vpneast.aws.cms.gov
- Centers for Medicare & Medicaid Services -
Issued by Symantec Class 3 Secure Server CA - G4
About this certificate
This digital certificate with serial number 0c:71:ed:40:a1:6f:23:d5:f2:0a:62:a1:27:52:df:73 was issued on by Symantec Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Centers for Medicare & Medicaid Services
Organization:
Centers for Medicare & Medicaid Services
Organization unit: OIS
Organization unit: OIS
State / Province:
Maryland
Locality: Baltimore
Country: US
Locality: Baltimore
Country: US
Symantec Corporation
Organization:
Symantec Corporation
Organization unit: Symantec Trust Network
Organization unit: Symantec Trust Network
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:71:ed:40:a1:6f:23:d5:f2:0a:62:a1:27:52:df:73Serial Number (int): 16542277546073338932315741285967388531
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 5f:60:cf:61:90:55:df:84:43:14:8a:60:2a:b2:f5:7a:f4:43:18:ef
Fingerprint (sha1): a2:f4:14:01:ea:03:d4:df:de:9e:ad:b3:8b:0e:f7:fe:14:21:3d:46
Fingerprint (sha256): 10:ac:be:11:fa:ce:af:46:6f:ba:bf:12:6c:42:a9:27:6d:69:6b:7d:98:3b:c9:65:be:85:d2:bc:d5:7a:dc:3b
Issuing Certificate URL: http://ss.symcb.com/ss.crt
Revocation information
OCSP Server: http://ss.symcd.comCRL Distribution Point: http://ss.symcb.com/ss.crl
Check the revocation status for certificate vpneast.aws.cms.gov
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for vpneast.aws.cms.gov
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
vpn.aws.healthcare.gov
vpneast.aws.cms.gov
vpneast.aws.cms.gov
Other certificates including the domain name cms.gov
(limited to 100 certificates)
qpparimpl.cms.gov
meetings.cms.gov
qppcm-imp.cms.gov
eft1.feps.cms.gov
impl.qnetdashboard.cms.gov
sandbox.idp.idm.cms.gov
*.portalval.cms.gov
uat.cpms.cms.gov
clair-dev.west.cms.gov
mdctmfp.cms.gov
mearis-impl.cms.gov
www.cms.gov
go.cms.gov
dev.pds.mps.cms.gov
cmsintranet.share-test.cms.gov
hpportal.cms.gov
impl.eft.feps.cms.gov
vpnextp1.cms.gov
owa.hhs.gov
soap.hets-270-271.cms.gov
cbt-imp.cms.gov
impl.eft.cloud.cms.gov
hiosvalgateway.cms.gov
its-status.colby.edu
www.cms.gov
www.qhpcertification.cms.gov
pm-prodp.insuranceoversight.cms.gov
eua.cms.gov
imp1bi.mlms.cms.gov
www.eacms.cms.gov
www.healthcare.gov
na21-1.cdn.salesforce-communities.com
testrailentdev.cms.gov
med.cms.hhs.gov
test2.cms.gov
sasweb.radvcdat.cms.gov
sso.cms.gov
iqies.cms.gov
sg.test.vdc.midas.cms.gov
eidmi.cms.gov
imp.qlik.midas.cms.gov
imp.wcmsmedicaid.cms.gov
test.filecloud.cms.gov
HPMSDASHBOARD.CMS.GOV
search.usa.gov
masaws-l3-ws.cms.gov
hdt.cms.gov
med.cms.gov
maintenance.rapidcourt.com
www.mccm.cms.gov
hapg-dev-api.cms.gov
ns.cms.gov
mf.cms.gov
eidmhpd1.cms.gov
hics.cms.gov
cloud-marketplace.status.broadcom.com
ar.ocean.cms.gov
qppcm-imp.cms.gov
www2.cms.gov
test3-hcms-apigateway.cms.gov
val.cpi-iview.cms.gov
lifeline-auth-val.cms.gov
maistro.cms.gov
www.mccm.cms.gov
acoms-impl.cms.gov
med.cms.gov
macprodev1.cms.gov
qa.cms.gov
impl3.admin.gagateway.qnetmft.cms.gov
dns.sterda.com
dev.api-gateway.cms.gov
hglvdidr.cms.gov
prod-api.pdc.backends.cms.gov
