www.cms.gov
- Centers for Medicare & Medicaid Services -
Issued by GeoTrust RSA CA 2018
About this certificate
This digital certificate with serial number 0d:94:6a:9b:5c:8a:45:dd:10:ec:d2:e9:7d:a1:57:de was issued on by DigiCert Inc.
With 45 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Centers for Medicare & Medicaid Services
Organization:
Centers for Medicare & Medicaid Services
Organization unit: OIS
Organization unit: OIS
State / Province:
Maryland
Locality: Baltimore
Country: US
Locality: Baltimore
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:94:6a:9b:5c:8a:45:dd:10:ec:d2:e9:7d:a1:57:deSerial Number (int): 18050586124690020212717175591825135582
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 12:37:97:29:b3:f8:7f:36:1f:c0:8d:5d:18:46:01:c8:33:4a:5b:cc
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5
Fingerprint (sha1): 8d:0c:5e:ee:1a:67:33:c4:c4:eb:4f:6d:8f:84:07:90:ff:ac:02:31
Fingerprint (sha256): 01:42:a1:40:47:b3:ad:19:6d:e6:00:13:cf:c7:f4:a8:3e:f8:ea:8e:68:8c:10:6b:01:7f:9c:eb:7e:c6:2d:24
Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt
Revocation information
OCSP Server: http://status.geotrust.comCRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl
Check the revocation status for certificate www.cms.gov
45
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cms.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.cms.gov
cms.gov
events.launchdarkly.cms.gov
app.launchdarkly.cms.gov
www.innovation.cms.gov
edit.cms.gov
download.cms.gov
questions.cms.gov
cerrsngprod.cerrs.cms.gov
ai.cms.gov
rbis.cms.gov
innovation.cms.gov
cerrs-edt.cms.gov
cerrs-ee.cms.gov
data.cms.gov
mo-idp.cms.gov
www.qpp.cms.gov
forms.cms.gov
www.cms.hhs.gov
auth.cerrs.cms.gov
design.cms.gov
forms-admin.cms.gov
cerrs-sts.cms.gov
cerrs.cms.gov
partnershipforpatients.cms.gov
cerrs-sp.cms.gov
innovations.cms.gov
hios.cms.gov
qpp.cms.gov
cerrsdws.cerrs.cms.gov
stream.launchdarkly.cms.gov
qualitypaymentprogram.cms.gov
cerrs-mcr.cms.gov
productordering.cms.hhs.gov
www.innovations.cms.gov
hics.cms.gov
www.qualitypaymentprogram.cms.gov
cms.hhs.gov
eui.cms.gov
dnav.cms.gov
cerrs-tb.cms.gov
maps.cms.gov
cerrsngtraining.cerrs.cms.gov
hiosgateway.cms.gov
cerrs-cc.cms.gov
cms.gov
events.launchdarkly.cms.gov
app.launchdarkly.cms.gov
www.innovation.cms.gov
edit.cms.gov
download.cms.gov
questions.cms.gov
cerrsngprod.cerrs.cms.gov
ai.cms.gov
rbis.cms.gov
innovation.cms.gov
cerrs-edt.cms.gov
cerrs-ee.cms.gov
data.cms.gov
mo-idp.cms.gov
www.qpp.cms.gov
forms.cms.gov
www.cms.hhs.gov
auth.cerrs.cms.gov
design.cms.gov
forms-admin.cms.gov
cerrs-sts.cms.gov
cerrs.cms.gov
partnershipforpatients.cms.gov
cerrs-sp.cms.gov
innovations.cms.gov
hios.cms.gov
qpp.cms.gov
cerrsdws.cerrs.cms.gov
stream.launchdarkly.cms.gov
qualitypaymentprogram.cms.gov
cerrs-mcr.cms.gov
productordering.cms.hhs.gov
www.innovations.cms.gov
hics.cms.gov
www.qualitypaymentprogram.cms.gov
cms.hhs.gov
eui.cms.gov
dnav.cms.gov
cerrs-tb.cms.gov
maps.cms.gov
cerrsngtraining.cerrs.cms.gov
hiosgateway.cms.gov
cerrs-cc.cms.gov
Other certificates including the domain name cms.gov
(limited to 100 certificates)
qpparimpl.cms.gov
meetings.cms.gov
qppcm-imp.cms.gov
