vagfe.vpn.va.gov
Issued by Veterans Affairs Device CA B2
About this certificate
This digital certificate with serial number 04:72:3d was issued on byVeterans Affairs Device CA B2.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DNSNames must have a valid TLD. (BRs: 3.2.2.4)
- Email MUST NOT be surrounded with `<>`, and there must be no trailing comments in `()` (RFC 5280: 4.2.1.6)
- The Subject Alternate Name extension MUST contain only 'dnsName' and 'ipaddress' name types. (BRs: 7.1.4.2.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=vagfe.vpn.va.gov,OU=devices,0.9.2342.19200300.100.1.25=#13027661,0.9.2342.19200300.100.1.25=#1303676f76
Veterans Affairs Device CA B2
Organization unit: Services
Organization unit: PKI
Organization unit: PKI
This certificate has expire since
Certificate Details
Serial Number (hex): 04:72:3dSerial Number (int): 291389
Serial Number lenght: 19 bits, 3 octets
SubjectKeyId: d8:4a:74:10:b7:bb:ae:14:fd:78:80:65:da:e2:0b:90:06:70:a7:83
AuthorityKeyId: 81:94:35:9e:2a:a8:77:60:23:66:ec:2a:9d:6e:cf:b6:75:19:50:5d
Fingerprint (sha1): fd:bd:83:3e:7d:f2:6c:bb:bc:77:c2:cf:89:de:a6:99:42:cd:83:25
Fingerprint (sha256): 03:78:93:b1:1f:f6:1e:20:5c:87:b0:57:32:54:dd:5e:66:bc:14:18:c3:d8:ae:d9:62:78:81:ce:c1:d6:7e:b9
Issuing Certificate URL: http://aia1.ssp-strong-id.net/CA/VAdeviceCA.p7c
Issuing Certificate URL: ldap://dir1.ssp-strong-id.net/cn=Veterans%20Affairs%20Device%20CA%20B2,ou=PKI,ou=Services,dc=va,dc=gov?cACertificate
Revocation information
OCSP Server: http://ocsp.pki.va.gov/OCSP Server: http://ocsp1.ssp-strong-id.net/VA-SSP-CA-B2
CRL Distribution Point: http://crl.pki.va.gov/PKI/CRL/vadevice.crl
CRL Distribution Point: ldap://ldap.pki.va.gov/cn%3dSSPB2AE,cn%3dCDP,cn%3dPKI,cn%3dServices,dc%3dva,dc%3dgov?certificateRevocationList
CRL Distribution Point: http://cdp1.ssp-strong-id.net/CDP/vadevice.crl
CRL Distribution Point: ldap://dir1.ssp-strong-id.net/cn%3dVeterans%20Affairs%20Device%20CA%20B2,ou%3dPKI,ou%3dServices,dc%3dva,dc%3dgov?certificateRevocationList
Check the revocation status for certificate vagfe.vpn.va.gov
5
DNS Names
1
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for vagfe.vpn.va.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
GWERA-VPN01.tic.va.gov
vagfe.vpn.va.gov
gfe.vpn.va.gov
gwera-vpn01.vpn.va.gov
152.130.192.158
[email protected]; [email protected]; [email protected]
vagfe.vpn.va.gov
gfe.vpn.va.gov
gwera-vpn01.vpn.va.gov
152.130.192.158
[email protected]; [email protected]; [email protected]
Other certificates including the domain name va.gov
(limited to 100 certificates)
www.tee.va.gov
www.explore.va.gov
gfe.vpn.va.gov
www.cc.1vision.va.gov
m.pint.ebenefits.va.gov
www.visn2.va.gov
