*.mediaportals.dev-charter.net

Issued by Amazon

About this certificate

This digital certificate with serial number 01:7a:52:27:03:42:69:34:79:37:36:0d:cf:c3:32:a8 was issued on by Amazon.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.mediaportals.dev-charter.net

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 01:7a:52:27:03:42:69:34:79:37:36:0d:cf:c3:32:a8
Serial Number (int): 1964354461020743286872960747870302888
Serial Number lenght: 121 bits, 16 octets

SubjectKeyId: 8d:e1:1a:20:45:d9:54:7d:60:b2:b9:42:03:2f:4f:e3:07:da:e2:6c
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): a1:d8:4b:40:a4:59:af:14:4a:e8:19:85:c6:98:c8:f8:69:5b:a5:23
Fingerprint (sha256): d5:39:6a:a3:fd:37:3d:b7:99:40:4f:ad:2d:97:25:a7:fa:1c:97:14:2d:f5:28:bd:eb:cf:1c:fb:aa:80:ab:18

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate *.mediaportals.dev-charter.net

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.mediaportals.dev-charter.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.mediaportals.dev-charter.net
*.dev-charter.net
*.spectrumlocalnews.com
*.ny1.com
*.baynews9.com
*.mynews13.com
*.engr2-64.spectrumlocalnews.com
*.engr2-64.ny1.com
*.engr2-64.baynews9.com
*.engr2-64.mynews13.com

Other certificates including the domain name dev-charter.net

(limited to 100 certificates)
*.dev-charter.net
ip-eas-sit-east-https-cdn.dev-charter.net
ip-eas-staging-west-https-cdn.dev-charter.net
ip-eas-sit-east-https-cdn.dev-charter.net
ip-eas-sit-tm-west-https-cdn.dev-charter.net
*.dev-charter.net
troubleshooting.dev-charter.net
*.mediaportals.dev-charter.net
*.develop.dev-charter.net
logpull-perf.tau.dev-charter.net
cms.prd-aws.charter.net
mediaportals-news-64.dev-charter.net
advisor2.engprod-spectrum.net
jenkinsdocker.dev-charter.net
*.mediaportals.dev-charter.net
*.dev-charter.net
ip-eas-dev-east-https-cdn.dev-charter.net
ip-eas-lab-west-https-cdn.dev-charter.net
sdev-ns.dev-charter.net
*.dev-charter.net
*.mediaportals.dev-charter.net
ip-eas-dev-west-https-cdn.dev-charter.net
*.us-east-1.engprod.tau.dev-charter.net
jenkinsdocker.dev-charter.net
*.dev-charter.net
*.tau.dev-charter.net
ip-eas-lab-west-https-cdn.dev-charter.net
stash.dev-charter.net
*.tau.dev-charter.net
*.mediaportals.dev-charter.net
jenkins-glb.dev-charter.net
stash.dev-charter.net
*.scpcj.dev.dev-charter.net
metadata.dev-charter.net
atvchtr.dev-charter.net
serenity.vod.dev-charter.net
*.us-east-1.perf.tau.dev-charter.net
*.us-east-1.dev3.tau.dev-charter.net
*.dev-charter.net
ip-eas-sit-tm-west-https-cdn.dev-charter.net
*.scpcj.perf.dev-charter.net
*.dev-charter.net
cms.prd-aws.spectrumbusiness.net
*.us-east-1.dev2.tau.dev-charter.net
*.mediaportals.dev-charter.net
*.scpcj.dev.dev-charter.net
stashs.dev-charter.net
cms.prd-aws.charter.net
*.mediaportals.dev-charter.net
best-specflow.best.dev-charter.net
*.dev-charter.net
ip-eas-dev-east-https-cdn.dev-charter.net
ipvs.dev-charter.net
*.us-east-1.int.tau.dev-charter.net
crowd.dev-charter.net
ip-eas-sit-east-https-cdn.dev-charter.net
nexus.mediaportals.dev-charter.net
crescendo-stacka.vod.dev-charter.net
logpull-dev3.tau.dev-charter.net
*.dev-charter.net
ip-eas-dev-west-https-cdn.dev-charter.net
engprod-spectrum.net
search.dev-charter.net
ip-eas-staging-east-https-cdn.dev-charter.net
ip-eas-staging-west-https-cdn.dev-charter.net
*.dev-charter.net
*.dev-charter.net
nexus.global.dev-charter.net
*.scpscl.dev-charter.net
ip-eas-sit-west-https-cdn.dev-charter.net
*.figaro.dev-charter.net
advisor2.engprod-spectrum.net
*.us-east-1.dev3.tau.dev-charter.net
*.mediaportals.dev-charter.net
ip-eas-autotest-https-cdn.dev-charter.net
stashs.dev-charter.net
ip-eas-staging-east-https-cdn.dev-charter.net
*.tau.dev-charter.net
*.mediaportals.dev-charter.net
*.us-east-1.perf.tau.dev-charter.net
jenkinsdocker-glb.dev-charter.net
troubleshooting.engprod-spectrum.net
*.us-east-1.dev.tau.dev-charter.net
ip-eas-sit-west-https-cdn.dev-charter.net
stashs.dev-charter.net
*.mediaportals.dev-charter.net
*.us-east-1.sbox1.tau.dev-charter.net
ip-eas-autotest-https-cdn.dev-charter.net
lantern.dev-charter.net
*.siadev.dev-charter.net
*.mediaportals.dev-charter.net
dbm-translate.spectrumaws.dev-charter.net
*.us-east-1.dev2.tau.dev-charter.net
*.mediaportals.dev-charter.net
*.us-west-2.sbox1.tau.dev-charter.net
crescendo-stacka.vod.dev-charter.net
dev-spectrum.net
stash.dev-charter.net
ip-eas-sit-tm-west-https-cdn.dev-charter.net
ip-eas-staging-east-https-cdn.dev-charter.net

