compliance.bloominsuranceagency.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 0a:57:0d:6e:3f:30:11:3f:ad:3e:2a:b5:8a:9b:12:72 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=compliance.bloominsuranceagency.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0a:57:0d:6e:3f:30:11:3f:ad:3e:2a:b5:8a:9b:12:72Serial Number (int): 13744282190520078286457659521584796274
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 11:89:a3:1f:66:ea:29:d9:73:23:0b:fc:e3:96:e2:3d:46:22:89:15
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 19:9e:62:fb:c8:e3:b9:2f:5e:27:1b:90:f1:39:34:12:50:82:ef:1e
Fingerprint (sha256): c6:5b:3d:e2:c3:e0:e6:78:bf:e2:6d:c2:4c:77:92:6d:6c:c5:81:ca:2c:af:05:9a:dc:04:39:ee:62:ce:3e:1d
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate compliance.bloominsuranceagency.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for compliance.bloominsuranceagency.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
compliance.bloominsuranceagency.com
Other certificates including the domain name bloominsuranceagency.com
(limited to 100 certificates)
*.bloominsuranceagency.com
rpm.test.services.bloominsuranceagency.com
bloominsurance.com
bloominsurance.com
mailfilter01.bloominsuranceagency.com
images.bloominsuranceagency.com
www.bloominsuranceagency.com
images.bloominsuranceagency.com
bcap.bloominsuranceagency.com
bloominsuranceagency.com
flagpole.test.services.bloominsuranceagency.com
mailfilter01.bloominsuranceagency.com
*.bloominsuranceagency.com
bloominsurance.com
*.bloominsuranceagency.com
www.bloominsuranceagency.com
www2.bloominsuranceagency.com
askcompliance.bloominsuranceagency.com
bloominsuranceagency.com
agent.bloominsuranceagency.com
bcap.bloominsuranceagency.com
www.bloominsuranceagency.com
www.bloominsuranceagency.com
www.bloominsuranceagency.com
aspire.test.services.bloominsuranceagency.com
bloominsurance.com
bloominsurance.com
www2.bloominsuranceagency.com
bloominsuranceagency.com
bloominsurance.com
*.test.services.bloominsuranceagency.com
bloominsuranceagency.com
www2.bloominsuranceagency.com
www2.bloominsuranceagency.com
images.bloominsuranceagency.com
bloominsurance.com
bloominsuranceagency.com
bloominsurance.com
www.bloominsuranceagency.com
images.bloominsuranceagency.com
*.bloominsuranceagency.com
activecollab.bloominsuranceagency.com
www2.bloominsuranceagency.com
www.bloominsuranceagency.com
*.test.services.bloominsuranceagency.com
bloominsurance.com
xenmobile.bloominsuranceagency.com
compliance.bloominsuranceagency.com
askcompliance.bloominsuranceagency.com
*.test.services.bloominsuranceagency.com
mailfilter01.bloominsuranceagency.com
mailmta02.finelight.com
askcompliance.bloominsuranceagency.com
jira.bloominsuranceagency.com
rpm.test.services.bloominsuranceagency.com
bloominsurance.com
staging11.bloominsuranceagency.com
bloominsurance.com
clicktocall.services.bloominsuranceagency.com
*.bloominsuranceagency.com
agent.bloominsuranceagency.com
activecollab.bloominsuranceagency.com
mailmta02.finelight.com
images.bloominsuranceagency.com
bloominsuranceagency.com
aspire.test.services.bloominsuranceagency.com
www.bloominsuranceagency.com
www.bloominsuranceagency.com
bloominsurance.com
images.bloominsuranceagency.com
www.bloominsuranceagency.com
compliance.bloominsuranceagency.com
bloominsuranceagency.com
bloominsurance.com
www.bloominsuranceagency.com