SERVICES.TEST.MDM.VA.GOV
vaww.media.eo.va.gov
*.shopvcs.va.gov
care.va.gov
prod.saas.box.va.gov
pint.vdc.va.gov
ccracommunity.va.gov
www.va.gov
www.cep.fsc.va.gov
www.patientadvocate.va.gov
rqm01.aide.oit.va.gov
nonprod.paas.mulesoft.va.gov
gibill.va.gov
m.va.gov
portal.nprod.vetbiz.va.gov
register.eauth.va.gov
www.ideas.research.va.gov
VABENEFITS.VBA.VA.GOV
ra.vpn.va.gov
yourit.va.gov
homeloans.va.gov
hybrid.va.gov
adfs.edeazclabs.va.gov
pint.sep.va.gov
HRIS.VA.GOV
www.vis.fsc.va.gov
preprod.fed.eauth.va.gov
rrc01.test.aide.oit.va.gov
*.vetride.va.gov
www.netresponse.medtronic.va.gov
m.va.gov
yourit-dev.va.gov
das.va.gov
mass.columbus.va.gov
www.energy.va.gov
www.itwd.oit.va.gov
prod.dip.va.gov
www.index.va.gov
www.pre.csp.va.gov
care.va.gov
vacagtest.vpn.va.gov
vagfe.vpn.va.gov
vdc.va.gov
www.listserv.va.gov
www.communityviewer.va.gov
care.va.gov
vaww.media.eo.va.gov
vaishwcs008.mdm.va.gov
tools.health.dev-developer.va.gov
casemgmt.int2.mbms.va.gov
www.rehab.research.va.gov
citrixaccesstest.va.gov
WWW.VOA.VA.GOV
www.va.gov
www.ihscepp.fsc.va.gov
staff.eva.va.gov
dev-developer.va.gov
www.escm-hcdev.va.gov
www.hcawsdev.va.gov
veteran.mobilehealth.va.gov
prod.saas.qualtrics.va.gov
citrixaccesseast.va.gov
adfs.edeazclabs.va.gov
www.netresponse.airwatch.medtronic.va.gov
casemgmt.perf.mbms.va.gov
mgmt.dev.care2.va.gov
filenet.pdt.vbms.aide.oit.va.gov
jira.devops.va.gov
benefits.vba.va.gov
www.ebenefits.va.gov
www.healthshareprod8.va.gov
RAPORTAL.VPN.VA.GOV
vip.vba.va.gov
cdceportal.va.gov
mrtfwfl01.vas.med.va.gov
www.valu.va.gov
prisma.vpn.va.gov
care.va.gov
care.va.gov
portal.lom.med.va.gov
www.mdssvh.aac.va.gov
services.test.mdm.va.gov
VP.evn.va.gov
www.tms.va.gov
veteranshealthlibrary.va.gov
idm.edeazclabs.va.gov
www.vendorportal.ecms.va.gov
www.vip-preprod.vetbiz.va.gov
services.eauth.va.gov
filenet.uat.vbms.aide.oit.va.gov
dev-api2.va.gov
vhacrrappdevhs5.vaco.va.gov
dev-api.va.gov
vetbiz.va.gov
www.explore.va.gov
gfe.vpn.va.gov
www.cc.1vision.va.gov
m.pint.ebenefits.va.gov
www.visn2.va.gov
SERVICES.TEST.MDM.VA.GOV
vaww.media.eo.va.gov
*.shopvcs.va.gov
care.va.gov
prod.saas.box.va.gov
pint.vdc.va.gov
ccracommunity.va.gov
www.va.gov
www.cep.fsc.va.gov
www.patientadvocate.va.gov
rqm01.aide.oit.va.gov
nonprod.paas.mulesoft.va.gov
gibill.va.gov
m.va.gov
portal.nprod.vetbiz.va.gov
register.eauth.va.gov
www.ideas.research.va.gov
VABENEFITS.VBA.VA.GOV
ra.vpn.va.gov
yourit.va.gov
homeloans.va.gov
hybrid.va.gov
adfs.edeazclabs.va.gov
pint.sep.va.gov
HRIS.VA.GOV
www.vis.fsc.va.gov
preprod.fed.eauth.va.gov
rrc01.test.aide.oit.va.gov
*.vetride.va.gov
www.netresponse.medtronic.va.gov
m.va.gov
yourit-dev.va.gov
das.va.gov
mass.columbus.va.gov
