test2.healthcare.gov
Issued by R3
About this certificate
This digital certificate with serial number 04:fb:42:e2:ef:47:4a:b3:15:ca:1a:77:5d:69:76:48:d1:64 was issued on by Let's Encrypt.
With 56 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=test2.healthcare.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:fb:42:e2:ef:47:4a:b3:15:ca:1a:77:5d:69:76:48:d1:64Serial Number (int): 433948925184152587437066659018722591166820
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 11:47:96:f4:ae:7b:90:32:04:2a:48:aa:88:04:4e:35:a3:78:73:2b
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 18:dc:68:13:67:11:9b:c1:75:91:8a:1d:37:f7:a8:c5:75:78:ae:3a
Fingerprint (sha256): 0c:9b:59:1d:68:b1:99:10:d5:b3:e5:e8:2b:f2:ad:9b:08:8b:a7:73:ce:56:00:a4:2b:76:af:06:f7:e1:87:59
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate test2.healthcare.gov
56
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for test2.healthcare.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.finder.hotfix.healthcare.gov
aws-impl0.ses.api.healthcare.gov
aws-impl1a.cuidadodesalud.gov
aws-impl1a.healthcare.gov
aws-test1.cuidadodesalud.gov
aws-test1.healthcare.gov
companyprofiles.hotfix.healthcare.gov
dev-t.healthcare.gov
dev.geo.api.healthcare.gov
dev.marketplace-int.api.healthcare.gov
dev.marketplace.api.healthcare.gov
finder.hotfix.healthcare.gov
imp-t.healthcare.gov
imp.billing.healthcare.gov
imp.geo.api.healthcare.gov
imp.marketplace-int.api.healthcare.gov
imp.marketplace.api.healthcare.gov
imp1a.marketplace.api.healthcare.gov
imp1b.marketplace.api.healthcare.gov
imp2.geo.api.healthcare.gov
impl.mcr.api.healthcare.gov
impl0.dsrs.api.healthcare.gov
impl1a.mcr.api.healthcare.gov
impl1b.dsrs.api.healthcare.gov
impl1b.mcr.api.healthcare.gov
impl2.mcr.api.healthcare.gov
impl2b.ses.api.healthcare.gov
prod-t.healthcare.gov
prod.ee.cuidadodesalud.gov
prod.ee.healthcare.gov
ratereview.dev.healthcare.gov
ratereview.hotfix.healthcare.gov
ratereview.imp.healthcare.gov
ratereview.test.healthcare.gov
test-t.healthcare.gov
test.aca.api.healthcare.gov
test.geo.api.healthcare.gov
test.marketplace-int.api.healthcare.gov
test.marketplace.api.healthcare.gov
test.mcr.api.healthcare.gov
test0.dsrs.api.healthcare.gov
test0.ee.cuidadodesalud.gov
test0.ee.healthcare.gov
test0.eeshop.cuidadodesalud.gov
test0.eeshop.healthcare.gov
test0.mcr.api.healthcare.gov
test1.ee.cuidadodesalud.gov
test1.ee.healthcare.gov
test1.mcr.api.healthcare.gov
test2.healthcare.gov
test2.mcr.api.healthcare.gov
test3.mcr.api.healthcare.gov
testpe.dsrs.api.healthcare.gov
testpe.mcr.api.healthcare.gov
testpe0.mcr.api.healthcare.gov
testpe1.mcr.api.healthcare.gov
aws-impl0.ses.api.healthcare.gov
aws-impl1a.cuidadodesalud.gov
aws-impl1a.healthcare.gov
aws-test1.cuidadodesalud.gov
aws-test1.healthcare.gov
companyprofiles.hotfix.healthcare.gov
dev-t.healthcare.gov
dev.geo.api.healthcare.gov
dev.marketplace-int.api.healthcare.gov
dev.marketplace.api.healthcare.gov
finder.hotfix.healthcare.gov
imp-t.healthcare.gov
imp.billing.healthcare.gov
imp.geo.api.healthcare.gov
imp.marketplace-int.api.healthcare.gov
imp.marketplace.api.healthcare.gov
imp1a.marketplace.api.healthcare.gov
imp1b.marketplace.api.healthcare.gov
imp2.geo.api.healthcare.gov
impl.mcr.api.healthcare.gov
impl0.dsrs.api.healthcare.gov
impl1a.mcr.api.healthcare.gov
impl1b.dsrs.api.healthcare.gov
impl1b.mcr.api.healthcare.gov
impl2.mcr.api.healthcare.gov
impl2b.ses.api.healthcare.gov
prod-t.healthcare.gov
