deccschat.pmddtc.state.gov
Issued by U.S. Department of State AD High Assurance CA
About this certificate
This digital certificate with serial number 51:b5:78:20 was issued on byU.S. Department of State AD High Assurance CA.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=deccschat.pmddtc.state.gov,OU=Enterprise Services+OU=PKI+OU=Web Servers,0.9.2342.19200300.100.1.25=#130b6170707365727669636573,0.9.2342.19200300.100.1.25=#13057374617465,0.9.2342.19200300.100.1.25=#1303736275
U.S. Department of State AD High Assurance CA
This certificate has expire since
Certificate Details
Serial Number (hex): 51:b5:78:20Serial Number (int): 1370847264
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: 1d:c4:ee:27:7c:df:24:d0:53:99:a9:ee:27:26:f1:26:73:c2:15:68
AuthorityKeyId: 2f:4a:ea:b0:a5:54:3f:07:92:4d:49:9b:3e:7d:08:5a:d2:43:b9:4b
Fingerprint (sha1): d6:90:e7:90:c6:80:7a:9c:81:63:99:50:c9:46:af:fc:fe:46:56:57
Fingerprint (sha256): 03:20:2d:be:f9:c8:94:4f:c5:61:52:cd:73:9b:1a:91:39:da:ac:72:4e:d1:33:a7:54:61:bc:a0:d1:57:f0:0a
Issuing Certificate URL: http://crls.pki.state.gov/AIA/CertsIssuedToDoSADHACA.p7c
Issuing Certificate URL: ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?cACertificate;binary
Issuing Certificate URL: ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?crossCertificatePair;binary
Revocation information
OCSP Server: http://ocsp.pki.state.gov/OCSP/DoSOCSPResponderCheck the revocation status for certificate deccschat.pmddtc.state.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for deccschat.pmddtc.state.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
deccschat.pmddtc.state.gov
Other certificates including the domain name state.gov
(limited to 100 certificates)
receptiontours.state.gov
cert5.state.gov
test-web-lws.edu.help
entranceondutytst.state.gov
womenofcourage.state.gov
pptform2.state.gov
tfa.state.gov
dev.cadatacatalog.state.gov
www.dvlottery.state.gov
test-cms.history.state.gov
pptform.state.gov
sni.cloudflaressl.com
receptiontours.state.gov
2001-2009.state.gov
oas.icdev.de
www.dvlottery.state.gov
exchanges.state.gov
pptform.state.gov
elibraryusa.state.gov
5636635823702016-fe2.pantheonsite.io
ivvsmarttraveler.state.gov
usrapchad.state.gov
adgsupport.state.gov
staging-bangkok.ilea.state.gov
www.design-engineering.princeton.edu
stsent.state.gov
alumni.dev.state.gov
iocareers.state.gov
bangkok.ilea.ign-uat.inl.state.gov
admin.eca.test.state.gov
globalhealth.playbooks.commons-dev.state.gov
caprovservice.state.gov
dev.diplomacy.state.gov
auth.passportappointment.travel.state.gov
rnet.state.gov
hrex.state.gov
www.j1visa.state.gov
search.usa.gov
www.blogs.earthjustice.org
readmypins.state.gov
sni.cloudflaressl.com
exportcontrol.state.gov
*.state.gov
j1visawaiverstatus.state.gov
directory-sandbox.state.gov
webdev.colorado.edu
state.gov
virtual2.unlv.edu
research-pp.stonybrook.edu
workflows.state.gov
fsilearncenter.state.gov
5636635823702016-fe2.pantheonsite.io
covid19.playbooks.commons-dev.state.gov
deccschat.pmddtc.state.gov
upenn-it.asc.upenn.edu
*.staging.pmddtc.state.gov
*.state.gov
geonode.state.gov
alumni.state.gov
diplomacy.state.gov
www.dvlottery.state.gov
starscream.sierra.state.gov
secondarycities.geonode.state.gov
synergy.state.gov
berlinwall.state.gov
playbooks.commons-dev.state.gov
oas.icdev.de
educationusa.state.gov
test-cms.history.state.gov
PassportStatus.state.gov
*.test.state.gov
ivvcadataapi.state.gov
tfa.state.gov
sait.state.gov
sni.cloudflaressl.com
commons-dev.state.gov
refugeesmigration.playbooks.commons.state.gov
