test2.healthcare.gov
- Centers for Medicare & Medicaid Services -
Issued by GeoTrust SSL CA - G3
About this certificate
This digital certificate with serial number 28:de:e5:0f:39:10:5b:f8:79:db:29:ce:56:c6:c0:74 was issued on by GeoTrust Inc..
With 49 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Centers for Medicare & Medicaid Services
Organization:
Centers for Medicare & Medicaid Services
Organization unit: OIS
Organization unit: OIS
State / Province:
Maryland
Locality: Windsor Mill
Country: US
Locality: Windsor Mill
Country: US
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 28:de:e5:0f:39:10:5b:f8:79:db:29:ce:56:c6:c0:74Serial Number (int): 54326455611873463288031832686480244852
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: d2:6f:f7:96:f4:85:3f:72:3c:30:7d:23:da:85:78:9b:a3:7c:5a:7c
Fingerprint (sha1): 84:a7:19:1a:4f:8f:b8:49:fb:0e:50:d0:a9:1d:90:96:23:15:0d:c4
Fingerprint (sha256): 13:ca:f8:65:76:19:69:ca:92:39:ba:57:2f:17:23:13:37:f9:f4:de:0d:89:85:2b:6c:69:63:55:f4:fe:0c:8e
Issuing Certificate URL: http://gn.symcb.com/gn.crt
Revocation information
OCSP Server: http://gn.symcd.comCRL Distribution Point: http://gn.symcb.com/gn.crl
Check the revocation status for certificate test2.healthcare.gov
49
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for test2.healthcare.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
test0.eeshop.healthcare.gov
impl1b.dsrs.api.healthcare.gov
imp2.geo.api.healthcare.gov
test1.ee.cuidadodesalud.gov
prod.ee.healthcare.gov
impl1a.mcr.api.healthcare.gov
impl0.shop.healthcare.gov
impl1b.mcr.api.healthcare.gov
api.finder.hotfix.healthcare.gov
dev-t.healthcare.gov
test.mcr.api.healthcare.gov
ratereview.test.healthcare.gov
test2.mcr.api.healthcare.gov
prod-t.healthcare.gov
imp.marketplace-int.api.healthcare.gov
test0.ee.cuidadodesalud.gov
test1.mcr.api.healthcare.gov
imp.billing.healthcare.gov
test0.dsrs.api.healthcare.gov
impl.mcr.api.healthcare.gov
dev.geo.api.healthcare.gov
imp-t.healthcare.gov
test0.eeshop.cuidadodesalud.gov
ratereview.hotfix.healthcare.gov
impl1b.shop.healthcare.gov
test.marketplace.api.healthcare.gov
test1.ee.healthcare.gov
impl1a.shop.healthcare.gov
dev.marketplace-int.api.healthcare.gov
imp.marketplace.api.healthcare.gov
test-t.healthcare.gov
test.marketplace-int.api.healthcare.gov
test.aca.api.healthcare.gov
imp.geo.api.healthcare.gov
finder.hotfix.healthcare.gov
test.geo.api.healthcare.gov
ratereview.dev.healthcare.gov
impl2.mcr.api.healthcare.gov
testpe.mcr.api.healthcare.gov
impl0.dsrs.api.healthcare.gov
ratereview.imp.healthcare.gov
imp1a.marketplace.api.healthcare.gov
companyprofiles.hotfix.healthcare.gov
imp1b.marketplace.api.healthcare.gov
test0.ee.healthcare.gov
testpe.dsrs.api.healthcare.gov
dev.marketplace.api.healthcare.gov
prod.ee.cuidadodesalud.gov
test2.healthcare.gov
impl1b.dsrs.api.healthcare.gov
imp2.geo.api.healthcare.gov
test1.ee.cuidadodesalud.gov
prod.ee.healthcare.gov
impl1a.mcr.api.healthcare.gov
impl0.shop.healthcare.gov
impl1b.mcr.api.healthcare.gov
api.finder.hotfix.healthcare.gov
dev-t.healthcare.gov
test.mcr.api.healthcare.gov
ratereview.test.healthcare.gov
test2.mcr.api.healthcare.gov
prod-t.healthcare.gov
imp.marketplace-int.api.healthcare.gov
