dsf.kronos-web.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 09:d3:e1:a3:7a:52:f5:e9:a0:e9:ff:4b:d0:e5:99:e5 was issued on by Amazon.
With 22 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=dsf.kronos-web.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 09:d3:e1:a3:7a:52:f5:e9:a0:e9:ff:4b:d0:e5:99:e5Serial Number (int): 13063203093423867341573863778078267877
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 98:14:83:e5:2f:24:2a:36:f4:b2:a0:bf:64:a0:70:a7:b1:df:21:10
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): ac:fb:7e:3d:c0:84:bb:3f:de:f5:a3:f2:db:ba:30:ad:1c:27:a1:fb
Fingerprint (sha256): d7:68:57:59:c6:ff:bb:e6:b2:1c:2e:9d:da:64:ff:b1:1e:ec:6f:9a:d0:58:2f:e6:42:da:6a:65:1e:4d:f6:97
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate dsf.kronos-web.com
22
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dsf.kronos-web.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dsf.kronos-web.com
*.dsf.kronos-web.com
www.kronos-finance.ca
*.accp.desjardins.kronos-web.com
desjardins.kronos-web.com
www.kronos-web.com
accp.desjardins.kronos-web.com
kronos-finance.ca
kronostechnologies.com
www.kronos-abf.ca
*.accp.dsf.kronos-web.com
*.accp.kronos-web.com
*.desjardins.kronos-web.com
*.kronos-web.com
*.kronostechnologies.com
kronos-mail.com
www.kronos-fna.ca
kronos-abf.ca
kronos-web.com
kronos-fna.ca
*.kronos-mail.com
accp.dsf.kronos-web.com
*.dsf.kronos-web.com
www.kronos-finance.ca
*.accp.desjardins.kronos-web.com
desjardins.kronos-web.com
www.kronos-web.com
accp.desjardins.kronos-web.com
kronos-finance.ca
kronostechnologies.com
www.kronos-abf.ca
*.accp.dsf.kronos-web.com
*.accp.kronos-web.com
*.desjardins.kronos-web.com
*.kronos-web.com
*.kronostechnologies.com
kronos-mail.com
www.kronos-fna.ca
kronos-abf.ca
kronos-web.com
kronos-fna.ca
*.kronos-mail.com
accp.dsf.kronos-web.com
Other certificates including the domain name kronos-web.com
(limited to 100 certificates)
secure.accp.dfs.kronos-web.com
*.accp.dsf.kronos-web.com
fr.wiki-crm.kronos-web.com
secure.fnct.kronos-web.com
*.accp.dsf.kronos-web.com
kronos-web.com
kronos-web.com
*.kronos-crm.com
edge.fnct.kronos-web.com
secure.dfs.kronos-web.com
*.kronos-crm.com
depot.kronos-web.com
kronos-web.com
*.accp.kronos-web.com
fr.wiki-crm.kronos-web.com
dsf.kronos-web.com
secure.accp.dsf.kronos-web.com
auth-accp.kronos-web.com
*.kronos-crm.com
*.kronos-crm.com
fr.wiki-crm.kronos-web.com
static.kronos-web.com
*.kronos-web.com
*.kronos-web.com
*.accp.kronos-web.com
*.kronos-crm.com
*.kronos-crm.com
fr.wiki-crm.kronos-web.com
*.dsf.kronos-web.com
static.kronos-web.com
fr.wiki-crm.kronos-web.com
*.kronos-crm.com
secure.dfs.kronos-web.com
*.accp.dsf.kronos-web.com
*.kronos-web.com
kronos-web.com
depot.kronos-web.com
secure.dsf.kronos-web.com
kronos-web.com
*.kronos-web.com
secure.accp.dfs.kronos-web.com
depot.kronos-web.com
fr.wiki-crm.kronos-web.com
kronos-web.com
*.accp.kronos-web.com
cache.kronos-web.com
*.kronos-web.com
*.dsf.kronos-web.com
*.kronos-crm.com
dsf.kronos-web.com
fr.wiki-crm.kronos-web.com
*.kronos-crm.com
secure.accp.kronos-web.com
*.kronos-web.com
*.kronos-web.com
*.accp.kronos-web.com
dsf.kronos-web.com
static.kronos-web.com
*.dsf.kronos-web.com
cache.kronos-web.com
*.kronos-crm.com
*.accp.dsf.kronos-web.com
fr.wiki-crm.kronos-web.com
secure.fnct.kronos-web.com
*.accp.dsf.kronos-web.com
kronos-web.com
kronos-web.com
*.kronos-crm.com
edge.fnct.kronos-web.com
secure.dfs.kronos-web.com
*.kronos-crm.com
depot.kronos-web.com
kronos-web.com
*.accp.kronos-web.com
fr.wiki-crm.kronos-web.com
dsf.kronos-web.com
secure.accp.dsf.kronos-web.com
auth-accp.kronos-web.com
*.kronos-crm.com
*.kronos-crm.com
fr.wiki-crm.kronos-web.com
static.kronos-web.com