4innovation-dev.west.cms.gov
akamaisecure7.qualtrics.com
www.healthcare.gov
test.qnetapi.cms.gov
rdradvcdat.cms.gov
meetings.cms.gov
mheiges-argocd.iqies.cms.gov
app-impl.mpsm.cms.gov
confluence.prodnr.cms.gov
dev.testrail.cms.gov
reg.hcia.cms.gov
4innovation-impl.west.cms.gov
macprotest0.cms.gov
circle-sbx.west.cms.gov
edcdpres.dc11.cms.gov
hats2.cms.gov
www.cert.cms.gov
macprodev1.cms.gov
hiosvalgateway.cms.gov
akamaisecure7.qualtrics.com
impl.cqp.cms.gov
beta.pecos.cms.gov
test.cms.gov
dev.vdc.midas.cms.gov
cmit.cms.gov
drfpval.cms.gov
impl.reg.idm.cms.gov
meetings.cms.gov
qppcm-imp.cms.gov
eft1.feps.cms.gov
impl.qnetdashboard.cms.gov
sandbox.idp.idm.cms.gov
*.portalval.cms.gov
uat.cpms.cms.gov
clair-dev.west.cms.gov
mdctmfp.cms.gov
mearis-impl.cms.gov
www.cms.gov
go.cms.gov
dev.pds.mps.cms.gov
cmsintranet.share-test.cms.gov
hpportal.cms.gov
impl.eft.feps.cms.gov
vpnextp1.cms.gov
owa.hhs.gov
soap.hets-270-271.cms.gov
cbt-imp.cms.gov
impl.eft.cloud.cms.gov
hiosvalgateway.cms.gov
its-status.colby.edu
www.cms.gov
www.qhpcertification.cms.gov
pm-prodp.insuranceoversight.cms.gov
eua.cms.gov
imp1bi.mlms.cms.gov
www.eacms.cms.gov
www.healthcare.gov
na21-1.cdn.salesforce-communities.com
testrailentdev.cms.gov
med.cms.hhs.gov
test2.cms.gov
sasweb.radvcdat.cms.gov
sso.cms.gov
iqies.cms.gov
sg.test.vdc.midas.cms.gov
eidmi.cms.gov
imp.qlik.midas.cms.gov
imp.wcmsmedicaid.cms.gov
test.filecloud.cms.gov
HPMSDASHBOARD.CMS.GOV
search.usa.gov
masaws-l3-ws.cms.gov
hdt.cms.gov
med.cms.gov
maintenance.rapidcourt.com
www.mccm.cms.gov
hapg-dev-api.cms.gov
ns.cms.gov
mf.cms.gov
eidmhpd1.cms.gov
hics.cms.gov
cloud-marketplace.status.broadcom.com
ar.ocean.cms.gov
qppcm-imp.cms.gov
www2.cms.gov
test3-hcms-apigateway.cms.gov
val.cpi-iview.cms.gov
lifeline-auth-val.cms.gov
maistro.cms.gov
www.mccm.cms.gov
acoms-impl.cms.gov
med.cms.gov
macprodev1.cms.gov
qa.cms.gov
impl3.admin.gagateway.qnetmft.cms.gov
dns.sterda.com
dev.api-gateway.cms.gov
hglvdidr.cms.gov
prod-api.pdc.backends.cms.gov
4innovation-dev.west.cms.gov
akamaisecure7.qualtrics.com
www.healthcare.gov
test.qnetapi.cms.gov
rdradvcdat.cms.gov
meetings.cms.gov
mheiges-argocd.iqies.cms.gov
app-impl.mpsm.cms.gov
confluence.prodnr.cms.gov
dev.testrail.cms.gov
reg.hcia.cms.gov
4innovation-impl.west.cms.gov
macprotest0.cms.gov
circle-sbx.west.cms.gov
edcdpres.dc11.cms.gov
hats2.cms.gov
www.cert.cms.gov
macprodev1.cms.gov
hiosvalgateway.cms.gov
akamaisecure7.qualtrics.com
impl.cqp.cms.gov
beta.pecos.cms.gov
test.cms.gov
dev.vdc.midas.cms.gov
cmit.cms.gov
drfpval.cms.gov
impl.reg.idm.cms.gov
Certificate
The complete raw certificate details for vpneast.aws.cms.