www.healthcare.gov
- Centers for Medicare & Medicaid Services -
Issued by GeoTrust SSL CA
About this certificate
This digital certificate with serial number 03:07:42 was issued on by GeoTrust, Inc..
With 46 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Centers for Medicare & Medicaid Services
Company registration number:
SnjCOHYXf9-tPHczVOCUCA7cBJQZGELb
Organization: Centers for Medicare & Medicaid Services
Organization: Centers for Medicare & Medicaid Services
State / Province:
Maryland
Locality: Baltimore
Country: US
Locality: Baltimore
Country: US
GeoTrust, Inc.
Organization:
GeoTrust, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:07:42Serial Number (int): 198466
Serial Number lenght: 18 bits, 3 octets
SubjectKeyId: 03:e4:ae:cb:ef:11:6c:a1:7f:d8:5f:ce:34:12:ee:59:98:65:31:60
AuthorityKeyId: 42:79:54:1b:61:cd:55:2b:3e:63:d5:3c:48:57:f5:9f:fb:45:ce:4a
Fingerprint (sha1): 24:cb:46:c7:54:e5:bd:96:69:3d:a5:69:e9:57:48:73:aa:12:ce:ce
Fingerprint (sha256): 0c:be:28:4c:ae:89:45:53:a0:46:9f:1e:1f:76:74:62:ad:9a:0b:12:e4:c0:b3:40:93:bd:6a:b5:8c:45:00:e5
Issuing Certificate URL: http://gtssl-aia.geotrust.com/gtssl.crt
Revocation information
OCSP Server: http://gtssl-ocsp.geotrust.comCRL Distribution Point: http://gtssl-crl.geotrust.com/crls/gtssl.crl
Check the revocation status for certificate www.healthcare.gov
46
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.healthcare.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tmdsm.aws.healthcare.gov
ahrcvo.cms.gov
ahrc.cms.gov
eap.cms.gov
ratereview.healthcare.gov
openpaymentsdata.cms.gov
nagios.healthcare.gov
billing.healthcare.gov
github.cms.gov
ci.cms.gov
splunk.healthcare.gov
portal.cms.gov
finder.git.healthcare.gov
finder.ci.healthcare.gov
git.finder.healthcare.gov
ci.finder.healthcare.gov
api.finder.healthcare.gov
companyprofile.healthcare.gov
data.healthcare.gov
www-b.healthcare.gov
www.cuidadodesalud.gov
www-a.healthcare.gov
status.healthcare.gov
splunk.cms.gov
signup.healthcare.gov
search.healthcare.gov
reminder.healthcare.gov
prodprime.healthcare.gov
prodprime.cuidadodesalud.gov
marketplace.cms.gov
login.healthcare.gov
localhelp.healthcare.gov
jira.cms.gov
hfpp.cms.gov
finder.healthcare.gov
eidm.cms.gov
downloads.cms.gov
developer.cms.gov
cuidadodesalud.gov
confluence.cms.gov
companyprofiles.healthcare.gov
ayudalocal.cuidadodesalud.gov
assets.healthcare.gov
assets.cms.gov
www.healthcare.gov
healthcare.gov
ahrcvo.cms.gov
ahrc.cms.gov
eap.cms.gov
ratereview.healthcare.gov
openpaymentsdata.cms.gov
nagios.healthcare.gov
billing.healthcare.gov
github.cms.gov
ci.cms.gov
splunk.healthcare.gov
portal.cms.gov
finder.git.healthcare.gov
finder.ci.healthcare.gov
git.finder.healthcare.gov
ci.finder.healthcare.gov
api.finder.healthcare.gov
companyprofile.healthcare.gov
data.healthcare.gov
www-b.healthcare.gov
www.cuidadodesalud.gov
www-a.healthcare.gov
status.healthcare.gov
splunk.cms.gov
signup.healthcare.gov
search.healthcare.gov
reminder.healthcare.gov
prodprime.healthcare.gov
prodprime.cuidadodesalud.gov
marketplace.cms.gov
login.healthcare.gov
localhelp.healthcare.gov
jira.cms.gov
hfpp.cms.gov
finder.healthcare.gov
eidm.cms.gov
downloads.cms.gov
developer.cms.gov
cuidadodesalud.gov
confluence.cms.gov
companyprofiles.healthcare.gov
ayudalocal.cuidadodesalud.gov
assets.healthcare.gov
assets.cms.gov
www.healthcare.gov
healthcare.gov
Other certificates including the domain name healthcare.gov
(limited to 100 certificates)
splunk.aws.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
imp-elb.flh.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
imp-elb.flh.healthcare.gov
Certificate
