dkgbt.niddk.nih.gov
- US Department of Health and Human Services -
Issued by HydrantID Server CA O1
About this certificate
This digital certificate with serial number 40:01:88:0c:1b:3f:21:72:ab:a8:c9:36:6b:00:8f:da was issued on by IdenTrust.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
US Department of Health and Human Services
Organization:
US Department of Health and Human Services
State / Province:
District of Columbia
Locality: Washington
Country: US
Locality: Washington
Country: US
IdenTrust
Organization:
IdenTrust
Organization unit: HydrantID Trusted Certificate Service
Organization unit: HydrantID Trusted Certificate Service
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 40:01:88:0c:1b:3f:21:72:ab:a8:c9:36:6b:00:8f:daSerial Number (int): 85078543393969613037026045509863772122
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 6f:6a:cb:b2:10:31:f2:9e:a5:6d:81:7e:8c:4d:a1:e3:63:27:ee:24
AuthorityKeyId: 89:b8:9b:b6:9e:ed:fb:b0:c6:bd:0d:ec:67:4e:3c:a3:92:9d:2d:f9
Fingerprint (sha1): eb:26:06:a1:d8:49:b1:0a:81:d1:20:92:9e:27:37:38:09:cf:6d:c8
Fingerprint (sha256): 00:0e:ba:61:54:69:3a:a2:e6:ca:22:ac:ce:3f:d9:4f:1d:ca:3f:48:3f:42:f8:8d:ec:e6:21:4e:05:09:c5:02
Issuing Certificate URL: http://validation.identrust.com/certs/hydrantidcaO1.p7c
Revocation information
OCSP Server: http://commercial.ocsp.identrust.comCRL Distribution Point: http://validation.identrust.com/crl/hydrantidcao1.crl
Check the revocation status for certificate dkgbt.niddk.nih.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dkgbt.niddk.nih.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dkgbt.niddk.nih.gov
Other certificates including the domain name nih.gov
(limited to 100 certificates)
*.nihms.nih.gov
*.nei.nih.gov
*.niaid.nih.gov
dkgbt.niddk.nih.gov
soatest.ha.nih.gov
*.nlm.nih.gov
3dprintqa.niaid.nih.gov
www.niaaa.nih.gov
citrix.niehs.nih.gov
oma.od.nih.gov
drupal.nihlibrary.com
internet.csr.nih.gov
jamfdmz.niaaa.nih.gov
nei1.nih.gov
*.niams.nih.gov
biobeat.nigms.nih.gov
pots.nci.nih.gov
*.nlm.nih.gov
meetings.nigms.nih.gov
*.nlm.nih.gov
neidatacommons.nei.nih.gov
catalog.nei.nih.gov
devstageerawebserviceaccess.nichd.nih.gov
tls.automattic.com
assettrack.cc.nih.gov
mirror.nih.gov
sisterstudy.niehs.nih.gov
*.nci.nih.gov
3dprintqa.niaid.nih.gov
sbrblood.nhgri.nih.gov
*.apps.nciconnectstg.nci.nih.gov
excessproductcatalog.od.nih.gov
madb.nci.nih.gov
biomedicalresearchworkforce.nih.gov
intranet.cit.nih.gov
ai-cs105otdqa1.niaid.nih.gov
*.nci.nih.gov
obssr.od.nih.gov
posit-package-manager.niaid.nih.gov
myitsm.nih.gov
nihguide.od.nih.gov
2019-BTH-TIC-VPN-EG-03-A.NET.NIH.GOV
ucceventsupport.cit.nih.gov
APF-Access.niaid.nih.gov
etsplab.ninds.nih.gov
dev.radx-hub.nih.gov
www.safetytraining.nih.gov
recovery.nih.gov
*.niddk.nih.gov
sni.cloudflaressl.com
authproxy.ha.nih.gov
pdbp-dd-uat.cit.nih.gov
ai-appauthfoochiprd1.niaid.nih.gov
ncias-p595.nci.nih.gov
ccpharmrees.cc.nih.gov
parkinsontrial.ninds.nih.gov
jats.nlm.nih.gov
otds16-dev.niaid.nih.gov
www.smokefree.gov
intranet.nccih.nih.gov
intranet.nccam.nih.gov
fitbir-stage.cit.nih.gov
www.cc.nih.gov
cancergenome.nih.gov
aghealth.nci.nih.gov
ncif5-d013-v.nci.nih.gov
acdwg.od.nih.gov