test0.ee.cuidadodesalud.gov
test1.mcr.api.healthcare.gov
imp.billing.healthcare.gov
test0.dsrs.api.healthcare.gov
impl.mcr.api.healthcare.gov
dev.geo.api.healthcare.gov
imp-t.healthcare.gov
test0.eeshop.cuidadodesalud.gov
ratereview.hotfix.healthcare.gov
impl1b.shop.healthcare.gov
test.marketplace.api.healthcare.gov
test1.ee.healthcare.gov
impl1a.shop.healthcare.gov
dev.marketplace-int.api.healthcare.gov
imp.marketplace.api.healthcare.gov
test-t.healthcare.gov
test.marketplace-int.api.healthcare.gov
test.aca.api.healthcare.gov
imp.geo.api.healthcare.gov
finder.hotfix.healthcare.gov
test.geo.api.healthcare.gov
ratereview.dev.healthcare.gov
impl2.mcr.api.healthcare.gov
testpe.mcr.api.healthcare.gov
impl0.dsrs.api.healthcare.gov
ratereview.imp.healthcare.gov
imp1a.marketplace.api.healthcare.gov
companyprofiles.hotfix.healthcare.gov
imp1b.marketplace.api.healthcare.gov
test0.ee.healthcare.gov
testpe.dsrs.api.healthcare.gov
dev.marketplace.api.healthcare.gov
prod.ee.cuidadodesalud.gov
test2.healthcare.gov
Other certificates including the domain name healthcare.gov
(limited to 100 certificates)
splunk.aws.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
test3.healthcare.gov
Certificate
The complete raw certificate details for test2.healthcare.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIK5zCCCc+gAwIBAgIQKN7lDzkQW/h52ynOVsbAdDANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTcxMTI3MDAwMDAwWhcNMTgxMjE0MjM1 OTU5WjCBlzELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE1hcnlsYW5kMRUwEwYDVQQH DAxXaW5kc29yIE1pbGwxMTAvBgNVBAoMKENlbnRlcnMgZm9yIE1lZGljYXJlICYg TWVkaWNhaWQgU2VydmljZXMxDDAKBgNVBAsMA09JUzEdMBsGA1UEAwwUdGVzdDIu aGVhbHRoY2FyZS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDw huyVwrFdXTt0+5nfhr8Hq6AfcbDG+egNRrS7fnHcKCZYyFPd5bvD7Gs29o9/Khgi wpEvFvqd3kJu5SS3DJ4Y2f1KYKTfkwLF9KRNSu77cJbDW3k21b+aNcZdj1nvzmep AhpBGoPdUKp/432aGfgpsVfVHPc7CpXmIgm9I7zgbRUHxF8QivEuoXTJjE5EDCNz zAg0r72RVicu5JDtZRnM7IqkIt2pdHIyvgTG3PjPFbWHKW4A8ONfWG0ycU7VdPEA 11rtAtmvkDz8BYPD+jtBvcUAojKyklv8vmG0EXTCRTi84E7YnpzUpxIlS56vLP0w q+CaeeJ8PihKfM7qQLuRAgMBAAGjggd/MIIHezCCBeEGA1UdEQSCBdgwggXUght0 ZXN0MC5lZXNob3AuaGVhbHRoY2FyZS5nb3aCHmltcGwxYi5kc3JzLmFwaS5oZWFs dGhjYXJlLmdvdoIbaW1wMi5nZW8uYXBpLmhlYWx0aGNhcmUuZ292ght0ZXN0MS5l ZS5jdWlkYWRvZGVzYWx1ZC5nb3aCFnByb2QuZWUuaGVhbHRoY2FyZS5nb3aCHWlt cGwxYS5tY3IuYXBpLmhlYWx0aGNhcmUuZ292ghlpbXBsMC5zaG9wLmhlYWx0aGNh cmUuZ292gh1pbXBsMWIubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIgYXBpLmZpbmRl ci5ob3RmaXguaGVhbHRoY2FyZS5nb3aCFGRldi10LmhlYWx0aGNhcmUuZ292ght0 ZXN0Lm1jci5hcGkuaGVhbHRoY2FyZS5nb3aCHnJhdGVyZXZpZXcudGVzdC5oZWFs dGhjYXJlLmdvdoIcdGVzdDIubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIVcHJvZC10 LmhlYWx0aGNhcmUuZ292giZpbXAubWFya2V0cGxhY2UtaW50LmFwaS5oZWFsdGhj YXJlLmdvdoIbdGVzdDAuZWUuY3VpZGFkb2Rlc2FsdWQuZ292ghx0ZXN0MS5tY3Iu YXBpLmhlYWx0aGNhcmUuZ292ghppbXAuYmlsbGluZy5oZWFsdGhjYXJlLmdvdoId dGVzdDAuZHNycy5hcGkuaGVhbHRoY2FyZS5nb3aCG2ltcGwubWNyLmFwaS5oZWFs dGhjYXJlLmdvdoIaZGV2Lmdlby5hcGkuaGVhbHRoY2FyZS5nb3aCFGltcC10Lmhl YWx0aGNhcmUuZ292gh90ZXN0MC5lZXNob3AuY3VpZGFkb2Rlc2FsdWQuZ292giBy YXRlcmV2aWV3LmhvdGZpeC5oZWFsdGhjYXJlLmdvdoIaaW1wbDFiLnNob3AuaGVh bHRoY2FyZS5nb3aCI3Rlc3QubWFya2V0cGxhY2UuYXBpLmhlYWx0aGNhcmUuZ292 