prod.ee.cuidadodesalud.gov
prod.ee.healthcare.gov
ratereview.dev.healthcare.gov
ratereview.hotfix.healthcare.gov
ratereview.imp.healthcare.gov
ratereview.test.healthcare.gov
test-t.healthcare.gov
test.aca.api.healthcare.gov
test.geo.api.healthcare.gov
test.marketplace-int.api.healthcare.gov
test.marketplace.api.healthcare.gov
test.mcr.api.healthcare.gov
test0.dsrs.api.healthcare.gov
test0.ee.cuidadodesalud.gov
test0.ee.healthcare.gov
test0.eeshop.cuidadodesalud.gov
test0.eeshop.healthcare.gov
test0.mcr.api.healthcare.gov
test1.ee.cuidadodesalud.gov
test1.ee.healthcare.gov
test1.mcr.api.healthcare.gov
test2.healthcare.gov
test2.mcr.api.healthcare.gov
test3.mcr.api.healthcare.gov
testpe.dsrs.api.healthcare.gov
testpe.mcr.api.healthcare.gov
testpe0.mcr.api.healthcare.gov
testpe1.mcr.api.healthcare.gov
Other certificates including the domain name healthcare.gov
(limited to 100 certificates)
splunk.aws.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
imp-elb.flh.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
imp-elb.flh.healthcare.gov
Certificate
The complete raw certificate details for test2.healthcare.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIILlTCCCn2gAwIBAgISBPtC4u9HSrMVyhp3XWl2SNFkMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMTQyMDEyNDFaFw0yNDAyMTIyMDEyNDBaMB8xHTAbBgNVBAMT FHRlc3QyLmhlYWx0aGNhcmUuZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAolTwdMOcNf1uqWCaMEvs1vBDV2NFjj6FgkNWfe1lrpfM1VRJqrW/apkT pQkISVW11s0G7YEdZjPsJquOLqG9Dzx7bLmvYJdUNePGUSSMatw8eYdmxL/IvF23 49XembJqnbnrwHivYHlx90pwOparNrcwpLNAVgRUFkKKkoEpKwqNvyE1zZfpiKue da0ILuFyGjtycwPKTrhG4k6uS/uVglh7N+QnYHugJVOid+V54OyqF8fzDnz/EV1k zMim/CBFqBa+UeiDH/xej6zJ0WLMiq/RPfWx1yl8oxKCitDO0v+QoFKj7D5Wr01J sVp6FMpCvVvWX+d/7UF9LxnJXKYXuwIDAQABo4IItjCCCLIwDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA MB0GA1UdDgQWBBQRR5b0rnuQMgQqSKqIBE41o3hzKzAfBgNVHSMEGDAWgBQULrMX t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0 dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu Y3Iub3JnLzCCBr0GA1UdEQSCBrQwggawgiBhcGkuZmluZGVyLmhvdGZpeC5oZWFs dGhjYXJlLmdvdoIgYXdzLWltcGwwLnNlcy5hcGkuaGVhbHRoY2FyZS5nb3aCHWF3 cy1pbXBsMWEuY3VpZGFkb2Rlc2FsdWQuZ292ghlhd3MtaW1wbDFhLmhlYWx0aGNh cmUuZ292ghxhd3MtdGVzdDEuY3VpZGFkb2Rlc2FsdWQuZ292ghhhd3MtdGVzdDEu aGVhbHRoY2FyZS5nb3aCJWNvbXBhbnlwcm9maWxlcy5ob3RmaXguaGVhbHRoY2Fy ZS5nb3aCFGRldi10LmhlYWx0aGNhcmUuZ292ghpkZXYuZ2VvLmFwaS5oZWFsdGhj YXJlLmdvdoImZGV2Lm1hcmtldHBsYWNlLWludC5hcGkuaGVhbHRoY2FyZS5nb3aC ImRldi5tYXJrZXRwbGFjZS5hcGkuaGVhbHRoY2FyZS5nb3aCHGZpbmRlci5ob3Rm aXguaGVhbHRoY2FyZS5nb3aCFGltcC10LmhlYWx0aGNhcmUuZ292ghppbXAuYmls bGluZy5oZWFsdGhjYXJlLmdvdoIaaW1wLmdlby5hcGkuaGVhbHRoY2FyZS5nb3aC JmltcC5tYXJrZXRwbGFjZS1pbnQuYXBpLmhlYWx0aGNhcmUuZ292giJpbXAubWFy a2V0cGxhY2UuYXBpLmhlYWx0aGNhcmUuZ292giRpbXAxYS5tYXJrZXRwbGFjZS5h cGkuaGVhbHRoY2FyZS5nb3aCJGltcDFiLm1hcmtldHBsYWNlLmFwaS5oZWFsdGhj YXJlLmdvdoIbaW1wMi5nZW8uYXBpLmhlYWx0aGNhcmUuZ292ghtpbXBsLm1jci5h cGkuaGVhbHRoY2FyZS5nb3aCHWltcGwwLmRzcnMuYXBpLmhlYWx0aGNhcmUuZ292 gh1pbXBsMWEubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIeaW1wbDFiLmRzcnMuYXBp LmhlYWx0aGNhcmUuZ292gh1pbXBsMWIubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIc aW1wbDIubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIdaW1wbDJiLnNlcy5hcGkuaGVh bHRoY2FyZS5nb3aCFXByb2QtdC5oZWFsdGhjYXJlLmdvdoIacHJvZC5lZS5jdWlk YWRvZGVzYWx1ZC5nb3aCFnByb2QuZWUuaGVhbHRoY2FyZS5nb3aCHXJhdGVyZXZp ZXcuZGV2LmhlYWx0aGNhcmUuZ292giByYXRlcmV2aWV3LmhvdGZpeC5oZWFsdGhj