thestar.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 04:c6:33:f8:0c:c2:fc:67:a8:d8:91:8c:18:60:63:00 was issued on by Amazon.
With 73 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=thestar.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:c6:33:f8:0c:c2:fc:67:a8:d8:91:8c:18:60:63:00Serial Number (int): 6346040816553192810207947074522080000
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 45:05:fb:93:f2:01:04:d2:a0:88:da:12:53:d6:5d:84:2c:ca:b7:da
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 9b:94:48:9a:5a:3d:cd:63:40:50:21:e6:af:51:aa:0f:92:50:1d:b4
Fingerprint (sha256): a2:72:1d:99:52:fa:0c:a7:b1:62:dc:f1:48:d6:a1:d5:2a:a7:b1:38:a8:a1:d1:33:4e:8a:cf:37:78:fc:fc:eb
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate thestar.com
73
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thestar.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thestar.com
durhamregion.com
*.insidehalton.com
cambridgetimes.ca
*.zuza.com
thespec.com
waterloochronicle.ca
thepeterboroughexaminer.com
*.wheels.ca
niagarafallsreview.ca
wheels.ca
*.caledonenterprise.com
niagarathisweek.com
*.therecord.com
*.hamiltonnews.com
caledonenterprise.com
*.mississauga.com
muskokaregion.com
zuza.com
stcatharinesstandard.ca
therecord.com
*.newhamburgindependent.ca
wellandtribune.ca
*.niagarathisweek.com
northbaynipissing.com
*.cambridgetimes.ca
orangeville.com
*.theifp.ca
*.yorkregion.com
toronto.com
theifp.ca
*.parrysound.com
goldbook.ca
admin.local.flamboroughreview.com
*.goldbook.ca
*.niagarafallsreview.ca
*.thestar.com
*.northumberlandnews.com
*.bramptonguardian.com
*.thepeterboroughexaminer.com
guelphmercury.com
yorkregion.com
northumberlandnews.com
*.thestar.ca
*.guelphmercury.com
ourwindsor.ca
sachem.ca
*.sachem.ca
parrysound.com
mykawartha.com
insidehalton.com
*.toronto.com
*.durhamregion.com
simcoe.com
hamiltonnews.com
*.orangeville.com
*.simcoe.com
*.thespec.com
*.flamboroughreview.com
*.ourwindsor.ca
*.muskokaregion.com
www.send.thestar.ca
*.stcatharinesstandard.ca
*.mykawartha.com
*.insideottawavalley.com
*.northbaynipissing.com
*.waterloochronicle.ca
insideottawavalley.com
newhamburgindependent.ca
flamboroughreview.com
*.wellandtribune.ca
bramptonguardian.com
mississauga.com
durhamregion.com
*.insidehalton.com
cambridgetimes.ca
*.zuza.com
thespec.com
waterloochronicle.ca
thepeterboroughexaminer.com
*.wheels.ca
niagarafallsreview.ca
wheels.ca
*.caledonenterprise.com
niagarathisweek.com
*.therecord.com
*.hamiltonnews.com
caledonenterprise.com
*.mississauga.com
muskokaregion.com
zuza.com
stcatharinesstandard.ca
therecord.com
*.newhamburgindependent.ca
wellandtribune.ca
*.niagarathisweek.com
northbaynipissing.com
*.cambridgetimes.ca
orangeville.com
*.theifp.ca
*.yorkregion.com
toronto.com
theifp.ca
*.parrysound.com
goldbook.ca
admin.local.flamboroughreview.com
*.goldbook.ca
*.niagarafallsreview.ca
*.thestar.com
*.northumberlandnews.com
*.bramptonguardian.com
*.thepeterboroughexaminer.com
guelphmercury.com
yorkregion.com
northumberlandnews.com
*.thestar.ca
*.guelphmercury.com
ourwindsor.ca
sachem.ca
*.sachem.ca
parrysound.com
mykawartha.com
insidehalton.com
*.toronto.com
*.durhamregion.com
simcoe.com
hamiltonnews.com
*.orangeville.com
*.simcoe.com
*.thespec.com
*.flamboroughreview.com
*.ourwindsor.ca
*.muskokaregion.com
www.send.thestar.ca
*.stcatharinesstandard.ca
*.mykawartha.com
*.insideottawavalley.com
*.northbaynipissing.com
*.waterloochronicle.ca
insideottawavalley.com
newhamburgindependent.ca
flamboroughreview.com
*.wellandtribune.ca
bramptonguardian.com
mississauga.com
Other certificates including the domain name thestar.com
(limited to 100 certificates)
on.thestar.com
*.thestar.com
incapsula.com
thestar.com