www.bloominsuranceagency.com
bloominsuranceagency.com
www.bloominsuranceagency.com
www2.bloominsuranceagency.com
mx.agent.bloominsuranceagency.com
agent.bloominsuranceagency.com
*.bloominsuranceagency.com
images.bloominsuranceagency.com
mailmta02.finelight.com
activecollab.bloominsuranceagency.com
*.bloominsuranceagency.com
xenmobile.bloominsuranceagency.com
www2.bloominsuranceagency.com
agent.bloominsuranceagency.com
rpm.test.services.bloominsuranceagency.com
bloominsurance.com
bloominsurance.com
mailfilter01.bloominsuranceagency.com
images.bloominsuranceagency.com
www.bloominsuranceagency.com
images.bloominsuranceagency.com
bcap.bloominsuranceagency.com
bloominsuranceagency.com
flagpole.test.services.bloominsuranceagency.com
mailfilter01.bloominsuranceagency.com
*.bloominsuranceagency.com
bloominsurance.com
*.bloominsuranceagency.com
www.bloominsuranceagency.com
www2.bloominsuranceagency.com
askcompliance.bloominsuranceagency.com
bloominsuranceagency.com
agent.bloominsuranceagency.com
bcap.bloominsuranceagency.com
www.bloominsuranceagency.com
www.bloominsuranceagency.com
www.bloominsuranceagency.com
aspire.test.services.bloominsuranceagency.com
bloominsurance.com
bloominsurance.com
www2.bloominsuranceagency.com
bloominsuranceagency.com
bloominsurance.com
*.test.services.bloominsuranceagency.com
bloominsuranceagency.com
www2.bloominsuranceagency.com
www2.bloominsuranceagency.com
images.bloominsuranceagency.com
bloominsurance.com
bloominsuranceagency.com
bloominsurance.com
www.bloominsuranceagency.com
images.bloominsuranceagency.com
*.bloominsuranceagency.com
activecollab.bloominsuranceagency.com
www2.bloominsuranceagency.com
www.bloominsuranceagency.com
*.test.services.bloominsuranceagency.com
bloominsurance.com
xenmobile.bloominsuranceagency.com
compliance.bloominsuranceagency.com
askcompliance.bloominsuranceagency.com
*.test.services.bloominsuranceagency.com
mailfilter01.bloominsuranceagency.com
mailmta02.finelight.com
askcompliance.bloominsuranceagency.com
jira.bloominsuranceagency.com
rpm.test.services.bloominsuranceagency.com
bloominsurance.com
staging11.bloominsuranceagency.com
bloominsurance.com
clicktocall.services.bloominsuranceagency.com
*.bloominsuranceagency.com
agent.bloominsuranceagency.com
activecollab.bloominsuranceagency.com
mailmta02.finelight.com
images.bloominsuranceagency.com
bloominsuranceagency.com
aspire.test.services.bloominsuranceagency.com
www.bloominsuranceagency.com
www.bloominsuranceagency.com
bloominsurance.com
images.bloominsuranceagency.com
www.bloominsuranceagency.com
compliance.bloominsuranceagency.com
bloominsuranceagency.com
bloominsurance.com
www.bloominsuranceagency.com
www.bloominsuranceagency.com
bloominsuranceagency.com
www.bloominsuranceagency.com
www2.bloominsuranceagency.com
mx.agent.bloominsuranceagency.com
agent.bloominsuranceagency.com
*.bloominsuranceagency.com
images.bloominsuranceagency.com
mailmta02.finelight.com
activecollab.bloominsuranceagency.com
*.bloominsuranceagency.com
xenmobile.bloominsuranceagency.com
www2.bloominsuranceagency.com
agent.bloominsuranceagency.com
Certificate