*.kronos-web.com
*.kronos-web.com
*.accp.kronos-web.com
*.kronos-crm.com
*.kronos-crm.com
fr.wiki-crm.kronos-web.com
*.dsf.kronos-web.com
static.kronos-web.com
fr.wiki-crm.kronos-web.com
*.kronos-crm.com
secure.dfs.kronos-web.com
*.accp.dsf.kronos-web.com
*.kronos-web.com
kronos-web.com
depot.kronos-web.com
secure.dsf.kronos-web.com
kronos-web.com
*.kronos-web.com
secure.accp.dfs.kronos-web.com
depot.kronos-web.com
fr.wiki-crm.kronos-web.com
kronos-web.com
*.accp.kronos-web.com
cache.kronos-web.com
*.kronos-web.com
*.dsf.kronos-web.com
*.kronos-crm.com
dsf.kronos-web.com
fr.wiki-crm.kronos-web.com
*.kronos-crm.com
secure.accp.kronos-web.com
*.kronos-web.com
*.kronos-web.com
*.accp.kronos-web.com
dsf.kronos-web.com
static.kronos-web.com
*.dsf.kronos-web.com
cache.kronos-web.com
*.kronos-crm.com
Certificate
The complete raw certificate details for dsf.kronos-web.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHqjCCBpKgAwIBAgIQCdPho3pS9emg6f9L0OWZ5TANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTAwMjAwMDAwMFoXDTI0MTAzMDIzNTk1OVowHTEb MBkGA1UEAxMSZHNmLmtyb25vcy13ZWIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA22uwdjrCimb2ob4/xibje0OzrF321skEiOMMdKUO76rwMcC2 EhaePZs3UZEjeuS+QrZ6uz2/LQVM6RsjAk0b8LRVh2joAo2eC2MxG0Gw/AIrKUBo pOePTbTiXIArBOvagqG/jUorl5K8Yv3S1v53PHXmiBVT7em49kHJVK+n823T8FCO wJT7XfZlY2G2dK0nYN5oSkXunziIhGU5zvHmOiTEL962YMbx5K3bJjZv6RkxnLl5 oGI5NdRfcP+E1aVRYK7de4sp+Fd1po5mBEhJT1SU0ZlPf/bWQp4HqSS2ntPADMsJ cyrQGB80yshzV+YqwkReko4H//mKEecZRti4QwIDAQABo4IExTCCBMEwHwYDVR0j BBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0OBBYEFJgUg+UvJCo29LKg v2SgcKex3yEQMIIB9gYDVR0RBIIB7TCCAemCEmRzZi5rcm9ub3Mtd2ViLmNvbYIU Ki5kc2Yua3Jvbm9zLXdlYi5jb22CFXd3dy5rcm9ub3MtZmluYW5jZS5jYYIgKi5h Y2NwLmRlc2phcmRpbnMua3Jvbm9zLXdlYi5jb22CGWRlc2phcmRpbnMua3Jvbm9z LXdlYi5jb22CEnd3dy5rcm9ub3Mtd2ViLmNvbYIeYWNjcC5kZXNqYXJkaW5zLmty b25vcy13ZWIuY29tghFrcm9ub3MtZmluYW5jZS5jYYIWa3Jvbm9zdGVjaG5vbG9n aWVzLmNvbYIRd3d3Lmtyb25vcy1hYmYuY2GCGSouYWNjcC5kc2Yua3Jvbm9zLXdl Yi5jb22CFSouYWNjcC5rcm9ub3Mtd2ViLmNvbYIbKi5kZXNqYXJkaW5zLmtyb25v cy13ZWIuY29tghAqLmtyb25vcy13ZWIuY29tghgqLmtyb25vc3RlY2hub2xvZ2ll cy5jb22CD2tyb25vcy1tYWlsLmNvbYIRd3d3Lmtyb25vcy1mbmEuY2GCDWtyb25v cy1hYmYuY2GCDmtyb25vcy13ZWIuY29tgg1rcm9ub3MtZm5hLmNhghEqLmtyb25v cy1tYWlsLmNvbYIXYWNjcC5kc2Yua3Jvbm9zLXdlYi5jb20wEwYDVR0gBAwwCjAI BgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpv bnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzAB hiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKG Kmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNV HRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgB2/4g/Crb7lVHC Ycz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYrxrPonAAAEAwBHMEUCIQDBSWT1ryYq X5hnefCF/4rbh0VX5Q+aekK7T4dNC5rY6wIgO3K0Xetkdh+nr+KWTlCD92x1ePLS bc37eCi4jVfe95cAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAA AYrxrPoLAAAEAwBGMEQCIDuUlo5IBi0o0G0BKoBSn9yl2XmNy7EvbIG27btlQYah AiBuGGzI/Mpn8pku9JAM/C5jZ2j8CrdDvaE0la/R5XBvtwB2ANq2v2s/tbYin5vC u1xr6HCRcWy7UYSFNL2kPTBI1/urAAABivGs+c8AAAQDAEcwRQIgBZ051wssJtB/ uzngAjVTvpOcm37LiVobgJXH6M6ASCoCIQDCuPJrWgS6rdAbpukXTBv/froc2cF3 n0tUsFXKxAKOWzANBgkqhkiG9w0BAQsFAAOCAQEAS1EaohaKnT7Z7JFui3/yvUci 6WW6F72/Y4CCGNCAs7k3xPgFiV2kqwTCYROuNs0i3AIrIE6yGwn1IX6BPAOcoFZm 2vVELB4kgWiniT7E+z4VJ+fzrmRNsGR2AwuQDm5oJMouijlSHOz0JtVQo+Pjo4KJ PdjmyQUka8dO48XxGb85nH2pmL2kLPyv4zTYfe19fWbsBCtlYEdFrSoA86xIIXMP Dv3niRfcYoAn29B0aOQuz6fi0X0LqEdexOzdJhBFNhOqrcETx9Keze/ucBDdLzOR b1bQPQYVCqVCw2FaTihjgNUBvHLl5WM4291Vxw77RWv61h/wHIB0BwANfwReWg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22uwdjrCimb2ob4/xibj e0OzrF321skEiOMMdKUO76rwMcC2EhaePZs3UZEjeuS+QrZ6uz2/LQVM6RsjAk0b 8LRVh2joAo2eC2MxG0Gw/AIrKUBopOePTbTiXIArBOvagqG/jUorl5K8Yv3S1v53 PHXmiBVT7em49kHJVK+n823T8FCOwJT7XfZlY2G2dK0nYN5oSkXunziIhGU5zvHm OiTEL962YMbx5K3bJjZv6RkxnLl5oGI5NdRfcP+E1aVRYK7de4sp+Fd1po5mBEhJ T1SU0ZlPf/bWQp4HqSS2ntPADMsJcyrQGB80yshzV+YqwkReko4H//mKEecZRti4 QwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13063203093423867341573863778078267877 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dsf.kronos-web.