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHJDCCBgygAwIBAgIQDHHtQKFvI9XyCmKhJ1LfczANBgkqhkiG9w0BAQsFADB+ MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE3MDMwMTAwMDAwMFoX DTE4MDMwMTIzNTk1OVowgZMxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhNYXJ5bGFu ZDESMBAGA1UEBwwJQmFsdGltb3JlMTEwLwYDVQQKDChDZW50ZXJzIGZvciBNZWRp Y2FyZSAmIE1lZGljYWlkIFNlcnZpY2VzMQwwCgYDVQQLDANPSVMxHDAaBgNVBAMM E3ZwbmVhc3QuYXdzLmNtcy5nb3YwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQC8OlybEEHuLccyMC9HaQRhN5ly+6dwmSAUNHa3nHcbCDEhU26j5Xb0JnZw /bnHCiWrJXyu3I9hK1flflSYhPoACSCtXcwk3lfaJppb5MpcNaBuBAZTMgQjhh4x aWhMOLKjbJLKAr8rEiPHpUqvO/I9Hl1ZQxnpR42oejxGsxh98+/iWh6CIVuULcfa XJMaNuarWVUIgYs7K6eORUXs5p1NPd8wBfmXk3oOhPdV7z7dHOU5KiyeOUJ4BCyd +tU/lyxQh7NQjBWb+kZzDEn7YyKuBlmGp7UDep5cvE6y4RXkcH2lMQhpVoyFyH3F CNEZs0tA1bWoXkZD+N0ov4Dm5b4VW9FTbwEsj7yDlRyx/Q1hA2GB+OAHwevElE3Q 77HyFkrUA7kxppB8qnIatupbW4wq0xaFo7FwfaYx6xZyjv+WwxlBCYPbARBZzqxA RjWlPSh4L8Zm6ofITuTDCPC6hd/BxAkaoOgAnwNgDQwcP/WAKAYL1vOqkqf+PTGp G6eXvBJ6nHUcQOf4dLhjyQVD8oAuTJHWZlGMY2V2vtOXim+DdtRIyQxtFGxxYT5T ydnsMB6xQxSHCrK5j+rvgjS5fn8vaVNbF0WOzN1j1ghT6/bnJpDIchI4KVg9Nuxi zweOusvuRnP9cJMndxpq7mU5yNmS4GCBsLgEw1bRArf4t8XsRQIDAQABo4IChjCC AoIwNgYDVR0RBC8wLYIWdnBuLmF3cy5oZWFsdGhjYXJlLmdvdoITdnBuZWFzdC5h d3MuY21zLmdvdjAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwYQYDVR0gBFowWDBWBgZngQwBAgIwTDAjBggr BgEFBQcCARYXaHR0cHM6Ly9kLnN5bWNiLmNvbS9jcHMwJQYIKwYBBQUHAgIwGQwX aHR0cHM6Ly9kLnN5bWNiLmNvbS9ycGEwHwYDVR0jBBgwFoAUX2DPYZBV34RDFIpg KrL1evRDGO8wKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3NzLnN5bWNiLmNvbS9z cy5jcmwwVwYIKwYBBQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vc3Muc3lt Y2QuY29tMCYGCCsGAQUFBzAChhpodHRwOi8vc3Muc3ltY2IuY29tL3NzLmNydDCC AQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyI jT0RxM227L7MAAABWor5Ei8AAAQDAEYwRAIgKddvs1p3syl+aEhhCBb/EpOreIF8 WMDjfcbtLcBYsDACIALC94Chq+qc/GqieT4jQzktjWsuqV9DIu61ZYeRIwJ6AHUA pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFaivkSbgAABAMARjBE AiBoDSbKUVxDBvKZQ/7OTErzwC9WxNUFjCcBZZVAYM1JfQIgQrdrJTjheC153r3o LOn12Nlz//hJ86MmjDWND0vPDbgwDQYJKoZIhvcNAQELBQADggEBAGabsQKIFxhr nGkarYkh9/tP4hK0J7ECrXZoOdehxiL1eDQ57lNJTvvXUamHigSvzdOyL0ctdPW8 rCXw/1Dzk7UhObRNEuMCcU/5sK9QlaR7UyDuYTKozSKuyvXFkf9nOd6L2iS/Ak4o 4UjSYg/Y9j2RMcd5IF9cYLieKWkjfwANDHvceoaXUWCvtQxkmLhk5B40LB4lFvDz uIic2O7MeT7Fh73EgltkZpP4owXLRLGcrTkh5mm7yknWuYYqy5lSbv+AQ8MQL4Qz h58cQ3C9Oan+XXAlakCup++EKJTuY5lAvVGvFUglr0bro90DTE4gmGQ0Ov7AzUAD yqhD+EKYvjU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvDpcmxBB7i3HMjAvR2kE YTeZcvuncJkgFDR2t5x3GwgxIVNuo+V29CZ2cP25xwolqyV8rtyPYStX5X5UmIT6 AAkgrV3MJN5X2iaaW+TKXDWgbgQGUzIEI4YeMWloTDiyo2ySygK/KxIjx6VKrzvy PR5dWUMZ6UeNqHo8RrMYffPv4loegiFblC3H2lyTGjbmq1lVCIGLOyunjkVF7Oad TT3fMAX5l5N6DoT3Ve8+3RzlOSosnjlCeAQsnfrVP5csUIezUIwVm/pGcwxJ+2Mi rgZZhqe1A3qeXLxOsuEV5HB9pTEIaVaMhch9xQjRGbNLQNW1qF5GQ/jdKL+A5uW+ FVvRU28BLI+8g5Ucsf0NYQNhgfjgB8HrxJRN0O+x8hZK1AO5MaaQfKpyGrbqW1uM KtMWhaOxcH2mMesWco7/lsMZQQmD2wEQWc6sQEY1pT0oeC/GZuqHyE7kwwjwuoXf wcQJGqDoAJ8DYA0MHD/1gCgGC9bzqpKn/j0xqRunl7wSepx1HEDn+HS4Y8kFQ/KA LkyR1mZRjGNldr7Tl4pvg3bUSMkMbRRscWE+U8nZ7DAesUMUhwqyuY/q74I0uX5/ L2lTWxdFjszdY9YIU+v25yaQyHISOClYPTbsYs8HjrrL7kZz/XCTJ3caau5lOcjZ kuBggbC4BMNW0QK3+LfF7EUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16542277546073338932315741285967388531 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Trust Network' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Symantec Class 3 Secure Server CA - G4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-03-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baltimore' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Centers for Medicare & Medicaid Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OIS' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'vpneast.aws.cms.