Certificate

The complete raw certificate details for *.mediaportals.dev-charter.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIQAXpSJwNCaTR5NzYNz8MyqDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xODA3MTEwMDAwMDBaFw0xOTA4MTEx
MjAwMDBaMCkxJzAlBgNVBAMMHioubWVkaWFwb3J0YWxzLmRldi1jaGFydGVyLm5l
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK/seP1VWge9J5aaAxr8
5h6FtnCOtq+uK+bs3nweBbdEhz30OmhCDW/7mUuxeh1kqSin0ypVC8ON4qBvqlb4
csq2kM409+BFVzQ/ugMKZQaMCRypsoSsyeURR5zyGXblfxM6dHk6310pewdv24tS
Ox1KqUqkGTqT4v4gry33lrXjb2qpnKieObhnBI0PWv4u8QAgO1bz/szb47T19GJB
wHEsw+KTexitUKn2WCGh+2+CFBJSyc2I3NrBpBBhF24Lozi1TfrYisaePKsY0hda
JzFx6FWT5EOfl+Ut6rcvuSqjbmX8oSbMjiaelbYd8b8kTO5IUgqYDGUXIau1YYXd
rVkCAwEAAaOCAlkwggJVMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3Q
MB0GA1UdDgQWBBSN4RogRdlUfWCyuUIDL0/jB9ribDCB6gYDVR0RBIHiMIHfgh4q
Lm1lZGlhcG9ydGFscy5kZXYtY2hhcnRlci5uZXSCESouZGV2LWNoYXJ0ZXIubmV0
ghcqLnNwZWN0cnVtbG9jYWxuZXdzLmNvbYIJKi5ueTEuY29tgg4qLmJheW5ld3M5
LmNvbYIOKi5teW5ld3MxMy5jb22CICouZW5ncjItNjQuc3BlY3RydW1sb2NhbG5l
d3MuY29tghIqLmVuZ3IyLTY0Lm55MS5jb22CFyouZW5ncjItNjQuYmF5bmV3czku
Y29tghcqLmVuZ3IyLTY0Lm15bmV3czEzLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0
dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAgBgNVHSAE
GTAXMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsG
AQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYB
BQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNy
dDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA0bJDTo4/xvYZTuAeou3Rwgwpt0B6UvTNXUh7LaDFeB/A1XSedrlyS
j8uj9JerFtC8MF2PsaiiihiJm35tZis2o5zjvFVxzgNYUVI0btRRbt/MuwMvmgNV
a/eV5k4poh9/90eh7dq7fkyLp8Yzz8r0hj4waYQgUr+PZpQYI/X0DrL/AOR8FRYx
IozYdgWwD9C+9RfKQccwOsZnMpmCkN1wcLsvK40fvMvAH5PTwAWSIgn7OHQ3Pmni
qVZ8TVJ31dpWTnAtQv88NOwjMsVdREhV/p5W3m9vnFVgSQXe/1fbeBp+XW0CUwl2
7la6bfG8SP8MFIWRIXCI4tEhf0l3J76g
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+x4/VVaB70nlpoDGvzm
HoW2cI62r64r5uzefB4Ft0SHPfQ6aEINb/uZS7F6HWSpKKfTKlULw43ioG+qVvhy
yraQzjT34EVXND+6AwplBowJHKmyhKzJ5RFHnPIZduV/Ezp0eTrfXSl7B2/bi1I7
HUqpSqQZOpPi/iCvLfeWteNvaqmcqJ45uGcEjQ9a/i7xACA7VvP+zNvjtPX0YkHA
cSzD4pN7GK1QqfZYIaH7b4IUElLJzYjc2sGkEGEXbgujOLVN+tiKxp48qxjSF1on
MXHoVZPkQ5+X5S3qty+5KqNuZfyhJsyOJp6Vth3xvyRM7khSCpgMZRchq7Vhhd2t
WQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1964354461020743286872960747870302888
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-11 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.mediaportals.dev-charter.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22208312361870062496507861445756734490293543886190665700439875285863720591198330199513191062486036863174292900668947263818937066305563600307181401582124888599345763673851100183480480951044425425728736075622267880291837293174096592016817252943688720974615827953042016723791551345744687352080270021496190385439054920784968894945662736793334482848586927113509071594671615275086090325638888384195932652191492238868059257070944245586583737612125899658424330841050645881870811606993111256508394590253994232095569168907044599567690192980946319512577603523765740064999316677120455085398190594842225065475994676319795137064281
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							8de11a2045d9547d60b2b942032f4fe307dae26c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (226 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mediaportals.dev-charter.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-charter.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.spectrumlocalnews.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ny1.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.baynews9.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mynews13.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.engr2-64.spectrumlocalnews.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.engr2-64.ny1.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.engr2-64.baynews9.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.engr2-64.mynews13.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00346c90d3a38ff1bd8653b807a8bb7470830a6dd01e94bd3357521ecb68315e07f0355d279dae5c928fcba3f497ab16d0bc305d8fb1a8a28a18899b7e6d662b36a39ce3bc5571ce03585152346ed4516edfccbb032f9a03556bf795e64e29a21f7ff747a1eddabb7e4c8ba7c633cfcaf4863e3069842052bf8f66941823f5f40eb2ff00e47c151631228cd87605b00fd0bef517ca41c7303ac66732998290dd7070bb2f2b8d1fbccbc01f93d3c005922209fb3874373e69e2a9567c4d5277d5da564e702d42ff3c34ec2332c55d444855fe9e56de6f6f9c55604905deff57db781a7e5d6d02530976ee56ba6df1bc48ff0c148591217088e2d1217f497727bea0