express-gateway.beta.20min.ch
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 0a:1e:41:37:19:13:e7:af:61:d9:a0:3b:1f:bd:94:97 was issued on by Amazon.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=express-gateway.beta.20min.ch
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0a:1e:41:37:19:13:e7:af:61:d9:a0:3b:1f:bd:94:97Serial Number (int): 13449371585539568139005013036007003287
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 4a:e8:b5:06:64:a7:6b:12:76:e5:87:92:bb:e3:a7:bc:ff:a6:a9:79
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): 15:10:2b:53:51:16:22:71:80:f9:38:13:a7:7e:3c:ab:d6:c6:4c:ca
Fingerprint (sha256): b6:c8:05:fd:48:44:be:8e:ae:47:a5:c7:14:84:c5:6a:b6:41:d5:e9:6a:8f:52:11:68:5b:66:eb:c9:fc:98:e1
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate express-gateway.beta.20min.ch
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for express-gateway.beta.20min.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
express-gateway.beta.20min.ch
express-gateway.20minuten.ch
express-gateway.20min.ch
express-gateway.20minutes.ch
express-gateway.lematin.ch
express-gateway.lessentiel.lu
express-gateway.20minuten.ch
express-gateway.20min.ch
express-gateway.20minutes.ch
express-gateway.lematin.ch
express-gateway.lessentiel.lu
Other certificates including the domain name 20min.ch
(limited to 100 certificates)
booking.20min.ch
deal.20min.ch
deal.20min.ch
*.formilija1234.beta.20min.ch
deal.20min.ch
fussball.20min.ch
*.beta.20min.ch
*.grafanafixitt.sbx-prometheus.20min.ch
fooby.20min.ch
dreixdrei.20min.ch
sandboxx-laurent.sbx-prometheus.20min.ch
deal.20min.ch
sni.cloudflaressl.com
api.beta.20min.ch
branding.20min.ch
fernweh.20min.ch
tagesdeal.20min.ch
booking.20min.ch
dreixdrei.20min.ch
api.beta.20min.ch
unchained.20min.ch
milijadisco.sbx-prometheus.20min.ch
zweipunktnull.20min.ch
*.dnsworkaround.beta.20min.ch
fooby.20min.ch
zurichpride.20min.ch
story.20min.ch
niemolsnie.20min.ch
dealdujour.20min.ch
gutscheine.20min.ch
apis.20min.ch
dreixdrei.20min.ch
mediadaten.20min.ch
www.20min.ch
dreixdrei.20min.ch
myshop.20min.ch
youthlab.20min.ch
zweipunktnull.20min.ch
pcm-imaginary.20min.ch
my.20min.ch
mongodb.sbx-prometheus.20min.ch
rendezvous.20min.ch
deal.20min.ch
20min.ch
beta.20min.ch
beta.20min.ch
20min.ch
unchained.20min.ch
fooby.20min.ch
youthlab.20min.ch
apis.20min.ch
story.20min.ch
*.milijapett.beta.20min.ch
sandboxx-laurent.sbx-prometheus.20min.ch
zurichpride.20min.ch
rendezvous.20min.ch
unchained.20min.ch
beta.20min.ch
spiele.20min.ch
deal.20min.ch
beta.20min.ch
sma-studio.20min.ch
www.20min.ch
fernweh.20min.ch
cp.lifestyle.20min.ch
booking.20min.ch
rendezvous.20min.ch
sma-studio.20min.ch
spiele.20min.ch
twch.20min.ch
deal.20min.ch
wiki.20min.ch
mediadaten.20min.ch
deal.20min.ch
*.moninorlmo.beta.20min.ch
*.grafanafixx.sbx-prometheus.20min.ch
vv.20min.ch
my.20min.ch
fussball.20min.ch
rendezvous.20min.ch
nwost.20min.ch
*.sbx-prometheus.20min.ch
dealdujour.20min.ch
remote.20min.ch
deal.20min.ch
source.cuisineactuelle.fr
youthlab.20min.ch
zweipunktnull.20min.ch
youthlab.20min.ch
*.formilija1234.beta.20min.ch
*.beta.20min.ch
bodyandsoul.20min.ch
fooby.20min.ch
cp.20min.ch
spiele.20min.ch
youthlab.20min.ch
*.sandbox-laurent.sbx-prometheus.20min.ch
blackbeard.prod.tda.link
dreixdrei.20min.ch
dealdujour.20min.ch
deal.20min.ch
deal.20min.ch
*.formilija1234.beta.20min.ch
deal.20min.ch
fussball.20min.ch
*.beta.20min.ch
*.grafanafixitt.sbx-prometheus.20min.ch
fooby.20min.ch
dreixdrei.20min.ch
sandboxx-laurent.sbx-prometheus.20min.ch
deal.20min.ch
sni.cloudflaressl.com
api.beta.20min.ch
