ballaratclarendon.digistormlabs.com
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 0b:32:6d:de:19:ad:99:f4:b5:69:91:5b:9b:ff:f8:c6 was issued on by Amazon.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ballaratclarendon.digistormlabs.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:32:6d:de:19:ad:99:f4:b5:69:91:5b:9b:ff:f8:c6Serial Number (int): 14883351175806688630604088318948800710
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 55:bf:a1:43:1d:b7:36:c7:48:67:6e:9f:15:55:8d:31:92:44:e8:1a
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): 6c:92:ad:61:61:be:a0:73:00:e5:a3:45:71:92:6e:31:cc:eb:94:88
Fingerprint (sha256): f0:61:80:d8:e5:fb:1f:86:95:ef:6c:ea:7b:27:8d:88:ba:1c:32:7e:c5:07:36:d6:68:1f:e3:85:c8:f9:94:72
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate ballaratclarendon.digistormlabs.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ballaratclarendon.digistormlabs.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ballaratclarendon.digistormlabs.com
notices.clarendon.vic.edu.au
bcc-notices.digistormhosting.com.au
notices.clarendon.vic.edu.au
bcc-notices.digistormhosting.com.au
Other certificates including the domain name digistormlabs.com
(limited to 100 certificates)
annandale.digistormlabs.com
radford-one.digistormlabs.com
ecc-calendar.digistormlabs.com
somerville-display.digistormlabs.com
annandale.digistormlabs.com
flc-tour.digistormlabs.com
annandale.digistormlabs.com
somerville-newsletter.digistormlabs.com
sh-au-qld-18-display.digistormhosting.com.au
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
bcc-notices.digistormhosting.com.au
annandale.digistormlabs.com
cac-notices.digistormlabs.com
tss-business.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
cac-business.digistormlabs.com
comm.lb.digistormlabs.com
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
radford-one.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
flc-tour.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
tss-business.digistormlabs.com
canterbury-newsletter.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
radford-two.digistormlabs.com
canterbury-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
jpc-notices.digistormlabs.com
cac-business.digistormlabs.com
annandale.digistormlabs.com
cac-business.digistormlabs.com
cac-notices.digistormlabs.com
*.digistormlabs.com
cac-notices.digistormlabs.com
padua-notices.digistormlabs.com
annandale.digistormlabs.com
annandale.digistormlabs.com
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
somerville-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
jpc-notices.digistormlabs.com
ecc-calendar.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
somerville-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
somerville-newsletter.digistormlabs.com
stpatricks-notices.digistormlabs.com
tss-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
ballaratclarendon.digistormlabs.com
canterbury-newsletter.digistormlabs.com
radford-two.digistormlabs.com
tss-business.digistormlabs.com
annandale.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
cac-notices.digistormlabs.com
cac-notices.digistormlabs.com
tss-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
*.digistormlabs.com
canterbury-newsletter.digistormlabs.com
canterbury-newsletter.digistormlabs.com
somerville-newsletter.digistormlabs.com
tss-business.digistormlabs.com
stpatricks-notices.digistormlabs.com
cac-notices.digistormlabs.com
ballaratclarendon.digistormlabs.com
somerville-newsletter.digistormlabs.com
padua-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
radford-one.digistormlabs.com
ecc-calendar.digistormlabs.com
somerville-display.digistormlabs.com
annandale.digistormlabs.com
