synergy.state.gov
- U.S. Department of State -
Issued by Entrust Certification Authority - L1K
About this certificate
This digital certificate with serial number 7a:0b:41:e5:33:de:b3:ba:23:4c:11:08:d9:5f:6e:ad was issued on by Entrust, Inc..
With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
U.S. Department of State
Organization:
U.S. Department of State
State / Province:
District of Columbia
Locality: Washington
Country: US
Locality: Washington
Country: US
Entrust, Inc.
Organization:
Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 7a:0b:41:e5:33:de:b3:ba:23:4c:11:08:d9:5f:6e:adSerial Number (int): 162224267267130038493370466484201942701
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 9f:79:7c:1b:aa:d9:a4:d3:22:93:f8:28:80:05:cc:53:6c:40:cf:9e
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf
Fingerprint (sha1): 2d:33:f8:b7:38:70:21:45:05:18:8d:78:44:ea:b4:be:c3:d5:43:bd
Fingerprint (sha256): 04:18:54:41:e5:f7:7a:bf:a9:ba:d7:e3:42:5a:21:4a:96:0e:b0:26:b2:48:18:c3:c1:91:41:c3:09:0a:08:c0
Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer
Revocation information
OCSP Server: http://ocsp.entrust.netCRL Distribution Point: http://crl.entrust.net/level1k.crl
Check the revocation status for certificate synergy.state.gov
16
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for synergy.state.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
synergy.state.gov
register.state.gov
speakerinvitation.state.gov
pareviews.state.gov
gpaitstaging.state.gov
fojems.state.gov
touchbase.state.gov
speakerkit.state.gov
paitstaging.state.gov
gpaservices.state.gov
timekat.state.gov
paclearances.state.gov
mobilepa.state.gov
speakerrequest.state.gov
paservices.state.gov
gpareviews.state.gov
register.state.gov
speakerinvitation.state.gov
pareviews.state.gov
gpaitstaging.state.gov
fojems.state.gov
touchbase.state.gov
speakerkit.state.gov
paitstaging.state.gov
gpaservices.state.gov
timekat.state.gov
paclearances.state.gov
mobilepa.state.gov
speakerrequest.state.gov
paservices.state.gov
gpareviews.state.gov
Other certificates including the domain name state.gov
(limited to 100 certificates)
receptiontours.state.gov
cert5.state.gov
test-web-lws.edu.help
entranceondutytst.state.gov
womenofcourage.state.gov
pptform2.state.gov
tfa.state.gov
dev.cadatacatalog.state.gov
www.dvlottery.state.gov
test-cms.history.state.gov
pptform.state.gov
sni.cloudflaressl.com
receptiontours.state.gov
2001-2009.state.gov
oas.icdev.de
www.dvlottery.state.gov
exchanges.state.gov
pptform.state.gov
elibraryusa.state.gov
5636635823702016-fe2.pantheonsite.io
ivvsmarttraveler.state.gov
usrapchad.state.gov
adgsupport.state.gov
staging-bangkok.ilea.state.gov
www.design-engineering.princeton.edu
stsent.state.gov
alumni.dev.state.gov
iocareers.state.gov
bangkok.ilea.ign-uat.inl.state.gov
admin.eca.test.state.gov
globalhealth.playbooks.commons-dev.state.gov
caprovservice.state.gov
dev.diplomacy.state.gov
auth.passportappointment.travel.state.gov
rnet.state.gov
hrex.state.gov
www.j1visa.state.gov
search.usa.gov
www.blogs.earthjustice.org
readmypins.state.gov
sni.cloudflaressl.com
exportcontrol.state.gov
*.state.gov
j1visawaiverstatus.state.gov
directory-sandbox.state.gov
webdev.colorado.edu
state.gov
virtual2.unlv.edu
research-pp.stonybrook.edu
workflows.state.gov
fsilearncenter.state.gov
5636635823702016-fe2.pantheonsite.io
