iqies.cms.gov
- US Department of Health and Human Services -
Issued by HydrantID Server CA O1
About this certificate
This digital certificate with serial number 40:01:85:a2:29:45:35:b2:31:78:ca:39:20:0c:82:be was issued on by IdenTrust.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
US Department of Health and Human Services
Organization:
US Department of Health and Human Services
State / Province:
District of Columbia
Locality: Washington
Country: US
Locality: Washington
Country: US
IdenTrust
Organization:
IdenTrust
Organization unit: HydrantID Trusted Certificate Service
Organization unit: HydrantID Trusted Certificate Service
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 40:01:85:a2:29:45:35:b2:31:78:ca:39:20:0c:82:beSerial Number (int): 85078494435305318533198673386842915518
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 5d:8b:26:af:dd:b4:0d:0f:e0:19:26:37:db:2d:59:05:13:6f:10:8d
AuthorityKeyId: 89:b8:9b:b6:9e:ed:fb:b0:c6:bd:0d:ec:67:4e:3c:a3:92:9d:2d:f9
Fingerprint (sha1): 98:89:26:f9:93:de:1f:d9:a4:d2:8c:15:4c:d7:62:2b:34:e2:66:8e
Fingerprint (sha256): 01:ed:90:6f:9d:56:28:d4:c9:25:90:29:12:9c:ff:a7:e5:5f:33:0c:9d:5d:a1:82:63:0a:75:ee:da:fa:ad:56
Issuing Certificate URL: http://validation.identrust.com/certs/hydrantidcaO1.p7c
Revocation information
OCSP Server: http://commercial.ocsp.identrust.comCRL Distribution Point: http://validation.identrust.com/crl/hydrantidcao1.crl
Check the revocation status for certificate iqies.cms.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for iqies.cms.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
iqies.cms.gov
Other certificates including the domain name cms.gov
(limited to 100 certificates)
qpparimpl.cms.gov
meetings.cms.gov
qppcm-imp.cms.gov
eft1.feps.cms.gov
impl.qnetdashboard.cms.gov
sandbox.idp.idm.cms.gov
*.portalval.cms.gov
uat.cpms.cms.gov
clair-dev.west.cms.gov
mdctmfp.cms.gov
mearis-impl.cms.gov
www.cms.gov
go.cms.gov
dev.pds.mps.cms.gov
cmsintranet.share-test.cms.gov
hpportal.cms.gov
impl.eft.feps.cms.gov
vpnextp1.cms.gov
owa.hhs.gov
soap.hets-270-271.cms.gov
cbt-imp.cms.gov
impl.eft.cloud.cms.gov
hiosvalgateway.cms.gov
its-status.colby.edu
www.cms.gov
www.qhpcertification.cms.gov
pm-prodp.insuranceoversight.cms.gov
eua.cms.gov
imp1bi.mlms.cms.gov
www.eacms.cms.gov
www.healthcare.gov
na21-1.cdn.salesforce-communities.com
testrailentdev.cms.gov
med.cms.hhs.gov
test2.cms.gov
sasweb.radvcdat.cms.gov
sso.cms.gov
iqies.cms.gov
sg.test.vdc.midas.cms.gov
eidmi.cms.gov
imp.qlik.midas.cms.gov
imp.wcmsmedicaid.cms.gov
test.filecloud.cms.gov
HPMSDASHBOARD.CMS.GOV
search.usa.gov
masaws-l3-ws.cms.gov
hdt.cms.gov
med.cms.gov
maintenance.rapidcourt.com
www.mccm.cms.gov
hapg-dev-api.cms.gov
ns.cms.gov
mf.cms.gov
eidmhpd1.cms.gov
hics.cms.gov
cloud-marketplace.status.broadcom.com
ar.ocean.cms.gov
qppcm-imp.cms.gov
www2.cms.gov
test3-hcms-apigateway.cms.gov
val.cpi-iview.cms.gov
lifeline-auth-val.cms.gov
maistro.cms.gov
www.mccm.cms.gov
acoms-impl.cms.gov
med.cms.gov
macprodev1.cms.gov
qa.cms.gov
impl3.admin.gagateway.qnetmft.cms.gov
dns.sterda.com
dev.api-gateway.cms.gov
hglvdidr.cms.gov
prod-api.pdc.backends.cms.gov