The complete raw certificate details for compliance.bloominsuranceagency.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEhTCCA22gAwIBAgIQClcNbj8wET+tPiq1ipsScjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIxNzAwMDAwMFoXDTI1MDExNTIzNTk1OVowLjEs MCoGA1UEAxMjY29tcGxpYW5jZS5ibG9vbWluc3VyYW5jZWFnZW5jeS5jb20wggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa+H07DMF1KqAyLbJhhhuLFk8M 6x7jrcwmiVXJANJ0Ha3FO54Nm+VZkXB++5PJs1LQxJEs+2WkuD3bgNZKR9wteKQU Mo6SRyzx9iZCoByO4icxBbAkW6axpfDBgVJL9KPXtvx9ppBRYIRxY55/66oia2c1 HK0vpdINvxj8ghlrK0bAjAi9sifLfKGNzz3Y7ABV7r1C5vHdNQLh3z0lG0gevAXr SDwhk/hHoGEmpF2fST0IP7CH/FRNds3BRPBa94Bkx53s70CEBIB1p1og3wQWOiWs Mx+gKicJTC5D/7uLudXdiTzfbzAI4YsQ0A0wiu8HsCE1m9xAOr4+rx7Pg81vAgMB AAGjggGPMIIBizAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNV HQ4EFgQUEYmjH2bqKdlzIwv845biPUYiiRUwLgYDVR0RBCcwJYIjY29tcGxpYW5j ZS5ibG9vbWluc3VyYW5jZWFnZW5jeS5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7 BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNv bS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8v b2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9j cnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAA MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA1od4stEss wp+8/+un/kTgRdix8BVIXSZVHjUNiPAZ/ONY2P4zOriUKBRq1uw1nYplUqg4eOEE TcE8DuIACGeZNZizgJoZ8xsohhmYFth+x5QkHREc9bV0XdkUhxBDLj2fY2CDV5mS /GxI3yLavDG303OCYGjQCH6hH2MaH1d06re/heSG0tjNuymZT03aXpgj7rns7WNG O8EHy/uHOAEGtXlDHEGjy9y+i8GygJ8Hth7MjeskskvncNiHFRas9IAHM4xKSlx4 gs1d3DuN480YqQM0zx3Jd9pBPvRGMSrr4N5YKy6wOOSBApm0ID4sVyUffrxEBB0c e83Otq0yQXlD -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vh9OwzBdSqgMi2yYYYb ixZPDOse463MJolVyQDSdB2txTueDZvlWZFwfvuTybNS0MSRLPtlpLg924DWSkfc LXikFDKOkkcs8fYmQqAcjuInMQWwJFumsaXwwYFSS/Sj17b8faaQUWCEcWOef+uq ImtnNRytL6XSDb8Y/IIZaytGwIwIvbIny3yhjc892OwAVe69Qubx3TUC4d89JRtI HrwF60g8IZP4R6BhJqRdn0k9CD+wh/xUTXbNwUTwWveAZMed7O9AhASAdadaIN8E FjolrDMfoConCUwuQ/+7i7nV3Yk8328wCOGLENANMIrvB7AhNZvcQDq+Pq8ez4PN bwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13744282190520078286457659521584796274 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-15 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'compliance.bloominsuranceagency.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27642485065308921892436018451612342484397113590805854442400446577559522607791378513181776514254954458669968412052232231205589639604940232884247921468314818856987980774645444544377661275680855782468850597837234641077297893696886778930802989668845621702308116313615539642760471869395485313434461810316960780837044580315541299929589497394065358867127940430841814910973727959975873887270297466774146569465580273871450486721542749244917729569585807449463559143149591729551874642240851275402020672341133591960786460074787961486927044177073734262538412397944438212405198532456455106748686266999339541058549461572559797734767 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1189a31f66ea29d973230bfce396e23d46228915 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'compliance.bloominsuranceagency.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0035a1de2cb44b2cc29fbcffeba7fe44e045d8b1f015485d26551e350d88f019fce358d8fe333ab89428146ad6ec359d8a6552a83878e1044dc13c0ee2000867993598b3809a19f31b2886199816d87ec794241d111cf5b5745dd9148710432e3d9f636083579992fc6c48df22dabc31b7d373826068d0087ea11f631a1f5774eab7bf85e486d2d8cdbb29994f4dda5e9823eeb9eced63463bc107cbfb87380106b579431c41a3cbdcbe8bc1b2809f07b61ecc8deb24b24be770d8871516acf48007338c4a4a5c7882cd5ddc3b8de3cd18a90334cf1dc977da413ef446312aebe0de582b2eb038e4810299b4203e2c57251f7ebc44041d1c7bcdceb6ad32417943