cms.history.state.gov
sni.cloudflaressl.com
akamaisecure7.qualtrics.com
bangkok.ilea.state.gov
iservices.state.gov
secondarycities.state.gov
Server3.eRecruitment.State.gov
online-auction-controlpanel.state.gov
americanenglish.state.gov
amspaces.state.gov
cert5.state.gov
hiu.state.gov
readmypins.state.gov
adgsupport.state.gov
cfsc.state.gov
jsas.state.gov
pivogr.state.gov
sni.cloudflaressl.com
qa.californiasciencecenter.ca.gov
akamaisecure7.qualtrics.com
diplomacy.state.gov
ceac.state.gov
dev.cadataapi.state.gov
cert5.state.gov
test-web-lws.edu.help
entranceondutytst.state.gov
womenofcourage.state.gov
pptform2.state.gov
tfa.state.gov
dev.cadatacatalog.state.gov
www.dvlottery.state.gov
test-cms.history.state.gov
pptform.state.gov
sni.cloudflaressl.com
receptiontours.state.gov
2001-2009.state.gov
oas.icdev.de
www.dvlottery.state.gov
exchanges.state.gov
pptform.state.gov
elibraryusa.state.gov
5636635823702016-fe2.pantheonsite.io
ivvsmarttraveler.state.gov
usrapchad.state.gov
adgsupport.state.gov
staging-bangkok.ilea.state.gov
www.design-engineering.princeton.edu
stsent.state.gov
alumni.dev.state.gov
iocareers.state.gov
bangkok.ilea.ign-uat.inl.state.gov
admin.eca.test.state.gov
globalhealth.playbooks.commons-dev.state.gov
caprovservice.state.gov
dev.diplomacy.state.gov
auth.passportappointment.travel.state.gov
rnet.state.gov
hrex.state.gov
www.j1visa.state.gov
search.usa.gov
www.blogs.earthjustice.org
readmypins.state.gov
sni.cloudflaressl.com
exportcontrol.state.gov
*.state.gov
j1visawaiverstatus.state.gov
directory-sandbox.state.gov
webdev.colorado.edu
state.gov
virtual2.unlv.edu
research-pp.stonybrook.edu
workflows.state.gov
fsilearncenter.state.gov
5636635823702016-fe2.pantheonsite.io
covid19.playbooks.commons-dev.state.gov
deccschat.pmddtc.state.gov
upenn-it.asc.upenn.edu
*.staging.pmddtc.state.gov
*.state.gov
geonode.state.gov
alumni.state.gov
diplomacy.state.gov
www.dvlottery.state.gov
starscream.sierra.state.gov
secondarycities.geonode.state.gov
synergy.state.gov
berlinwall.state.gov
playbooks.commons-dev.state.gov
oas.icdev.de
educationusa.state.gov
test-cms.history.state.gov
PassportStatus.state.gov
*.test.state.gov
ivvcadataapi.state.gov
tfa.state.gov
sait.state.gov
sni.cloudflaressl.com
commons-dev.state.gov
refugeesmigration.playbooks.commons.state.gov
cms.history.state.gov
sni.cloudflaressl.com
akamaisecure7.qualtrics.com
bangkok.ilea.state.gov
iservices.state.gov
secondarycities.state.gov
Server3.eRecruitment.State.gov
online-auction-controlpanel.state.gov
americanenglish.state.gov
amspaces.state.gov
cert5.state.gov
hiu.state.gov
readmypins.state.gov
adgsupport.state.gov
cfsc.state.gov
jsas.state.gov
pivogr.state.gov
sni.cloudflaressl.com
qa.californiasciencecenter.ca.gov
akamaisecure7.qualtrics.com
diplomacy.state.gov
ceac.state.gov
dev.cadataapi.state.gov
Certificate
The complete raw certificate details for deccschat.pmddtc.state.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJAzCCB+ugAwIBAgIEUbV4IDANBgkqhkiG9w0BAQsFADCBuzETMBEGCgmSJomT 8ixkARkWA3NidTEVMBMGCgmSJomT8ixkARkWBXN0YXRlMRYwFAYDVQQDDA1Db25m aWd1cmF0aW9uMREwDwYDVQQDDAhTZXJ2aWNlczEcMBoGA1UEAwwTUHVibGljIEtl eSBTZXJ2aWNlczEMMAoGA1UEAwwDQUlBMTYwNAYDVQQDDC1VLlMuIERlcGFydG1l bnQgb2YgU3RhdGUgQUQgSGlnaCBBc3N1cmFuY2UgQ0EwHhcNMTcwMzA5MjMxNjQ4 WhcNMjAwMzA5MjM0NjQ4WjCBsDETMBEGCgmSJomT8ixkARkWA3NidTEVMBMGCgmS JomT8ixkARkWBXN0YXRlMRswGQYKCZImiZPyLGQBGRYLYXBwc2VydmljZXMxHDAa BgNVBAsME0VudGVycHJpc2UgU2VydmljZXMxDDAKBgNVBAsMA1BLSTEUMBIGA1UE CwwLV2ViIFNlcnZlcnMxIzAhBgNVBAMMGmRlY2NzY2hhdC5wbWRkdGMuc3RhdGUu