4innovation-dev.west.cms.gov
akamaisecure7.qualtrics.com
www.healthcare.gov
test.qnetapi.cms.gov
rdradvcdat.cms.gov
meetings.cms.gov
mheiges-argocd.iqies.cms.gov
app-impl.mpsm.cms.gov
confluence.prodnr.cms.gov
dev.testrail.cms.gov
reg.hcia.cms.gov
4innovation-impl.west.cms.gov
macprotest0.cms.gov
circle-sbx.west.cms.gov
edcdpres.dc11.cms.gov
hats2.cms.gov
www.cert.cms.gov
macprodev1.cms.gov
hiosvalgateway.cms.gov
akamaisecure7.qualtrics.com
impl.cqp.cms.gov
beta.pecos.cms.gov
test.cms.gov
dev.vdc.midas.cms.gov
cmit.cms.gov
drfpval.cms.gov
impl.reg.idm.cms.gov
meetings.cms.gov
qppcm-imp.cms.gov
eft1.feps.cms.gov
impl.qnetdashboard.cms.gov
sandbox.idp.idm.cms.gov
*.portalval.cms.gov
uat.cpms.cms.gov
clair-dev.west.cms.gov
mdctmfp.cms.gov
mearis-impl.cms.gov
www.cms.gov
go.cms.gov
dev.pds.mps.cms.gov
cmsintranet.share-test.cms.gov
hpportal.cms.gov
impl.eft.feps.cms.gov
vpnextp1.cms.gov
owa.hhs.gov
soap.hets-270-271.cms.gov
cbt-imp.cms.gov
impl.eft.cloud.cms.gov
hiosvalgateway.cms.gov
its-status.colby.edu
www.cms.gov
www.qhpcertification.cms.gov
pm-prodp.insuranceoversight.cms.gov
eua.cms.gov
imp1bi.mlms.cms.gov
www.eacms.cms.gov
www.healthcare.gov
na21-1.cdn.salesforce-communities.com
testrailentdev.cms.gov
med.cms.hhs.gov
test2.cms.gov
sasweb.radvcdat.cms.gov
sso.cms.gov
iqies.cms.gov
sg.test.vdc.midas.cms.gov
eidmi.cms.gov
imp.qlik.midas.cms.gov
imp.wcmsmedicaid.cms.gov
test.filecloud.cms.gov
HPMSDASHBOARD.CMS.GOV
search.usa.gov
masaws-l3-ws.cms.gov
hdt.cms.gov
med.cms.gov
maintenance.rapidcourt.com
www.mccm.cms.gov
hapg-dev-api.cms.gov
ns.cms.gov
mf.cms.gov
eidmhpd1.cms.gov
hics.cms.gov
cloud-marketplace.status.broadcom.com
ar.ocean.cms.gov
qppcm-imp.cms.gov
www2.cms.gov
test3-hcms-apigateway.cms.gov
val.cpi-iview.cms.gov
lifeline-auth-val.cms.gov
maistro.cms.gov
www.mccm.cms.gov
acoms-impl.cms.gov
med.cms.gov
macprodev1.cms.gov
qa.cms.gov
impl3.admin.gagateway.qnetmft.cms.gov
dns.sterda.com
dev.api-gateway.cms.gov
hglvdidr.cms.gov
prod-api.pdc.backends.cms.gov
4innovation-dev.west.cms.gov
akamaisecure7.qualtrics.com
www.healthcare.gov
test.qnetapi.cms.gov
rdradvcdat.cms.gov
meetings.cms.gov
mheiges-argocd.iqies.cms.gov
app-impl.mpsm.cms.gov
confluence.prodnr.cms.gov
dev.testrail.cms.gov
reg.hcia.cms.gov
4innovation-impl.west.cms.gov
macprotest0.cms.gov
circle-sbx.west.cms.gov
edcdpres.dc11.cms.gov
hats2.cms.gov
www.cert.cms.gov
macprodev1.cms.gov
hiosvalgateway.cms.gov
akamaisecure7.qualtrics.com
impl.cqp.cms.gov
beta.pecos.cms.gov
test.cms.gov
dev.vdc.midas.cms.gov
cmit.cms.gov
drfpval.cms.gov
impl.reg.idm.cms.gov
Certificate
The complete raw certificate details for iqies.cms.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHlDCCBnygAwIBAgIQQAGFoilFNbIxeMo5IAyCvjANBgkqhkiG9w0BAQsFADBy MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MS4wLAYDVQQLEyVIeWRy YW50SUQgVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlMR8wHQYDVQQDExZIeWRy YW50SUQgU2VydmVyIENBIE8xMB4XDTIzMDExMTE4NDgxMVoXDTI0MDIxMDE4NDcx MVowgY4xFjAUBgNVBAMTDWlxaWVzLmNtcy5nb3YxMzAxBgNVBAoTKlVTIERlcGFy dG1lbnQgb2YgSGVhbHRoIGFuZCBIdW1hbiBTZXJ2aWNlczETMBEGA1UEBxMKV2Fz