ra.vpn.va.gov
Issued by Veterans Affairs Device CA B2
About this certificate
This digital certificate with serial number 05:4a:c1 was issued on byVeterans Affairs Device CA B2.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DNSNames must have a valid TLD. (BRs: 3.2.2.4)
- The Subject Alternate Name extension MUST contain only 'dnsName' and 'ipaddress' name types. (BRs: 7.1.4.2.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=ra.vpn.va.gov,OU=devices,0.9.2342.19200300.100.1.25=#13027661,0.9.2342.19200300.100.1.25=#1303676f76
Veterans Affairs Device CA B2
Organization unit: Services
Organization unit: PKI
Organization unit: PKI
This certificate has expire since
Certificate Details
Serial Number (hex): 05:4a:c1Serial Number (int): 346817
Serial Number lenght: 19 bits, 3 octets
SubjectKeyId: 98:d4:8d:6f:b2:32:b7:6c:65:74:f7:6e:d1:2a:6b:7f:28:ca:c0:24
AuthorityKeyId: 81:94:35:9e:2a:a8:77:60:23:66:ec:2a:9d:6e:cf:b6:75:19:50:5d
Fingerprint (sha1): 28:a9:5a:f1:7b:96:99:e2:e2:ed:97:a9:41:8a:f3:b5:c4:09:01:c3
Fingerprint (sha256): 02:45:10:a4:36:6d:88:4d:a2:05:0f:fc:d8:8e:08:bb:6c:57:e1:78:ce:52:ea:d6:f8:37:65:b9:69:41:28:b8
Issuing Certificate URL: http://aia1.ssp-strong-id.net/CA/VAdeviceCA.p7c
Issuing Certificate URL: ldap://dir1.ssp-strong-id.net/cn=Veterans%20Affairs%20Device%20CA%20B2,ou=PKI,ou=Services,dc=va,dc=gov?cACertificate
Revocation information
OCSP Server: http://ocsp.pki.va.gov/OCSP Server: http://ocsp1.ssp-strong-id.net/VA-SSP-CA-B2
CRL Distribution Point: http://crl.pki.va.gov/PKI/CRL/vadevice.crl
CRL Distribution Point: ldap://ldap.pki.va.gov/cn%3dSSPB2AE,cn%3dCDP,cn%3dPKI,cn%3dServices,dc%3dva,dc%3dgov?certificateRevocationList
CRL Distribution Point: http://cdp1.ssp-strong-id.net/CDP/vadevice.crl
CRL Distribution Point: ldap://dir1.ssp-strong-id.net/cn%3dVeterans%20Affairs%20Device%20CA%20B2,ou%3dPKI,ou%3dServices,dc%3dva,dc%3dgov?certificateRevocationList
Check the revocation status for certificate ra.vpn.va.gov
4
DNS Names
1
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ra.vpn.va.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
Other certificates including the domain name va.gov
(limited to 100 certificates)
www.tee.va.gov
www.explore.va.gov
gfe.vpn.va.gov
www.cc.1vision.va.gov
m.pint.ebenefits.va.gov
www.visn2.va.gov
SERVICES.TEST.MDM.VA.GOV
vaww.media.eo.va.gov
*.shopvcs.va.gov
care.va.gov
prod.saas.box.va.gov
pint.vdc.va.gov
ccracommunity.va.gov
www.va.gov
www.cep.fsc.va.gov
www.patientadvocate.va.gov
rqm01.aide.oit.va.gov
nonprod.paas.mulesoft.va.gov
gibill.va.gov
m.va.gov
portal.nprod.vetbiz.va.gov
register.eauth.va.gov
www.ideas.research.va.gov
VABENEFITS.VBA.VA.GOV
ra.vpn.va.gov
yourit.va.gov
homeloans.va.gov
hybrid.va.gov
adfs.edeazclabs.va.gov
pint.sep.va.gov
HRIS.VA.GOV
www.vis.fsc.va.gov
preprod.fed.eauth.va.gov
rrc01.test.aide.oit.va.gov
*.vetride.va.gov
www.netresponse.medtronic.va.gov
m.va.gov
yourit-dev.va.gov
das.va.gov
mass.columbus.va.gov
www.energy.va.gov
www.itwd.oit.va.gov
prod.dip.va.gov
www.index.va.gov
www.pre.csp.va.gov
care.va.gov
vacagtest.vpn.va.gov
vagfe.vpn.va.gov
vdc.va.gov
www.listserv.va.gov
www.communityviewer.va.gov
care.va.gov
vaww.media.eo.va.gov