s.thestar.com
s.thestar.com
imperva.com
*.thestar.com
*.thestar.com
on.thestar.com
*.thestar.com
on.thestar.com
thestar.ca
secure.thestar.com
thestar.ca
secure.thestar.com
s.thestar.com
dev-sale.thestar.com
startouch.thestar.com
incapsula.com
secure-9.adperfect.com
ets.thestar.com
secure.thestar.com
secure-8.adperfect.com
secure-9.adperfect.com
pixel.thestar.com
on.thestar.com
*.thestar.com
on.thestar.com
games.thestar.com
*.thestar.com
incapsula.com
imperva.com
on.thestar.com
games.thestar.com
*.thestar.com
charities-test.thestar.com
thestar.com
*.tablet.thestar.com
votecompass.thestar.com
tssweb.thestar.com
*.thestar.com
s.thestar.com
secure.thestar.com
startouch.thestar.com
ets.thestar.com
incapsula.com
on.thestar.com
secure.thestar.com
on.thestar.com
*.thestar.com
secure.thestar.com
s.thestar.com
s.thestar.com
on.thestar.com
on.thestar.com
*.thestar.com
incapsula.com
z737.thestar.com
secure-9.adperfect.com
s.thestar.com
*.thestar.com
secure-8.adperfect.com
secure.thestar.com
ftp.torstar.ca
incapsula.com
on.thestar.com
thestar.com
incapsula.com
on.thestar.com
sni283e5gl.wpc.edgecastcdn.net
*.tablet.thestar.com
s.thestar.com
secure.thestar.com
on.thestar.com
on.thestar.com
*.thestar.com
sni28385gl.wpc.edgecastcdn.net
incapsula.com
secure.thestar.com
thestar.com
on.thestar.com
*.thestar.com
campaign2015.thestar.com
t.eyereturn.com
*.thestar.com
secure.thestar.com
on.thestar.com
*.tablet.thestar.com
secure-8.adperfect.com
thestar.com
*.thestar.com
subscribe.thestar.com
*.thestar.com
contract.thestar.com
*.uat.tablet.thestar.com
on.thestar.com
get.thestar.com
thestar.ca
on.thestar.com
*.thestar.com
incapsula.com
thestar.com
s.thestar.com
s.thestar.com
imperva.com
*.thestar.com
*.thestar.com
on.thestar.com
*.thestar.com
on.thestar.com
thestar.ca
secure.thestar.com
thestar.ca
secure.thestar.com
s.thestar.com
dev-sale.thestar.com
startouch.thestar.com
incapsula.com
secure-9.adperfect.com
ets.thestar.com
secure.thestar.com
secure-8.adperfect.com
secure-9.adperfect.com
pixel.thestar.com
on.thestar.com
*.thestar.com
on.thestar.com
games.thestar.com
*.thestar.com
incapsula.com
imperva.com
on.thestar.com
games.thestar.com
*.thestar.com
charities-test.thestar.com
thestar.com
*.tablet.thestar.com
votecompass.thestar.com
tssweb.thestar.com
*.thestar.com
s.thestar.com
secure.thestar.com
startouch.thestar.com
ets.thestar.com
incapsula.com
on.thestar.com
secure.thestar.com
on.thestar.com
*.thestar.com
secure.thestar.com
s.thestar.com
s.thestar.com
on.thestar.com
on.thestar.com
*.thestar.com
incapsula.com
z737.thestar.com
secure-9.adperfect.com
s.thestar.com
*.thestar.com
secure-8.adperfect.com
secure.thestar.com
ftp.torstar.ca
incapsula.com
on.thestar.com
thestar.com
incapsula.com
on.thestar.com
sni283e5gl.wpc.edgecastcdn.net
*.tablet.thestar.com
s.thestar.com
secure.thestar.com
on.thestar.com
on.thestar.com
*.thestar.com
sni28385gl.wpc.edgecastcdn.net
incapsula.com
secure.thestar.com
thestar.com
on.thestar.com
*.thestar.com
campaign2015.thestar.com
t.eyereturn.com
*.thestar.com
secure.thestar.com
on.thestar.com
*.tablet.thestar.com
secure-8.adperfect.com
thestar.com
*.thestar.com
subscribe.thestar.com
*.thestar.com
contract.thestar.com
*.uat.tablet.thestar.com
on.thestar.com
get.thestar.com
thestar.ca
on.thestar.com
Certificate