The complete raw certificate details for www.healthcare.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIII7DCCB9SgAwIBAgIDAwdCMA0GCSqGSIb3DQEBBQUAMEAxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEYMBYGA1UEAxMPR2VvVHJ1c3QgU1NM IENBMB4XDTE0MTExMzAzNDQxMVoXDTE1MTExNjIxMjc0OFowga8xKTAnBgNVBAUT IFNuakNPSFlYZjktdFBIY3pWT0NVQ0E3Y0JKUVpHRUxiMQswCQYDVQQGEwJVUzER MA8GA1UECBMITWFyeWxhbmQxEjAQBgNVBAcTCUJhbHRpbW9yZTExMC8GA1UECgwo Q2VudGVycyBmb3IgTWVkaWNhcmUgJiBNZWRpY2FpZCBTZXJ2aWNlczEbMBkGA1UE AxMSd3d3LmhlYWx0aGNhcmUuZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA6suNMVkFOo9NYF3RYUujBYRiYXwU/RRiHo41IIA6xnCYtRU/85YZXGYD c2TOfsTXUS5nyR3slZAN6PRWgRMSl/u/NyxRJ/OdEGNl34Kar59nU2kQZ4BkvMT9 m1Xx4e5AYwqbEnRNI6WinwQDFlWJ0VS0i5QosLawHxja4SHCoi8EBBoXhrch/IkC +bNBCeuXb1dSKBnapgrEY/PVEUseDEnpD1SEa6At0vTkkut81/ZbEgfCiFTj5O76 xijEFXcxZEFumljGCc5+FxY+EHH3HnSIAZ3t6hHNZZCk+a7nrwHXliPUJE38fBpc +zA6AUsh/HxUlW0bARnMSHCicYiepQIDAQABo4IFfTCCBXkwHwYDVR0jBBgwFoAU QnlUG2HNVSs+Y9U8SFf1n/tFzkowDgYDVR0PAQH/BAQDAgSwMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjCCA/oGA1UdEQSCA/EwggPtghh0bWRzbS5hd3Mu aGVhbHRoY2FyZS5nb3aCDmFocmN2by5jbXMuZ292ggxhaHJjLmNtcy5nb3aCC2Vh cC5jbXMuZ292ghlyYXRlcmV2aWV3LmhlYWx0aGNhcmUuZ292ghhvcGVucGF5bWVu dHNkYXRhLmNtcy5nb3aCFW5hZ2lvcy5oZWFsdGhjYXJlLmdvdoIWYmlsbGluZy5o ZWFsdGhjYXJlLmdvdoIOZ2l0aHViLmNtcy5nb3aCCmNpLmNtcy5nb3aCFXNwbHVu ay5oZWFsdGhjYXJlLmdvdoIOcG9ydGFsLmNtcy5nb3aCGWZpbmRlci5naXQuaGVh bHRoY2FyZS5nb3aCGGZpbmRlci5jaS5oZWFsdGhjYXJlLmdvdoIZZ2l0LmZpbmRl ci5oZWFsdGhjYXJlLmdvdoIYY2kuZmluZGVyLmhlYWx0aGNhcmUuZ292ghlhcGku ZmluZGVyLmhlYWx0aGNhcmUuZ292gh1jb21wYW55cHJvZmlsZS5oZWFsdGhjYXJl LmdvdoITZGF0YS5oZWFsdGhjYXJlLmdvdoIUd3d3LWIuaGVhbHRoY2FyZS5nb3aC Fnd3dy5jdWlkYWRvZGVzYWx1ZC5nb3aCFHd3dy1hLmhlYWx0aGNhcmUuZ292ghVz dGF0dXMuaGVhbHRoY2FyZS5nb3aCDnNwbHVuay5jbXMuZ292ghVzaWdudXAuaGVh bHRoY2FyZS5nb3aCFXNlYXJjaC5oZWFsdGhjYXJlLmdvdoIXcmVtaW5kZXIuaGVh bHRoY2FyZS5nb3aCGHByb2RwcmltZS5oZWFsdGhjYXJlLmdvdoIccHJvZHByaW1l LmN1aWRhZG9kZXNhbHVkLmdvdoITbWFya2V0cGxhY2UuY21zLmdvdoIUbG9naW4u aGVhbHRoY2FyZS5nb3aCGGxvY2FsaGVscC5oZWFsdGhjYXJlLmdvdoIMamlyYS5j bXMuZ292ggxoZnBwLmNtcy5nb3aCFWZpbmRlci5oZWFsdGhjYXJlLmdvdoIMZWlk bS5jbXMuZ292ghFkb3dubG9hZHMuY21zLmdvdoIRZGV2ZWxvcGVyLmNtcy5nb3aC EmN1aWRhZG9kZXNhbHVkLmdvdoISY29uZmx1ZW5jZS5jbXMuZ292gh5jb21wYW55 cHJvZmlsZXMuaGVhbHRoY2FyZS5nb3aCHWF5dWRhbG9jYWwuY3VpZGFkb2Rlc2Fs dWQuZ292ghVhc3NldHMuaGVhbHRoY2FyZS5nb3aCDmFzc2V0cy5jbXMuZ292ghJ3 d3cuaGVhbHRoY2FyZS5nb3aCDmhlYWx0aGNhcmUuZ292MD0GA1UdHwQ2MDQwMqAw oC6GLGh0dHA6Ly9ndHNzbC1jcmwuZ2VvdHJ1c3QuY29tL2NybHMvZ3Rzc2wuY3Js MB0GA1UdDgQWBBQD5K7L7xFsoX/YX840Eu5ZmGUxYDAMBgNVHRMBAf8EAjAAMG8G CCsGAQUFBwEBBGMwYTAqBggrBgEFBQcwAYYeaHR0cDovL2d0c3NsLW9jc3AuZ2Vv dHJ1c3QuY29tMDMGCCsGAQUFBzAChidodHRwOi8vZ3Rzc2wtYWlhLmdlb3RydXN0 LmNvbS9ndHNzbC5jcnQwTAYDVR0gBEUwQzBBBgpghkgBhvhFAQc2MDMwMQYIKwYB BQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwDQYJ KoZIhvcNAQEFBQADggEBABR/hDjHxW+JLd+sTX3AmX7x1+RlW3RFrfcLMo7LgNDn Ipl0VJqBFyS2wyGL3GU1w0xVyPkFnN6+vjlO/8d0ZnuMntEWGXq3vtN8avBBrCMe jv4yuSWCyKjPIGeZ/wEpyD0t/iRUVESj0efN5H/K+L1s90yxN5D28QpaiTf7fAEN mX1+I4wdfK/YKzY/sFDZEUuqrRHNXLhbkGWf3ba4f4l6TdK6uhl19qv4/dJv1xhi cdlJIqBR2au1UtU4/u6K99W7X91dLih6nkiKrgj+BaUirG5cKVrU6ySmL+A53A+A 1VsXIdMqArFs1t3Km31WAV8+CR4mARol5tvhjyZd+9s= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6suNMVkFOo9NYF3RYUuj BYRiYXwU/RRiHo41IIA6xnCYtRU/85YZXGYDc2TOfsTXUS5nyR3slZAN6PRWgRMS l/u/NyxRJ/OdEGNl34Kar59nU2kQZ4BkvMT9m1Xx4e5AYwqbEnRNI6WinwQDFlWJ 0VS0i5QosLawHxja4SHCoi8EBBoXhrch/IkC+bNBCeuXb1dSKBnapgrEY/PVEUse DEnpD1SEa6At0vTkkut81/ZbEgfCiFTj5O76xijEFXcxZEFumljGCc5+FxY+EHH3 HnSIAZ3t6hHNZZCk+a7nrwHXliPUJE38fBpc+zA6AUsh/HxUlW0bARnMSHCicYie pQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 198466 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-11-13 03:44:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-16 21:27:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'SnjCOHYXf9-tPHczVOCUCA7cBJQZGELb' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baltimore' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Centers for Medicare & Medicaid Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.healthcare.