starscream.sierra.state.gov
Issued by U.S. Department of State AD High Assurance CA
About this certificate
This digital certificate with serial number 51:b6:f7:18 was issued on byU.S. Department of State AD High Assurance CA.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DNSNames must have a valid TLD. (BRs: 3.2.2.4)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=starscream.sierra.state.gov,OU=Enterprise Services+OU=PKI+OU=Web Servers,0.9.2342.19200300.100.1.25=#130b6170707365727669636573,0.9.2342.19200300.100.1.25=#13057374617465,0.9.2342.19200300.100.1.25=#1303736275
U.S. Department of State AD High Assurance CA
This certificate has expire since
Certificate Details
Serial Number (hex): 51:b6:f7:18Serial Number (int): 1370945304
Serial Number lenght: 31 bits, 4 octets
SubjectKeyId: 77:b2:34:a8:da:46:6d:fc:12:1b:14:c1:4f:2c:a8:7c:f9:33:03:a9
AuthorityKeyId: 2f:4a:ea:b0:a5:54:3f:07:92:4d:49:9b:3e:7d:08:5a:d2:43:b9:4b
Fingerprint (sha1): 6e:31:f3:a0:7c:43:ec:bc:fb:ae:42:9a:47:b1:00:63:76:08:29:59
Fingerprint (sha256): 04:08:b5:b1:12:61:b4:3c:7f:6e:f5:d6:75:78:0d:17:7f:79:34:04:67:de:76:e6:74:b1:45:43:d3:eb:02:19
Issuing Certificate URL: http://crls.pki.state.gov/AIA/CertsIssuedToDoSADHACA.p7c
Issuing Certificate URL: ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?cACertificate;binary
Issuing Certificate URL: ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?crossCertificatePair;binary
Revocation information
OCSP Server: http://ocsp.pki.state.gov/OCSP/DoSOCSPResponderCheck the revocation status for certificate starscream.sierra.state.gov
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for starscream.sierra.state.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
starscream.sierra.state.gov
sessmsmdmas1u.ses.state.sbu
sessmsmdmas2u.ses.state.sbu
sessmsmdmas1u.ses.state.sbu
sessmsmdmas2u.ses.state.sbu
Other certificates including the domain name state.gov
(limited to 100 certificates)
receptiontours.state.gov
cert5.state.gov
test-web-lws.edu.help
entranceondutytst.state.gov
womenofcourage.state.gov
pptform2.state.gov
tfa.state.gov
dev.cadatacatalog.state.gov
www.dvlottery.state.gov
test-cms.history.state.gov
pptform.state.gov
sni.cloudflaressl.com
receptiontours.state.gov
2001-2009.state.gov
oas.icdev.de
www.dvlottery.state.gov
exchanges.state.gov
pptform.state.gov
elibraryusa.state.gov
5636635823702016-fe2.pantheonsite.io
ivvsmarttraveler.state.gov
usrapchad.state.gov
adgsupport.state.gov
staging-bangkok.ilea.state.gov
www.design-engineering.princeton.edu
stsent.state.gov
alumni.dev.state.gov
iocareers.state.gov
bangkok.ilea.ign-uat.inl.state.gov
admin.eca.test.state.gov
globalhealth.playbooks.commons-dev.state.gov
caprovservice.state.gov
dev.diplomacy.state.gov
auth.passportappointment.travel.state.gov
rnet.state.gov
hrex.state.gov
www.j1visa.state.gov
search.usa.gov
www.blogs.earthjustice.org
readmypins.state.gov
sni.cloudflaressl.com
exportcontrol.state.gov
*.state.gov
j1visawaiverstatus.state.gov
