*.dsoautomation.net

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 03:e2:87:59:6a:89:16:ae:3c:af:8b:eb:df:2a:58:4f was issued on by Amazon.

With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.dsoautomation.net

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:e2:87:59:6a:89:16:ae:3c:af:8b:eb:df:2a:58:4f
Serial Number (int): 5163888286957716392311333103375898703
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 23:3a:73:a0:79:ba:dd:c6:a0:8b:06:71:e4:af:f0:5f:94:ca:88:26
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): 7c:a6:ae:19:eb:58:4d:d1:80:f2:23:4a:8b:ca:2e:8e:b8:8b:3f:64
Fingerprint (sha256): a5:85:d0:90:0a:87:d4:0d:85:31:cd:0f:93:55:c4:e4:28:94:eb:1a:c3:23:8c:ab:6c:ed:77:c5:a7:bf:6e:8c

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate *.dsoautomation.net

9

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.dsoautomation.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.dsoautomation.net
qa.ngen.api.bcg.com
prod.ngen.api.bcg.com
stg.ngen.api.bcg.com
*.ngen-qa.eu-central-1.eks.dsoautomation.net
*.ngen-dev.eu-central-1.eks.dsoautomation.net
dev.ngen.api.bcg.com
*.ngen-prod.eu-central-1.eks.dsoautomation.net
*.ngen-stg.eu-central-1.eks.dsoautomation.net

Other certificates including the domain name dsoautomation.net

(limited to 100 certificates)
*.dsoautomation.net
*.dev.eu-central-1.eks.dsoautomation.net
*.dsoautomation.net
enrich-legacy-dev.dsoautomation.net
*.dsoautomation.net
enrich-cms-docviz.bcg.com
*.dsoautomation.net
enrich-legacy-dev.dsoautomation.net
*.dsoautomation.net
dev2.newnavigator.bcg.com
pages-qa.navigator.bcg.com
pages-dev.navigator.bcg.com
*.kbi-dev.eu-central-1.eks.dsoautomation.net
enrich-jarvis.api.bcg.com
tams-dev.bcg.com
*.dsoautomation.net
pages.navigator.bcg.com
dev1.newnavigator.bcg.com
*.dsoautomation.net
jarvis.dsoautomation.net
kbi-video-streaming-stg.dsoautomation.net
qa.newnavigator.bcg.com
prodnew-tier1.bcg.com
enrich-cms-docviz-qa.bcg.com
*.dsoautomation.net
qa.navigator.bcg.com
devnew-chargetrack.bcg.com
*.dsoautomation.net
profiles2-dev.navigator.bcg.com
pages.navigator.bcg.com
pages-stg.navigator.bcg.com
enrich-cms-docviz-stg.bcg.com
*.dsoautomation.net
*.dsoautomation.net
enrich-cms-materials-qa.bcg.com
*.dsoautomation.net
*.dsoautomation.net
enrich-jenkins.bcg.com
*.dev.eu-central-1.eks.dsoautomation.net
profiles2-stg.navigator.bcg.com
enrich-cms-materials-dev.bcg.com
enrich-jarvis.api.bcg.com
devnew-chargetrack.bcg.com
api-protected.integration.dsoautomation.net
dev-pacontacts-navigator.bcg.com
*.prod.ap-southeast-1.eks.dsoautomation.net
*.dsoautomation.net
newnavigator.bcg.com
*.dsoautomation.net
enrich-cms-docviz-dev.bcg.com
enrich-legacy-dev.dsoautomation.net
*.dsoautomation.net
sinequa-test.dsoautomation.net
profiles.navigator.bcg.com
*.dsoautomation.net
newnavigator.bcg.com
pages.navigator.bcg.com
*.dsoautomation.net
profiles-stg.navigator.bcg.com
qanew-chargetrack.bcg.com
ktdashboard-dev.bcg.com
tams-qa.bcg.com
pipepack-dev.bcg.com
*.dsoautomation.net
pa-affiliation-dev.bcg.com
enrich-cms-materials.bcg.com
dev-pacontacts-navigator.bcg.com
*.dsoautomation.net
enrich-cms-materials-dev.bcg.com
sinequa-test.enrich.dsoautomation.net
*.dsoautomation.net
cfstools.bcg.com
*.dsoautomation.net
cfs-tools-stg.bcg.com
enrich.api.bcg.com
*.dsoautomation.net
cfs-tools-dev.bcg.com
cfs-tools-qa.bcg.com
*.dsoautomation.net
enrich-cms-materials-stg.bcg.com
enrich-cms-materials.bcg.com
enrich-cms-docviz.bcg.com
*.dsoautomation.net
enrich.api.bcg.com
*.eu-central-1.sitecore.internalstg.dsoautomation.net
stg.newnavigator.bcg.com
profiles2-qa.navigator.bcg.com
enrich-cms-materials.bcg.com
jarvis.dsoautomation.net
*.dsoautomation.net
dev5.newnavigator.bcg.com
pipepack-qa.bcg.com
testtemporary.dsoautomation.net
*.dsoautomation.net
profiles.navigator.bcg.com
newnavigator.bcg.com
*.eu-central-1.sitecore.internalstg.dsoautomation.net
enrich-cms-docviz-stg.bcg.com
enrich-cms-materials-stg.bcg.com
*.sitecore.dsoautomation.net