branding.20min.ch
fernweh.20min.ch
tagesdeal.20min.ch
booking.20min.ch
dreixdrei.20min.ch
api.beta.20min.ch
unchained.20min.ch
milijadisco.sbx-prometheus.20min.ch
zweipunktnull.20min.ch
*.dnsworkaround.beta.20min.ch
fooby.20min.ch
zurichpride.20min.ch
story.20min.ch
niemolsnie.20min.ch
dealdujour.20min.ch
gutscheine.20min.ch
apis.20min.ch
dreixdrei.20min.ch
mediadaten.20min.ch
www.20min.ch
dreixdrei.20min.ch
myshop.20min.ch
youthlab.20min.ch
zweipunktnull.20min.ch
pcm-imaginary.20min.ch
my.20min.ch
mongodb.sbx-prometheus.20min.ch
rendezvous.20min.ch
deal.20min.ch
20min.ch
beta.20min.ch
beta.20min.ch
20min.ch
unchained.20min.ch
fooby.20min.ch
youthlab.20min.ch
apis.20min.ch
story.20min.ch
*.milijapett.beta.20min.ch
sandboxx-laurent.sbx-prometheus.20min.ch
zurichpride.20min.ch
rendezvous.20min.ch
unchained.20min.ch
beta.20min.ch
spiele.20min.ch
deal.20min.ch
beta.20min.ch
sma-studio.20min.ch
www.20min.ch
fernweh.20min.ch
cp.lifestyle.20min.ch
booking.20min.ch
rendezvous.20min.ch
sma-studio.20min.ch
spiele.20min.ch
twch.20min.ch
deal.20min.ch
wiki.20min.ch
mediadaten.20min.ch
deal.20min.ch
*.moninorlmo.beta.20min.ch
*.grafanafixx.sbx-prometheus.20min.ch
vv.20min.ch
my.20min.ch
fussball.20min.ch
rendezvous.20min.ch
nwost.20min.ch
*.sbx-prometheus.20min.ch
dealdujour.20min.ch
remote.20min.ch
deal.20min.ch
source.cuisineactuelle.fr
youthlab.20min.ch
zweipunktnull.20min.ch
youthlab.20min.ch
*.formilija1234.beta.20min.ch
*.beta.20min.ch
bodyandsoul.20min.ch
fooby.20min.ch
cp.20min.ch
spiele.20min.ch
youthlab.20min.ch
*.sandbox-laurent.sbx-prometheus.20min.ch
blackbeard.prod.tda.link
dreixdrei.20min.ch
dealdujour.20min.ch
Certificate
The complete raw certificate details for express-gateway.beta.20min.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGejCCBWKgAwIBAgIQCh5BNxkT569h2aA7H72UlzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDkwNTAwMDAwMFoXDTI0MTAwMzIzNTk1OVowKDEm MCQGA1UEAxMdZXhwcmVzcy1nYXRld2F5LmJldGEuMjBtaW4uY2gwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLlYV8KeMRjNlCN38lUSriD161tIVkE8tr SSyk/+rODyerdNxG7ofAFaRhRinG/yCWPZIy/KvwJfI77BgBja/oJlz4fpG/SXwW MdvovMP9SHdR6LK4sVevxNyrbzdyfg1Hh3XtOg360xo0CClgiRdIM775mjB5Ljff 1hewwooCankmdexzy/FhA4Uzh9ONWPdjz31dMeEYFhJ4YD66RIkEgIUuuzW6H7k4 1lnaoCP7/JaxLAe8VMYZtXeYi45pN2eik7hrvk8C/WDUz3YMzTRy/onLd/KoBpOt SB2Cpi+Y+faMjmkUiczJ3nZTYkIObSdfGW8H+WG+G24XvEp/4pHlAgMBAAGjggOK MIIDhjAfBgNVHSMEGDAWgBSBuA5jiokSGOX6OztQlZ/m5ZAThTAdBgNVHQ4EFgQU Sui1BmSnaxJ25YeSu+OnvP+mqXkwgbsGA1UdEQSBszCBsIIdZXhwcmVzcy1nYXRl d2F5LmJldGEuMjBtaW4uY2iCHGV4cHJlc3MtZ2F0ZXdheS4yMG1pbnV0ZW4uY2iC GGV4cHJlc3MtZ2F0ZXdheS4yMG1pbi5jaIIcZXhwcmVzcy1nYXRld2F5LjIwbWlu dXRlcy5jaIIaZXhwcmVzcy1nYXRld2F5LmxlbWF0aW4uY2iCHWV4cHJlc3MtZ2F0 ZXdheS5sZXNzZW50aWVsLmx1MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5y Mm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEuY3JsMBMGA1UdIAQMMAowCAYGZ4EM AQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJt MDEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAx LmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jZXIwDAYDVR0TAQH/BAIwADCCAX4GCisG AQQB1nkCBAIEggFuBIIBagFoAHcAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/m Z0xaOnQAAAGKZLv2BQAABAMASDBGAiEArhs2C5B4eHocVHjkFj6kNFD2vtSGXz37 G37HNoUHdZQCIQDvgM7+Sb96+lKqgfMg0+JMWX5Tj8NEzJVDDBqMq6X55AB2AEiw 42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABimS79c8AAAQDAEcwRQIh APyQRpEvIhiA8KEuZgubg8k/cBlGUEh4OUWTfoGwszivAiA/BFPsSGNP2UT/pXv4 gPPhSXVHEpQJSsNewnAyb3F9fAB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2k PTBI1/urAAABimS79W8AAAQDAEYwRAIgeo2GtSf3s9IHnp6dKj0hxxSuQ1m+dZVL