directory-sandbox.state.gov
webdev.colorado.edu
state.gov
virtual2.unlv.edu
research-pp.stonybrook.edu
workflows.state.gov
fsilearncenter.state.gov
5636635823702016-fe2.pantheonsite.io
covid19.playbooks.commons-dev.state.gov
deccschat.pmddtc.state.gov
upenn-it.asc.upenn.edu
*.staging.pmddtc.state.gov
*.state.gov
geonode.state.gov
alumni.state.gov
diplomacy.state.gov
www.dvlottery.state.gov
starscream.sierra.state.gov
secondarycities.geonode.state.gov
synergy.state.gov
berlinwall.state.gov
playbooks.commons-dev.state.gov
oas.icdev.de
educationusa.state.gov
test-cms.history.state.gov
PassportStatus.state.gov
*.test.state.gov
ivvcadataapi.state.gov
tfa.state.gov
sait.state.gov
sni.cloudflaressl.com
commons-dev.state.gov
refugeesmigration.playbooks.commons.state.gov
cms.history.state.gov
sni.cloudflaressl.com
akamaisecure7.qualtrics.com
bangkok.ilea.state.gov
iservices.state.gov
secondarycities.state.gov
Server3.eRecruitment.State.gov
online-auction-controlpanel.state.gov
americanenglish.state.gov
amspaces.state.gov
cert5.state.gov
hiu.state.gov
readmypins.state.gov
adgsupport.state.gov
cfsc.state.gov
jsas.state.gov
pivogr.state.gov
sni.cloudflaressl.com
qa.californiasciencecenter.ca.gov
akamaisecure7.qualtrics.com
diplomacy.state.gov
ceac.state.gov
dev.cadataapi.state.gov
cert5.state.gov
test-web-lws.edu.help
entranceondutytst.state.gov
womenofcourage.state.gov
pptform2.state.gov
tfa.state.gov
dev.cadatacatalog.state.gov
www.dvlottery.state.gov
test-cms.history.state.gov
pptform.state.gov
sni.cloudflaressl.com
receptiontours.state.gov
2001-2009.state.gov
oas.icdev.de
www.dvlottery.state.gov
exchanges.state.gov
pptform.state.gov
elibraryusa.state.gov
5636635823702016-fe2.pantheonsite.io
ivvsmarttraveler.state.gov
usrapchad.state.gov
adgsupport.state.gov
staging-bangkok.ilea.state.gov
www.design-engineering.princeton.edu
stsent.state.gov
alumni.dev.state.gov
iocareers.state.gov
bangkok.ilea.ign-uat.inl.state.gov
admin.eca.test.state.gov
globalhealth.playbooks.commons-dev.state.gov
caprovservice.state.gov
dev.diplomacy.state.gov
auth.passportappointment.travel.state.gov
rnet.state.gov
hrex.state.gov
www.j1visa.state.gov
search.usa.gov
www.blogs.earthjustice.org
readmypins.state.gov
sni.cloudflaressl.com
exportcontrol.state.gov
*.state.gov
j1visawaiverstatus.state.gov
directory-sandbox.state.gov
webdev.colorado.edu
state.gov
virtual2.unlv.edu
research-pp.stonybrook.edu
workflows.state.gov
fsilearncenter.state.gov
5636635823702016-fe2.pantheonsite.io
covid19.playbooks.commons-dev.state.gov
deccschat.pmddtc.state.gov
upenn-it.asc.upenn.edu
*.staging.pmddtc.state.gov
*.state.gov
geonode.state.gov
alumni.state.gov
diplomacy.state.gov
www.dvlottery.state.gov
starscream.sierra.state.gov
secondarycities.geonode.state.gov
synergy.state.gov
berlinwall.state.gov
playbooks.commons-dev.state.gov
oas.icdev.de
educationusa.state.gov
test-cms.history.state.gov
PassportStatus.state.gov
*.test.state.gov
ivvcadataapi.state.gov
tfa.state.gov
sait.state.gov