flc-tour.digistormlabs.com
annandale.digistormlabs.com
somerville-newsletter.digistormlabs.com
sh-au-qld-18-display.digistormhosting.com.au
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
bcc-notices.digistormhosting.com.au
annandale.digistormlabs.com
cac-notices.digistormlabs.com
tss-business.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
cac-business.digistormlabs.com
comm.lb.digistormlabs.com
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
radford-one.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
flc-tour.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
tss-business.digistormlabs.com
canterbury-newsletter.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
radford-two.digistormlabs.com
canterbury-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
jpc-notices.digistormlabs.com
cac-business.digistormlabs.com
annandale.digistormlabs.com
cac-business.digistormlabs.com
cac-notices.digistormlabs.com
*.digistormlabs.com
cac-notices.digistormlabs.com
padua-notices.digistormlabs.com
annandale.digistormlabs.com
annandale.digistormlabs.com
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
somerville-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
annandale.digistormlabs.com
canterbury-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
jpc-notices.digistormlabs.com
ecc-calendar.digistormlabs.com
cac-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
somerville-newsletter.digistormlabs.com
cac-notices.digistormlabs.com
somerville-newsletter.digistormlabs.com
stpatricks-notices.digistormlabs.com
tss-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
ballaratclarendon.digistormlabs.com
canterbury-newsletter.digistormlabs.com
radford-two.digistormlabs.com
tss-business.digistormlabs.com
annandale.digistormlabs.com
annandale.digistormlabs.com
cac-notices.digistormlabs.com
cac-notices.digistormlabs.com
cac-notices.digistormlabs.com
tss-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
*.digistormlabs.com
canterbury-newsletter.digistormlabs.com
canterbury-newsletter.digistormlabs.com
somerville-newsletter.digistormlabs.com
tss-business.digistormlabs.com
stpatricks-notices.digistormlabs.com
cac-notices.digistormlabs.com
ballaratclarendon.digistormlabs.com
somerville-newsletter.digistormlabs.com
padua-notices.digistormlabs.com
canterbury-newsletter.digistormlabs.com
Certificate
The complete raw certificate details for ballaratclarendon.digistormlabs.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGNDCCBRygAwIBAgIQCzJt3hmtmfS1aZFbm//4xjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDkyNjAwMDAwMFoXDTI0MTAyNDIzNTk1OVowLjEs MCoGA1UEAxMjYmFsbGFyYXRjbGFyZW5kb24uZGlnaXN0b3JtbGFicy5jb20wggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWlylJ1rg4mlBjxUIiGDBpg9s7 DGnxZWe+/FGrSBLDFdK5LvYR27bUulmER4VcMSt6QUsmt65Wq1dxWESl8OxvcKMX PlMQIzrI4z+SaSt83vnK2r7AzBtLveSOAFBCLPgQujPkHs2bQJKw1cdOTJljkArc OTQSPEYn4jHhREDbAEyT4ZMuds7HZIPDV2mOjZPP3T3l2kop5ndlYT1gdUeOMfuh MS7kqpTOsXVyHtMGt38FytbE2xL8e9HpvaP0hUlwK69U485mf/nrzf/Qe78k1ESR Xj/8eGuyJMsDeEAl6M+baCn7LWUpihqm7utbJI10/MO1EYwt/mhDZlEYKXSdAgMB AAGjggM+MIIDOjAfBgNVHSMEGDAWgBSBuA5jiokSGOX6OztQlZ/m5ZAThTAdBgNV HQ4EFgQUVb+hQx23NsdIZ26fFVWNMZJE6BowcQYDVR0RBGowaIIjYmFsbGFyYXRj bGFyZW5kb24uZGlnaXN0b3JtbGFicy5jb22CHG5vdGljZXMuY2xhcmVuZG9uLnZp Yy5lZHUuYXWCI2JjYy1ub3RpY2VzLmRpZ2lzdG9ybWhvc3RpbmcuY29tLmF1MBMG A1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5y Mm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEuY3JsMHUGCCsGAQUFBwEBBGkwZzAt BggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDEuYW1hem9udHJ1c3QuY29tMDYG CCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0w MS5jZXIwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHYA 7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGK0OIPrQAABAMARzBF