proinvest.com.sg
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 03:fc:09:cd:85:f7:4f:49:d9:b7:5d:9c:a1:64:b0:ba was issued on by Amazon.
With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=proinvest.com.sg
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:fc:09:cd:85:f7:4f:49:d9:b7:5d:9c:a1:64:b0:baSerial Number (int): 5296341620625757883260410841165770938
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 96:35:17:c5:b1:d0:b0:0b:d9:89:4f:4a:d1:de:1c:81:c5:ff:e7:e3
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): f0:75:01:19:d5:e0:e1:36:5e:c8:94:03:9f:8b:c3:e6:e5:e3:ab:25
Fingerprint (sha256): 91:c9:11:35:6f:93:69:ab:c2:79:14:05:1c:e3:95:2a:bc:a6:44:fb:e6:73:fc:2e:5c:c8:cc:6b:40:b7:ef:ac
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate proinvest.com.sg
18
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for proinvest.com.sg
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
proinvest.com.sg
protectionavivacontreleau.ca
roadwingsinsurance.com
roadwingsinsurance.ca
road-wings-insurance.ca
qualtrics.at.aviva.com
support-logmeininc.at.aviva.com
saye.at.aviva.com
archergrc.aviva.com
protectionetancheaviva.ca
protectionavivacontreleau.com
thirdparty.avivabrand.com
riskasyst.ie
protectionetancheaviva.com
qa.avivaassurance.ca
road-wings-insurance.com
practice-autoenrolmentmanager.co.uk
road-wings.ca
protectionavivacontreleau.ca
roadwingsinsurance.com
roadwingsinsurance.ca
road-wings-insurance.ca
qualtrics.at.aviva.com
support-logmeininc.at.aviva.com
saye.at.aviva.com
archergrc.aviva.com
protectionetancheaviva.ca
protectionavivacontreleau.com
thirdparty.avivabrand.com
riskasyst.ie
protectionetancheaviva.com
qa.avivaassurance.ca
road-wings-insurance.com
practice-autoenrolmentmanager.co.uk
road-wings.ca
Other certificates including the domain name proinvest.com.sg
(limited to 100 certificates)
gi.proinvest.com.sg
aem-staging.proinvest.com.sg
gi.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com
vue.proinvest.com.sg
cert01.as.aviva.com
vueint-prod.proinvest.com.sg
vue.proinvest.com.sg
gi.proinvest.com.sg
vue.proinvest.com.sg
dn.proinvest.com.sg
proinvest.wildcrayon.com
docushare.proinvest.com.sg
iap.proinvest.com.sg
iau.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
docushare.proinvest.com.sg
proinvest.wildcrayon.com
gi.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com
proinvest.com.sg
cert01.as.aviva.com
proinvest.wildcrayon.com
proinvest.wildcrayon.com
dn.proinvest.com.sg
gi.proinvest.com.sg
cert01.as.aviva.com
iap.proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
dn.proinvest.com.sg
gi.proinvest.com.sg
dn.proinvest.com.sg
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
gi.proinvest.com.sg
cert01.as.aviva.com
vueint-prod.proinvest.com.sg
vue.proinvest.com.sg
info.proinvest.com.sg
docushare.proinvest.com.sg
*.proinvest.com.sg
ssp.proinvest.com.sg
proinvest.wildcrayon.com
cert01.as.aviva.com
gi.proinvest.com.sg
cert01.as.aviva.com
proinvest.com.sg
vueint-prod.proinvest.com.sg
gi.proinvest.com.sg
cert01.as.aviva.com
gi.proinvest.com.sg
aem-staging.proinvest.com.sg
gi.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com
vue.proinvest.com.sg
cert01.as.aviva.com
vueint-prod.proinvest.com.sg
vue.proinvest.com.sg
gi.proinvest.com.sg
vue.proinvest.com.sg
dn.proinvest.com.sg
proinvest.wildcrayon.com
docushare.proinvest.com.sg
iap.proinvest.com.sg
iau.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
docushare.proinvest.com.sg
proinvest.wildcrayon.com
gi.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com
proinvest.com.sg
cert01.as.aviva.com
proinvest.wildcrayon.com