vaishwcs008.mdm.va.gov
tools.health.dev-developer.va.gov
casemgmt.int2.mbms.va.gov
www.rehab.research.va.gov
citrixaccesstest.va.gov
WWW.VOA.VA.GOV
www.va.gov
www.ihscepp.fsc.va.gov
staff.eva.va.gov
dev-developer.va.gov
www.escm-hcdev.va.gov
www.hcawsdev.va.gov
veteran.mobilehealth.va.gov
prod.saas.qualtrics.va.gov
citrixaccesseast.va.gov
adfs.edeazclabs.va.gov
www.netresponse.airwatch.medtronic.va.gov
casemgmt.perf.mbms.va.gov
mgmt.dev.care2.va.gov
filenet.pdt.vbms.aide.oit.va.gov
jira.devops.va.gov
benefits.vba.va.gov
www.ebenefits.va.gov
www.healthshareprod8.va.gov
RAPORTAL.VPN.VA.GOV
vip.vba.va.gov
cdceportal.va.gov
mrtfwfl01.vas.med.va.gov
www.valu.va.gov
prisma.vpn.va.gov
care.va.gov
care.va.gov
portal.lom.med.va.gov
www.mdssvh.aac.va.gov
services.test.mdm.va.gov
VP.evn.va.gov
www.tms.va.gov
veteranshealthlibrary.va.gov
idm.edeazclabs.va.gov
www.vendorportal.ecms.va.gov
www.vip-preprod.vetbiz.va.gov
services.eauth.va.gov
filenet.uat.vbms.aide.oit.va.gov
dev-api2.va.gov
vhacrrappdevhs5.vaco.va.gov
dev-api.va.gov
vetbiz.va.gov
www.explore.va.gov
gfe.vpn.va.gov
www.cc.1vision.va.gov
m.pint.ebenefits.va.gov
www.visn2.va.gov
SERVICES.TEST.MDM.VA.GOV
vaww.media.eo.va.gov
*.shopvcs.va.gov
care.va.gov
prod.saas.box.va.gov
pint.vdc.va.gov
ccracommunity.va.gov
www.va.gov
www.cep.fsc.va.gov
www.patientadvocate.va.gov
rqm01.aide.oit.va.gov
nonprod.paas.mulesoft.va.gov
gibill.va.gov
m.va.gov
portal.nprod.vetbiz.va.gov
register.eauth.va.gov
www.ideas.research.va.gov
VABENEFITS.VBA.VA.GOV
ra.vpn.va.gov
yourit.va.gov
homeloans.va.gov
hybrid.va.gov
adfs.edeazclabs.va.gov
pint.sep.va.gov
HRIS.VA.GOV
www.vis.fsc.va.gov
preprod.fed.eauth.va.gov
rrc01.test.aide.oit.va.gov
*.vetride.va.gov
www.netresponse.medtronic.va.gov
m.va.gov
yourit-dev.va.gov
das.va.gov
mass.columbus.va.gov
www.energy.va.gov
www.itwd.oit.va.gov
prod.dip.va.gov
www.index.va.gov
www.pre.csp.va.gov
care.va.gov
vacagtest.vpn.va.gov
vagfe.vpn.va.gov
vdc.va.gov
www.listserv.va.gov
www.communityviewer.va.gov
care.va.gov
vaww.media.eo.va.gov
vaishwcs008.mdm.va.gov
tools.health.dev-developer.va.gov
casemgmt.int2.mbms.va.gov
www.rehab.research.va.gov
citrixaccesstest.va.gov
WWW.VOA.VA.GOV
www.va.gov
www.ihscepp.fsc.va.gov
staff.eva.va.gov
dev-developer.va.gov
www.escm-hcdev.va.gov
www.hcawsdev.va.gov
veteran.mobilehealth.va.gov
prod.saas.qualtrics.va.gov
citrixaccesseast.va.gov
adfs.edeazclabs.va.gov
www.netresponse.airwatch.medtronic.va.gov
casemgmt.perf.mbms.va.gov
mgmt.dev.care2.va.gov
filenet.pdt.vbms.aide.oit.va.gov
jira.devops.va.gov
benefits.vba.va.gov
www.ebenefits.va.gov
www.healthshareprod8.va.gov
RAPORTAL.VPN.VA.GOV
vip.vba.va.gov
cdceportal.va.gov
mrtfwfl01.vas.med.va.gov
www.valu.va.gov
prisma.vpn.va.gov
care.va.gov
care.va.gov
portal.lom.med.va.gov
www.mdssvh.aac.va.gov
services.test.mdm.va.gov
VP.evn.va.gov
www.tms.va.gov
veteranshealthlibrary.va.gov
idm.edeazclabs.va.gov
www.vendorportal.ecms.va.gov
www.vip-preprod.vetbiz.va.gov
services.eauth.va.gov
filenet.uat.vbms.aide.oit.va.gov
dev-api2.va.gov
vhacrrappdevhs5.vaco.va.gov
dev-api.va.gov
vetbiz.va.gov
Certificate