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 767903143892478297600449873854764814996665479050415457698387277357480888001091387465360523986106200183395302044428366198644021886451020366622269911306564824437298753686433540453468371208806708645950656892979701778021112782834908641564567934991311053141281212790658272086425973572700412452549898822824900868884726265789860844642174089955707760734130577033100010673412795515971139265737509895968835998265500841673054031222746414453650429790346229828733357421038928489996597635627781373374184312727091372764950887868198412863978783270701029379284031790315790692338853726965179110758927252219023339519316475706549428643561129300820261055994065487496788790316413210309505947440035398321029173255857470795165029108931424732215755735721632429013024534395412997963229571733046332791108422459488320040061977069083546350451323114567619778043941229680069990226361982689801148355554603090020769547351113029736303833584765028389001607658478057444173134862267278788263935185716500189795468938828353072080268823018305590278080734756728872126576103935393396160913463561375436043739882344410887734778182810386147330346188754361981228567167176686319983637223340150307864689617340596532262210235481092724673484818274210621689006508395694652824473693253 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpn.aws.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpneast.aws.cms.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://d.symcb.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://d.symcb.com/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5f60cf619055df8443148a602ab2f57af44318ef . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ss.symcb.com/ss.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ss.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ss.symcb.com/ss.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015a8af9122f0000040300463044022029d76fb35a77b3297e6848610816ff1293ab78817c58c0e37dc6ed2dc058b030022002c2f780a1abea9cfc6aa2793e2343392d8d6b2ea95f4322eeb565879123027a007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015a8af9126e00000403004630440220680d26ca515c4306f29943fece4c4af3c02f56c4d5058c270165954060cd497d022042b76b2538e1782d79debde82ce9f5d8d973fff849f3a3268c358d0f4bcf0db8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00669bb1028817186b9c691aad8921f7fb4fe212b427b102ad766839d7a1c622f5783439ee53494efbd751a9878a04afcdd3b22f472d74f5bcac25f0ff50f393b52139b44d12e302714ff9b0af5095a47b5320ee6132a8cd22aecaf5c591ff6739de8bda24bf024e28e148d2620fd8f63d9131c779205f5c60b89e2969237f000d0c7bdc7a86975160afb50c6498b864e41e342c1e2516f0f3b8889cd8eecc793ec587bdc4825b646693f8a305cb44b19cad3921e669bbca49d6b9862acb99526eff8043c3102f8433879f1c4370bd39a9fe5d70256a40aea7ef842894ee639940bd51af154825af46eba3dd034c4e209864343afec0cd4003caa843f84298be35