proinvest.wildcrayon.com
dn.proinvest.com.sg
gi.proinvest.com.sg
cert01.as.aviva.com
iap.proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
dn.proinvest.com.sg
gi.proinvest.com.sg
dn.proinvest.com.sg
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
gi.proinvest.com.sg
cert01.as.aviva.com
vueint-prod.proinvest.com.sg
vue.proinvest.com.sg
info.proinvest.com.sg
docushare.proinvest.com.sg
*.proinvest.com.sg
ssp.proinvest.com.sg
proinvest.wildcrayon.com
cert01.as.aviva.com
gi.proinvest.com.sg
cert01.as.aviva.com
proinvest.com.sg
vueint-prod.proinvest.com.sg
gi.proinvest.com.sg
cert01.as.aviva.com
gi.proinvest.com.sg
Certificate
The complete raw certificate details for proinvest.com.sg in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHfjCCBmagAwIBAgIQA/wJzYX3T0nZt12coWSwujANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTAxNTAwMDAwMFoXDTI0MTExMjIzNTk1OVowGzEZ MBcGA1UEAxMQcHJvaW52ZXN0LmNvbS5zZzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANeQXLPPelvN+mw8OfuUJmmpWpcJ+/6jc9s+PKPGR57Gtc/SLiS5 469CN8uEcryS1uj1Jk7QLrsQgYHzgzcFnaGY36144RceZLZ0rx/UKS6k4UhGTJqX 2wcO0xAlbPut4htDS7ml2lfmWA1o78dThcM+flQ707g0HrD0qkGjyJR98xjnejmU L1ujQsPFg3GeCaFJM0RCTgP6tMWAYQA+GG8FOy0JwBpGRg4NbC4sgi8G3So3S4mr NhRSKObgotu5vLcd1IsYV8I932ynfUWOQ8+qix0FDIIuPaqRbSzvJPTkgspkaVby v7LUFv5VJk3oORqCsZMhT+td3iOvMLqAQf0CAwEAAaOCBJswggSXMB8GA1UdIwQY MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBSWNRfFsdCwC9mJT0rR 3hyBxf/n4zCCAckGA1UdEQSCAcAwggG8ghBwcm9pbnZlc3QuY29tLnNnghxwcm90 ZWN0aW9uYXZpdmFjb250cmVsZWF1LmNhghZyb2Fkd2luZ3NpbnN1cmFuY2UuY29t ghVyb2Fkd2luZ3NpbnN1cmFuY2UuY2GCF3JvYWQtd2luZ3MtaW5zdXJhbmNlLmNh ghZxdWFsdHJpY3MuYXQuYXZpdmEuY29tgh9zdXBwb3J0LWxvZ21laW5pbmMuYXQu YXZpdmEuY29tghFzYXllLmF0LmF2aXZhLmNvbYITYXJjaGVyZ3JjLmF2aXZhLmNv bYIZcHJvdGVjdGlvbmV0YW5jaGVhdml2YS5jYYIdcHJvdGVjdGlvbmF2aXZhY29u dHJlbGVhdS5jb22CGXRoaXJkcGFydHkuYXZpdmFicmFuZC5jb22CDHJpc2thc3lz dC5pZYIacHJvdGVjdGlvbmV0YW5jaGVhdml2YS5jb22CFHFhLmF2aXZhYXNzdXJh bmNlLmNhghhyb2FkLXdpbmdzLWluc3VyYW5jZS5jb22CI3ByYWN0aWNlLWF1dG9l bnJvbG1lbnRtYW5hZ2VyLmNvLnVrgg1yb2FkLXdpbmdzLmNhMBMGA1UdIAQMMAow CAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5hbWF6 b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw AYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC hipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYD VR0TAQH/BAIwADCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHcA7s3QZNXbGs7F XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLMMIu3QAABAMASDBGAiEA2RaiU3CX F0jekdw4kFLSz+SPc8Vf1yCKzJQuGDwaPxQCIQDsHu0hfY7lCZAcQO67nGuc56E1 QKc8S1mi/FZYE+kN/AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz AAABizDCLwcAAAQDAEcwRQIhAMhFO260yFLtpIMUPx4AQ9AintjTMeAl3pIWgNEi mSYNAiBLs75+/sOkXKWgP1xjty7dY/2tF5DCoSTfXOO0Qr+n9AB3ANq2v2s/tbYi n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABizDCLwkAAAQDAEgwRgIhAJkPEllf wZSqVKZq+EQjBsw31TyU/V88NmuPn+1t0TcwAiEAkTXJ46qvsHKsyaXnWKXOoThS HqUVaMhyVjgnWbiClscwDQYJKoZIhvcNAQELBQADggEBACcEdU8XNMBWFy5cg8tA OIkycTWye/Lmb4Fh32ViT3DGvNXbrmELxxIWxg6YKr9OCR90ihteVoweqWsI5mwV JsKBu6bxRT9UwO74/QzOFnX5h/xM0vhWYTKiiLGnDwUNpuA8pwrubuWrmliGCzl3 6ruD6P3M3t6bwzgxDl7/ivfNwi1ySsYpKHW2HqVkW47dBvS8ugJNUtndXAq2P0H2 4LncOrwnROzKYVX1xj2O9IHU9xhYw0mFGEaztfk17ybO5hg0h5Begr4IofvdLmhb QoqlyxxnV7c/1QHI4YcymgiS8rjRwrPTMRg13gatgG1n0NHi2JRKEDXz3Q4XQcKN fmo= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15Bcs896W836bDw5+5Qm aalalwn7/qNz2z48o8ZHnsa1z9IuJLnjr0I3y4RyvJLW6PUmTtAuuxCBgfODNwWd oZjfrXjhFx5ktnSvH9QpLqThSEZMmpfbBw7TECVs+63iG0NLuaXaV+ZYDWjvx1OF wz5+VDvTuDQesPSqQaPIlH3zGOd6OZQvW6NCw8WDcZ4JoUkzREJOA/q0xYBhAD4Y bwU7LQnAGkZGDg1sLiyCLwbdKjdLias2FFIo5uCi27m8tx3UixhXwj3fbKd9RY5D