sni.cloudflaressl.com
commons-dev.state.gov
refugeesmigration.playbooks.commons.state.gov
cms.history.state.gov
sni.cloudflaressl.com
akamaisecure7.qualtrics.com
bangkok.ilea.state.gov
iservices.state.gov
secondarycities.state.gov
Server3.eRecruitment.State.gov
online-auction-controlpanel.state.gov
americanenglish.state.gov
amspaces.state.gov
cert5.state.gov
hiu.state.gov
readmypins.state.gov
adgsupport.state.gov
cfsc.state.gov
jsas.state.gov
pivogr.state.gov
sni.cloudflaressl.com
qa.californiasciencecenter.ca.gov
akamaisecure7.qualtrics.com
diplomacy.state.gov
ceac.state.gov
dev.cadataapi.state.gov
Certificate
The complete raw certificate details for starscream.sierra.state.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJVzCCCD+gAwIBAgIEUbb3GDANBgkqhkiG9w0BAQsFADCBuzETMBEGCgmSJomT 8ixkARkWA3NidTEVMBMGCgmSJomT8ixkARkWBXN0YXRlMRYwFAYDVQQDDA1Db25m aWd1cmF0aW9uMREwDwYDVQQDDAhTZXJ2aWNlczEcMBoGA1UEAwwTUHVibGljIEtl eSBTZXJ2aWNlczEMMAoGA1UEAwwDQUlBMTYwNAYDVQQDDC1VLlMuIERlcGFydG1l bnQgb2YgU3RhdGUgQUQgSGlnaCBBc3N1cmFuY2UgQ0EwHhcNMTcxMjEyMTUwNjIy WhcNMjAxMjEyMTUzNjIyWjCBsTETMBEGCgmSJomT8ixkARkWA3NidTEVMBMGCgmS JomT8ixkARkWBXN0YXRlMRswGQYKCZImiZPyLGQBGRYLYXBwc2VydmljZXMxHDAa BgNVBAsME0VudGVycHJpc2UgU2VydmljZXMxDDAKBgNVBAsMA1BLSTEUMBIGA1UE CwwLV2ViIFNlcnZlcnMxJDAiBgNVBAMMG3N0YXJzY3JlYW0uc2llcnJhLnN0YXRl LmdvdjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKjYozN2Fy6slh7o 1S7XlY7fkhxEJLHMaXuLwDw+ib4WhL1SvmmOxO3X3w5IzAgOJsz2QhbWo3f7/NI/ 1VcgrW1HEKMN4eLG3jjQIxFN5glF4/xKkD6aIZIQzXeysLur0JEo2/ThQhhgBsmB PXragEG0Lnpc9zaebigoi65Tek1DFsVJzsyRMkO2W23AmOLmrrvlOvHHPJAJCq84 cO+iuTcRqjnI9w5d3xWgqhcHvllWPRcKg+YtVlcxfe2f4qAjnrIHBq3fSWml1Exb bj31VEstZSI/3bM4PjBCsO5SngEK419nEaJc6nTKM9FgpPHKPsx20pWRnm2m9MNv fAk+GqsCAwEAAaOCBWkwggVlMA4GA1UdDwEB/wQEAwIFoDAXBgNVHSAEEDAOMAwG CmCGSAFlAwIBBiUwEwYDVR0lBAwwCgYIKwYBBQUHAwEwggI6BggrBgEFBQcBAQSC AiwwggIoMEQGCCsGAQUFBzAChjhodHRwOi8vY3Jscy5wa2kuc3RhdGUuZ292L0FJ QS9DZXJ0c0lzc3VlZFRvRG9TQURIQUNBLnA3YzCBzAYIKwYBBQUHMAKGgb9sZGFw Oi8vY2VydHJlcC5wa2kuc3RhdGUuZ292L2NuPVUuUy4lMjBEZXBhcnRtZW50JTIw b2YlMjBTdGF0ZSUyMEFEJTIwSGlnaCUyMEFzc3VyYW5jZSUyMENBLGNuPUFJQSxj bj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxjbj1TZXJ2aWNlcyxjbj1Db25maWd1 cmF0aW9uLGRjPXN0YXRlLGRjPXNidT9jQUNlcnRpZmljYXRlO2JpbmFyeTCB0wYI KwYBBQUHMAKGgcZsZGFwOi8vY2VydHJlcC5wa2kuc3RhdGUuZ292L2NuPVUuUy4l MjBEZXBhcnRtZW50JTIwb2YlMjBTdGF0ZSUyMEFEJTIwSGlnaCUyMEFzc3VyYW5j ZSUyMENBLGNuPUFJQSxjbj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxjbj1TZXJ2 aWNlcyxjbj1Db25maWd1cmF0aW9uLGRjPXN0YXRlLGRjPXNidT9jcm9zc0NlcnRp ZmljYXRlUGFpcjtiaW5hcnkwOwYIKwYBBQUHMAGGL2h0dHA6Ly9vY3NwLnBraS5z dGF0ZS5nb3YvT0NTUC9Eb1NPQ1NQUmVzcG9uZGVyMGAGA1UdEQRZMFeCG3N0YXJz Y3JlYW0uc2llcnJhLnN0YXRlLmdvdoIbc2Vzc21zbWRtYXMxdS5zZXMuc3RhdGUu c2J1ghtzZXNzbXNtZG1hczJ1LnNlcy5zdGF0ZS5zYnUwggHwBgNVHR8EggHnMIIB 4zCCAd+gggHboIIB16SBzzCBzDETMBEGCgmSJomT8ixkARkWA3NidTEVMBMGCgmS JomT8ixkARkWBXN0YXRlMRYwFAYDVQQDDA1Db25maWd1cmF0aW9uMREwDwYDVQQD DAhTZXJ2aWNlczEcMBoGA1UEAwwTUHVibGljIEtleSBTZXJ2aWNlczEMMAoGA1UE