aGluZ3RvbjEdMBsGA1UECBMURGlzdHJpY3Qgb2YgQ29sdW1iaWExCzAJBgNVBAYT AlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGTFJUEtj9pKNfdK Hvdxj5PRHzq3o1rcc7MfTyokZP8j0dkC/6VfZXrbfXN/zsBo9+NP5IeWPM9Z5nZf I/XZb7wDDj45aRLsVcP2fuUUIQaIMYl5+j6d8Gggt+6vRwcSB1P0ZtqjwhpsFd05 ytXI0l4K6M3Zx8xEXeulshbKJqn6g/oedpEPlJiTNNdG0uB+HqbgFWRuGvPwldoQ Tzl7UFBHL2BmGNuFPkH02JHfKQo2psR/LoOkiMihY1cNJj4+BSBBEPs0qcRyBFrX O9UwExeePIcW0rSL8MLG3nRUkMXWgPaWX78yUDN4QecIQyuDj4BrIjoS5eBkZlun 2KjRpQIDAQABo4IEBzCCBAMwDgYDVR0PAQH/BAQDAgWgMIGFBggrBgEFBQcBAQR5 MHcwMAYIKwYBBQUHMAGGJGh0dHA6Ly9jb21tZXJjaWFsLm9jc3AuaWRlbnRydXN0 LmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL3ZhbGlkYXRpb24uaWRlbnRydXN0LmNv bS9jZXJ0cy9oeWRyYW50aWRjYU8xLnA3YzAfBgNVHSMEGDAWgBSJuJu2nu37sMa9 DexnTjyjkp0t+TCCASYGA1UdIASCAR0wggEZMAwGCmCGSAGG+S8ABgMwggEHBgZn gQwBAgIwgfwwQAYIKwYBBQUHAgEWNGh0dHBzOi8vc2VjdXJlLmlkZW50cnVzdC5j b20vY2VydGlmaWNhdGVzL3BvbGljeS90cy8wgbcGCCsGAQUFBwICMIGqDIGnVGhp cyBUcnVzdElEIFNlcnZlciBDZXJ0aWZpY2F0ZSBoYXMgYmVlbiBpc3N1ZWQgaW4g YWNjb3JkYW5jZSB3aXRoIElkZW5UcnVzdCdzIFRydXN0SUQgQ2VydGlmaWNhdGUg UG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vc2VjdXJlLmlkZW50cnVzdC5jb20vY2Vy dGlmaWNhdGVzL3BvbGljeS90cy8wRgYDVR0fBD8wPTA7oDmgN4Y1aHR0cDovL3Zh bGlkYXRpb24uaWRlbnRydXN0LmNvbS9jcmwvaHlkcmFudGlkY2FvMS5jcmwwGAYD VR0RBBEwD4INaXFpZXMuY21zLmdvdjAdBgNVHQ4EFgQUXYsmr920DQ/gGSY32y1Z BRNvEI0wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIIBfAYKKwYBBAHW eQIEAgSCAWwEggFoAWYAdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6 dAAAAYWiKUizAAAEAwBGMEQCIGgihm65s0vVIOtTMDlXDjQH3cBb/RFir5HC9qM5 QmdPAiBnPiAWmNCPuaCl+AwUhtmlGxtgmFVC7FMwD7FRcLicFAB1AO7N0GTV2xrO xVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABhaIpRg8AAAQDAEYwRAIgcJ7qBN3r 49BYKcyH0uhOlv7a5gG0KqdhlkIJNXYm2dYCIBQx5XcDTh3ZAZUWT7TfUAcYrlqh krbF/dD9ynAL5rl+AHYAc9meiRtMlnigIH1HneayxhzQUV5xGSqMa4AQesF3crUA AAGFoilGwgAABAMARzBFAiARd7JRS2vZmNPHqDNU5+ecQQaRh0Cnsdo4A7bZZ22j bAIhAOASrOq4NGhHrcE+lKoDPsF5Mk1vWpgW/r41lgwbY20iMA0GCSqGSIb3DQEB CwUAA4IBAQAB9VbM45GOlNziVsgLhM0vWmtiaBxsm/XTcyPIggcMg79Y9L3N0Hri tXZEqxUqEUL1MRBawOhikKAroqK2i62dCkwvQXqDKn1wP0rxU163dlui9x0Smzv5 ZCr+TXbFL/0z8rgPfohmVLshYRYLDOn9614RhVmEN0peEc907CD1a/vVO9jtiZvF HSQFOwE8QE175R1NIrA+qjHpPTtBpoEoOEhHcSmfAAdlE+HAy2SJIjoWIrOAQqB3 DBSRlow0eC2PdTg4fCS7QyjfRVC1zfgAldKbpJiZxXkX5toUK5O5yWw7iSQ+62FJ opGuNDi8qh6BmW+isa9aBvX30wTaTh8e -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGTFJUEtj9pKNfdKHvdx j5PRHzq3o1rcc7MfTyokZP8j0dkC/6VfZXrbfXN/zsBo9+NP5IeWPM9Z5nZfI/XZ b7wDDj45aRLsVcP2fuUUIQaIMYl5+j6d8Gggt+6vRwcSB1P0ZtqjwhpsFd05ytXI 0l4K6M3Zx8xEXeulshbKJqn6g/oedpEPlJiTNNdG0uB+HqbgFWRuGvPwldoQTzl7 UFBHL2BmGNuFPkH02JHfKQo2psR/LoOkiMihY1cNJj4+BSBBEPs0qcRyBFrXO9Uw ExeePIcW0rSL8MLG3nRUkMXWgPaWX78yUDN4QecIQyuDj4BrIjoS5eBkZlun2KjR pQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 85078494435305318533198673386842915518 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IdenTrust' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HydrantID Trusted Certificate Service' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HydrantID Server CA O1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-11 