VABENEFITS.VBA.VA.GOV
Issued by Veterans Affairs Device CA B2
About this certificate
This digital certificate with serial number 03:f1:83 was issued on byVeterans Affairs Device CA B2.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The Subject Alternate Name extension MUST contain only 'dnsName' and 'ipaddress' name types. (BRs: 7.1.4.2.1)
- The common name field in subscriber certificates must include only names from the SAN extension (BRs: 7.1.4.2.2)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=VABENEFITS.VBA.VA.GOV,OU=devices,0.9.2342.19200300.100.1.25=#13027661,0.9.2342.19200300.100.1.25=#1303676f76
Veterans Affairs Device CA B2
Organization unit: Services
Organization unit: PKI
Organization unit: PKI
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f1:83Serial Number (int): 258435
Serial Number lenght: 18 bits, 3 octets
SubjectKeyId: 5a:6a:f2:a8:ef:6c:be:3f:36:33:64:f5:4e:66:c5:3e:8d:31:ed:ac
AuthorityKeyId: 81:94:35:9e:2a:a8:77:60:23:66:ec:2a:9d:6e:cf:b6:75:19:50:5d
Fingerprint (sha1): 15:c7:34:e0:32:25:e9:e4:0f:68:2b:97:7f:f3:24:fb:59:92:b5:31
Fingerprint (sha256): 02:3c:01:93:8d:ff:16:32:f1:3b:c9:40:61:2f:e9:46:59:b7:c8:cd:b3:4d:d8:4a:7f:3d:ed:5e:b1:20:30:4a
Issuing Certificate URL: http://aia1.ssp-strong-id.net/CA/VAdeviceCA.p7c
Issuing Certificate URL: ldap://dir1.ssp-strong-id.net/cn=Veterans%20Affairs%20Device%20CA%20B2,ou=PKI,ou=Services,dc=va,dc=gov?cACertificate
Revocation information
OCSP Server: http://ocsp.pki.va.gov/OCSP Server: http://ocsp1.ssp-strong-id.net/VA-SSP-CA-B2
CRL Distribution Point: http://crl.pki.va.gov/PKI/CRL/vadevice.crl
CRL Distribution Point: ldap://ldap.pki.va.gov/cn%3dSSPB2AE,cn%3dCDP,cn%3dPKI,cn%3dServices,dc%3dva,dc%3dgov?certificateRevocationList
CRL Distribution Point: http://cdp1.ssp-strong-id.net/CDP/vadevice.crl
CRL Distribution Point: ldap://dir1.ssp-strong-id.net/cn%3dVeterans%20Affairs%20Device%20CA%20B2,ou%3dPKI,ou%3dServices,dc%3dva,dc%3dgov?certificateRevocationList
Check the revocation status for certificate VABENEFITS.VBA.VA.GOV
0
DNS Names
1
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for VABENEFITS.VBA.VA.GOV
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
[email protected];[email protected]
Other certificates including the domain name VA.GOV
(limited to 100 certificates)
Certificate
The complete raw certificate details for VABENEFITS.VBA.VA.GOV in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGyjCCBbKgAwIBAgIDA/GDMA0GCSqGSIb3DQEBCwUAMHIxEzARBgoJkiaJk/Is ZAEZFgNnb3YxEjAQBgoJkiaJk/IsZAEZFgJ2YTERMA8GA1UECxMIU2VydmljZXMx DDAKBgNVBAsTA1BLSTEmMCQGA1UEAxMdVmV0ZXJhbnMgQWZmYWlycyBEZXZpY2Ug Q0EgQjIwHhcNMTQwNDAzMTkzMDE3WhcNMTcwNDAzMTkzMDE3WjBbMRMwEQYKCZIm iZPyLGQBGRYDZ292MRIwEAYKCZImiZPyLGQBGRYCdmExEDAOBgNVBAsTB2Rldmlj