sncf.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 05:82:c6:08:91:83:28:a3:ea:af:5c:90:3f:44:a4:1e was issued on by Amazon.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=sncf.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 05:82:c6:08:91:83:28:a3:ea:af:5c:90:3f:44:a4:1eSerial Number (int): 7325155166494817725940629216157803550
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 69:0a:22:da:56:73:8f:d4:36:8d:5e:3a:27:f0:40:6c:a1:68:2a:27
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 29:9d:83:7e:35:b4:6b:0c:cd:41:21:24:17:2e:81:fe:03:e0:61:dc
Fingerprint (sha256): b4:b1:d7:f2:63:12:88:eb:dd:e8:08:13:a2:b7:fc:d0:99:02:0e:45:0e:53:71:4e:87:f0:e0:d4:5b:e5:79:05
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate sncf.com
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sncf.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sncf.com
www.e-tiquette-sncf.com
www.infolignes.com
*.sncf-connect.com
nic.sncf
sncf-connect.com
*.vsct.fr
infolignes.com
sncfconnect.com
sncf.fr
www.e-tiquette-sncf.com
www.infolignes.com
*.sncf-connect.com
nic.sncf
sncf-connect.com
*.vsct.fr
infolignes.com
sncfconnect.com
sncf.fr
Other certificates including the domain name sncf.com
(limited to 100 certificates)
connect.sncf.com
*.carmen.sncf.fr
www.programme-voyageur.sncf.com
netkin.eu
evenements.sncf.com
tech.sncf.com
www.webresafret.sncf.com
lebartgv.sncf.com
r.connect.sncf.com
netkin.eu
netkin.eu
recette1.moncompte.sncf.com
mdmvsp.sncf.com
recette1.idpass.sncf.com
*.defi-ingenieurs.sncf.com
*.sncfconnect.com
mdc.sncf.com
acces-authentification.sncf.com
module-photo.sncf.com
candidat.emploi.sncf.com
netkin.eu
reactifs.sncf.com
akamai-san41.exacttarget.com
data.sncf.com
www.margo.sncf.com
www.recherche.sncf.com
piperi.sncf.com
sncf.com
*.fidelite-programme-voyageur.sncf.com
pmad.reseau.sncf.com
www.ter.sncf.com
ressources.data.sncf.com
sncf.com
epublimmo.sncf
tech.sncf.com
moncompte.sncf.com
netkin.eu
module-photo.sncf.com
accessibilite.sncf.com
collection80.sncf.com
www.nouveau.sncf.com
www.candidat.emploi.sncf.com
admins.voyages-sncf.com
emploi.sncf.com
*.collaboratif.sncf.com
espacesferroviaires.sncf.com
e-livre.sncf.com
s2if-gie.sncf.com
goodies.sncf.com
usine.idpass.sncf.com
netkin.eu
netkin.eu
info.portailentreprises.sncf.com
39-45.sncf.com
evenements.sncf.com
recette2.lesinfos.sncf.com
secure.analytics.voyages-sncf.com
e-livre.sncf.com
formulaire.vsct.fr
netkin.eu
*.fret.sncf.com
services.idpass.sncf.com
www.programmefid.com
recette1.info-voyageurs.sncf.com
pro-adhesion.sncf.com
www.portailentreprises.sncf.com
multimedia.sncf.com
int1-tictac.sncf.com
info.portailentreprises.sncf.com
www.candidat.emploi.sncf.com
trophees.sncf.com
abonnement.voyages-sncf.com
tech.sncf.com
netkin.eu
www.programme-voyageur.sncf.com
recette1.info-voyageurs.sncf.com
e-livre.sncf.com
publimmo.sncf.com
netkin.eu
prosynapses.sncf.com
idpass.sncf.com
e-consultations.sncf.com
accessibilite.sncf.com
www.budget.sncf.com
mdmsentry.sncf.com
goodies.sncf.com
netkin.eu
*.ter.sncf.com
info.portailentreprises.sncf.com
preprod.digipass.sncf.com
netkin.eu
recette1.ticketing-sncf.vsct.fr
www.srtpf.fr
netkin.eu
recette1.acces-client.sncf.com
www.feria.sncf.com
hapi.sncf.com
lebar.sncf.com
usine.idpass.sncf.com
www.cv.emploi.sncf.com
*.carmen.sncf.fr
www.programme-voyageur.sncf.com
netkin.eu
evenements.sncf.com
tech.sncf.com
www.webresafret.sncf.com
lebartgv.sncf.com
r.connect.sncf.com
netkin.eu
netkin.eu
recette1.moncompte.sncf.com
mdmvsp.sncf.com
recette1.idpass.sncf.com
*.defi-ingenieurs.sncf.com
*.sncfconnect.com
mdc.sncf.com
acces-authentification.sncf.com
module-photo.sncf.com
