I’m trying to extract a specific portion of text and haven’t had success despite testing multiple patterns and looking at similar examples. After struggling for a while, I figured it was time to ask for help. I’m working in Java and want to capture all DNS names listed in the SubjectAlternativeName block.

The raw text is:

[ Version: V3 Subject: CN=*.google.com Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun EC public key, 256 bits public x coord: 109404759859797539557582869776851064193525149534433779190116190416377478114013 public y coord: 59834028993710182810726130457827642156704500550808608899515084482806544584532 parameters: secp256r1 [NIST P-256,X9.62 prime256v1] (1.2.840.10045.3.1.7) Validity: [From: Mon Oct 27 09:33:43 CET 2025, To: Mon Jan 19 09:33:42 CET 2026] Issuer: CN=WR2, O=Google Trust Services, C=US SerialNumber: [ 9d9ed0e1 cc0ecc84 0a042e3c 2f9ed571] Certificate Extensions: 10 [1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false Extension unknown: DER encoded OCTET string = 0000: 04 81 F4 04 81 F1 00 EF 00 76 00 96 97 64 BF 55 .........v...d.U 0010: 58 97 AD F7 43 87 68 37 08 42 77 E9 F0 3A D5 F6 X...C.h7.Bw..:.. 0020: A4 F3 36 6E 46 A4 3F 0F CA A9 C6 00 00 01 9A 25 ..6nF.?........% 0030: 04 3D 33 00 00 04 03 00 47 30 45 02 21 00 C6 F0 .=3.....G0E.!... 0040: 6C EF D3 FA 6B 61 0F 8A C7 09 BA 20 A9 EB E9 3A l...ka..... ...: 0050: 6E EB 6B CF 2A 86 C0 80 A8 F8 B7 1F 18 1D 02 20 n.k.*.......... 0060: 2A 4A 73 19 46 EB BD A9 04 04 3A 7F 9E 75 ED A9 *Js.F.....:..u.. 0070: E5 BC B3 3A FE A3 D0 E6 AA 48 C5 3A 94 3A 97 E5 ...:.....H.:.:.. 0080: 00 75 00 19 86 D4 C7 28 AA 6F FE BA 03 6F 78 2A .u.....(.o...ox* 0090: 4D 01 91 AA CE 2D 72 31 0F AE CE 5D 70 41 2D 25 M....-r1...]pA-% 00A0: 4C C7 D4 00 00 01 9A 25 04 3C D4 00 00 04 03 00 L......%.<...... 00B0: 46 30 44 02 20 10 07 41 95 3C B7 97 CC 79 19 29 F0D. ..A.<...y.) 00C0: 23 F5 B3 9F 8E CA 99 33 EE 91 59 8B 31 8E 91 FB #......3..Y.1... 00D0: 37 3A 3A BC E6 02 20 3E 3D 00 96 B8 D9 CE 0A 53 7::... >=......S 00E0: C1 E1 6E 0D 37 84 AD 49 D2 7D A0 70 98 B4 78 B0 ..n.7..I...p..x. 00F0: 0F 4E FE 6A A0 C1 4C .N.j..L [2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://o.pki.goog/wr2 , accessMethod: caIssuers accessLocation: URIName: http://i.pki.goog/wr2.crt ] ] [3]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: DE 1B 1E ED 79 15 D4 3E 37 24 C3 21 BB EC 34 39 ....y..>7$.!..49 0010: 6D 42 B2 30 mB.0 ] ] [4]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [5]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://c.pki.goog/wr2/GSyT1N4PBrg.crl] ]] [6]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.23.140.1.2.1] [] ] ] [7]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth ] [8]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature ] [9]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: *.google.com DNSName: *.appengine.google.com DNSName: *.bdn.dev DNSName: *.origin-test.bdn.dev DNSName: *.cloud.google.com DNSName: *.crowdsource.google.com DNSName: *.datacompute.google.com DNSName: *.google.ca DNSName: *.google.cl DNSName: *.google.co.in DNSName: *.google.co.jp DNSName: *.google.co.uk DNSName: *.google.com.ar DNSName: *.google.com.au DNSName: *.google.com.br DNSName: *.google.com.co DNSName: *.google.com.mx DNSName: *.google.com.tr DNSName: *.google.com.vn DNSName: *.google.de DNSName: *.google.es DNSName: *.google.fr DNSName: *.google.hu DNSName: *.google.it DNSName: *.google.nl DNSName: *.google.pl DNSName: *.google.pt