owa.hhs.gov

- United States Department of Health & Human Services -

Issued by DigiCert TLS RSA SHA256 2020 CA1

About this certificate

This digital certificate with serial number 0a:22:96:b0:3d:35:8d:e3:38:1c:3c:f3:c3:45:ec:0f was issued on by DigiCert Inc.

With 44 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

United States Department of Health & Human Services

Organization: United States Department of Health & Human Services
State / Province: District of Columbia
Locality: Washington
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:22:96:b0:3d:35:8d:e3:38:1c:3c:f3:c3:45:ec:0f
Serial Number (int): 13471874375579821842164903503062232079
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: cf:d2:b9:51:62:4c:f3:93:d7:75:4e:85:77:01:a3:d6:67:18:a1:6c
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4

Fingerprint (sha1): 65:20:21:50:b6:be:82:f5:07:f0:5f:b8:fa:66:77:9c:4e:69:f7:4a
Fingerprint (sha256): 16:2d:00:fd:48:a3:57:d4:fc:2e:e0:62:2e:1e:72:0b:c9:d0:7c:00:14:03:cc:64:75:a5:d9:d6:f8:99:97:79

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl

Check the revocation status for certificate owa.hhs.gov

44

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for owa.hhs.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

owa.hhs.gov
activesync.hhs.gov
autodiscover.acf.hhs.gov
autodiscover.acl.hhs.gov
autodiscover.ahrq.gov
autodiscover.ahrq.hhs.gov
autodiscover.aids.gov
autodiscover.aoa.gov
autodiscover.aoa.hhs.gov
autodiscover.bioethics.gov
autodiscover.ees.hhs.gov
autodiscover.email.foh.dhhs.gov
autodiscover.fatherhood.gov
autodiscover.foh.hhs.gov
autodiscover.hhs.gov
autodiscover.os.dhhs.gov
autodiscover.os.hhs.gov
autodiscover.psc.gov
autodiscover.psc.hhs.gov
autodiscover.samhsa.gov
autodiscover.samhsa.hhs.gov
autodiscover.whaging.gov
autodiscover.whcoa.hhs.gov
exsmtp.ees.hhs.gov
webmail.hhs.gov
caspl.hhs.gov
cashhh.hhs.gov
pl-i2-exch1.ees.hhs.gov
pl-i2-exch2.ees.hhs.gov
pl-i2-exch3.ees.hhs.gov
pl-i2-exch4.ees.hhs.gov
hhh-i2-exch1.ees.hhs.gov
hhh-i2-exch2.ees.hhs.gov
hhh-i2-exch3.ees.hhs.gov
hhh-i2-exch4.ees.hhs.gov
hhh-i2-hybrid1.hhs.gov
hhh-i2-hybrid2.hhs.gov
hhh-i2-hybrid3.hhs.gov
pl-i2-hybrid1.hhs.gov
pl-i2-hybrid2.hhs.gov
pl-i2-hybrid3.hhs.gov
HIV.gov
uspreventiveservicestaskforce.org
psoppc.org

Other certificates including the domain name hhs.gov

(limited to 100 certificates)
*.hhs.gov
eroom2.bardatools.hhs.gov
wecandothis.hhs.gov
ASPRTFS.HHS.GOV
data.hhs.gov
asprgis.hhs.gov
www.imp.cob.cms.hhs.gov
tips.oig.hhs.gov
ofarr.acf.hhs.gov
psr-ui.cms.hhs.gov
actmeetingserver.hhs.gov
api-tanfdata.acf.hhs.gov
www.cms.gov
asfrombapp.hhs.gov
oralhealth.thinkculturalhealth.hhs.gov
swift.cms.hhs.gov
verilog.hhs.gov
owa.hhs.gov
portal-development.icas.hhs.gov
ncvhs.hhs.gov
TFS.CMS.HHS.GOV
forms.oig.hhs.gov
PartnerPortal.oig.hhs.gov
stg-asprportal.hhs.gov
hsmp-data.aspe.hhs.gov
eclkc.ohs.acf.hhs.gov
tst-sp2019.hhs.gov
www.cms.gov
Collider-Remote.cms.hhs.gov
*.oig.hhs.gov
adc-sfbfep1.fda.gov
stg-asprportal.hhs.gov
www.hhs.gov
nccd.cdc.gov
am.cms.hhs.gov
liheappm.acf.hhs.gov
oga.hhs.gov
www.healthcare.gov
www.cdc.gov
csportal.hhs.gov
*.dcis.hhs.gov
med.cms.hhs.gov
ufmsuat.hhs.gov
hhs.gov
prod-ndms.hhs.gov
dc1-prsmapov-01.oig.hhs.gov
www.hhs.gov
procurementforecast.hhs.gov
eftv2.cms.hhs.gov
psr-ui.cms.hhs.gov
staging.hses.ohs.acf.hhs.gov
stage.occms.acf.hhs.gov
fbistrg12c.hhs.gov
liheappm.acf.hhs.gov
impool2.fda.gov
www.cdc.gov
*.aspe.hhs.gov
emportal.hhs.gov
NDACAN.ACF.HHS.GOV
*.cloud.hhs.gov
taggs.hhs.gov
mrc-cms.hhs.gov
ocsecollab.acf.hhs.gov
collaborate-acl.hhs.gov
iknowtest.hhs.gov
collaborate-acl.hhs.gov
ncsacw.acf.hhs.gov
mec.cms.hhs.gov
akamai-san15.exacttarget.com
accelerate-integration.hhs.gov
asprprofiles.hhs.gov
www.cdc.gov
www.ahrq.gov
ghssvr-stg.hhs.gov
lms.learning.hhs.gov
Collider-aut.cms.hhs.gov
gal.hhs.gov
swift.aspr.hhs.gov
usphstraining.hhs.gov
liheapch.acf.hhs.gov
test.learning.hhs.gov
itsc-sts.o365.hhs.gov
www.safetyreporting.hhs.gov
prod-phe.hhs.gov
subscriptions.cms.hhs.gov
pl-auth01.hhsnet.hhs.gov
webinar3.cms.hhs.gov
stage.liheapch.acf.hhs.gov
www.cdc.gov
accelerate-staging.hhs.gov
www.cdc.gov
learning.hhs.gov
www.hmrffasttrac.acf.hhs.gov
accelerate-server.hhs.gov
*.aspe.hhs.gov
mail.nih.gov
pecos-fpd.cms.hhs.gov
*.cfsrportal.acf.hhs.gov
cccdpcr.thinkculturalhealth.hhs.gov
dr.itas.hhs.gov