ZXMxHjAcBgNVBAMTFVZBQkVORUZJVFMuVkJBLlZBLkdPVjCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALvZ+ueyVc+D7EPLoGQqEyW/bqWDmkX1wO507aNW qtVgtAtFqHJUU24ZpUspI1iiCSx/1Mc8OjWbkM6jQYr9KeCks219OCxF3PH/QRVc Ha3vO94IHG8OLNdK4TK/FVOMY4eynM3lOsj7p/Hdz2ffQD/G7+L/c/DysBp9IMSC ygw9uZ7wcLHk+SdlyiCbZZKI8AM0+dQjC1P+3Wp60Z1tDXbRV8q+fm9PiViWsdFn pnJPwKwIpfu2Z6HvfbVpOPr36ZHZfONr6eQJFtkOtlx8B1hPgg2QOnHkv/l7WLjm bOu/Gzm68N0iJgBMOxR8zShkFAmJLnYzePBVZc5UX/NbuvkCAwEAAaOCA34wggN6 MC0GA1UdEQQmMCSBIlJvYmVydC5QYXR0ZXJzb25AdmEuZ292O0lJVEB2YS5nb3Yw FwYDVR0gBBAwDjAMBgpghkgBZQMCAQMIMIIBMAYIKwYBBQUHAQEEggEiMIIBHjA7 BggrBgEFBQcwAoYvaHR0cDovL2FpYTEuc3NwLXN0cm9uZy1pZC5uZXQvQ0EvVkFk ZXZpY2VDQS5wN2MwgYAGCCsGAQUFBzAChnRsZGFwOi8vZGlyMS5zc3Atc3Ryb25n LWlkLm5ldC9jbj1WZXRlcmFucyUyMEFmZmFpcnMlMjBEZXZpY2UlMjBDQSUyMEIy LG91PVBLSSxvdT1TZXJ2aWNlcyxkYz12YSxkYz1nb3Y/Y0FDZXJ0aWZpY2F0ZTAj BggrBgEFBQcwAYYXaHR0cDovL29jc3AucGtpLnZhLmdvdi8wNwYIKwYBBQUHMAGG K2h0dHA6Ly9vY3NwMS5zc3Atc3Ryb25nLWlkLm5ldC9WQS1TU1AtQ0EtQjIwDgYD VR0PAQH/BAQDAgWgMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIYIZI AWUDBgcwHwYDVR0jBBgwFoAUgZQ1niqod2AjZuwqnW7PtnUZUF0wggGBBgNVHR8E ggF4MIIBdDAwoC6gLIYqaHR0cDovL2NybC5wa2kudmEuZ292L1BLSS9DUkwvdmFk ZXZpY2UuY3JsMHSgcqBwhm5sZGFwOi8vbGRhcC5wa2kudmEuZ292L2NuJTNkU1NQ QjJBRSxjbiUzZENEUCxjbiUzZFBLSSxjbiUzZFNlcnZpY2VzLGRjJTNkdmEsZGMl M2Rnb3Y/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDA0oDKgMIYuaHR0cDovL2Nk cDEuc3NwLXN0cm9uZy1pZC5uZXQvQ0RQL3ZhZGV2aWNlLmNybDCBk6CBkKCBjYaB imxkYXA6Ly9kaXIxLnNzcC1zdHJvbmctaWQubmV0L2NuJTNkVmV0ZXJhbnMlMjBB ZmZhaXJzJTIwRGV2aWNlJTIwQ0ElMjBCMixvdSUzZFBLSSxvdSUzZFNlcnZpY2Vz LGRjJTNkdmEsZGMlM2Rnb3Y/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDAdBgNV HQ4EFgQUWmryqO9svj82M2T1TmbFPo0x7awwDQYJKoZIhvcNAQELBQADggEBAADd DSwAM5Xy26UfRs3Pa2g5rGAUsp/wIXqQbIXpg+Y89xyO4W0CqingCncT4uBhZhZO VH6TTm1qelGB66mYMOpcM2z1JG46y6EkR/0FGo21Vk3WFTz4nd6vlIbrv75RpKyC sAvssYJOeabu94DMXKcH3bGxs3yFx09y//l2XgLBZaKbsXXEbVKPw3Ni5sGKmqaS KwKu9vH3uKEX6d6X4TGC8xthF58+qoC/MGINoOEt2GLPXww73OUWI6AJMe2lFQph pFgBHng4RL6dJSJFXAn+MPARMGUcCkHshaTJY06knp2zNcoqbnsxNxd3gDv0eNNO jTdaN9rHdpWk3BCqZyE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9n657JVz4PsQ8ugZCoT Jb9upYOaRfXA7nTto1aq1WC0C0WoclRTbhmlSykjWKIJLH/Uxzw6NZuQzqNBiv0p 4KSzbX04LEXc8f9BFVwdre873ggcbw4s10rhMr8VU4xjh7KczeU6yPun8d3PZ99A P8bv4v9z8PKwGn0gxILKDD25nvBwseT5J2XKIJtlkojwAzT51CMLU/7danrRnW0N dtFXyr5+b0+JWJax0Wemck/ArAil+7Znoe99tWk4+vfpkdl842vp5AkW2Q62XHwH WE+CDZA6ceS/+XtYuOZs678bObrw3SImAEw7FHzNKGQUCYkudjN48FVlzlRf81u6 +QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 258435 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'va' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Veterans Affairs Device CA B2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-04-03 19:30:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-03 