eft1.feps.cms.gov
impl.qnetdashboard.cms.gov
sandbox.idp.idm.cms.gov
*.portalval.cms.gov
uat.cpms.cms.gov
clair-dev.west.cms.gov
mearis-impl.cms.gov
www.cms.gov
go.cms.gov
dev.pds.mps.cms.gov
cmsintranet.share-test.cms.gov
hpportal.cms.gov
impl.eft.feps.cms.gov
vpnextp1.cms.gov
owa.hhs.gov
soap.hets-270-271.cms.gov
cbt-imp.cms.gov
impl.eft.cloud.cms.gov
hiosvalgateway.cms.gov
its-status.colby.edu
www.cms.gov
www.qhpcertification.cms.gov
pm-prodp.insuranceoversight.cms.gov
eua.cms.gov
imp1bi.mlms.cms.gov
www.eacms.cms.gov
www.healthcare.gov
na21-1.cdn.salesforce-communities.com
testrailentdev.cms.gov
med.cms.hhs.gov
test2.cms.gov
sso.cms.gov
iqies.cms.gov
sg.test.vdc.midas.cms.gov
eidmi.cms.gov
imp.qlik.midas.cms.gov
imp.wcmsmedicaid.cms.gov
test.filecloud.cms.gov
HPMSDASHBOARD.CMS.GOV
search.usa.gov
masaws-l3-ws.cms.gov
hdt.cms.gov
med.cms.gov
maintenance.rapidcourt.com
www.mccm.cms.gov
hapg-dev-api.cms.gov
ns.cms.gov
mf.cms.gov
eidmhpd1.cms.gov
hics.cms.gov
cloud-marketplace.status.broadcom.com
ar.ocean.cms.gov
qppcm-imp.cms.gov
www2.cms.gov
test3-hcms-apigateway.cms.gov
val.cpi-iview.cms.gov
lifeline-auth-val.cms.gov
maistro.cms.gov
www.mccm.cms.gov
acoms-impl.cms.gov
macprodev1.cms.gov
qa.cms.gov
impl3.admin.gagateway.qnetmft.cms.gov
dns.sterda.com
dev.api-gateway.cms.gov
hglvdidr.cms.gov
prod-api.pdc.backends.cms.gov
4innovation-dev.west.cms.gov
akamaisecure7.qualtrics.com
www.healthcare.gov
test.qnetapi.cms.gov
rdradvcdat.cms.gov
meetings.cms.gov
mheiges-argocd.iqies.cms.gov
app-impl.mpsm.cms.gov
confluence.prodnr.cms.gov
dev.testrail.cms.gov
reg.hcia.cms.gov
4innovation-impl.west.cms.gov
macprotest0.cms.gov
circle-sbx.west.cms.gov
edcdpres.dc11.cms.gov
hats2.cms.gov
www.cert.cms.gov
macprodev1.cms.gov
hiosvalgateway.cms.gov
akamaisecure7.qualtrics.com
beta.pecos.cms.gov
test.cms.gov
dev.vdc.midas.cms.gov
cmit.cms.gov
drfpval.cms.gov
impl.reg.idm.cms.gov
amimpedc3.cms.gov
appcontrol.status.symantec.com
www.bpci.cms.gov
imp.octopus.cms.gov
meetings.cms.gov
qppcm-imp.cms.gov
eft1.feps.cms.gov
impl.qnetdashboard.cms.gov
sandbox.idp.idm.cms.gov
*.portalval.cms.gov
uat.cpms.cms.gov
clair-dev.west.cms.gov
mearis-impl.cms.gov
www.cms.gov
go.cms.gov
dev.pds.mps.cms.gov
cmsintranet.share-test.cms.gov
hpportal.cms.gov
impl.eft.feps.cms.gov
vpnextp1.cms.gov
owa.hhs.gov
soap.hets-270-271.cms.gov
cbt-imp.cms.gov
impl.eft.cloud.cms.gov
hiosvalgateway.cms.gov
its-status.colby.edu
www.cms.gov
www.qhpcertification.cms.gov
pm-prodp.insuranceoversight.cms.gov
eua.cms.gov
imp1bi.mlms.cms.gov
www.eacms.cms.gov
www.healthcare.gov
na21-1.cdn.salesforce-communities.com
testrailentdev.cms.gov
med.cms.hhs.gov
test2.cms.gov
sso.cms.gov
iqies.cms.gov
sg.test.vdc.midas.cms.gov
eidmi.cms.gov
imp.qlik.midas.cms.gov
imp.wcmsmedicaid.cms.gov
test.filecloud.cms.gov
HPMSDASHBOARD.CMS.GOV
search.usa.gov
masaws-l3-ws.cms.gov
hdt.cms.gov
med.cms.gov
maintenance.rapidcourt.com
www.mccm.cms.gov
hapg-dev-api.cms.gov
ns.cms.gov
mf.cms.gov
eidmhpd1.cms.gov
hics.cms.gov
cloud-marketplace.status.broadcom.com
ar.ocean.cms.gov
qppcm-imp.cms.gov
www2.cms.gov
test3-hcms-apigateway.cms.gov
val.cpi-iview.cms.gov
lifeline-auth-val.cms.gov
maistro.cms.gov