YXJlLmdvdoIdcmF0ZXJldmlldy5pbXAuaGVhbHRoY2FyZS5nb3aCHnJhdGVyZXZp ZXcudGVzdC5oZWFsdGhjYXJlLmdvdoIVdGVzdC10LmhlYWx0aGNhcmUuZ292ght0 ZXN0LmFjYS5hcGkuaGVhbHRoY2FyZS5nb3aCG3Rlc3QuZ2VvLmFwaS5oZWFsdGhj YXJlLmdvdoIndGVzdC5tYXJrZXRwbGFjZS1pbnQuYXBpLmhlYWx0aGNhcmUuZ292 giN0ZXN0Lm1hcmtldHBsYWNlLmFwaS5oZWFsdGhjYXJlLmdvdoIbdGVzdC5tY3Iu YXBpLmhlYWx0aGNhcmUuZ292gh10ZXN0MC5kc3JzLmFwaS5oZWFsdGhjYXJlLmdv doIbdGVzdDAuZWUuY3VpZGFkb2Rlc2FsdWQuZ292ghd0ZXN0MC5lZS5oZWFsdGhj YXJlLmdvdoIfdGVzdDAuZWVzaG9wLmN1aWRhZG9kZXNhbHVkLmdvdoIbdGVzdDAu ZWVzaG9wLmhlYWx0aGNhcmUuZ292ghx0ZXN0MC5tY3IuYXBpLmhlYWx0aGNhcmUu Z292ght0ZXN0MS5lZS5jdWlkYWRvZGVzYWx1ZC5nb3aCF3Rlc3QxLmVlLmhlYWx0 aGNhcmUuZ292ghx0ZXN0MS5tY3IuYXBpLmhlYWx0aGNhcmUuZ292ghR0ZXN0Mi5o ZWFsdGhjYXJlLmdvdoIcdGVzdDIubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIcdGVz dDMubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIedGVzdHBlLmRzcnMuYXBpLmhlYWx0 aGNhcmUuZ292gh10ZXN0cGUubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIedGVzdHBl MC5tY3IuYXBpLmhlYWx0aGNhcmUuZ292gh50ZXN0cGUxLm1jci5hcGkuaGVhbHRo Y2FyZS5nb3YwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1 BIHyAPAAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYvPreWx AAAEAwBHMEUCICFwlIb1DKHTpwut1XAfuPFo9HNe3Zjn0GinOgjLKulMAiEAnGkc oAgyPIrINIE5/bcYUXfFe4rG1F/Tk9oC1YRb1C0AdgB2/4g/Crb7lVHCYcz1h7o0 tKTNuyncaEIKn+ZnTFo6dAAAAYvPreaQAAAEAwBHMEUCIQDwHKSKd0kiT4MkA4Zx mAlTs5dJrCGG318BbpNsHasZzQIgf8TiWLSuxgnD3/Db4/0xVxStbMKLJoiySDGh nrAaoDAwDQYJKoZIhvcNAQELBQADggEBACYFEjPgBd+a48bVqYlLLmIUE5+LGi9n Umr1uvLewNGUYwK8KSApK8lRIBi40MwrZq6dUriEv/udUWNDwHOvPKR3xcFrrPvl CpG/ViV2XOzbxUJL/escW0XIjrwVL7dpWY7PBBI1F2lbajERffStJOw+CKRpfvIH M/7C99M8WGRmrb8WH+Nss8VGnLifetAu+B9EcM3Q6Qow9KWsdZwMCi3zISPshlpl wVr5fKfODHTP5e0/acfH3s9lE77MzfeowyKbhm8bOR0Wa3aR/1jIxIWbfL4yoJsa tjz6DyfyPVHmAMSrXYng0P9qFOPlauNe+iNGhAedinz8higJtKGjLG0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolTwdMOcNf1uqWCaMEvs 1vBDV2NFjj6FgkNWfe1lrpfM1VRJqrW/apkTpQkISVW11s0G7YEdZjPsJquOLqG9 Dzx7bLmvYJdUNePGUSSMatw8eYdmxL/IvF2349XembJqnbnrwHivYHlx90pwOpar NrcwpLNAVgRUFkKKkoEpKwqNvyE1zZfpiKueda0ILuFyGjtycwPKTrhG4k6uS/uV glh7N+QnYHugJVOid+V54OyqF8fzDnz/EV1kzMim/CBFqBa+UeiDH/xej6zJ0WLM iq/RPfWx1yl8oxKCitDO0v+QoFKj7D5Wr01JsVp6FMpCvVvWX+d/7UF9LxnJXKYX uwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 433948925184152587437066659018722591166820 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-14 20:12:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-12 20:12:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'test2.healthcare.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20492490525377150236516768457872527602955704807844832523196037799186407294509403212413424186261810016125810066120937879818851300928568263207770361426502538472410573047697565998400307805566001063391970641831608591086168701810609930275161353939070916221069458384221119098016509003813747644430823532898863983628758543526139350133050222510467851622125749522095444585746709245520419999327163786088942405905973108611431960730863136613794032620836716668134918527109176886672908787100797671194336727995113557108834596726961623212593225004669720352276774644450751053667475769234686166565636585192367864149378498933361316599739 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 114796f4ae7b9032042a48aa88044e35a378732b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1716 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws-impl0.ses.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws-impl1a.