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27699292362586048047731888905774369989313110011594274560451916108614843258829914056229865092186077227021698356808426239564003926007482615754257798860167878978881302665758727960982539366110392878894383986600998340117554748180879106278322787779971475527842593876978971423150780683551021333788252731415868223620683322521389080414285543465647502328909082672220464976013897598223268768701855222771266178253653509988711806137421570289598469106036825323662573277686764669615762051530255783997508643266027971482166117660893321239748163722804499151821161169490447961223945402258060424876502591703158029455463035385860507351107 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 981483e52f242a36f4b2a0bf64a070a7b1df2110 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (493 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dsf.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dsf.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kronos-finance.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accp.desjardins.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'desjardins.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'accp.desjardins.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-finance.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronostechnologies.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kronos-abf.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accp.dsf.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accp.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.desjardins.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kronostechnologies.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-mail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kronos-fna.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-abf.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-web.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kronos-fna.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kronos-mail.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'accp.dsf.kronos-web.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018af1acfa270000040300473045022100c14964f5af262a5f986779f085ff8adb874557e50f9a7a42bb4f874d0b9ad8eb02203b72b45deb64761fa7afe2964e5083f76c7578f2d26dcdfb7828b88d57def79700750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018af1acfa0b000004030046304402203b94968e48062d28d06d012a80529fdca5d9798dcbb12f6c81b6edbb654186a102206e186cc8fcca67f2992ef4900cfc2e636768fc0ab743bda13495afd1e5706fb7007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018af1acf9cf00000403004730450220059d39d70b2c26d07fbb39e0023553be939c9b7ecb895a1b8095c7e8ce80482a022100c2b8f26b5a04baadd01ba6e9174c1bff7eba1cd9c1779f4b54b055cac4028e5b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004b511aa2168a9d3ed9ec916e8b7ff2bd4722e965ba17bdbf63808218d080b3b937c4f805895da4ab04c26113ae36cd22dc022b204eb21b09f5217e813c039ca05666daf5442c1e248168a7893ec4fb3e1527e7f3ae644db06476030b900e6e6824ca2e8a39521cecf426d550a3e3e3a382893dd8e6c905246bc74ee3c5f119bf399c7da998bda42cfcafe334d87ded7d7d66ec042b65604745ad2a00f3ac4821730f0efde78917dc628027dbd07468e42ecfa7e2d17d0ba8475ec4ecdd2610453613aaadc113c7d29ecdefee7010dd2f33916f56d03d06150aa542c3615a4e286380d501bc72e5e56338dbdd55c70efb456bfad61ff01c807407000d7f045e5a