www.mccm.cms.gov
acoms-impl.cms.gov
macprodev1.cms.gov
qa.cms.gov
impl3.admin.gagateway.qnetmft.cms.gov
dns.sterda.com
dev.api-gateway.cms.gov
hglvdidr.cms.gov
prod-api.pdc.backends.cms.gov
4innovation-dev.west.cms.gov
akamaisecure7.qualtrics.com
www.healthcare.gov
test.qnetapi.cms.gov
rdradvcdat.cms.gov
meetings.cms.gov
mheiges-argocd.iqies.cms.gov
app-impl.mpsm.cms.gov
confluence.prodnr.cms.gov
dev.testrail.cms.gov
reg.hcia.cms.gov
4innovation-impl.west.cms.gov
macprotest0.cms.gov
circle-sbx.west.cms.gov
edcdpres.dc11.cms.gov
hats2.cms.gov
www.cert.cms.gov
macprodev1.cms.gov
hiosvalgateway.cms.gov
akamaisecure7.qualtrics.com
beta.pecos.cms.gov
test.cms.gov
dev.vdc.midas.cms.gov
cmit.cms.gov
drfpval.cms.gov
impl.reg.idm.cms.gov
amimpedc3.cms.gov
appcontrol.status.symantec.com
www.bpci.cms.gov
imp.octopus.cms.gov
Certificate
The complete raw certificate details for www.cms.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJgDCCCGigAwIBAgIQDZRqm1yKRd0Q7NLpfaFX3jANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe Fw0yMDAyMTkwMDAwMDBaFw0yMDA1MDIxMjAwMDBaMIGLMQswCQYDVQQGEwJVUzER MA8GA1UECBMITWFyeWxhbmQxEjAQBgNVBAcTCUJhbHRpbW9yZTExMC8GA1UECgwo Q2VudGVycyBmb3IgTWVkaWNhcmUgJiBNZWRpY2FpZCBTZXJ2aWNlczEMMAoGA1UE CxMDT0lTMRQwEgYDVQQDEwt3d3cuY21zLmdvdjCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAOLZTmBxuS6DS0i4uPFJ8E8su2nU/MZM8o3J3iPU+nKVao/z 7fM9I1SPRtV1xtMKGfanaBlSxX4RApzhDGzFujytYs0XaNUcrDubIvFty40L10c5 B59LQ9mEKMHRFyIVS0rCLrZkiW4oGyJOm7xUvM5S+mvssmqz2B6BFAKvBcAK4esi X6Dlww6xf2BDmQjJoAhQCUGUwkLXdTtJ/tkpyNxb9qfQ5C8b3F1DQvDcy5xcPiVW c3NrfF64LoOaCxSWoGwgRpHHWPVdeiIVPlNaAN8GRbVgpJCmhwlcG/vL322JTooC jC/yQC31kNdkWUSCzvUdpUpg0XXJzpS9GUkAdXkCAwEAAaOCBgowggYGMB8GA1Ud IwQYMBaAFJBY/7CcdahRVHex7fKjQxY4nmzFMB0GA1UdDgQWBBQSN5cps/h/Nh/A jV0YRgHIM0pbzDCCA3sGA1UdEQSCA3IwggNuggt3d3cuY21zLmdvdoIHY21zLmdv doIbZXZlbnRzLmxhdW5jaGRhcmtseS5jbXMuZ292ghhhcHAubGF1bmNoZGFya2x5 LmNtcy5nb3aCFnd3dy5pbm5vdmF0aW9uLmNtcy5nb3aCDGVkaXQuY21zLmdvdoIQ ZG93bmxvYWQuY21zLmdvdoIRcXVlc3Rpb25zLmNtcy5nb3aCGWNlcnJzbmdwcm9k LmNlcnJzLmNtcy5nb3aCCmFpLmNtcy5nb3aCDHJiaXMuY21zLmdvdoISaW5ub3Zh dGlvbi5jbXMuZ292ghFjZXJycy1lZHQuY21zLmdvdoIQY2VycnMtZWUuY21zLmdv doIMZGF0YS5jbXMuZ292gg5tby1pZHAuY21zLmdvdoIPd3d3LnFwcC5jbXMuZ292 gg1mb3Jtcy5jbXMuZ292gg93d3cuY21zLmhocy5nb3aCEmF1dGguY2VycnMuY21z LmdvdoIOZGVzaWduLmNtcy5nb3aCE2Zvcm1zLWFkbWluLmNtcy5nb3aCEWNlcnJz LXN0cy5jbXMuZ292gg1jZXJycy5jbXMuZ292gh5wYXJ0bmVyc2hpcGZvcnBhdGll bnRzLmNtcy5nb3aCEGNlcnJzLXNwLmNtcy5nb3aCE2lubm92YXRpb25zLmNtcy5n b3aCDGhpb3MuY21zLmdvdoILcXBwLmNtcy5nb3aCFmNlcnJzZHdzLmNlcnJzLmNt cy5nb3aCG3N0cmVhbS5sYXVuY2hkYXJrbHkuY21zLmdvdoIdcXVhbGl0eXBheW1l bnRwcm9ncmFtLmNtcy5nb3aCEWNlcnJzLW1jci5jbXMuZ292ghtwcm9kdWN0b3Jk ZXJpbmcuY21zLmhocy5nb3aCF3d3dy5pbm5vdmF0aW9ucy5jbXMuZ292ggxoaWNz LmNtcy5nb3aCIXd3dy5xdWFsaXR5cGF5bWVudHByb2dyYW0uY21zLmdvdoILY21z Lmhocy5nb3aCC2V1aS5jbXMuZ292ggxkbmF2LmNtcy5nb3aCEGNlcnJzLXRiLmNt cy5nb3aCDG1hcHMuY21zLmdvdoIdY2VycnNuZ3RyYWluaW5nLmNlcnJzLmNtcy5n b3aCE2hpb3NnYXRld2F5LmNtcy5nb3aCEGNlcnJzLWNjLmNtcy5nb3YwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8E NzA1MDOgMaAvhi1odHRwOi8vY2RwLmdlb3RydXN0LmNvbS9HZW9UcnVzdFJTQUNB MjAxOC5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYc aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwdQYIKwYBBQUH AQEEaTBnMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3RydXN0LmNvbTA9 BggrBgEFBQcwAoYxaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29tL0dlb1RydXN0 UlNBQ0EyMDE4LmNydDAJBgNVHRMEAjAAMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw AHcAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFwXww/MwAABAMA SDBGAiEAxnSxOmdD+DYC81pGhfNKBWxhXQB+1Skw123WuMbwKcECIQCnAU2XBR9P Ein7DEM6NS0mXtYWX40oAl8Ig66jQQzVlwB1APCVpFnyANGCQBAtL5OIjq1L/h1H 45nh0DSmsKiqjrJzAAABcF8MP5YAAAQDAEYwRAIgcMfyLCAI+xgCHBgSWFVCqZPD oNwseRUVlD74L+5zGwACIDjAmgCtkA7cSKQ5eirnKDjcZTqK0vQ2uxh2xeVMLDdC MA0GCSqGSIb3DQEBCwUAA4IBAQBl80OhQ1cOYRNJhha9hPN827VgI+h7/vwb8tnA CrV4jb/2T1ttyOLgYLK6jDoDck90Z4Wn66Z73YhfTfhJ1ZYa1kkUKZKRTR6uV3id SekPavXDZphTsSvc/JkcogD1SRRHLm9vVgMxPDi5ikCbgLwycIOS9I1wT2Ljxags jps7Ott8/VVCLegfIQG3b+QOrQNPBo26zJU0jeCpZ3TLIrCPEl3x8VY7kSKgxrBF Ie9vihE/3o5v930GPnCo2OAwaTLk0aL0P7gQwqO4U225VuJlFl4gYRyWuT8EF5G8 vEc+mNbbLs58p9QSKQkOLQOqcL6S8xaiW8hA0DHm7XjUXV6u -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tlOYHG5LoNLSLi48Unw Tyy7adT8xkzyjcneI9T6cpVqj/Pt8z0jVI9G1XXG0woZ9qdoGVLFfhECnOEMbMW6 PK1izRdo1RysO5si8W3LjQvXRzkHn0tD2YQowdEXIhVLSsIutmSJbigbIk6bvFS8 zlL6a+yyarPYHoEUAq8FwArh6yJfoOXDDrF/YEOZCMmgCFAJQZTCQtd1O0n+2SnI 3Fv2p9DkLxvcXUNC8NzLnFw+JVZzc2t8Xrgug5oLFJagbCBGkcdY9V16IhU+U1oA 3wZFtWCkkKaHCVwb+8vfbYlOigKML/JALfWQ12RZRILO9R2lSmDRdcnOlL0ZSQB1 eQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18050586124690020212717175591825135582 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-02 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baltimore' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Centers for Medicare & Medicaid Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'OIS' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cms.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28637014583213115773582818348944118713825597565005349694742191407162382003505528872280866623723280266142706626381078809348932529997919599589020860481240901258515592900432609089653870843077156281567722159131563589938977301025837728491840745808249227098779258470803160719567570941122175794832969285761972056290859640215350946724833206006380756426675469546329271694757601388329913035445414617236354524492891499212209238002330246692387081004833965920385484937040904499013134854872685869108123373177739591093673777769468345175132388876456046610815992467771364666084963951803083044758207122994526953538783191797455046866297 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 12379729b3f87f361fc08d5d184601c8334a5bcc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (882 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'events.launchdarkly.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.launchdarkly.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.innovation.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edit.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'download.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'questions.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrsngprod.cerrs.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ai.