18:48:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-10 18:47:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'iqies.cms.gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US Department of Health and Human Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22267633262224225431286852906100025244274719769204223884332466899403944682972336640787728553090096631251668187208998652411485397515031611899456780436620988127091928353661307309587694472206532948719669655018639352673179399227690231442033835613131383524640858797484905266379140807917273962771478341817856898197909407109679395472694587069240792029222392777593177026496494289768529773287451243256589864016077884056264314380982810034345312048651344125142462028975185122523576670437866386995872466559468359521132630258108997756835227719087239332493590522426069645271686064378830974058613290764732167448787992866903716057509 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://commercial.ocsp.identrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://validation.identrust.com/certs/hydrantidcaO1.p7c' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 89b89bb69eedfbb0c6bd0dec674e3ca3929d2df9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (285 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113839.0.6.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.identrust.com/certificates/policy/ts/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This TrustID Server Certificate has been issued in accordance with IdenTrust's TrustID Certificate Policy found at https://secure.identrust.com/certificates/policy/ts/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://validation.identrust.com/crl/hydrantidcao1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iqies.cms.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5d8b26afddb40d0fe0192637db2d5905136f108d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 016600750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a7400000185a22948b3000004030046304402206822866eb9b34bd520eb533039570e3407ddc05bfd1162af91c2f6a33942674f0220673e201698d08fb9a0a5f80c1486d9a51b1b60985542ec53300fb15170b89c14007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000185a229460f00000403004630440220709eea04ddebe3d05829cc87d2e84e96fedae601b42aa761964209357626d9d602201431e577034e1dd90195164fb4df500718ae5aa192b6c5fdd0fdca700be6b97e00760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000185a22946c2000004030047304502201177b2514b6bd998d3c7a83354e7e79c4106918740a7b1da3803b6d9676da36c022100e012aceab8346847adc13e94aa033ec179324d6f5a9816febe35960c1b636d22 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0001f556cce3918e94dce256c80b84cd2f5a6b62681c6c9bf5d37323c882070c83bf58f4bdcdd07ae2b57644ab152a1142f531105ac0e86290a02ba2a2b68bad9d0a4c2f417a832a7d703f4af1535eb7765ba2f71d129b3bf9642afe4d76c52ffd33f2b80f7e886654bb2161160b0ce9fdeb5e11855984374a5e11cf74ec20f56bfbd53bd8ed899bc51d24053b013c404d7be51d4d22b03eaa31e93d3b41a6812838484771299f00076513e1c0cb6489223a1622b38042a0770c1491968c34782d8f7538387c24bb4328df4550b5cdf80095d29ba49899c57917e6da142b93b9c96c3b89243eeb6149a291ae3438bcaa1e81996fa2b1af5a06f5f7d304da4e1f1e