covid19.playbooks.commons-dev.state.gov
deccschat.pmddtc.state.gov
upenn-it.asc.upenn.edu
*.staging.pmddtc.state.gov
*.state.gov
geonode.state.gov
alumni.state.gov
diplomacy.state.gov
www.dvlottery.state.gov
starscream.sierra.state.gov
secondarycities.geonode.state.gov
synergy.state.gov
berlinwall.state.gov
playbooks.commons-dev.state.gov
oas.icdev.de
educationusa.state.gov
test-cms.history.state.gov
PassportStatus.state.gov
*.test.state.gov
ivvcadataapi.state.gov
tfa.state.gov
sait.state.gov
sni.cloudflaressl.com
commons-dev.state.gov
refugeesmigration.playbooks.commons.state.gov
cms.history.state.gov
sni.cloudflaressl.com
akamaisecure7.qualtrics.com
bangkok.ilea.state.gov
iservices.state.gov
secondarycities.state.gov
Server3.eRecruitment.State.gov
online-auction-controlpanel.state.gov
americanenglish.state.gov
amspaces.state.gov
cert5.state.gov
hiu.state.gov
readmypins.state.gov
adgsupport.state.gov
cfsc.state.gov
jsas.state.gov
pivogr.state.gov
sni.cloudflaressl.com
qa.californiasciencecenter.ca.gov
akamaisecure7.qualtrics.com
diplomacy.state.gov
ceac.state.gov
dev.cadataapi.state.gov
cert5.state.gov
test-web-lws.edu.help
entranceondutytst.state.gov
womenofcourage.state.gov
pptform2.state.gov
tfa.state.gov
dev.cadatacatalog.state.gov
www.dvlottery.state.gov
test-cms.history.state.gov
pptform.state.gov
sni.cloudflaressl.com
receptiontours.state.gov
2001-2009.state.gov
oas.icdev.de
www.dvlottery.state.gov
exchanges.state.gov
pptform.state.gov
elibraryusa.state.gov
5636635823702016-fe2.pantheonsite.io
ivvsmarttraveler.state.gov
usrapchad.state.gov
adgsupport.state.gov
staging-bangkok.ilea.state.gov
www.design-engineering.princeton.edu
stsent.state.gov
alumni.dev.state.gov
iocareers.state.gov
bangkok.ilea.ign-uat.inl.state.gov
admin.eca.test.state.gov
globalhealth.playbooks.commons-dev.state.gov
caprovservice.state.gov
dev.diplomacy.state.gov
auth.passportappointment.travel.state.gov
rnet.state.gov
hrex.state.gov
www.j1visa.state.gov
search.usa.gov
www.blogs.earthjustice.org
readmypins.state.gov
sni.cloudflaressl.com
exportcontrol.state.gov
*.state.gov
j1visawaiverstatus.state.gov
directory-sandbox.state.gov
webdev.colorado.edu
state.gov
virtual2.unlv.edu
research-pp.stonybrook.edu
workflows.state.gov
fsilearncenter.state.gov
5636635823702016-fe2.pantheonsite.io
covid19.playbooks.commons-dev.state.gov
deccschat.pmddtc.state.gov
upenn-it.asc.upenn.edu
*.staging.pmddtc.state.gov
*.state.gov
geonode.state.gov
alumni.state.gov
diplomacy.state.gov
www.dvlottery.state.gov
starscream.sierra.state.gov
secondarycities.geonode.state.gov
synergy.state.gov
berlinwall.state.gov
playbooks.commons-dev.state.gov
oas.icdev.de
educationusa.state.gov
test-cms.history.state.gov
PassportStatus.state.gov
*.test.state.gov
ivvcadataapi.state.gov
tfa.state.gov
sait.state.gov
sni.cloudflaressl.com
commons-dev.state.gov
refugeesmigration.playbooks.commons.state.gov
cms.history.state.gov
sni.cloudflaressl.com
akamaisecure7.qualtrics.com
bangkok.ilea.state.gov
iservices.state.gov
secondarycities.state.gov
Server3.eRecruitment.State.gov
online-auction-controlpanel.state.gov
americanenglish.state.gov
amspaces.state.gov
cert5.state.gov
hiu.state.gov
readmypins.state.gov
adgsupport.state.gov
cfsc.state.gov
jsas.state.gov
pivogr.state.gov
sni.cloudflaressl.com
qa.californiasciencecenter.ca.gov
akamaisecure7.qualtrics.com
diplomacy.state.gov