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29640138364617409050202180123304282568185445148643792091473923384547876997002504952571677151976654167463047544260221605182500178138996587908369839283379669402767388037320654611704958503259245777180609744467830478819964934947252342336694670200143512502610315353213311097870187068049074642052597723577431448697033662468744436222866559937032766059447479333211917583396458514841324531156714884238429939839080475381632771746046392721544034316769589627178369662182862060704595113066441143576367075792142955498558395350209300067891372006310682238609067076654629286718547325060730387098093024612875542553121386297199428148901 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4279541b61cd552b3e63d53c4857f59ffb45ce4a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1009 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmdsm.aws.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ahrcvo.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ahrc.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eap.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'openpaymentsdata.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nagios.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'billing.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'github.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'splunk.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.git.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.ci.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'git.finder.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ci.finder.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofile.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-b.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-a.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'status.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'splunk.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'signup.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'search.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'reminder.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodprime.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodprime.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marketplace.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'login.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'localhelp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jira.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hfpp.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eidm.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'downloads.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'developer.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'confluence.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofiles.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ayudalocal.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthcare.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-crl.geotrust.com/crls/gtssl.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 03e4aecbef116ca17fd85fce3412ee5998653160 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-ocsp.geotrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtssl-aia.geotrust.com/gtssl.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.geotrust.com/resources/cps' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00147f8438c7c56f892ddfac4d7dc0997ef1d7e4655b7445adf70b328ecb80d0e7229974549a811724b6c3218bdc6535c34c55c8f9059cdebebe394effc774667b8c9ed116197ab7bed37c6af041ac231e8efe32b92582c8a8cf206799ff0129c83d2dfe24545444a3d1e7cde47fcaf8bd6cf74cb13790f6f10a5a8937fb7c010d997d7e238c1d7cafd82b363fb050d9114baaad11cd5cb85b90659fddb6b87f897a4dd2baba1975f6abf8fdd26fd7186271d94922a051d9abb552d538feee8af7d5bb5fdd5d2e287a9e488aae08fe05a522ac6e5c295ad4eb24a62fe039dc0f80d55b1721d32a02b16cd6ddca9b7d56015f3e091e26011a25e6dbe18f265dfbdb