The complete raw certificate details for thestar.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIILPDCCCiSgAwIBAgIQBMYz+AzC/Geo2JGMGGBjADANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTEwNzAwMDAwMFoXDTI0MTIwNTIzNTk1OVowFjEU MBIGA1UEAxMLdGhlc3Rhci5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQCi9PFmUPP84dqiHUCzi76wcFR7zF8s7JNj6bL3y6cMpueIEOivZrZ799t+ /yUOnFX+p8QcF4cE8sc//zog9AaKufUqkaybfntIjTo2WwbRVFoNtqNppyMQQCa4 ydp8klhQzqS5eTH1cW49OfbGLrj962TYmd7rRRgB08R/SFIlvM4wXKcPOVQnRE9l i/rbsmk1fdh3MAz8wibdcU8DFB1WK8EIQxGvHM2w4mv/qLz4fQJ5XrDlEJcsA4c/ lOJ1ybIa9Igl2lOcsFsO/51f3DRV5oJ000hkbgPoZOj7XLQMmGLQTEclG6MYwx0Y ygd0va6c8FMofkg8SbW+0nRzxU0XAgMBAAGjggheMIIIWjAfBgNVHSMEGDAWgBRV 2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQURQX7k/IBBNKgiNoSU9ZdhCzK t9owggWNBgNVHREEggWEMIIFgIILdGhlc3Rhci5jb22CEGR1cmhhbXJlZ2lvbi5j b22CEiouaW5zaWRlaGFsdG9uLmNvbYIRY2FtYnJpZGdldGltZXMuY2GCCiouenV6 YS5jb22CC3RoZXNwZWMuY29tghR3YXRlcmxvb2Nocm9uaWNsZS5jYYIbdGhlcGV0 ZXJib3JvdWdoZXhhbWluZXIuY29tggsqLndoZWVscy5jYYIVbmlhZ2FyYWZhbGxz cmV2aWV3LmNhggl3aGVlbHMuY2GCFyouY2FsZWRvbmVudGVycHJpc2UuY29tghNu aWFnYXJhdGhpc3dlZWsuY29tgg8qLnRoZXJlY29yZC5jb22CEiouaGFtaWx0b25u ZXdzLmNvbYIVY2FsZWRvbmVudGVycHJpc2UuY29tghEqLm1pc3Npc3NhdWdhLmNv bYIRbXVza29rYXJlZ2lvbi5jb22CCHp1emEuY29tghdzdGNhdGhhcmluZXNzdGFu ZGFyZC5jYYINdGhlcmVjb3JkLmNvbYIaKi5uZXdoYW1idXJnaW5kZXBlbmRlbnQu Y2GCEXdlbGxhbmR0cmlidW5lLmNhghUqLm5pYWdhcmF0aGlzd2Vlay5jb22CFW5v cnRoYmF5bmlwaXNzaW5nLmNvbYITKi5jYW1icmlkZ2V0aW1lcy5jYYIPb3Jhbmdl dmlsbGUuY29tggsqLnRoZWlmcC5jYYIQKi55b3JrcmVnaW9uLmNvbYILdG9yb250 by5jb22CCXRoZWlmcC5jYYIQKi5wYXJyeXNvdW5kLmNvbYILZ29sZGJvb2suY2GC IWFkbWluLmxvY2FsLmZsYW1ib3JvdWdocmV2aWV3LmNvbYINKi5nb2xkYm9vay5j YYIXKi5uaWFnYXJhZmFsbHNyZXZpZXcuY2GCDSoudGhlc3Rhci5jb22CGCoubm9y dGh1bWJlcmxhbmRuZXdzLmNvbYIWKi5icmFtcHRvbmd1YXJkaWFuLmNvbYIdKi50 aGVwZXRlcmJvcm91Z2hleGFtaW5lci5jb22CEWd1ZWxwaG1lcmN1cnkuY29tgg55 b3JrcmVnaW9uLmNvbYIWbm9ydGh1bWJlcmxhbmRuZXdzLmNvbYIMKi50aGVzdGFy LmNhghMqLmd1ZWxwaG1lcmN1cnkuY29tgg1vdXJ3aW5kc29yLmNhgglzYWNoZW0u Y2GCCyouc2FjaGVtLmNhgg5wYXJyeXNvdW5kLmNvbYIObXlrYXdhcnRoYS5jb22C EGluc2lkZWhhbHRvbi5jb22CDSoudG9yb250by5jb22CEiouZHVyaGFtcmVnaW9u LmNvbYIKc2ltY29lLmNvbYIQaGFtaWx0b25uZXdzLmNvbYIRKi5vcmFuZ2V2aWxs ZS5jb22CDCouc2ltY29lLmNvbYINKi50aGVzcGVjLmNvbYIXKi5mbGFtYm9yb3Vn aHJldmlldy5jb22CDyoub3Vyd2luZHNvci5jYYITKi5tdXNrb2thcmVnaW9uLmNv bYITd3d3LnNlbmQudGhlc3Rhci5jYYIZKi5zdGNhdGhhcmluZXNzdGFuZGFyZC5j YYIQKi5teWthd2FydGhhLmNvbYIYKi5pbnNpZGVvdHRhd2F2YWxsZXkuY29tghcq Lm5vcnRoYmF5bmlwaXNzaW5nLmNvbYIWKi53YXRlcmxvb2Nocm9uaWNsZS5jYYIW aW5zaWRlb3R0YXdhdmFsbGV5LmNvbYIYbmV3aGFtYnVyZ2luZGVwZW5kZW50LmNh ghVmbGFtYm9yb3VnaHJldmlldy5jb22CEyoud2VsbGFuZHRyaWJ1bmUuY2GCFGJy YW1wdG9uZ3VhcmRpYW4uY29tgg9taXNzaXNzYXVnYS5jb20wEwYDVR0gBAwwCjAI BgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAzLmFtYXpv bnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzAB hiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKG Kmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNlcjAMBgNV HRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdQDuzdBk1dsazsVc t520zROiModGfLzs3sNRSFlGcR+1mwAAAYuqb9zFAAAEAwBGMEQCIDRIvGPmJ5rs yvEBNoV6IOEtQMnRd+LJ67T+XzWvthGdAiBPB1/agnsn6npkzHKSDKXbLFUTLz/v 9gaDfp4/ZziuQwB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAAB i6pv3N8AAAQDAEgwRgIhAP88urCXxI7ATGeQYM9DZBFWYS10opjiZqB/g3Hto5Nr AiEAm7DZA/aNYmLmc4Ytw5JsONZtmtlFPGaKsCI4xHrOUqMAdwA/F0tP1yJHWJQd ZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYuqb90SAAAEAwBIMEYCIQDYa8vXSEfL 58E668b9eXT1TK/vywAcjK4BDuc4iwvANAIhAMkM/uR7H9KD9OC+YgoWYREyz7bE 6GDURnXFbTdFjbqRMA0GCSqGSIb3DQEBCwUAA4IBAQB54e1Nco/uBiS/qoqDw99J IUjMO729lDqhq5soFzcAojB71vedviBkYZ1HWUU9Vn8pajo+L4guIoRha4Y4FO78 yV/VACWCfae0dnvVrhqvHUeMLwuUXjGigzYQWnPCXH/0BHBOsKp4w5CdS5HnSYM+ /iQKbU5Nizja0phXlUWqpHhJnL+PKA4GrzoFjsI8IxVwFCPazLQ2WDCAreXVuy87 fvqolPzG92db4nQ37Bf5gOk1neqQO+Q9lKNZm+vI7+j2bjPeysE7Q0Q3WiaM/kbI V0N/xgyg7Xt8HnjNedPIcp4L5rz46Y1cFuEPFrIObUjH1xygXS72E9eX6igW0cyL -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovTxZlDz/OHaoh1As4u+ sHBUe8xfLOyTY+my98unDKbniBDor2a2e/fbfv8lDpxV/qfEHBeHBPLHP/86IPQG irn1KpGsm357SI06NlsG0VRaDbajaacjEEAmuMnafJJYUM6kuXkx9XFuPTn2xi64 /etk2Jne60UYAdPEf0hSJbzOMFynDzlUJ0RPZYv627JpNX3YdzAM/MIm3XFPAxQd VivBCEMRrxzNsOJr/6i8+H0CeV6w5RCXLAOHP5TidcmyGvSIJdpTnLBbDv+dX9w0 VeaCdNNIZG4D6GTo+1y0DJhi0ExHJRujGMMdGMoHdL2unPBTKH5IPEm1vtJ0c8VN FwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6346040816553192810207947074522080000 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-07 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thestar.