Z292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPYkf4gQKgYL7tlO PkMr051IXn4ajRguq2sz9iaHPUP3n8QyGJIh4EXOyM4rw9152sBFgXZFf8m2I9b1 C9IGk5qgziyEcCnbrmqP36IqSPJOUmVL4XhYxg6kZjgRgMDX1TBj9Vx7JGP39oDV 7lJEXKfVf8jvvyw9vPNxdh4++oRdVfXDRTzaR7McWr2XmpQ/epV9RPSaLFn2p4Bl RwUTCHwlrTDKp4iKiy/Z4Evhf7cJvqwd10eZ/bD3/GM9/BCKmoujiF3oVPACWoDJ NAjnK/3P/NTvoV6TdCi4p6U9nUgfJvZkgRJMbetJ3hrjDD4WEA7NWsZcvjiJslBq ijoejQIDAQABo4IFFjCCBRIwDgYDVR0PAQH/BAQDAgWgMCUGA1UdIAQeMBwwDAYK YIZIAWUDAgEGATAMBgpghkgBZQMCAQYCMBMGA1UdJQQMMAoGCCsGAQUFBwMBMIIC OgYIKwYBBQUHAQEEggIsMIICKDBEBggrBgEFBQcwAoY4aHR0cDovL2NybHMucGtp LnN0YXRlLmdvdi9BSUEvQ2VydHNJc3N1ZWRUb0RvU0FESEFDQS5wN2MwgcwGCCsG AQUFBzAChoG/bGRhcDovL2NlcnRyZXAucGtpLnN0YXRlLmdvdi9jbj1VLlMuJTIw RGVwYXJ0bWVudCUyMG9mJTIwU3RhdGUlMjBBRCUyMEhpZ2glMjBBc3N1cmFuY2Ul MjBDQSxjbj1BSUEsY249UHVibGljJTIwS2V5JTIwU2VydmljZXMsY249U2Vydmlj ZXMsY249Q29uZmlndXJhdGlvbixkYz1zdGF0ZSxkYz1zYnU/Y0FDZXJ0aWZpY2F0 ZTtiaW5hcnkwgdMGCCsGAQUFBzAChoHGbGRhcDovL2NlcnRyZXAucGtpLnN0YXRl Lmdvdi9jbj1VLlMuJTIwRGVwYXJ0bWVudCUyMG9mJTIwU3RhdGUlMjBBRCUyMEhp Z2glMjBBc3N1cmFuY2UlMjBDQSxjbj1BSUEsY249UHVibGljJTIwS2V5JTIwU2Vy dmljZXMsY249U2VydmljZXMsY249Q29uZmlndXJhdGlvbixkYz1zdGF0ZSxkYz1z YnU/Y3Jvc3NDZXJ0aWZpY2F0ZVBhaXI7YmluYXJ5MDsGCCsGAQUFBzABhi9odHRw Oi8vb2NzcC5wa2kuc3RhdGUuZ292L09DU1AvRG9TT0NTUFJlc3BvbmRlcjAlBgNV HREEHjAcghpkZWNjc2NoYXQucG1kZHRjLnN0YXRlLmdvdjCCAfAGA1UdHwSCAecw ggHjMIIB36CCAdugggHXpIHPMIHMMRMwEQYKCZImiZPyLGQBGRYDc2J1MRUwEwYK CZImiZPyLGQBGRYFc3RhdGUxFjAUBgNVBAMMDUNvbmZpZ3VyYXRpb24xETAPBgNV BAMMCFNlcnZpY2VzMRwwGgYDVQQDDBNQdWJsaWMgS2V5IFNlcnZpY2VzMQwwCgYD VQQDDANBSUExNjA0BgNVBAMMLVUuUy4gRGVwYXJ0bWVudCBvZiBTdGF0ZSBBRCBI aWdoIEFzc3VyYW5jZSBDQTEPMA0GA1UEAwwGQ1JMMzI5hjVodHRwOi8vY3Jscy5w a2kuc3RhdGUuZ292L2NybHMvRG9TQURQS0lIQUNBc2hhMjU2LmNybIaBy2xkYXA6 Ly9jZXJ0cmVwLnBraS5zdGF0ZS5nb3YvY249VS5TLiUyMERlcGFydG1lbnQlMjBv ZiUyMFN0YXRlJTIwQUQlMjBIaWdoJTIwQXNzdXJhbmNlJTIwQ0EsY249QUlBLGNu PVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLGNuPVNlcnZpY2VzLGNuPUNvbmZpZ3Vy YXRpb24sZGM9c3RhdGUsZGM9c2J1P2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q7 YmluYXJ5MCsGA1UdEAQkMCKADzIwMTcwMzA5MjMxNjQ4WoEPMjAyMDAzMDkyMzQ2 NDhaMB8GA1UdIwQYMBaAFC9K6rClVD8Hkk1Jmz59CFrSQ7lLMB0GA1UdDgQWBBQd xO4nfN8k0FOZqe4nJvEmc8IVaDANBgkqhkiG9w0BAQsFAAOCAQEAMhPH6si183SX MWc86hL0Hb68GJLvKnvlZfrIzyEXYDLLg1M0PG5ecbPE5wUVOqluN2tn99sj6vxs QTQNWlkFmxhTeDF4vx++9nf2tq4/FSaJbHxMj2XXjm4RzdE8UbU2kH4Hrs1e+MUx 2egDI6WEv3JMeVz9R0BWUQ4tYwjopmiZCExlJBTw3FiJoBnG/ZIoV7ifzCHDJQmd U59DLGRCaOm02MqwyqVDLmsteolVmGTzs5+687LOWf5qm2FbIeGO+mus9o9GFtz0 HRtTIJ1z23S2Wi/cMGMlgmAjrrKoYijxf8fiGXWrMwVqYWWvTdNpjvYkqHjIiY6K piUljrXmeg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPYkf4gQKgYL7tlOPkMr 051IXn4ajRguq2sz9iaHPUP3n8QyGJIh4EXOyM4rw9152sBFgXZFf8m2I9b1C9IG k5qgziyEcCnbrmqP36IqSPJOUmVL4XhYxg6kZjgRgMDX1TBj9Vx7JGP39oDV7lJE XKfVf8jvvyw9vPNxdh4++oRdVfXDRTzaR7McWr2XmpQ/epV9RPSaLFn2p4BlRwUT CHwlrTDKp4iKiy/Z4Evhf7cJvqwd10eZ/bD3/GM9/BCKmoujiF3oVPACWoDJNAjn K/3P/NTvoV6TdCi4p6U9nUgfJvZkgRJMbetJ3hrjDD4WEA7NWsZcvjiJslBqijoe jQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1370847264 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'sbu' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'state' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Configuration' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Public Key Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'AIA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'U.S. Department of State AD High Assurance CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-09 23:16:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-09 23:46:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'sbu' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'state' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'appservices' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Enterprise Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Web Servers' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'deccschat.pmddtc.state.