ceac.state.gov
dev.cadataapi.state.gov
Certificate
The complete raw certificate details for synergy.state.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIKTCCBxGgAwIBAgIQegtB5TPes7ojTBEI2V9urTANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y MjExMjEyMDQ0MzlaFw0yMzExMjIyMDQ0MzlaMIGAMQswCQYDVQQGEwJVUzEdMBsG A1UECBMURGlzdHJpY3Qgb2YgQ29sdW1iaWExEzARBgNVBAcTCldhc2hpbmd0b24x ITAfBgNVBAoTGFUuUy4gRGVwYXJ0bWVudCBvZiBTdGF0ZTEaMBgGA1UEAxMRc3lu ZXJneS5zdGF0ZS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/ WpVh1rO0mbX+TRFZVmk5xnjdR8bNjypZ2dr27C1jXG7O1W+HKpF4lJft8Gs50L6s Zx8cyGBuiM6C9NHsJMR6z3+6k7dIXrvon2DVWC/BmTl+8rmEGvO+brMyJA6znKuV bbmm0oUhx/Tf+/Fdou8SS+smxBmlT9gVhwlnFZPVxZuqY/sFTiMLknia6A8mm7TT vxmNUGq29zBXSZ/rleGz58FNXTnj0pkBEX/Dz+cjG3WEwkCJW0TzlYZKu3HVhKpz sh/weFWEgUyNX7bG1OIQVJ3Fd5r2U4CCBAy3G7wiRBGKlqd/DIJTOlcWbFm9AeKp DsU+WQD7MCneZZ/e76n3AgMBAAGjggRhMIIEXTAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBSfeXwbqtmk0yKT+CiABcxTbEDPnjAfBgNVHSMEGDAWgBSConB03bxTP897 1PfNf6dgxgpMvzBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9v Y3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3Qu bmV0L2wxay1jaGFpbjI1Ni5jZXIwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2Ny bC5lbnRydXN0Lm5ldC9sZXZlbDFrLmNybDCCAW4GA1UdEQSCAWUwggFhghFzeW5l cmd5LnN0YXRlLmdvdoIScmVnaXN0ZXIuc3RhdGUuZ292ghtzcGVha2VyaW52aXRh dGlvbi5zdGF0ZS5nb3aCE3BhcmV2aWV3cy5zdGF0ZS5nb3aCFmdwYWl0c3RhZ2lu Zy5zdGF0ZS5nb3aCEGZvamVtcy5zdGF0ZS5nb3aCE3RvdWNoYmFzZS5zdGF0ZS5n b3aCFHNwZWFrZXJraXQuc3RhdGUuZ292ghVwYWl0c3RhZ2luZy5zdGF0ZS5nb3aC FWdwYXNlcnZpY2VzLnN0YXRlLmdvdoIRdGltZWthdC5zdGF0ZS5nb3aCFnBhY2xl YXJhbmNlcy5zdGF0ZS5nb3aCEm1vYmlsZXBhLnN0YXRlLmdvdoIYc3BlYWtlcnJl cXVlc3Quc3RhdGUuZ292ghRwYXNlcnZpY2VzLnN0YXRlLmdvdoIUZ3BhcmV2aWV3 cy5zdGF0ZS5nb3YwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjBMBgNVHSAERTBDMDcGCmCGSAGG+mwKAQUwKTAnBggrBgEFBQcC ARYbaHR0cHM6Ly93d3cuZW50cnVzdC5uZXQvcnBhMAgGBmeBDAECAjCCAX0GCisG AQQB1nkCBAIEggFtBIIBaQFnAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PAD Dnk2pZoAAAGEm++RUQAABAMARzBFAiAg4MdOVM8+IQMVlw4ppQMXHCghouAONCz9 u7Kpc6xPowIhAO2BbALEBFoVqSMFW7bXjF7I2h9JYDRCtOlUN2VB1HHCAHYAVYHU whaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAGEm++RYgAABAMARzBFAiEA 4n5SZg/bsT1ebmi6sCYl8DzWG1MzjTxLmWRArUSrLB0CIEfa8bPkR3A2XYJYdeaF fJYamQ28DX/QemT+RAGgNZOnAHUA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3 fW0GvW4AAAGEm++RYQAABAMARjBEAiBxDLmOyYwlU5yTlN7PLBXuyczNcEnZfE+B uPQOYjQggwIgCqeijTG6JXP+iauidyCAE7xf5NZTALfMpTZzAquox1EwDQYJKoZI hvcNAQELBQADggEBAAiMFjvnUksC3KWgoLlOMmBsjIqopDTr3/4JBeedMqqw9+pv Tzj3DRKwEsN6QBNUPNOQ1BTWMkEpOPwr6gJ5O/oxzidrO8tb+n6lbNQm81uxBLF3 H2UaxVsCulhs2Frw1y0995tOsL/THi1ZWApAr+L0juoPe46b4PDQjigeOjjWzC+e V7eF94CzjWPrKssbC1CaO2tlrbb5AxP3q9tlXuE3KpLDpNLGJpe4jP5mEfTCvIwj Vv38QHu1yU58U+8z0pBTPnKuRrN8MQARJsI/Ws1jnIYs5E6JmH2iaXz19vRzCFSw NVKKotCpLA3Q0rWJs8YoHwFZAn6S/C19Ap3G5oU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1qVYdaztJm1/k0RWVZp OcZ43UfGzY8qWdna9uwtY1xuztVvhyqReJSX7fBrOdC+rGcfHMhgbojOgvTR7CTE es9/upO3SF676J9g1VgvwZk5fvK5hBrzvm6zMiQOs5yrlW25ptKFIcf03/vxXaLv EkvrJsQZpU/YFYcJZxWT1cWbqmP7BU4jC5J4mugPJpu0078ZjVBqtvcwV0mf65Xh s+fBTV0549KZARF/w8/nIxt1hMJAiVtE85WGSrtx1YSqc7If8HhVhIFMjV+2xtTi EFSdxXea9lOAggQMtxu8IkQRipanfwyCUzpXFmxZvQHiqQ7FPlkA+zAp3mWf3u+p 9wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 162224267267130038493370466484201942701 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-21 20:44:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-22 20:44:39 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Department of State' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'synergy.state.