ghd0ZXN0MS5lZS5oZWFsdGhjYXJlLmdvdoIaaW1wbDFhLnNob3AuaGVhbHRoY2Fy ZS5nb3aCJmRldi5tYXJrZXRwbGFjZS1pbnQuYXBpLmhlYWx0aGNhcmUuZ292giJp bXAubWFya2V0cGxhY2UuYXBpLmhlYWx0aGNhcmUuZ292ghV0ZXN0LXQuaGVhbHRo Y2FyZS5nb3aCJ3Rlc3QubWFya2V0cGxhY2UtaW50LmFwaS5oZWFsdGhjYXJlLmdv doIbdGVzdC5hY2EuYXBpLmhlYWx0aGNhcmUuZ292ghppbXAuZ2VvLmFwaS5oZWFs dGhjYXJlLmdvdoIcZmluZGVyLmhvdGZpeC5oZWFsdGhjYXJlLmdvdoIbdGVzdC5n ZW8uYXBpLmhlYWx0aGNhcmUuZ292gh1yYXRlcmV2aWV3LmRldi5oZWFsdGhjYXJl LmdvdoIcaW1wbDIubWNyLmFwaS5oZWFsdGhjYXJlLmdvdoIddGVzdHBlLm1jci5h cGkuaGVhbHRoY2FyZS5nb3aCHWltcGwwLmRzcnMuYXBpLmhlYWx0aGNhcmUuZ292 gh1yYXRlcmV2aWV3LmltcC5oZWFsdGhjYXJlLmdvdoIkaW1wMWEubWFya2V0cGxh Y2UuYXBpLmhlYWx0aGNhcmUuZ292giVjb21wYW55cHJvZmlsZXMuaG90Zml4Lmhl YWx0aGNhcmUuZ292giRpbXAxYi5tYXJrZXRwbGFjZS5hcGkuaGVhbHRoY2FyZS5n b3aCF3Rlc3QwLmVlLmhlYWx0aGNhcmUuZ292gh50ZXN0cGUuZHNycy5hcGkuaGVh bHRoY2FyZS5nb3aCImRldi5tYXJrZXRwbGFjZS5hcGkuaGVhbHRoY2FyZS5nb3aC GnByb2QuZWUuY3VpZGFkb2Rlc2FsdWQuZ292ghR0ZXN0Mi5oZWFsdGhjYXJlLmdv djAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDArBgNVHR8EJDAiMCCgHqAchhpo dHRwOi8vZ24uc3ltY2IuY29tL2duLmNybDCBnQYDVR0gBIGVMIGSMIGPBgZngQwB AgIwgYQwPwYIKwYBBQUHAgEWM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNv dXJjZXMvcmVwb3NpdG9yeS9sZWdhbDBBBggrBgEFBQcCAjA1DDNodHRwczovL3d3 dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRvcnkvbGVnYWwwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFNJv95b0hT9yPDB9 I9qFeJujfFp8MFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL2du LnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL2duLnN5bWNiLmNvbS9nbi5j cnQwEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBANv7wQsh Cr3hZG3UMZoTiAaek7L6G+l1UCZsL/1io1PfhXFwYQftUFGCWeVCeOlBSEqrxqKy SMFyGrpfdizTcWk9FNcP3GrC/E2TnNzrBONt4v90g78tMTW0jVNoO8eVepA+o5LP o+Y/KRktbmEvoXi4OA8BNKySNDuHIlVa7aahVMyJ4KX3W6YuGLWoTZK2i/hR8dDT CyREBvk7KKL2xArwUQMi/ZWm6jokcH/sY60vS21lvT3OlrzGnNNMnZws87AsxUJR 7vp5gIaa2pBlH39JQq7YTEQv46T/JfsSMObF7uRd1yfu3rp3zsFFpwuhASyLOS5e bfDgYHCTOO+kvfg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8IbslcKxXV07dPuZ34a/ B6ugH3GwxvnoDUa0u35x3CgmWMhT3eW7w+xrNvaPfyoYIsKRLxb6nd5CbuUktwye GNn9SmCk35MCxfSkTUru+3CWw1t5NtW/mjXGXY9Z785nqQIaQRqD3VCqf+N9mhn4 KbFX1Rz3OwqV5iIJvSO84G0VB8RfEIrxLqF0yYxORAwjc8wINK+9kVYnLuSQ7WUZ zOyKpCLdqXRyMr4Extz4zxW1hyluAPDjX1htMnFO1XTxANda7QLZr5A8/AWDw/o7 Qb3FAKIyspJb/L5htBF0wkU4vOBO2J6c1KcSJUueryz9MKvgmnnifD4oSnzO6kC7 kQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 54326455611873463288031832686480244852 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-14 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Windsor Mill' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Centers for Medicare & Medicaid Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OIS' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'test2.healthcare.