activenav-dev.niaid.nih.gov
apps.cc.nih.gov
sptest.nibib.nih.gov
healthyeating.nhlbi.nih.gov
medialibrary.nei.nih.gov
*.nlm.nih.gov
salivaryproteome.nidcr.nih.gov
ncatswnspfpdv34.nih.gov
ocrtme.cc.nih.gov
itbweb.nhgri.nih.gov
pots.nia.nih.gov
dcb.cit.nih.gov
devwebeditor.nichd.nih.gov
tfs.niaid.nih.gov
toolkit.ncats.nih.gov
bricsguid.nia.nih.gov
nisc.nih.gov
pedmatch.nci.nih.gov
tls.automattic.com
eracert137.era.nih.gov
*.nlm.nih.gov
erss-vip.niaid.nih.gov
sa66gl.wpc.edgecastcdn.net
isupplierext.qa.nih.gov
oacu.od.nih.gov
videocast.niehs.nih.gov
depot.tbportals.niaid.nih.gov
ecollab.niaid.nih.gov
ccapps.cc.nih.gov
resresources.nci.nih.gov
rnai.nih.gov
authdev.ha.nih.gov
www.nigms.nih.gov
*.nei.nih.gov
*.niaid.nih.gov
dkgbt.niddk.nih.gov
soatest.ha.nih.gov
*.nlm.nih.gov
3dprintqa.niaid.nih.gov
www.niaaa.nih.gov
citrix.niehs.nih.gov
oma.od.nih.gov
drupal.nihlibrary.com
internet.csr.nih.gov
jamfdmz.niaaa.nih.gov
nei1.nih.gov
*.niams.nih.gov
biobeat.nigms.nih.gov
pots.nci.nih.gov
*.nlm.nih.gov
meetings.nigms.nih.gov
*.nlm.nih.gov
neidatacommons.nei.nih.gov
catalog.nei.nih.gov
devstageerawebserviceaccess.nichd.nih.gov
tls.automattic.com
assettrack.cc.nih.gov
mirror.nih.gov
sisterstudy.niehs.nih.gov
*.nci.nih.gov
3dprintqa.niaid.nih.gov
sbrblood.nhgri.nih.gov
*.apps.nciconnectstg.nci.nih.gov
excessproductcatalog.od.nih.gov
madb.nci.nih.gov
biomedicalresearchworkforce.nih.gov
intranet.cit.nih.gov
ai-cs105otdqa1.niaid.nih.gov
*.nci.nih.gov
obssr.od.nih.gov
posit-package-manager.niaid.nih.gov
myitsm.nih.gov
nihguide.od.nih.gov
2019-BTH-TIC-VPN-EG-03-A.NET.NIH.GOV
ucceventsupport.cit.nih.gov
APF-Access.niaid.nih.gov
etsplab.ninds.nih.gov
dev.radx-hub.nih.gov
www.safetytraining.nih.gov
recovery.nih.gov
*.niddk.nih.gov
sni.cloudflaressl.com
authproxy.ha.nih.gov
pdbp-dd-uat.cit.nih.gov
ai-appauthfoochiprd1.niaid.nih.gov
ncias-p595.nci.nih.gov
ccpharmrees.cc.nih.gov
parkinsontrial.ninds.nih.gov
jats.nlm.nih.gov
otds16-dev.niaid.nih.gov
www.smokefree.gov
intranet.nccih.nih.gov
intranet.nccam.nih.gov
fitbir-stage.cit.nih.gov
www.cc.nih.gov
cancergenome.nih.gov
aghealth.nci.nih.gov
ncif5-d013-v.nci.nih.gov
acdwg.od.nih.gov
activenav-dev.niaid.nih.gov
apps.cc.nih.gov
sptest.nibib.nih.gov
healthyeating.nhlbi.nih.gov
medialibrary.nei.nih.gov
*.nlm.nih.gov
salivaryproteome.nidcr.nih.gov
ncatswnspfpdv34.nih.gov
ocrtme.cc.nih.gov
itbweb.nhgri.nih.gov
pots.nia.nih.gov
dcb.cit.nih.gov
devwebeditor.nichd.nih.gov
tfs.niaid.nih.gov
toolkit.ncats.nih.gov
bricsguid.nia.nih.gov
nisc.nih.gov
pedmatch.nci.nih.gov
tls.automattic.com
eracert137.era.nih.gov
*.nlm.nih.gov
erss-vip.niaid.nih.gov
sa66gl.wpc.edgecastcdn.net
isupplierext.qa.nih.gov
oacu.od.nih.gov
videocast.niehs.nih.gov
depot.tbportals.niaid.nih.gov
ecollab.niaid.nih.gov
ccapps.cc.nih.gov
resresources.nci.nih.gov
rnai.nih.gov
authdev.ha.nih.gov
www.nigms.nih.gov
Certificate
