web.mail.mil

Issued by DOD CA-21

About this certificate


This digital certificate with serial number 01:70:42 was issued on by U.S. Government .

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: Certificate contains a CRL with an non-preferred scheme ([ldap])
  • ERROR: localityName or stateOrProvinceName is required if organizationName is set
  • ERROR: stateOrProvinceName is required if organizationName is set

U.S. Government

Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Country: US

U.S. Government

Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:70:42
Serial Number (int): 94274
Serial Number lenght: 17 bits, 3 octets

SubjectKeyId: 68:d9:e9:7e:82:61:88:bf:20:bb:4d:4c:a8:88:1f:50:31:bc:70:5a
AuthorityKeyId: 09:99:13:e2:a3:d5:e7:74:d8:f6:3f:b5:dc:fb:d4:b5:16:ed:4c:d3

Fingerprint (sha1): 1a:b1:21:38:b5:62:55:e9:f8:76:de:05:3c:4a:b0:82:59:a8:ef:fa
Fingerprint (sha256): d3:e7:a1:6a:0d:8f:5d:f0:9d:f9:a6:1b:42:80:f0:e5:a8:68:eb:50:9b:3e:17:b6:f1:e8:bd:44:a5:85:72:b7

Issuing Certificate URL: http://crl.disa.mil/sign/DODCA_21.cer

Revocation information

OCSP Server: http://ocsp.disa.mil
CRL Distribution Point: http://crl.disa.mil/crl/DODCA_21.crl
CRL Distribution Point: ldap://crl.gds.disa.mil/cn%3dDOD%20CA-21%2cou%3dPKI%2cou%3dDoD%2co%3dU.S.%20Government%2cc%3dUS?certificaterevocationlist;binary

Check the revocation status for the current certificate on web.mail.mil
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Extensions