www.energy.va.gov
www.itwd.oit.va.gov
prod.dip.va.gov
www.index.va.gov
www.pre.csp.va.gov
care.va.gov
vacagtest.vpn.va.gov
vagfe.vpn.va.gov
vdc.va.gov
www.listserv.va.gov
www.communityviewer.va.gov
care.va.gov
vaww.media.eo.va.gov
vaishwcs008.mdm.va.gov
tools.health.dev-developer.va.gov
casemgmt.int2.mbms.va.gov
www.rehab.research.va.gov
citrixaccesstest.va.gov
WWW.VOA.VA.GOV
www.va.gov
www.ihscepp.fsc.va.gov
staff.eva.va.gov
dev-developer.va.gov
www.escm-hcdev.va.gov
www.hcawsdev.va.gov
veteran.mobilehealth.va.gov
prod.saas.qualtrics.va.gov
citrixaccesseast.va.gov
adfs.edeazclabs.va.gov
www.netresponse.airwatch.medtronic.va.gov
casemgmt.perf.mbms.va.gov
mgmt.dev.care2.va.gov
filenet.pdt.vbms.aide.oit.va.gov
jira.devops.va.gov
benefits.vba.va.gov
www.ebenefits.va.gov
www.healthshareprod8.va.gov
RAPORTAL.VPN.VA.GOV
vip.vba.va.gov
cdceportal.va.gov
mrtfwfl01.vas.med.va.gov
www.valu.va.gov
prisma.vpn.va.gov
care.va.gov
care.va.gov
portal.lom.med.va.gov
www.mdssvh.aac.va.gov
services.test.mdm.va.gov
VP.evn.va.gov
www.tms.va.gov
veteranshealthlibrary.va.gov
idm.edeazclabs.va.gov
www.vendorportal.ecms.va.gov
www.vip-preprod.vetbiz.va.gov
services.eauth.va.gov
filenet.uat.vbms.aide.oit.va.gov
dev-api2.va.gov
vhacrrappdevhs5.vaco.va.gov
dev-api.va.gov
vetbiz.va.gov
Certificate
The complete raw certificate details for vagfe.vpn.va.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHYzCCBkugAwIBAgIDBHI9MA0GCSqGSIb3DQEBCwUAMHIxEzARBgoJkiaJk/Is ZAEZFgNnb3YxEjAQBgoJkiaJk/IsZAEZFgJ2YTERMA8GA1UECxMIU2VydmljZXMx DDAKBgNVBAsTA1BLSTEmMCQGA1UEAxMdVmV0ZXJhbnMgQWZmYWlycyBEZXZpY2Ug Q0EgQjIwHhcNMTQxMDA2MjExNDUzWhcNMTcxMDA2MjExNDUzWjBWMRMwEQYKCZIm iZPyLGQBGRYDZ292MRIwEAYKCZImiZPyLGQBGRYCdmExEDAOBgNVBAsTB2Rldmlj ZXMxGTAXBgNVBAMTEHZhZ2ZlLnZwbi52YS5nb3YwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDB5ueGauq8sernT3ETJgbpkLY5GSQtT/lthbUybxVJoelP k8l5BP8lj7MxXQf2xXqML+Nx74qCH+x+z4LIz6fale8K5NqQzgoNcpy+/F+GCPX+ KYDnmzhvfXyTkf3J5p7NoT40jR4E9IUoum+74SRFgdhwX1ikhUZeC56TQiFZm5iM kBCIzXRdk+Y3FfqXs/Is+IMk5HBFAdh6fzNM6cSu7nv15GFuDR5MFwxzYd/y5Nkv wLi+edk6aEWYntKWS6GwVnI4ulUWPWicle1d1o4Fskg0MoRGlxWjo6+eXWekbIex AskoMBfLiT6AHewKIiaL0loNM4X+OLJXCC0hnIurAgMBAAGjggQcMIIEGDCBygYD VR0RBIHCMIG/gVp2YW5zb2NyYXRyYW5zaXRpb25AdmEuZ292OyBWQU5TT0NCUEVP cGVyYXRpb25zQHZhLmdvdjsgdmFuc29jcmVtb3RlYWNjZXNzbWFuYWdlbWVudEB2 YS5nb3aCFkdXRVJBLVZQTjAxLnRpYy52YS5nb3aCEHZhZ2ZlLnZwbi52YS5nb3aC DmdmZS52cG4udmEuZ292ghZnd2VyYS12cG4wMS52cG4udmEuZ292gg8xNTIuMTMw LjE5Mi4xNTgwFwYDVR0gBBAwDjAMBgpghkgBZQMCAQMIMIIBMAYIKwYBBQUHAQEE ggEiMIIBHjA7BggrBgEFBQcwAoYvaHR0cDovL2FpYTEuc3NwLXN0cm9uZy1pZC5u ZXQvQ0EvVkFkZXZpY2VDQS5wN2MwgYAGCCsGAQUFBzAChnRsZGFwOi8vZGlyMS5z c3Atc3Ryb25nLWlkLm5ldC9jbj1WZXRlcmFucyUyMEFmZmFpcnMlMjBEZXZpY2Ul