The complete raw certificate details for dkgbt.niddk.nih.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHozCCBougAwIBAgIQQAGIDBs/IXKrqMk2awCP2jANBgkqhkiG9w0BAQsFADBy MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MS4wLAYDVQQLEyVIeWRy YW50SUQgVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlMR8wHQYDVQQDExZIeWRy YW50SUQgU2VydmVyIENBIE8xMB4XDTIzMDUxMTE4MzgxMloXDTI0MDYwOTE4Mzcx MlowgZQxHDAaBgNVBAMTE2RrZ2J0Lm5pZGRrLm5paC5nb3YxMzAxBgNVBAoTKlVT IERlcGFydG1lbnQgb2YgSGVhbHRoIGFuZCBIdW1hbiBTZXJ2aWNlczETMBEGA1UE BxMKV2FzaGluZ3RvbjEdMBsGA1UECBMURGlzdHJpY3Qgb2YgQ29sdW1iaWExCzAJ BgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRu+Sz2f qC3bLfskoXMbL+CLDrAivsLrG2pGAZjATe8wTCmv6t7qEYQW6WTvzQp0S1hHNhEh f19MU3LlYGhirjVL75MBDhFailzF106XqjA/CkTTISkXQcvHsxvjPGzhnVZBKpGN mQKAXaCMjpdbtRI+XfrjLQZDBBMFmbOPeLjSQF5YlQSDYZ63n9VXSW5Tpt6OyxXl IL9r0L0ZWfojWNWc6Xh4+qcjTSjndLrCLoT1DdDQocIIp8xTQ22xdJ+htzMLM7P3 zu+P0Wquw0vz41I+pSQo/IMbyzihsK9mrXpe54Mev7iHR1vihy2NgUG3PZ3Pyaxj J9Zzk8ktGMbZcwIDAQABo4IEEDCCBAwwDgYDVR0PAQH/BAQDAgWgMIGFBggrBgEF BQcBAQR5MHcwMAYIKwYBBQUHMAGGJGh0dHA6Ly9jb21tZXJjaWFsLm9jc3AuaWRl bnRydXN0LmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL3ZhbGlkYXRpb24uaWRlbnRy dXN0LmNvbS9jZXJ0cy9oeWRyYW50aWRjYU8xLnA3YzAfBgNVHSMEGDAWgBSJuJu2 nu37sMa9DexnTjyjkp0t+TCCASYGA1UdIASCAR0wggEZMAwGCmCGSAGG+S8ABgMw ggEHBgZngQwBAgIwgfwwQAYIKwYBBQUHAgEWNGh0dHBzOi8vc2VjdXJlLmlkZW50 cnVzdC5jb20vY2VydGlmaWNhdGVzL3BvbGljeS90cy8wgbcGCCsGAQUFBwICMIGq DIGnVGhpcyBUcnVzdElEIFNlcnZlciBDZXJ0aWZpY2F0ZSBoYXMgYmVlbiBpc3N1 ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIElkZW5UcnVzdCdzIFRydXN0SUQgQ2VydGlm aWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vc2VjdXJlLmlkZW50cnVzdC5j b20vY2VydGlmaWNhdGVzL3BvbGljeS90cy8wRgYDVR0fBD8wPTA7oDmgN4Y1aHR0 cDovL3ZhbGlkYXRpb24uaWRlbnRydXN0LmNvbS9jcmwvaHlkcmFudGlkY2FvMS5j cmwwHgYDVR0RBBcwFYITZGtnYnQubmlkZGsubmloLmdvdjAdBgNVHQ4EFgQUb2rL shAx8p6lbYF+jE2h42Mn7iQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgB2/4g/Crb7lVHCYcz1h7o0tKTN uyncaEIKn+ZnTFo6dAAAAYgMGz+yAAAEAwBHMEUCIQDwp2+V95R/hPgAUQEhwUYo 93LFC3pIRVYpmO/X9+x9dwIgOEwV0QJ5BK/03C4g1X7WmxFKBMGg38jzTXlvTf/b S3QAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYgMG0ATAAAE AwBIMEYCIQCbbwUFaAdPtau6DRHDGpMGd1iJo8IniwPkNMcF/Gj/9wIhANLJoJy2 9uB6wHJGo67QRV4RO0yl/14pnPF1iuVBjKo3AHYAc9meiRtMlnigIH1HneayxhzQ UV5xGSqMa4AQesF3crUAAAGIDBtAGgAABAMARzBFAiEA34MzULVSAjku/85OpPH0 kElDCi6lW+LbCGr+n/lJLBUCIAyvQDkIcc0DIGgfMqKJ1wo530T/e+W5AaKfCeNS l1pTMA0GCSqGSIb3DQEBCwUAA4IBAQBnGpiKWq/ws2m5I2RooFXx/aS0scfe1OPe 9skrQk6W/72YRJzzjCpO1fyimdMT8xJMKYwyrBUZeB/Q5s/VUBOVw03kPyVe67EZ EnsgtWQ+z1/J9u+XcEDlnLL9SOhmBV4eGmVy4gUCenbD6T5VbavC5tkeacE8rAgF YxMYOUr9sLdMdL2MTJEoIIZYu9DMmqR91TCDpcuYjCZt5KtLrtiOOQ415Owjbtw6 rKCjjpFbuWs4Xc+nEdSDvEKhdsvktaHawJ3Xu4MxBlEMlHDxklly/W7Q5yM5ufxb WSPr1kSz9Fa4UeZdf3B7+Z5SvlcrES6BSS/eniXGXYh1fLAMJxnM -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRu+Sz2fqC3bLfskoXMb L+CLDrAivsLrG2pGAZjATe8wTCmv6t7qEYQW6WTvzQp0S1hHNhEhf19MU3LlYGhi rjVL75MBDhFailzF106XqjA/CkTTISkXQcvHsxvjPGzhnVZBKpGNmQKAXaCMjpdb tRI+XfrjLQZDBBMFmbOPeLjSQF5YlQSDYZ63n9VXSW5Tpt6OyxXlIL9r0L0ZWfoj WNWc6Xh4+qcjTSjndLrCLoT1DdDQocIIp8xTQ22xdJ+htzMLM7P3zu+P0Wquw0vz 41I+pSQo/IMbyzihsK9mrXpe54Mev7iHR1vihy2NgUG3PZ3PyaxjJ9Zzk8ktGMbZ cwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 85078543393969613037026045509863772122 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IdenTrust' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HydrantID Trusted Certificate Service' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HydrantID