DNSName: *.googleapis.cn DNSName: *.googlevideo.com DNSName: *.gstatic.cn DNSName: *.gstatic-cn.com DNSName: googlecnapps.cn DNSName: *.googlecnapps.cn DNSName: googleapps-cn.com DNSName: *.googleapps-cn.com DNSName: gkecnapps.cn DNSName: *.gkecnapps.cn DNSName: googledownloads.cn DNSName: *.googledownloads.cn DNSName: recaptcha.net.cn DNSName: *.recaptcha.net.cn DNSName: recaptcha-cn.net DNSName: *.recaptcha-cn.net DNSName: widevine.cn DNSName: *.widevine.cn DNSName: ampproject.org.cn DNSName: *.ampproject.org.cn DNSName: ampproject.net.cn DNSName: *.ampproject.net.cn DNSName: google-analytics-cn.com DNSName: *.google-analytics-cn.com DNSName: googleadservices-cn.com DNSName: *.googleadservices-cn.com DNSName: googlevads-cn.com DNSName: *.googlevads-cn.com DNSName: googleapis-cn.com DNSName: *.googleapis-cn.com DNSName: googleoptimize-cn.com DNSName: *.googleoptimize-cn.com DNSName: doubleclick-cn.net DNSName: *.doubleclick-cn.net DNSName: *.fls.doubleclick-cn.net DNSName: *.g.doubleclick-cn.net DNSName: doubleclick.cn DNSName: *.doubleclick.cn DNSName: *.fls.doubleclick.cn DNSName: *.g.doubleclick.cn DNSName: dartsearch-cn.net DNSName: *.dartsearch-cn.net DNSName: googletraveladservices-cn.com DNSName: *.googletraveladservices-cn.com DNSName: googletagservices-cn.com DNSName: *.googletagservices-cn.com DNSName: googletagmanager-cn.com DNSName: *.googletagmanager-cn.com DNSName: googlesyndication-cn.com DNSName: *.googlesyndication-cn.com DNSName: *.safeframe.googlesyndication-cn.com DNSName: app-measurement-cn.com DNSName: *.app-measurement-cn.com DNSName: gvt1-cn.com DNSName: *.gvt1-cn.com DNSName: gvt2-cn.com DNSName: *.gvt2-cn.com DNSName: 2mdn-cn.net DNSName: *.2mdn-cn.net DNSName: googleflights-cn.net DNSName: *.googleflights-cn.net DNSName: admob-cn.com DNSName: *.admob-cn.com DNSName: *.gemini.cloud.google.com DNSName: googlesandbox-cn.com DNSName: *.googlesandbox-cn.com DNSName: *.safenup.googlesandbox-cn.com DNSName: *.gstatic.com DNSName: *.metric.gstatic.com DNSName: *.gvt1.com DNSName: *.gcpcdn.gvt1.com DNSName: *.gvt2.com DNSName: *.gcp.gvt2.com DNSName: *.url.google.com DNSName: *.youtube-nocookie.com DNSName: *.ytimg.com DNSName: ai.android DNSName: android.com DNSName: *.android.com DNSName: *.flash.android.com DNSName: g.cn DNSName: *.g.cn DNSName: g.co DNSName: *.g.co DNSName: goo.gl DNSName: www.goo.gl DNSName: google-analytics.com DNSName: *.google-analytics.com DNSName: google.com DNSName: googlecommerce.com DNSName: *.googlecommerce.com DNSName: ggpht.cn DNSName: *.ggpht.cn DNSName: urchin.com DNSName: *.urchin.com DNSName: youtu.be DNSName: youtube.com DNSName: *.youtube.com DNSName: music.youtube.com DNSName: *.music.youtube.com DNSName: youtubeeducation.com DNSName: *.youtubeeducation.com DNSName: youtubekids.com DNSName: *.youtubekids.com DNSName: yt.be DNSName: *.yt.be DNSName: android.clients.google.com DNSName: *.android.google.cn DNSName: *.chrome.google.cn DNSName: *.developers.google.cn DNSName: *.aistudio.google.com ] [10]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 37 07 29 A3 52 3A AE 2E A7 26 05 0F 43 26 FA F1 7.).R:...&..C&.. 0010: 71 3E 0A 04 q>.. ] ] ]

So far I have the following regex:

(?s)^SubjectAlternativeName\\h+\\[\\R\\s*?DNSName:\\h+(\\S+)

However that only captures the first entry in the list which is *.google.com I would like to get all dns names. Any idea whether that is possible?

Hakan54's user avatar

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.