The complete raw certificate details for ra.vpn.va.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHBTCCBe2gAwIBAgIDBUrBMA0GCSqGSIb3DQEBCwUAMHIxEzARBgoJkiaJk/Is ZAEZFgNnb3YxEjAQBgoJkiaJk/IsZAEZFgJ2YTERMA8GA1UECxMIU2VydmljZXMx DDAKBgNVBAsTA1BLSTEmMCQGA1UEAxMdVmV0ZXJhbnMgQWZmYWlycyBEZXZpY2Ug Q0EgQjIwHhcNMTUxMTEwMjM0NjU5WhcNMTgwODA3MTUyMjQ2WjBTMRMwEQYKCZIm iZPyLGQBGRYDZ292MRIwEAYKCZImiZPyLGQBGRYCdmExEDAOBgNVBAsTB2Rldmlj ZXMxFjAUBgNVBAMTDXJhLnZwbi52YS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrYKSVFv2XfqEHFfo8y8pQyaw1VadLh0Av62aLEUrTYzkJ4a+Y 5vjT5R2aeNmSfWAEyaY4pagq6Fg+Dj76qXMCOYhfOp+R5aP66qC8b1G8g1JWEKrb bCzEWsc9hQPGmYY+XRww0RMtg1cXE+MHbmZWLXi/UxUOtTXA2bWFIaXSoQ96ZfXZ eC6VuHLehW+y2aJn19YOnqb523AfLpL/wICKP8fFMNJhT8Zlyhxeq5epEn9l5xCG WH6rTX64xRjMCjTtLIlqQ/LJhqhH6OYIbwif72b++T7hcxdOQl1lzaGarONfa0q/ Z2cxFBnS9hzyhZlY18qzUakkFJz7tnjCwu3BAgMBAAGjggPBMIIDvTBwBgNVHREE aTBngRpWQU5TT0NSQUVuZ2luZWVyaW5nQHZhLmdvdoINcmEudnBuLnZhLmdvdoIW ZG93bmxvYWQucmEudnBuLnZhLmdvdoIRbW9iaWxlLnZwbi52YS5nb3aCDzE1Mi4x MzEuMTkyLjE2MDAXBgNVHSAEEDAOMAwGCmCGSAFlAwIBAwgwggEwBggrBgEFBQcB AQSCASIwggEeMDsGCCsGAQUFBzAChi9odHRwOi8vYWlhMS5zc3Atc3Ryb25nLWlk Lm5ldC9DQS9WQWRldmljZUNBLnA3YzCBgAYIKwYBBQUHMAKGdGxkYXA6Ly9kaXIx LnNzcC1zdHJvbmctaWQubmV0L2NuPVZldGVyYW5zJTIwQWZmYWlycyUyMERldmlj ZSUyMENBJTIwQjIsb3U9UEtJLG91PVNlcnZpY2VzLGRjPXZhLGRjPWdvdj9jQUNl cnRpZmljYXRlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5wa2kudmEuZ292LzA3 BggrBgEFBQcwAYYraHR0cDovL29jc3AxLnNzcC1zdHJvbmctaWQubmV0L1ZBLVNT UC1DQS1CMjAOBgNVHQ8BAf8EBAMCBaAwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsG AQUFBwMCBghghkgBZQMGBzAfBgNVHSMEGDAWgBSBlDWeKqh3YCNm7Cqdbs+2dRlQ XTCCAYEGA1UdHwSCAXgwggF0MDCgLqAshipodHRwOi8vY3JsLnBraS52YS5nb3Yv UEtJL0NSTC92YWRldmljZS5jcmwwdKByoHCGbmxkYXA6Ly9sZGFwLnBraS52YS5n b3YvY24lM2RTU1BCMkFFLGNuJTNkQ0RQLGNuJTNkUEtJLGNuJTNkU2VydmljZXMs ZGMlM2R2YSxkYyUzZGdvdj9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MDSgMqAw hi5odHRwOi8vY2RwMS5zc3Atc3Ryb25nLWlkLm5ldC9DRFAvdmFkZXZpY2UuY3Js MIGToIGQoIGNhoGKbGRhcDovL2RpcjEuc3NwLXN0cm9uZy1pZC5uZXQvY24lM2RW ZXRlcmFucyUyMEFmZmFpcnMlMjBEZXZpY2UlMjBDQSUyMEIyLG91JTNkUEtJLG91 JTNkU2VydmljZXMsZGMlM2R2YSxkYyUzZGdvdj9jZXJ0aWZpY2F0ZVJldm9jYXRp b25MaXN0MB0GA1UdDgQWBBSY1I1vsjK3bGV0927RKmt/KMrAJDANBgkqhkiG9w0B AQsFAAOCAQEAR+sxbGfZ1OTorPzkQEu6xvP3+MSTGFLtiJDxSaJ1PC6Wwmg0I+Kk 7AKpblNieq7beVUt3EQriHkIzMIks0rS6FLCHSwXKaeivY6XDAjef5Y3zUdgFq8p TLsxuOldqkuW1JI4E7iHaDekQdW8qJo8IO2VX8fnwpA7OMQ/Fj2FiORZyYDlm0Tc 9KPFJeMWIerR7v/r8qcyA/jJ64IRKJtnT32UpTkt3nzJm5ou8qC6q+E9FiVR0iAl XAZR/saNF2b7f30oAebIrXrStmsoUit8BWKFl4ZprY9z2bkOavHbFtnKMBlYVBxC vSWSeFAC94Jt7zjQFKUXN3rS6coXVaC2Ew== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2CklRb9l36hBxX6PMvK UMmsNVWnS4dAL+tmixFK02M5CeGvmOb40+UdmnjZkn1gBMmmOKWoKuhYPg4++qlz AjmIXzqfkeWj+uqgvG9RvINSVhCq22wsxFrHPYUDxpmGPl0cMNETLYNXFxPjB25m Vi14v1MVDrU1wNm1hSGl0qEPemX12Xgulbhy3oVvstmiZ9fWDp6m+dtwHy6S/8CA ij/HxTDSYU/GZcocXquXqRJ/ZecQhlh+q01+uMUYzAo07SyJakPyyYaoR+jmCG8I n+9m/vk+4XMXTkJdZc2hmqzjX2tKv2dnMRQZ0vYc8oWZWNfKs1GpJBSc+7Z4wsLt wQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 346817 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'va' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Veterans Affairs Device CA B2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-10 23:46:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-07 15:22:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'va' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'devices' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ra.vpn.va.