFK6XF6DaSsXcHBTHZ9huvqTqoqJmibB4w7jkKrMjUC AwEAAaOCAaUwggGhMB8GA1UdIwQYMBaAFFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0G A1UdDgQWBBREzKgFX6pRsWagG80XhhmuKEcukjBEBgNVHREEPTA7giVhbGZyZWQt cHJvZC11cy13ZXN0LTIuc3lzdGVtMS5jb21wYW55ghJhbGZyZWQuc3lzdGVtMS5j b20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v Y3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEE aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5j b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29t L3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G CSqGSIb3DQEBCwUAA4IBAQCml8YS3tgBBpkY8Y5K6N/sRKkCvDaJXui5yMG2vQdZ bUXEjDk6cBVOOEAX1uORT9z+8bH5xtYeVnM41HeHkvHCoVictSgHZmcziufrP7d/ dbIR65EHAXuRvOFoateWkyywiYZGTdM8dt7knQAtdqUdYBVtF+FK4jeeU1BT5d3U eQAlxDNgRqHgBmh328WFWDvqPLWXlKn90ond6/DP4tKSlJ9EEOO1zL4FEGcT9WtG r08zDMB2D7Yv3mdEzcfAS0TljwFos+AmZ1aKoKiNVIlh2pPd56GS1ACLov2jjfzs FFJeU8ro5Z+oeu13cBnCEFL0TNbo6aZqb5UjnlRMvfLl -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ankgblI5iSrJcGDDYaw 6X1KiARnCnuRafHkZUeLij4MenDoCgDlprs1L3/MV+vnrVU4ze27kJtCLK5aoEFp SsVs+uEO6Pf9Ta3kcUiS5WagpF9hncFVUsEeVcBKWMuSBGIi6SNAcOR2afvMnm1K xJgFv/cf6ti0zkgjih27mBvJNP6nBFov6xsOdheJt2O3j0uvRQhq/FM0JnBi1nCB yNLnNiUrcw5UgC2K3CIxoEH7SEUdWGOQtan6TEdSwlwlDivhd6MhctleNMBDUg9T wMSGsK+aEkcshXI37+iG+teZQUrpcXoNpKxdwcFMdn2G6+pOqiomaJsHjDuOQqsy NQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7755365891919782179456557220959814106 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-08 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'alfred-prod-us-west-2.system1.company' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30002255442616878008991021495714739606331102436973564463465429166950712843206478615046927445118250377504277371470327838823080215463373730064623834549594878007646816762462353319052454418780232147675329276725171109128617839695552749630036600498533888796988553143580359573429227920948595017990967108839849934704557015486681002355140528740396487955659048219145160582989833735028614379773281594213903589109233815667428228246044403311158706553656327223101337585022984701517049697738917110947303678464989494184768736009276724233869924020950452338501342503223175002233043137065998981508559232899349691821702120904796857381429 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 44cca8055faa51b166a01bcd178619ae28472e92 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alfred-prod-us-west-2.system1.company' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alfred.system1.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a697c612ded801069918f18e4ae8dfec44a902bc36895ee8b9c8c1b6bd07596d45c48c393a70154e384017d6e3914fdcfef1b1f9c6d61e567338d4778792f1c2a1589cb528076667338ae7eb3fb77f75b211eb9107017b91bce1686ad796932cb08986464dd33c76dee49d002d76a51d60156d17e14ae2379e535053e5ddd4790025c4336046a1e0066877dbc585583bea3cb59794a9fdd289ddebf0cfe2d292949f4410e3b5ccbe05106713f56b46af4f330cc0760fb62fde6744cdc7c04b44e58f0168b3e02667568aa0a88d548961da93dde7a192d4008ba2fda38dfcec14525e53cae8e59fa87aed777019c21052f44cd6e8e9a66a6f95239e544cbdf2e5