AiBinmRKCimtIwBv+LpahpieJPcUEUjpuhd6fryW72ff1QIhAOmsMXuS8j/Bzgx6 YFixQtu7XdzQraWMk+w85AYhUulmAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB 2bu/qznYhHMAAAGK0OIPqwAABAMARzBFAiAZNA6Tr2c+jyC9ypGkNfNVt9IxADJL kA4bi8M+XC6AmQIhAK3UA14sGu2dc4dvkaWyug7DADH+vGNi+2IF2wyUgSzQAHUA 2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGK0OIPcAAABAMARjBE AiB+pttX4weO1UQUWykV3WZz/pNtBAP+OLCVCbxGY+ZnYgIgS8UY/3O/vSxq5+FM GH2Arsq9nXj6y23Z+DW5QwFE3J4wDQYJKoZIhvcNAQELBQADggEBAASK6Gli45LX Y97291cspQSHr/8/bo+1/QEhY/EiQienEcjNmr2koMQre+9JH7LXehQ0HDFTH/4Y vaxV7Cp4IzjeQZiPhfwkpfscoWxETtMtpr5cwTAaxeKTUkpHyhEY5mYCh5g3Qd9c Z11C0tBuS4ntZAPPqQTaYZ8D0mfI3IhGr75Hi2wQ2A98xc6/wsTSFpoMxGJJJIlu pvDl29Y1Oa5CJ3SLMj2QqHGULU1c/RupqJ372wDPpdfV8Vcu5uZvvfez/KVv5C1M UZY2+4Y9mj7UUiV1aJCjOaOKOTHvEHwDfr8fO5tA26hNOmMT1apG0kb1SKc/BjlG LYzo/uwJn7U= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpcpSda4OJpQY8VCIhgw aYPbOwxp8WVnvvxRq0gSwxXSuS72Edu21LpZhEeFXDErekFLJreuVqtXcVhEpfDs b3CjFz5TECM6yOM/kmkrfN75ytq+wMwbS73kjgBQQiz4ELoz5B7Nm0CSsNXHTkyZ Y5AK3Dk0EjxGJ+Ix4URA2wBMk+GTLnbOx2SDw1dpjo2Tz9095dpKKeZ3ZWE9YHVH jjH7oTEu5KqUzrF1ch7TBrd/BcrWxNsS/HvR6b2j9IVJcCuvVOPOZn/5683/0Hu/ JNREkV4//HhrsiTLA3hAJejPm2gp+y1lKYoapu7rWySNdPzDtRGMLf5oQ2ZRGCl0 nQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 14883351175806688630604088318948800710 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-24 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ballaratclarendon.digistormlabs.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19010286151685458334354957022848444982504405220055155145043536262470162096606455892838390356172599941338122043120750940788763796453954935550845255970803095307899357971902115606190344225345470590900041943914773012775124127799361106428069258618158931200112118266133400557571433900435209481912412752284139952398402838931308393990661562905762429967963787560796923418167444198346497247288684638746569716899794883491997905166505301759414638764034296449344445466898803614218536994224204693806897031700906278697914736322156598029066290070556509515851867810791201781644025366717664533950277307249168914877089873238151664333981 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 55bfa1431db736c748676e9f15558d319244e81a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ballaratclarendon.digistormlabs.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'notices.clarendon.vic.edu.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bcc-notices.digistormhosting.com.au' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ad0e20fad00000403004730450220629e644a0a29ad23006ff8ba5a86989e24f7141148e9ba177a7ebc96ef67dfd5022100e9ac317b92f23fc1ce0c7a6058b142dbbb5ddcd0ada58c93ec3ce4062152e96600760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ad0e20fab0000040300473045022019340e93af673e8f20bdca91a435f355b7d23100324b900e1b8bc33e5c2e8099022100add4035e2c1aed9d73876f91a5b2ba0ec30031febc6362fb6205db0c94812cd0007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ad0e20f70000004030046304402207ea6db57e3078ed544145b2915dd6673fe936d0403fe38b09509bc4663e6676202204bc518ff73bfbd2c6ae7e14c187d80aecabd9d78facb6dd9f835b9430144dc9e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00048ae86962e392d763def6f7572ca50487afff3f6e8fb5fd012163f1224227a711c8cd9abda4a0c42b7bef491fb2d77a14341c31531ffe18bdac55ec2a782338de41988f85fc24a5fb1ca16c444ed32da6be5cc1301ac5e293524a47ca1118e6660287983741df5c675d42d2d06e4b89ed6403cfa904da619f03d267c8dc8846afbe478b6c10d80f7cc5cebfc2c4d2169a0cc4624924896ea6f0e5dbd63539ae4227748b323d90a871942d4d5cfd1ba9a89dfbdb00cfa5d7d5f1572ee6e66fbdf7b3fca56fe42d4c519636fb863d9a3ed45225756890a339a38a3931ef107c037ebf1f3b9b40dba84d3a6313d5aa46d246f548a73f0639462d8ce8feec099fb5