z6qLHQUMgi49qpFtLO8k9OSCymRpVvK/stQW/lUmTeg5GoKxkyFP613eI68wuoBB /QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5296341620625757883260410841165770938 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'proinvest.com.sg' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27212423181627295191659147210648455210845524903049102295952873783965691313799114110203184214516232004146691399932036827540866450817438204652868067100373716711448711616575999480478501467436248278203641835040859145385702456251285587175178025367291278304846274915311194926892460431920539488727385654803280690685681616519287766112221498643119996584679499038366707412447059174978264317576140996575097991912978247180439367928489251924377134415779837761414537418265910463882839948921456473718368145862180400133033175089881667506397541595543955527792372848216854410559275394989396741006922349390438467803666958462242342846973 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 963517c5b1d0b00bd9894f4ad1de1c81c5ffe7e3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (448 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proinvest.com.sg' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectionavivacontreleau.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roadwingsinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roadwingsinsurance.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'road-wings-insurance.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qualtrics.at.aviva.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'support-logmeininc.at.aviva.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saye.at.aviva.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'archergrc.aviva.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectionetancheaviva.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectionavivacontreleau.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thirdparty.avivabrand.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riskasyst.ie' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectionetancheaviva.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.avivaassurance.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'road-wings-insurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'practice-autoenrolmentmanager.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'road-wings.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b30c22edd0000040300483046022100d916a25370971748de91dc389052d2cfe48f73c55fd7208acc942e183c1a3f14022100ec1eed217d8ee509901c40eebb9c6b9ce7a13540a73c4b59a2fc565813e90dfc00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b30c22f070000040300473045022100c8453b6eb4c852eda483143f1e0043d0229ed8d331e025de921680d12299260d02204bb3be7efec3a45ca5a03f5c63b72edd63fdad1790c2a124df5ce3b442bfa7f4007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b30c22f090000040300483046022100990f12595fc194aa54a66af8442306cc37d53c94fd5f3c366b8f9fed6dd137300221009135c9e3aaafb072acc9a5e758a5cea138521ea51568c87256382759b88296c7 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002704754f1734c056172e5c83cb403889327135b27bf2e66f8161df65624f70c6bcd5dbae610bc71216c60e982abf4e091f748a1b5e568c1ea96b08e66c1526c281bba6f1453f54c0eef8fd0cce1675f987fc4cd2f8566132a288b1a70f050da6e03ca70aee6ee5ab9a58860b3977eabb83e8fdccdede9bc338310e5eff8af7cdc22d724ac6292875b61ea5645b8edd06f4bcba024d52d9dd5c0ab63f41f6e0b9dc3abc2744ecca6155f5c63d8ef481d4f71858c349851846b3b5f935ef26cee6183487905e82be08a1fbdd2e685b428aa5cb1c6757b73fd501c8e187329a0892f2b8d1c2b3d3311835de06ad806d67d0d1e2d8944a1035f3dd0e1741c28d7e6a