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rbis.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'innovation.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrs-edt.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrs-ee.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mo-idp.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.qpp.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'forms.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cms.hhs.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'auth.cerrs.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'design.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'forms-admin.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrs-sts.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrs.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partnershipforpatients.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrs-sp.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'innovations.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hios.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qpp.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrsdws.cerrs.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stream.launchdarkly.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qualitypaymentprogram.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrs-mcr.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'productordering.cms.hhs.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.innovations.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hics.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.qualitypaymentprogram.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.hhs.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eui.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dnav.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrs-tb.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maps.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrsngtraining.cerrs.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hiosgateway.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cerrs-cc.cms.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001705f0c3f330000040300483046022100c674b13a6743f83602f35a4685f34a056c615d007ed52930d76dd6b8c6f029c1022100a7014d97051f4f1229fb0c433a352d265ed6165f8d28025f0883aea3410cd597007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb273000001705f0c3f960000040300463044022070c7f22c2008fb18021c1812585542a993c3a0dc2c791515943ef82fee731b00022038c09a00ad900edc48a4397a2ae72838dc653a8ad2f436bb1876c5e54c2c3742 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0065f343a143570e6113498616bd84f37cdbb56023e87bfefc1bf2d9c00ab5788dbff64f5b6dc8e2e060b2ba8c3a03724f746785a7eba67bdd885f4df849d5961ad649142992914d1eae57789d49e90f6af5c3669853b12bdcfc991ca200f54914472e6f6f5603313c38b98a409b80bc32708392f48d704f62e3c5a82c8e9b3b3adb7cfd55422de81f2101b76fe40ead034f068dbacc95348de0a96774cb22b08f125df1f1563b9122a0c6b04521ef6f8a113fde8e6ff77d063e70a8d8e0306932e4d1a2f43fb810c2a3b8536db956e265165e20611c96b93f041791bcbc473e98d6db2ece7ca7d41229090e2d03aa70be92f316a25bc840d031e6ed78d45d5eae