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20571391283513134587447259181372277602943434459160168374048340812971137861678804990285573306464729462602856847390577333499279069748917741681472547985789613541571582736354013859939424450580143738404720432582673838818137707477258972256910264340898240325344578663692155253733833744290080078211356320870107042471565560331618480211046721262915054484555160476259402813469195226864815234023786358904951693954849879033472680321700292523142346647589703478187975153975059431189611026399606275053510219933638109421688127128649635492239687906675458816712173252798432557834184426494200287518195206233086096357991974948013221432599 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4505fb93f20104d2a088da1253d65d842ccab7da . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1412 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thestar.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'durhamregion.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.insidehalton.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cambridgetimes.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.zuza.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thespec.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waterloochronicle.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thepeterboroughexaminer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wheels.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'niagarafallsreview.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wheels.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.caledonenterprise.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'niagarathisweek.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.therecord.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hamiltonnews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'caledonenterprise.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mississauga.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'muskokaregion.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zuza.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stcatharinesstandard.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'therecord.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.newhamburgindependent.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wellandtribune.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.niagarathisweek.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'northbaynipissing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cambridgetimes.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orangeville.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.theifp.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yorkregion.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'toronto.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theifp.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.parrysound.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goldbook.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin.local.flamboroughreview.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.goldbook.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.niagarafallsreview.