MjBDQSUyMEIyLG91PVBLSSxvdT1TZXJ2aWNlcyxkYz12YSxkYz1nb3Y/Y0FDZXJ0 aWZpY2F0ZTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AucGtpLnZhLmdvdi8wNwYI KwYBBQUHMAGGK2h0dHA6Ly9vY3NwMS5zc3Atc3Ryb25nLWlkLm5ldC9WQS1TU1At Q0EtQjIwDgYDVR0PAQH/BAQDAgWgMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEF BQcDAgYIYIZIAWUDBgcwHwYDVR0jBBgwFoAUgZQ1niqod2AjZuwqnW7PtnUZUF0w ggGBBgNVHR8EggF4MIIBdDAwoC6gLIYqaHR0cDovL2NybC5wa2kudmEuZ292L1BL SS9DUkwvdmFkZXZpY2UuY3JsMHSgcqBwhm5sZGFwOi8vbGRhcC5wa2kudmEuZ292 L2NuJTNkU1NQQjJBRSxjbiUzZENEUCxjbiUzZFBLSSxjbiUzZFNlcnZpY2VzLGRj JTNkdmEsZGMlM2Rnb3Y/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDA0oDKgMIYu aHR0cDovL2NkcDEuc3NwLXN0cm9uZy1pZC5uZXQvQ0RQL3ZhZGV2aWNlLmNybDCB k6CBkKCBjYaBimxkYXA6Ly9kaXIxLnNzcC1zdHJvbmctaWQubmV0L2NuJTNkVmV0 ZXJhbnMlMjBBZmZhaXJzJTIwRGV2aWNlJTIwQ0ElMjBCMixvdSUzZFBLSSxvdSUz ZFNlcnZpY2VzLGRjJTNkdmEsZGMlM2Rnb3Y/Y2VydGlmaWNhdGVSZXZvY2F0aW9u TGlzdDAdBgNVHQ4EFgQU2Ep0ELe7rhT9eIBl2uILkAZwp4MwDQYJKoZIhvcNAQEL BQADggEBAIpa1qLTwFQw3aLJ4kClVzSg9i+EPeyY5ggxDQSLozNa9kgIT0wyZlbY XF5W6s5kFhJktsluabVfYDLYrdgUKp74OV8Jd+E8HkBu78645S23a05H7wgq95ZQ hWJeiB1Ujj1oQCymqlFQdh9//LtK3YdHNLn/yVc6bvDKquqwKe18UMab6pHcAuJg a2KCZLNxH0wl9cucKgXuT5Dw39jV2T678RSHQ1jP9RZUk0WgiWQxRFWXIleB3B18 KvleUBsiZRH/8GbBj6G8+KzldciuulEV4AkUPSuZc8ljXWnDSW0Lx5In4pJNNruI HMC1veXhjrlPV8xLQk8mEHCelLWI03c= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwebnhmrqvLHq509xEyYG 6ZC2ORkkLU/5bYW1Mm8VSaHpT5PJeQT/JY+zMV0H9sV6jC/jce+Kgh/sfs+CyM+n 2pXvCuTakM4KDXKcvvxfhgj1/imA55s4b318k5H9yeaezaE+NI0eBPSFKLpvu+Ek RYHYcF9YpIVGXguek0IhWZuYjJAQiM10XZPmNxX6l7PyLPiDJORwRQHYen8zTOnE ru579eRhbg0eTBcMc2Hf8uTZL8C4vnnZOmhFmJ7SlkuhsFZyOLpVFj1onJXtXdaO BbJINDKERpcVo6Ovnl1npGyHsQLJKDAXy4k+gB3sCiImi9JaDTOF/jiyVwgtIZyL qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 291389 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'va' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Veterans Affairs Device CA B2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-10-06 21:14:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-10-06 21:14:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'va' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'devices' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vagfe.vpn.va.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24477856059265041771996003060577730237186640141466083624741753466004839695356682334289939635493780815899343189654324177443406006905228673022359794136540123043464703388549365026045801989881715751463431982462719289077938852650722464924152038404262922302679697449575724586763457328438206460089362420120197746449981411714590284530011417268281333613793914164458084681220854287830879020223153901995013093610071452536041064020202682054481424006031340567886391912007021230229282789086282981444970960980888159440114250906912580540033413695078917843944632950663705837982446273556546289604985336609163136725956755730561448577963 