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws-impl1a.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws-test1.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws-test1.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofiles.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-t.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.marketplace-int.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp-t.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.billing.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.marketplace-int.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp1a.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp1b.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp2.geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl0.dsrs.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl1a.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl1b.dsrs.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl1b.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl2.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl2b.ses.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-t.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.ee.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.ee.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.dev.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.imp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.test.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-t.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.aca.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.marketplace-int.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.dsrs.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.ee.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.ee.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.eeshop.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.eeshop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.ee.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.ee.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test2.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test2.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test3.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testpe.dsrs.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testpe.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testpe0.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testpe1.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bcfade5b10000040300473045022021709486f50ca1d3a70badd5701fb8f168f4735edd98e7d068a73a08cb2ae94c0221009c691ca008323c8ac8348139fdb7185177c57b8ac6d45fd393da02d5845bd42d00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bcfade6900000040300473045022100f01ca48a7749224f8324038671980953b39749ac2186df5f016e936c1dab19cd02207fc4e258b4aec609c3dff0dbe3fd315714ad6cc28b2688b24831a19eb01aa030 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0026051233e005df9ae3c6d5a9894b2e6214139f8b1a2f67526af5baf2dec0d1946302bc2920292bc9512018b8d0cc2b66ae9d52b884bffb9d516343c073af3ca477c5c16bacfbe50a91bf5625765cecdbc5424bfdeb1c5b45c88ebc152fb769598ecf04123517695b6a31117df4ad24ec3e08a4697ef20733fec2f7d33c586466adbf161fe36cb3c5469cb89f7ad02ef81f4470cdd0e90a30f4a5ac759c0c0a2df32123ec865a65c15af97ca7ce0c74cfe5ed3f69c7c7decf6513becccdf7a8c3229b866f1b391d166b7691ff58c8c4859b7cbe32a09b1ab63cfa0f27f23d51e600c4ab5d89e0d0ff6a14e3e56ae35efa234684079d8a7cfc862809b4a1a32c6d