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24156184649089538667185338712640368549369410135269353154771559415122536778171218247988644671118627972892517676280118426517019322993498689320061847424386349579825706257458792953848870292313577849286806214096859413366471693169321655403513944651021509992081404908350934846569491627966205216712803475325658190656527550498178773464631442903961874868536264732079461093611889830543154184805886054350207809191867023357945655040679613784956016355431350672557105549848653880769760219449996425264847090238366745133092780221465310470694974745315627994848847872960861368317640980514830301412160134631532985612841768215461671971319 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9f797c1baad9a4d32293f8288005cc536c40cf9e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (357 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'synergy.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'register.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'speakerinvitation.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pareviews.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gpaitstaging.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fojems.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'touchbase.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'speakerkit.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paitstaging.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gpaservices.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'timekat.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paclearances.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobilepa.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'speakerrequest.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paservices.state.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gpareviews.state.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001849bef91510000040300473045022020e0c74e54cf3e210315970e29a503171c2821a2e00e342cfdbbb2a973ac4fa3022100ed816c02c4045a15a923055bb6d78c5ec8da1f49603442b4e954376541d471c20076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001849bef91620000040300473045022100e27e52660fdbb13d5e6e68bab02625f03cd61b53338d3c4b996440ad44ab2c1d022047daf1b3e44770365d825875e6857c961a990dbc0d7fd07a64fe4401a03593a7007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001849bef916100000403004630440220710cb98ec98c25539c9394decf2c15eec9cccd7049d97c4f81b8f40e6234208302200aa7a28d31ba2573fe89aba277208013bc5fe4d65300b7cca5367302aba8c751 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00088c163be7524b02dca5a0a0b94e32606c8c8aa8a434ebdffe0905e79d32aab0f7ea6f4f38f70d12b012c37a4013543cd390d414d632412938fc2bea02793bfa31ce276b3bcb5bfa7ea56cd426f35bb104b1771f651ac55b02ba586cd85af0d72d3df79b4eb0bfd31e2d59580a40afe2f48eea0f7b8e9be0f0d08e281e3a38d6cc2f9e57b785f780b38d63eb2acb1b0b509a3b6b65adb6f90313f7abdb655ee1372a92c3a4d2c62697b88cfe6611f4c2bc8c2356fdfc407bb5c94e7c53ef33d290533e72ae46b37c31001126c23f5acd639c862ce44e89987da2697cf5f6f4730854b035528aa2d0a92c0dd0d2b589b3c6281f0159027e92fc2d7d029dc6e685