AwwDQUlBMTYwNAYDVQQDDC1VLlMuIERlcGFydG1lbnQgb2YgU3RhdGUgQUQgSGln aCBBc3N1cmFuY2UgQ0ExDzANBgNVBAMMBkNSTDQwMYY1aHR0cDovL2NybHMucGtp LnN0YXRlLmdvdi9jcmxzL0RvU0FEUEtJSEFDQXNoYTI1Ni5jcmyGgctsZGFwOi8v Y2VydHJlcC5wa2kuc3RhdGUuZ292L2NuPVUuUy4lMjBEZXBhcnRtZW50JTIwb2Yl MjBTdGF0ZSUyMEFEJTIwSGlnaCUyMEFzc3VyYW5jZSUyMENBLGNuPUFJQSxjbj1Q dWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxjbj1TZXJ2aWNlcyxjbj1Db25maWd1cmF0 aW9uLGRjPXN0YXRlLGRjPXNidT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0O2Jp bmFyeTArBgNVHRAEJDAigA8yMDE3MTIxMjE1MDYyMlqBDzIwMjAxMjEyMTUzNjIy WjAfBgNVHSMEGDAWgBQvSuqwpVQ/B5JNSZs+fQha0kO5SzAdBgNVHQ4EFgQUd7I0 qNpGbfwSGxTBTyyofPkzA6kwCQYDVR0TBAIwADAZBgkqhkiG9n0HQQAEDDAKGwRW OC4xAwIDqDANBgkqhkiG9w0BAQsFAAOCAQEAu6KHTrKuR2h7SF1GjaCrU70GkrZP wJpP+bwRm26kOYUf9ZH56DJkqSs/OFWRoPl9hl0+VIZH58DUkCS0WnbeJMap5R9D Z0QqR56HEK6LDFIUkwj4/vUJdR/VkLL88DN2px11XK2ZYCcFPMT1/hB4HFBZWF1K qzraBs1GkLuae3sESfFvoHQEUsjznkN2AweCvekCV58nsR5ftwT9XdryxZyfEqtc 8SIUcRIztOc0f9BBEJxfmE5NxLnrUj4QNb68gYClxw/LutosXtSmhU0WLpHY/iAT FQY/QEb0pIBPiPPGYD80ud1gGalt5WX6vXnpzyuFE2QXR+p4z+lR61woTw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNijM3YXLqyWHujVLteV jt+SHEQkscxpe4vAPD6JvhaEvVK+aY7E7dffDkjMCA4mzPZCFtajd/v80j/VVyCt bUcQow3h4sbeONAjEU3mCUXj/EqQPpohkhDNd7Kwu6vQkSjb9OFCGGAGyYE9etqA QbQuelz3Np5uKCiLrlN6TUMWxUnOzJEyQ7ZbbcCY4uauu+U68cc8kAkKrzhw76K5 NxGqOcj3Dl3fFaCqFwe+WVY9FwqD5i1WVzF97Z/ioCOesgcGrd9JaaXUTFtuPfVU Sy1lIj/dszg+MEKw7lKeAQrjX2cRolzqdMoz0WCk8co+zHbSlZGebab0w298CT4a qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1370945304 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'sbu' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'state' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Configuration' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Public Key Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'AIA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'U.S. Department of State AD High Assurance CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-12 15:06:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-12 15:36:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'sbu' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'state' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'appservices' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Enterprise Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Web Servers' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'starscream.sierra.state.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21314863169045485688825293253779613805240454865015588419183928023015544924935005578270829564862406960997914168445507598322851990228622338659231355575537427396321942126722297524140369270496424257976637180347922401754428293484664871614977602948952852176827203032011902788093171977123448954217192170935726961062486293028915471657004129723380131443761522487668521024300976305913884683358068019014811209154910825333374977823511039978241936774252803743430103873451483963896412441232767961461524150866282440670048585288667036837184915888880749351779329432410673822483571348504058099072669033066893095500209357191981821729451 