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (194 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:1|false] IA5String '[email protected]; [email protected]; [email protected]' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'GWERA-VPN01.tic.va.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vagfe.vpn.va.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gfe.vpn.va.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gwera-vpn01.vpn.va.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '152.130.192.158' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.2.1.3.8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (290 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia1.ssp-strong-id.net/CA/VAdeviceCA.p7c' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://dir1.ssp-strong-id.net/cn=Veterans%20Affairs%20Device%20CA%20B2,ou=PKI,ou=Services,dc=va,dc=gov?cACertificate' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.va.gov/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp1.ssp-strong-id.net/VA-SSP-CA-B2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.6.7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8194359e2aa877602366ec2a9d6ecfb67519505d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (376 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.pki.va.gov/PKI/CRL/vadevice.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://ldap.pki.va.gov/cn%3dSSPB2AE,cn%3dCDP,cn%3dPKI,cn%3dServices,dc%3dva,dc%3dgov?certificateRevocationList' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp1.ssp-strong-id.net/CDP/vadevice.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://dir1.ssp-strong-id.net/cn%3dVeterans%20Affairs%20Device%20CA%20B2,ou%3dPKI,ou%3dServices,dc%3dva,dc%3dgov?certificateRevocationList' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d84a7410b7bbae14fd788065dae20b900670a783 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008a5ad6a2d3c05430dda2c9e240a55734a0f62f843dec98e608310d048ba3335af648084f4c326656d85c5e56eace64161264b6c96e69b55f6032d8add8142a9ef8395f0977e13c1e406eefceb8e52db76b4e47ef082af7965085625e881d548e3d68402ca6aa5150761f7ffcbb4add874734b9ffc9573a6ef0caaaeab029ed7c50c69bea91dc02e2606b628264b3711f4c25f5cb9c2a05ee4f90f0dfd8d5d93ebbf114874358cff516549345a0896431445597225781dc1d7c2af95e501b226511fff066c18fa1bcf8ace575c8aeba5115e009143d2b9973c9635d69c3496d0bc79227e2924d36bb881cc0b5bde5e18eb94f57cc4b424f2610709e94b588d377