uyujuQH0jPcCICqHokkQjk20KU3XFoZm4ADYo2es212kEWZbVe776rk1MA0GCSqG SIb3DQEBCwUAA4IBAQA4fC2FQadKKjE8EI3U7rjDc3lRUUyoH3QZ4SFTrBo+Fy08 PqfwsXnew41iKkqbdjSP6USNLRGZ+4pHwcGFz3P0yhSWzQ6i5vds3ycGTRzH5qo7 BAuFF3Qw/YF0H87aHh/Fgj62CnAAVQz0KEW+fIYeaUERmNUNiZyWGkDef/Uq0laz 65d7A+itPsouvkV2kBpYQYC4JySyylkwU5ctdEuLMN08YlXVqBQAKxpBnjlLAZP3 rmJnw3gQHFLAV6pFr4g1lPsJi/JMn4ay/EuWxmDHkvgRf59iI6rrukGY0KRqaS6F kDN/8zw92DKorgY50aIm6bvE/ojLg9lzJptBVr3m -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5WFfCnjEYzZQjd/JVEq 4g9etbSFZBPLa0kspP/qzg8nq3TcRu6HwBWkYUYpxv8glj2SMvyr8CXyO+wYAY2v 6CZc+H6Rv0l8FjHb6LzD/Uh3UeiyuLFXr8Tcq283cn4NR4d17ToN+tMaNAgpYIkX SDO++ZoweS4339YXsMKKAmp5JnXsc8vxYQOFM4fTjVj3Y899XTHhGBYSeGA+ukSJ BICFLrs1uh+5ONZZ2qAj+/yWsSwHvFTGGbV3mIuOaTdnopO4a75PAv1g1M92DM00 cv6Jy3fyqAaTrUgdgqYvmPn2jI5pFInMyd52U2JCDm0nXxlvB/lhvhtuF7xKf+KR 5QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13449371585539568139005013036007003287 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'express-gateway.beta.20min.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25700107671210323544123125546929860660889932335101986039615340173578097926435576544059794259482015596028960410616147419570957683366051272224908042366331937383203619798143996798527055571527358805409377075012966048613492734226113363764320069215462337273933250525027033896502844543309139185457595272331489367710441794412459752949967806858049726155809912486121252069132251467301595735205637538723660010243155358003652574293137743238540736069595345399677435389000251502987483566293477835317695615178866624335210032562193751999698451962034927661575292031207446625783476557443113268719970108891181004623331990884332802839013 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4ae8b50664a76b1276e58792bbe3a7bcffa6a979 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (179 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'express-gateway.beta.20min.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'express-gateway.20minuten.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'express-gateway.20min.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'express-gateway.20minutes.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'express-gateway.lematin.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'express-gateway.lessentiel.lu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 016800770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018a64bbf6050000040300483046022100ae1b360b9078787a1c5478e4163ea43450f6bed4865f3dfb1b7ec73685077594022100ef80cefe49bf7afa52aa81f320d3e24c597e538fc344cc95430c1a8caba5f9e400760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018a64bbf5cf0000040300473045022100fc9046912f221880f0a12e660b9b83c93f7019465048783945937e81b0b338af02203f0453ec48634fd944ffa57bf880f3e14975471294094ac35ec270326f717d7c007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018a64bbf56f000004030046304402207a8d86b527f7b3d2079e9e9d2a3d21c714ae4359be75954bbb2ba3b901f48cf702202a87a249108e4db4294dd7168666e000d8a367acdb5da411665b55eefbeab935 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00387c2d8541a74a2a313c108dd4eeb8c3737951514ca81f7419e12153ac1a3e172d3c3ea7f0b179dec38d622a4a9b76348fe9448d2d1199fb8a47c1c185cf73f4ca1496cd0ea2e6f76cdf27064d1cc7e6aa3b040b85177430fd81741fceda1e1fc5823eb60a7000550cf42845be7c861e69411198d50d899c961a40de7ff52ad256b3eb977b03e8ad3eca2ebe4576901a584180b82724b2ca593053972d744b8b30dd3c6255d5a814002b1a419e394b0193f7ae6267c378101c52c057aa45af883594fb098bf24c9f86b2fc4b96c660c792f8117f9f6223aaebba4198d0a46a692e8590337ff33c3dd832a8ae0639d1a226e9bbc4fe88cb83d973269b4156bde6