Server CA O1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-11 18:38:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-09 18:37:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dkgbt.niddk.nih.gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US Department of Health and Human Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18823188188606820733321434454719911930645700020994393347518532744855238979773020177655203720463367081517650507338115415600418462898858983878363232397111713543212880684734742589834006205234947560933149180735248344523822843372659055522129111519395106673232794318325395523639724458509341431851931872476901111300504398314822207348065392975109886828171284705757546421606804495801632064918312417706742113102710669995877775651864956566584284108366267579182768913639595001132939577405269543806067673179866121515662990006546776465389249503694474029410245573474340783979386335707093789123341888195868093999051417633506487359859 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://commercial.ocsp.identrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://validation.identrust.com/certs/hydrantidcaO1.p7c' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 89b89bb69eedfbb0c6bd0dec674e3ca3929d2df9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (285 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113839.0.6.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.identrust.com/certificates/policy/ts/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This TrustID Server Certificate has been issued in accordance with IdenTrust's TrustID Certificate Policy found at https://secure.identrust.com/certificates/policy/ts/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://validation.identrust.com/crl/hydrantidcao1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dkgbt.niddk.nih.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6f6acbb21031f29ea56d817e8c4da1e36327ee24 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001880c1b3fb20000040300473045022100f0a76f95f7947f84f800510121c14628f772c50b7a4845562998efd7f7ec7d770220384c15d1027904aff4dc2e20d57ed69b114a04c1a0dfc8f34d796f4dffdb4b74007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001880c1b401300000403004830460221009b6f050568074fb5abba0d11c31a9306775889a3c2278b03e434c705fc68fff7022100d2c9a09cb6f6e07ac07246a3aed0455e113b4ca5ff5e299cf1758ae5418caa3700760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b5000001880c1b401a0000040300473045022100df833350b55202392effce4ea4f1f49049430a2ea55be2db086afe9ff9492c1502200caf40390871cd0320681f32a289d70a39df44ff7be5b901a29f09e352975a53 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00671a988a5aaff0b369b9236468a055f1fda4b4b1c7ded4e3def6c92b424e96ffbd98449cf38c2a4ed5fca299d313f3124c298c32ac1519781fd0e6cfd5501395c34de43f255eebb119127b20b5643ecf5fc9f6ef977040e59cb2fd48e866055e1e1a6572e205027a76c3e93e556dabc2e6d91e69c13cac0805631318394afdb0b74c74bd8c4c9128208658bbd0cc9aa47dd53083a5cb988c266de4ab4baed88e390e35e4ec236edc3aaca0a38e915bb96b385dcfa711d483bc42a176cbe4b5a1dac09dd7bb833106510c9470f1925972fd6ed0e72339b9fc5b5923ebd644b3f456b851e65d7f707bf99e52be572b112e81492fde9e25c65d88757cb00c2719cc