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19814553000252113980719427257426305012835024938417700866495445058095945589824884480159685079961889230020927682855864311335711082622016159550455760836939567867909147926078353893072084303707407612487393956513703729882109970209435657865355965849591998806841771717468833763259061567335683502134155129622758965179901171058783100522259179271559297368020582839337066847325094087473762314526160465261995247161727622352477757856035501347328303461171696633028654460849525069114764464452217956058257524561214709005705323020906589819531995137750511385548872305169822032212791982341467128707277009803649735925641745384242069249677 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.2.1.6.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.2.1.6.2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (556 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.state.gov/AIA/CertsIssuedToDoSADHACA.p7c' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?cACertificate;binary' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?crossCertificatePair;binary' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.state.gov/OCSP/DoSOCSPResponder' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'deccschat.pmddtc.state.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:4|true] Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'sbu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'state' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Configuration' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Services' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Public Key Services' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'AIA' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'U.S. Department of State AD High Assurance CA' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'CRL329' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.state.gov/crls/DoSADPKIHACAsha256.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?certificateRevocationList;binary' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.16 (privateKeyUsagePeriod) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 32303137303330393233313634385a . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:1|false] IA5String '20200309234648Z' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2f4aeab0a5543f07924d499b3e7d085ad243b94b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1dc4ee277cdf24d05399a9ee2726f12673c21568 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003213c7eac8b5f3749731673cea12f41dbebc1892ef2a7be565fac8cf21176032cb8353343c6e5e71b3c4e705153aa96e376b67f7db23eafc6c41340d5a59059b1853783178bf1fbef677f6b6ae3f1526896c7c4c8f65d78e6e11cdd13c51b536907e07aecd5ef8c531d9e80323a584bf724c795cfd474056510e2d6308e8a66899084c652414f0dc5889a019c6fd922857b89fcc21c325099d539f432c644268e9b4d8cab0caa5432e6b2d7a89559864f3b39fbaf3b2ce59fe6a9b615b21e18efa6bacf68f4616dcf41d1b53209d73db74b65a2fdc306325826023aeb2a86228f17fc7e21975ab33056a6165af4dd3698ef624a878c8898e8aa625258eb5e67a