Certificate

The complete raw certificate details for *.dsoautomation.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG6zCCBdOgAwIBAgIQA+KHWWqJFq48r4vr3ypYTzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDIxMDAwMDAwMFoXDTI0MDExMTIzNTk1OVowHjEc
MBoGA1UEAwwTKi5kc29hdXRvbWF0aW9uLm5ldDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/hb3cMC7MqRGH+VNqjWFRWhJewuR4kMd8OomEwqj3isosV
bOB8wlDj3Wu/kYhH9lv1iDiW14L3TZ0PUYvJQMdAzmzM/y87m/ISSEOUgikqIE9Q
8ia7O/cz7ZyH4qWu4Wv+JVDjnefIvvS9wyPcxsuLleWYwqRr+QIbdNXA+dVQP3Ky
80PRHBhIztYEvhcI8TOwI+IbzwurtD3J5OUxSx7vb/CdfzeuTI0M1QSpwgyKVTwP
rPozCht0c/DdE3hkY6An+8OunoSASKbhsdVkCxLh406hbfo687GH4AxLjd5IOoB+
5Ssa9dJ1sDcs6/Ut5G7fWOm9YkXMh/Zr4YCLjTMCAwEAAaOCBAUwggQBMB8GA1Ud
IwQYMBaAFIG4DmOKiRIY5fo7O1CVn+blkBOFMB0GA1UdDgQWBBQjOnOgebrdxqCL
BnHkr/BflMqIJjCCATYGA1UdEQSCAS0wggEpghMqLmRzb2F1dG9tYXRpb24ubmV0
ghNxYS5uZ2VuLmFwaS5iY2cuY29tghVwcm9kLm5nZW4uYXBpLmJjZy5jb22CFHN0
Zy5uZ2VuLmFwaS5iY2cuY29tgiwqLm5nZW4tcWEuZXUtY2VudHJhbC0xLmVrcy5k
c29hdXRvbWF0aW9uLm5ldIItKi5uZ2VuLWRldi5ldS1jZW50cmFsLTEuZWtzLmRz
b2F1dG9tYXRpb24ubmV0ghRkZXYubmdlbi5hcGkuYmNnLmNvbYIuKi5uZ2VuLXBy
b2QuZXUtY2VudHJhbC0xLmVrcy5kc29hdXRvbWF0aW9uLm5ldIItKi5uZ2VuLXN0
Zy5ldS1jZW50cmFsLTEuZWtzLmRzb2F1dG9tYXRpb24ubmV0MA4GA1UdDwEB/wQE
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAw
oC6gLIYqaHR0cDovL2NybC5yMm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEuY3Js
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw
AYYhaHR0cDovL29jc3AucjJtMDEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC
hipodHRwOi8vY3J0LnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jZXIwDAYD
VR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUA7s3QZNXbGs7F
XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGGPLGJXQAABAMARjBEAiBjSgKDo23i
+CEn8eXs1/Xp1WIlMUQV2ks3BzCnnhA4qAIgMpG0Hnj+OUo6Ij/EgYXPN3JLPMlK
jrdv6FD1RYgRvOUAdQBz2Z6JG0yWeKAgfUed5rLGHNBRXnEZKoxrgBB6wXdytQAA
AYY8sYmkAAAEAwBGMEQCIEX3PLpRVIL21AGxo0yMaSsa/hpa3vXZoqCHF/WSQISU
AiA/1Z3EEWHLX+uRnS3lHnSB+0rMwbA8l6ZMIMsGs6n4nQB3AEiw42vapkc0D+Vq
AvqdMOscUgHLVt0sgdm7v6s52IRzAAABhjyxiXQAAAQDAEgwRgIhAMHiNOlw9sYD
Ukq0FKiIYsHfyYHBv+xCnrrbUc8y8/RhAiEAnoLuadanOYNtT5c0hwLoiD1kw44N
JQBz0wom+Oq1wBcwDQYJKoZIhvcNAQELBQADggEBAFYgDd5g1JWQaF3RmrLbl92R
2+Ddc8o6ijMjPiH/I4WIekBBKpYLExpXQ8EfDEHamDMdwLFh5uHf4UhySI5oGyE7
j5O4Yvi3mw+WJKsZ18S1epwoxjcCOhmVuZe86JKGVE36u0ELit1td9KDc7iIRgLZ
yliTVDIGFa6UIns+eDkifvMlM8hchKksRAEpdlbqX9z9faAVFVRq0TzHftyKmJ8v
bSYaWSdkBuD3O71JN8uOCBOel7PxE+rcAaXw37lD3GUbLTQNyh+xEhKOYIcBJV0V
i/pi4zlf+HCv1Pj//8r1nDkDZDL6vKCopXyfK5PXLV7b6BGKpuf9KVClcp3u3c8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+FvdwwLsypEYf5U2qNY
VFaEl7C5HiQx3w6iYTCqPeKyixVs4HzCUOPda7+RiEf2W/WIOJbXgvdNnQ9Ri8lA
x0DObMz/Lzub8hJIQ5SCKSogT1DyJrs79zPtnIfipa7ha/4lUOOd58i+9L3DI9zG
y4uV5ZjCpGv5Aht01cD51VA/crLzQ9EcGEjO1gS+FwjxM7Aj4hvPC6u0Pcnk5TFL
Hu9v8J1/N65MjQzVBKnCDIpVPA+s+jMKG3Rz8N0TeGRjoCf7w66ehIBIpuGx1WQL
EuHjTqFt+jrzsYfgDEuN3kg6gH7lKxr10nWwNyzr9S3kbt9Y6b1iRcyH9mvhgIuN
MwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5163888286957716392311333103375898703
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-11 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.dsoautomation.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18163243954173883008043167791192868375564911717190264280367927211802452329719790110499042577370666698939233756119968516727497259387076309327275384575394700782755750809139513222397124831952599152780765947924141871058550351415261252025782809989137579558245154484591193459536490940277543272961859701257033587702900418212009692856923009610581011707420648943194445968915001510033063829952719861659730612778716958527717007774148170564379323543752947815633348265054975705874750570105186546578478565331252048173970385402186240386745160007062995566938609447766304606542703170429943093479953350271645730925232350712688559230259
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							233a73a079baddc6a08b0671e4aff05f94ca8826
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (301 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dsoautomation.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.ngen.api.bcg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.ngen.api.bcg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.ngen.api.bcg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ngen-qa.eu-central-1.eks.dsoautomation.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ngen-dev.eu-central-1.eks.dsoautomation.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.ngen.api.bcg.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ngen-prod.eu-central-1.eks.dsoautomation.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ngen-stg.eu-central-1.eks.dsoautomation.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001863cb1895d00000403004630440220634a0283a36de2f82127f1e5ecd7f5e9d56225314415da4b370730a79e1038a802203291b41e78fe394a3a223fc48185cf37724b3cc94a8eb76fe850f5458811bce500750073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b5000001863cb189a40000040300463044022045f73cba515482f6d401b1a34c8c692b1afe1a5adef5d9a2a08717f59240849402203fd59dc41161cb5feb919d2de51e7481fb4accc1b03c97a64c20cb06b3a9f89d00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001863cb189740000040300483046022100c1e234e970f6c603524ab414a88862c1dfc981c1bfec429ebadb51cf32f3f4610221009e82ee69d6a739836d4f97348702e8883d64c38e0d250073d30a26f8eab5c017
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0056200dde60d49590685dd19ab2db97dd91dbe0dd73ca3a8a33233e21ff2385887a40412a960b131a5743c11f0c41da98331dc0b161e6e1dfe14872488e681b213b8f93b862f8b79b0f9624ab19d7c4b57a9c28c637023a1995b997bce89286544dfabb410b8add6d77d28373b8884602d9ca589354320615ae94227b3e7839227ef32533c85c84a92c4401297656ea5fdcfd7da01515546ad13cc77edc8a989f2f6d261a59276406e0f73bbd4937cb8e08139e97b3f113eadc01a5f0dfb943dc651b2d340dca1fb112128e608701255d158bfa62e3395ff870afd4f8ffffcaf59c39036432fabca0a8a57c9f2b93d72d5edbe8118aa6e7fd2950a5729deeddcf