7 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

web.mail.mil
web.mail.mil
*.mail.mil
depo.csd.disa.mil

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgIDAXBCMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAlVT MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE CxMDUEtJMRIwEAYDVQQDEwlET0QgQ0EtMjEwHhcNMTEwNjExMDYyNDM4WhcNMTQw NjExMDYyNDM4WjBaMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5t ZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEVMBMGA1UEAxMMd2ViLm1h aWwubWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpHAG1uhFtjm lzUusYY5sKoHJxt/rJEfpmAm1tPzUSUTAgC6FDiUCeNt486vI9OFVZgLg+nsPzFl nNEtp7/jM5H0pd1EJlzyGRjBZ4oEjbjPs9On6bQYRbs95YYxJlMRt/EEt2Oltfgj gu/ZEXXRr6qJIDBXuB+YUlRg3ciXk2w4nS9NhSud/kFXDy8t7MC3MUxJQYzCRUZV tbzm2kJYwr98nwhialOWGNcQhi5QUocZ5BF1kQrs65gIM4JurCJdQfKdeAh6j5qi u0CNBeF/vEZw2xbxOlT1Fyzjrqn13rITyKes3KbM2I+vWuYMnasY/4ERATgcSvph HlrdW9dBcQIDAQABo4IB6jCCAeYwHwYDVR0jBBgwFoAUCZkT4qPV53TY9j+13PvU tRbtTNMwHQYDVR0OBBYEFGjZ6X6CYYi/ILtNTKiIH1AxvHBaMGMGCCsGAQUFBwEB BFcwVTAxBggrBgEFBQcwAoYlaHR0cDovL2NybC5kaXNhLm1pbC9zaWduL0RPRENB XzIxLmNlcjAgBggrBgEFBQcwAYYUaHR0cDovL29jc3AuZGlzYS5taWwwDgYDVR0P AQH/BAQDAgWgMIHDBgNVHR8EgbswgbgwKqAooCaGJGh0dHA6Ly9jcmwuZGlzYS5t aWwvY3JsL0RPRENBXzIxLmNybDCBiaCBhqCBg4aBgGxkYXA6Ly9jcmwuZ2RzLmRp c2EubWlsL2NuJTNkRE9EJTIwQ0EtMjElMmNvdSUzZFBLSSUyY291JTNkRG9EJTJj byUzZFUuUy4lMjBHb3Zlcm5tZW50JTJjYyUzZFVTP2NlcnRpZmljYXRlcmV2b2Nh dGlvbmxpc3Q7YmluYXJ5MEQGA1UdEQQ9MDuCDHdlYi5tYWlsLm1pbIIMd2ViLm1h aWwubWlsggoqLm1haWwubWlsghFkZXBvLmNzZC5kaXNhLm1pbDAjBgNVHSAEHDAa MAsGCWCGSAFlAgELBTALBglghkgBZQIBCxIwDQYJKoZIhvcNAQEFBQADggEBAA+V EFEapdXiHjSyQKS679tjeg43qdXDnCdaiB41DCAtEjdkGIj8oUSTqelCCkwp4Yd7 jI3mCkpep7huAWkT7SfbwkvSw3H+fbhVDKGczKztddTwBuuu7NynevbIqaTYYZOl ZSyV7Pd4ilAINY2hY6hq/HgwWNU69jfIeTpnUdJosE4DGDyNgjOFxL0pgDAiLhny 7I/z7iROQpEfrb1O2JZ7lxRwHm51AsUSg8MbdZf+nL1Wd/pkfP6dCyx29WWfYJP7 dCl3Wdurx0FzU8YAE6LC1nmAPO1fD+WNStyNYd9RXVfiZ81kj47oKeixZel9/9M3 fA5d/LBymsEEem8Q4Uo= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpHAG1uhFtjmlzUusYY5 sKoHJxt/rJEfpmAm1tPzUSUTAgC6FDiUCeNt486vI9OFVZgLg+nsPzFlnNEtp7/j M5H0pd1EJlzyGRjBZ4oEjbjPs9On6bQYRbs95YYxJlMRt/EEt2Oltfgjgu/ZEXXR r6qJIDBXuB+YUlRg3ciXk2w4nS9NhSud/kFXDy8t7MC3MUxJQYzCRUZVtbzm2kJY wr98nwhialOWGNcQhi5QUocZ5BF1kQrs65gIM4JurCJdQfKdeAh6j5qiu0CNBeF/ vEZw2xbxOlT1Fyzjrqn13rITyKes3KbM2I+vWuYMnasY/4ERATgcSvphHlrdW9dB cQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 94274 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DOD CA-21' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-06-11 06:24:38 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-06-11 06:24:38 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'web.mail.mil' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23047243713380623325716920750692884274881797930653228800143501900037033225557997281051842807578451266816047462120476275651550857524799634649720037597439004997853759369716265351968509779756795096590054533461006282472642898020389617220840318350631266868224763934940098599283655764839459894103093137922892898154787714327758329795137550599879247352043901670796177913030256365488888586995661416995120946850843169232225362695666535326034887296993355899453913593801771862346067498145987832456944012621031917788347433295965466428516979120549136986415441354580514083233359842733717329464594187239852343015813806418679182082417 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 099913e2a3d5e774d8f63fb5dcfbd4b516ed4cd3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 68d9e97e826188bf20bb4d4ca8881f5031bc705a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/sign/DODCA_21.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.disa.mil' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (187 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/crl/DODCA_21.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'ldap://crl.gds.disa.mil/cn%3dDOD%20CA-21%2cou%3dPKI%2cou%3dDoD%2co%3dU.S.%20Government%2cc%3dUS?certificaterevocationlist;binary' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web.mail.mil' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web.mail.mil' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.mail.mil' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'depo.csd.disa.mil' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.5 (usDODClass3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.18 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000f9510511aa5d5e21e34b240a4baefdb637a0e37a9d5c39c275a881e350c202d1237641888fca14493a9e9420a4c29e1877b8c8de60a4a5ea7b86e016913ed27dbc24bd2c371fe7db8550ca19cccaced75d4f006ebaeecdca77af6c8a9a4d86193a5652c95ecf7788a5008358da163a86afc783058d53af637c8793a6751d268b04e03183c8d823385c4bd298030222e19f2ec8ff3ee244e42911fadbd4ed8967b9714701e6e7502c51283c31b7597fe9cbd5677fa647cfe9d0b2c76f5659f6093fb74297759dbabc7417353c60013a2c2d679803ced5f0fe58d4adc8d61df515d57e267cd648f8ee829e8b165e97dffd3377c0e5dfcb0729ac1047a6f10e14a