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30363726774971622057252282315928931221238960277061750388330600632305452022824783358986765217839975215882307597053433981430125811765959409544208133197335851868079039011401653042412337899398590381483462099048263350017541138615523102606910846312270484082747237966753191969201846417376085355885664085664189719843110946531481346161489646405905802048880366147704878427974921435240318548934384393499277624215543615624202553340311413946564145540090285145144032705924907820666021759870033105814461248489908884882654233939117024311326484613238485518879581495726067750186370858578342808916138039773715828576003143127092598717329 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1496 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.eeshop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl1b.dsrs.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp2.geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.ee.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.ee.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl1a.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl0.shop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl1b.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-t.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.test.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test2.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod-t.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.marketplace-int.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.ee.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.billing.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.dsrs.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp-t.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.eeshop.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl1b.shop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.ee.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl1a.shop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.marketplace-int.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test-t.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.marketplace-int.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.aca.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.dev.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl2.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testpe.mcr.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'impl0.dsrs.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.imp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp1a.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofiles.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp1b.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.ee.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testpe.dsrs.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod.ee.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test2.healthcare.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d26ff796f4853f723c307d23da85789ba37c5a7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00dbfbc10b210abde1646dd4319a1388069e93b2fa1be97550266c2ffd62a353df8571706107ed50518259e54278e941484aabc6a2b248c1721aba5f762cd371693d14d70fdc6ac2fc4d939cdceb04e36de2ff7483bf2d3135b48d53683bc7957a903ea392cfa3e63f29192d6e612fa178b8380f0134ac92343b8722555aeda6a154cc89e0a5f75ba62e18b5a84d92b68bf851f1d0d30b244406f93b28a2f6c40af0510322fd95a6ea3a24707fec63ad2f4b6d65bd3dce96bcc69cd34c9d9c2cf3b02cc54251eefa7980869ada90651f7f4942aed84c442fe3a4ff25fb1230e6c5eee45dd727eedeba77cec145a70ba1012c8b392e5e6df0e060709338efa4bdf8