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.thestar.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.northumberlandnews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bramptonguardian.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.thepeterboroughexaminer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'guelphmercury.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yorkregion.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'northumberlandnews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.thestar.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.guelphmercury.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ourwindsor.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sachem.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sachem.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parrysound.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mykawartha.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'insidehalton.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.toronto.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.durhamregion.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'simcoe.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hamiltonnews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.orangeville.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.simcoe.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.thespec.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flamboroughreview.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ourwindsor.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.muskokaregion.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.send.thestar.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stcatharinesstandard.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mykawartha.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.insideottawavalley.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.northbaynipissing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.waterloochronicle.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'insideottawavalley.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'newhamburgindependent.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flamboroughreview.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wellandtribune.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bramptonguardian.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mississauga.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018baa6fdcc5000004030046304402203448bc63e6279aeccaf10136857a20e12d40c9d177e2c9ebb4fe5f35afb6119d02204f075fda827b27ea7a64cc72920ca5db2c55132f3feff606837e9e3f6738ae4300770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018baa6fdcdf0000040300483046022100ff3cbab097c48ec04c679060cf43641156612d74a298e266a07f8371eda3936b0221009bb0d903f68d6262e673862dc3926c38d66d9ad9453c668ab02238c47ace52a30077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018baa6fdd120000040300483046022100d86bcbd74847cbe7c13aebc6fd7974f54cafefcb001c8cae010ee7388b0bc034022100c90cfee47b1fd283f4e0be620a16611132cfb6c4e860d44675c56d37458dba91 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0079e1ed4d728fee0624bfaa8a83c3df492148cc3bbdbd943aa1ab9b28173700a2307bd6f79dbe2064619d4759453d567f296a3a3e2f882e2284616b863814eefcc95fd50025827da7b4767bd5ae1aaf1d478c2f0b945e31a28336105a73c25c7ff404704eb0aa78c3909d4b91e749833efe240a6d4e4d8b38dad298579545aaa478499cbf8f280e06af3a058ec23c2315701423daccb436583080ade5d5bb2f3b7efaa894fcc6f7675be27437ec17f980e9359dea903be43d94a3599bebc8efe8f66e33decac13b4344375a268cfe46c857437fc60ca0ed7b7c1e78cd79d3c8729e0be6bcf8e98d5c16e10f16b20e6d48c7d71ca05d2ef613d797ea2816d1cc8b