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21634406539329450486983902237506486828327424245848731902380523917949115235314361664710871005834855970366823615007689007066322835498625101599990084850739513759767076064330685511755103451444024485414457558542629192086259225828632048405224107879614249088131999970839083321681835276967982258061079768692256946534497041669819011689859619715713406967563300658933076661799443564988941489409612011608993384641337830491016077710512661971181330312977265512351069533993285076073047631950775195537060455507776094209833349900927313929656657672992866760274719310665329040892017566202796814229264357664190005960306344123326051577281 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:1|false] IA5String '[email protected]' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ra.vpn.va.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'download.ra.vpn.va.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobile.vpn.va.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '152.131.192.160' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.2.1.3.8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (290 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia1.ssp-strong-id.net/CA/VAdeviceCA.p7c' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://dir1.ssp-strong-id.net/cn=Veterans%20Affairs%20Device%20CA%20B2,ou=PKI,ou=Services,dc=va,dc=gov?cACertificate' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.va.gov/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp1.ssp-strong-id.net/VA-SSP-CA-B2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.6.7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8194359e2aa877602366ec2a9d6ecfb67519505d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (376 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.pki.va.gov/PKI/CRL/vadevice.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://ldap.pki.va.gov/cn%3dSSPB2AE,cn%3dCDP,cn%3dPKI,cn%3dServices,dc%3dva,dc%3dgov?certificateRevocationList' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.ssp-strong-id.net/CDP/vadevice.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://dir1.ssp-strong-id.net/cn%3dVeterans%20Affairs%20Device%20CA%20B2,ou%3dPKI,ou%3dServices,dc%3dva,dc%3dgov?certificateRevocationList' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 98d48d6fb232b76c6574f76ed12a6b7f28cac024 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0047eb316c67d9d4e4e8acfce4404bbac6f3f7f8c4931852ed8890f149a2753c2e96c2683423e2a4ec02a96e53627aaedb79552ddc442b887908ccc224b34ad2e852c21d2c1729a7a2bd8e970c08de7f9637cd476016af294cbb31b8e95daa4b96d4923813b8876837a441d5bca89a3c20ed955fc7e7c2903b38c43f163d8588e459c980e59b44dcf4a3c525e31621ead1eeffebf2a73203f8c9eb8211289b674f7d94a5392dde7cc99b9a2ef2a0baabe13d162551d220255c0651fec68d1766fb7f7d2801e6c8ad7ad2b66b28522b7c056285978669ad8f73d9b90e6af1db16d9ca301958541c42bd2592785002f7826def38d014a517377ad2e9ca1755a0b613