candidat.emploi.sncf.com
netkin.eu
reactifs.sncf.com
akamai-san41.exacttarget.com
data.sncf.com
www.margo.sncf.com
www.recherche.sncf.com
piperi.sncf.com
sncf.com
*.fidelite-programme-voyageur.sncf.com
pmad.reseau.sncf.com
www.ter.sncf.com
ressources.data.sncf.com
sncf.com
epublimmo.sncf
tech.sncf.com
moncompte.sncf.com
netkin.eu
module-photo.sncf.com
accessibilite.sncf.com
collection80.sncf.com
www.nouveau.sncf.com
www.candidat.emploi.sncf.com
admins.voyages-sncf.com
emploi.sncf.com
*.collaboratif.sncf.com
espacesferroviaires.sncf.com
e-livre.sncf.com
s2if-gie.sncf.com
goodies.sncf.com
usine.idpass.sncf.com
netkin.eu
netkin.eu
info.portailentreprises.sncf.com
39-45.sncf.com
evenements.sncf.com
recette2.lesinfos.sncf.com
secure.analytics.voyages-sncf.com
e-livre.sncf.com
formulaire.vsct.fr
netkin.eu
*.fret.sncf.com
services.idpass.sncf.com
www.programmefid.com
recette1.info-voyageurs.sncf.com
pro-adhesion.sncf.com
www.portailentreprises.sncf.com
multimedia.sncf.com
int1-tictac.sncf.com
info.portailentreprises.sncf.com
www.candidat.emploi.sncf.com
trophees.sncf.com
abonnement.voyages-sncf.com
tech.sncf.com
netkin.eu
www.programme-voyageur.sncf.com
recette1.info-voyageurs.sncf.com
e-livre.sncf.com
publimmo.sncf.com
netkin.eu
prosynapses.sncf.com
idpass.sncf.com
e-consultations.sncf.com
accessibilite.sncf.com
www.budget.sncf.com
mdmsentry.sncf.com
goodies.sncf.com
netkin.eu
*.ter.sncf.com
info.portailentreprises.sncf.com
preprod.digipass.sncf.com
netkin.eu
recette1.ticketing-sncf.vsct.fr
www.srtpf.fr
netkin.eu
recette1.acces-client.sncf.com
www.feria.sncf.com
hapi.sncf.com
lebar.sncf.com
usine.idpass.sncf.com
www.cv.emploi.sncf.com
Certificate
The complete raw certificate details for sncf.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUTCCBTmgAwIBAgIQBYLGCJGDKKPqr1yQP0SkHjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDYwNTAwMDAwMFoXDTI1MDcwNTIzNTk1OVowEzER MA8GA1UEAxMIc25jZi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCm6LeD0t8n80Ud0Bnzc+H+cDVA53fwLOjXC3VJgSO4GZCYzS6cENjFkqVkEWOi kewYqec7JMO4fEH/CNP5NJluVbyygP6PQmLSOv9akuQUhP/VXBNwu8BCsu7PnMV3 O9/Qgc09kAMxweUYu1RgmRUKBuKsajOD9a6WP1qgyFs953HcUPbACtUtXsLgw2vl dJkGdDJw/d8eAqyjXTu4oh/QsJ24OxUUVIc2taCwtk0DNu0xfxy6Lr9+8TubzizH EFHUYPj0tzG1CIJPSUpy/JCcKeullQBV5fKD/hpzwxwGyMhKp3XlUWkjzHaTwdy8 b5bBKrR6xYAvldm6cWJluBd3AgMBAAGjggN2MIIDcjAfBgNVHSMEGDAWgBTAMVLN WlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUaQoi2lZzj9Q2jV46J/BAbKFoKicw gacGA1UdEQSBnzCBnIIIc25jZi5jb22CF3d3dy5lLXRpcXVldHRlLXNuY2YuY29t ghJ3d3cuaW5mb2xpZ25lcy5jb22CEiouc25jZi1jb25uZWN0LmNvbYIIbmljLnNu Y2aCEHNuY2YtY29ubmVjdC5jb22CCSoudnNjdC5mcoIOaW5mb2xpZ25lcy5jb22C D3NuY2Zjb25uZWN0LmNvbYIHc25jZi5mcjATBgNVHSAEDDAKMAgGBmeBDAECATAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsG A1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29t L3IybTAyLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9v Y3NwLnIybTAyLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2Ny dC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAw ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2ABLxTjS9U3JMhAYZw48/ehP457Vi h4icbTAFhOvlhiY6AAABj+XCX+oAAAQDAEcwRQIgZcgpNdxFTtWhDNBwCb5QABD4 jlNeZsRyq7JSLKOb3IACIQCg2hBeF5ItsKIhy74h3Gg6D0+Kq4Wf5R6+lBSjMI8U ywB3AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABj+XCX+kAAAQD AEgwRgIhAMFfttRE+ZHMcjhNWZjhgr6k0nXt/VWpASfA4uo+9g0SAiEAvrWs1AFQ yo6SD0bNMMrKeT32SpkSjfLlhcjGokU8dqMAdQDm0jFjQHeMwRBBBtdxuc7B0kD2 loSG+7qHMh39HjeOUAAAAY/lwmAAAAAEAwBGMEQCIAO7C70E1rVA4dxb6E4EqteD 79T+Ha5pIO/yvCisXWqKAiB4wQf6s7W+nItECL5DrlSUUIR1AegnPHOOJMvMkz0j uzANBgkqhkiG9w0BAQsFAAOCAQEAS5i24XXRzPVpv5QT/Kg3lv4glgdDnkMFCk49 