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.2.1.6.37 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (556 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.state.gov/AIA/CertsIssuedToDoSADHACA.p7c' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?cACertificate;binary' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?crossCertificatePair;binary' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.pki.state.gov/OCSP/DoSOCSPResponder' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'starscream.sierra.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sessmsmdmas1u.ses.state.sbu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sessmsmdmas2u.ses.state.sbu' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:4|true] Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'sbu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'state' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Configuration' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Services' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Public Key Services' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'AIA' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'U.S. Department of State AD High Assurance CA' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'CRL401' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crls.pki.state.gov/crls/DoSADPKIHACAsha256.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://certrep.pki.state.gov/cn=U.S.%20Department%20of%20State%20AD%20High%20Assurance%20CA,cn=AIA,cn=Public%20Key%20Services,cn=Services,cn=Configuration,dc=state,dc=sbu?certificateRevocationList;binary' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.16 (privateKeyUsagePeriod) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 32303137313231323135303632325a . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:1|false] IA5String '20201212153622Z' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2f4aeab0a5543f07924d499b3e7d085ad243b94b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 77b234a8da466dfc121b14c14f2ca87cf93303a9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.65.0 (entrustVersInfo) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:27|false] GeneralString 'V8.1' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bba2874eb2ae47687b485d468da0ab53bd0692b64fc09a4ff9bc119b6ea439851ff591f9e83264a92b3f385591a0f97d865d3e548647e7c0d49024b45a76de24c6a9e51f4367442a479e8710ae8b0c52149308f8fef509751fd590b2fcf03376a71d755cad996027053cc4f5fe10781c5059585d4aab3ada06cd4690bb9a7b7b0449f16fa0740452c8f39e4376030782bde902579f27b11e5fb704fd5ddaf2c59c9f12ab5cf12214711233b4e7347fd041109c5f984e4dc4b9eb523e1035bebc8180a5c70fcbbada2c5ed4a6854d162e91d8fe201315063f4046f4a4804f88f3c6603f34b9dd6019a96de565fabd79e9cf2b8513641747ea78cfe951eb5c284f