19:30:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'va' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'devices' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VABENEFITS.VBA.VA.GOV' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23714053021139207254194808974144184900156427305444712500000835281265394515109513190459260180013672855089932180879197695893245108410783983069093717005030568174412441183016950914086775021585420705835765175779177592060898876848155724075062851308407611093693758084526802471136252784333080059082781819097605457447008337088237482591171904314559835534510005895930372726095218957277617805717959651395961236378370906807697773292785166459397301567727023532704844889790396636733164862897611762510005203653341049798955404856526134057283654268055386926351625213008139568160000449373545911113153614653080359985765972451345215240953 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:1|false] IA5String '[email protected];[email protected]' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.2.1.3.8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (290 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia1.ssp-strong-id.net/CA/VAdeviceCA.p7c' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://dir1.ssp-strong-id.net/cn=Veterans%20Affairs%20Device%20CA%20B2,ou=PKI,ou=Services,dc=va,dc=gov?cACertificate' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.va.gov/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp1.ssp-strong-id.net/VA-SSP-CA-B2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.6.7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8194359e2aa877602366ec2a9d6ecfb67519505d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (376 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.pki.va.gov/PKI/CRL/vadevice.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://ldap.pki.va.gov/cn%3dSSPB2AE,cn%3dCDP,cn%3dPKI,cn%3dServices,dc%3dva,dc%3dgov?certificateRevocationList' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.ssp-strong-id.net/CDP/vadevice.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://dir1.ssp-strong-id.net/cn%3dVeterans%20Affairs%20Device%20CA%20B2,ou%3dPKI,ou%3dServices,dc%3dva,dc%3dgov?certificateRevocationList' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5a6af2a8ef6cbe3f363364f54e66c53e8d31edac . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0000dd0d2c003395f2dba51f46cdcf6b6839ac6014b29ff0217a906c85e983e63cf71c8ee16d02aa29e00a7713e2e06166164e547e934e6d6a7a5181eba99830ea5c336cf5246e3acba12447fd051a8db5564dd6153cf89ddeaf9486ebbfbe51a4ac82b00becb1824e79a6eef780cc5ca707ddb1b1b37c85c74f72fff9765e02c165a29bb175c46d528fc37362e6c18a9aa6922b02aef6f1f7b8a117e9de97e13182f31b61179f3eaa80bf30620da0e12dd862cf5f0c3bdce51623a00931eda5150a61a458011e783844be9d2522455c09fe30f01130651c0a41ec85a4c9634ea49e9db335ca2a6e7b31371777803bf478d34e8d375a37dac77695a4dc10aa6721