BkzTt5SOSxLu8kwSgvLY1RWrJoA0rsc7bm/3R9Spd/Iv5S7Ff/e5yNEQNrM7y6IF xBNXoBko3DKmgc5Kpj0fptXxSQx0QjJHnqeAOSBmDIL2DiCl5k48zztMPitEZOIX jFrgro4Wg9QUVBUJd6ubdNd9dxpKFYVY3lSlOXbP9RhO78hfDeMmjxQE8IGAQFli qaJoNlq179rQILyZWXuT9QmhMsgrTV21BYstKOYgJutlgY1ZZ2RBpt+6O8d7zjVI +dsQRwBQjkp9UMAnrpwNE7n0nNanA4vouDjzrI5FzW8xPy2zKA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApui3g9LfJ/NFHdAZ83Ph /nA1QOd38Czo1wt1SYEjuBmQmM0unBDYxZKlZBFjopHsGKnnOyTDuHxB/wjT+TSZ blW8soD+j0Ji0jr/WpLkFIT/1VwTcLvAQrLuz5zFdzvf0IHNPZADMcHlGLtUYJkV CgbirGozg/Wulj9aoMhbPedx3FD2wArVLV7C4MNr5XSZBnQycP3fHgKso107uKIf 0LCduDsVFFSHNrWgsLZNAzbtMX8cui6/fvE7m84sxxBR1GD49LcxtQiCT0lKcvyQ nCnrpZUAVeXyg/4ac8McBsjISqd15VFpI8x2k8HcvG+WwSq0esWAL5XZunFiZbgX dwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7325155166494817725940629216157803550 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sncf.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21070315582725271776650066884380253551796704919341434180864707306260470881985864856029813258579244626024445462591608510037186407801677125684042344896069029426738847666492584653033553732480302707058361585837506208745210907212308295413588192607946493283489627929764100849687754693675649733698416887508050097350579536903422740549713161653098463102342310717839965820334334358778726645645317602807636304236667373748567077793876199432987826732844372131428684761161512209177264611489752052246155659174093139695486644432324536330528446223076248425630942748499610869583916544936084690921819382004353739942284914022653978220407 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 690a22da56738fd4368d5e3a27f0406ca1682a27 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (159 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sncf.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.e-tiquette-sncf.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.infolignes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sncf-connect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nic.sncf' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sncf-connect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vsct.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'infolignes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sncfconnect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sncf.fr' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 016800760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a0000018fe5c25fea0000040300473045022065c82935dc454ed5a10cd07009be500010f88e535e66c472abb2522ca39bdc80022100a0da105e17922db0a221cbbe21dc683a0f4f8aab859fe51ebe9414a3308f14cb0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018fe5c25fe90000040300483046022100c15fb6d444f991cc72384d5998e182bea4d275edfd55a90127c0e2ea3ef60d12022100beb5acd40150ca8e920f46cd30caca793df64a99128df2e585c8c6a2453c76a3007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018fe5c260000000040300463044022003bb0bbd04d6b540e1dc5be84e04aad783efd4fe1dae6920eff2bc28ac5d6a8a022078c107fab3b5be9c8b4408be43ae549450847501e8273c738e24cbcc933d23bb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004b98b6e175d1ccf569bf9413fca83796fe209607439e43050a4e3d064cd3b7948e4b12eef24c1282f2d8d515ab268034aec73b6e6ff747d4a977f22fe52ec57ff7b9c8d11036b33bcba205c41357a01928dc32a681ce4aa63d1fa6d5f1490c744232479ea7803920660c82f60e20a5e64e3ccf3b4c3e2b4464e2178c5ae0ae8e1683d41454150977ab9b74d77d771a4a158558de54a53976cff5184eefc85f0de3268f1404f08180405962a9a268365ab5efdad020bc99597b93f509a132c82b4d5db5058b2d28e62026eb65818d59676441a6dfba3bc77bce3548f9db104700508e4a7d50c027ae9c0d13b9f49cd6a7038be8b838f3ac8e45cd6f313f2db328