Certificate

The complete raw certificate details for owa.hhs.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIK6jCCCdKgAwIBAgIQCiKWsD01jeM4HDzzw0XsDzANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE
aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzA1MjIwMDAwMDBa
Fw0yNDA1MTQyMzU5NTlaMIGVMQswCQYDVQQGEwJVUzEdMBsGA1UECBMURGlzdHJp
Y3Qgb2YgQ29sdW1iaWExEzARBgNVBAcTCldhc2hpbmd0b24xPDA6BgNVBAoMM1Vu
aXRlZCBTdGF0ZXMgRGVwYXJ0bWVudCBvZiBIZWFsdGggJiBIdW1hbiBTZXJ2aWNl
czEUMBIGA1UEAxMLb3dhLmhocy5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCsD6IMnfWmBCp+xnYsbcnKpXH5LAXt24rDF5W55h3VHOJUSemEVhAn
KSZ300k+Kaaueu3zOZXWcf78ITEEmT190xG7ytIy4O+oZGUBNiOPM+H10uVJI0J7
A18pI8sZbO/LFW9B+7EDnFzROK9Y7FTaWk0U8Cn9MaUmf3lX7lHCQNqsCKphWFT9
oNMv8dmlr8IXvmUcM1GQ2YymI56l8BVry807M26PDsuwaaeX9uwd2djH7y37K5+Z
vc1s1ptSaYq5mB/39C+3NTSlfRNFYwbpXvIVvTOjDMx8Fm6TUScERnX7P0lpYp3Y
4isorlp24sMsFhCTFyahjB0WoDmGe/T9AgMBAAGjggd5MIIHdTAfBgNVHSMEGDAW
gBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNVHQ4EFgQUz9K5UWJM85PXdU6FdwGj
1mcYoWwwggQjBgNVHREEggQaMIIEFoILb3dhLmhocy5nb3aCEmFjdGl2ZXN5bmMu
aGhzLmdvdoIYYXV0b2Rpc2NvdmVyLmFjZi5oaHMuZ292ghhhdXRvZGlzY292ZXIu
YWNsLmhocy5nb3aCFWF1dG9kaXNjb3Zlci5haHJxLmdvdoIZYXV0b2Rpc2NvdmVy
LmFocnEuaGhzLmdvdoIVYXV0b2Rpc2NvdmVyLmFpZHMuZ292ghRhdXRvZGlzY292
ZXIuYW9hLmdvdoIYYXV0b2Rpc2NvdmVyLmFvYS5oaHMuZ292ghphdXRvZGlzY292
ZXIuYmlvZXRoaWNzLmdvdoIYYXV0b2Rpc2NvdmVyLmVlcy5oaHMuZ292gh9hdXRv
ZGlzY292ZXIuZW1haWwuZm9oLmRoaHMuZ292ghthdXRvZGlzY292ZXIuZmF0aGVy
aG9vZC5nb3aCGGF1dG9kaXNjb3Zlci5mb2guaGhzLmdvdoIUYXV0b2Rpc2NvdmVy
Lmhocy5nb3aCGGF1dG9kaXNjb3Zlci5vcy5kaGhzLmdvdoIXYXV0b2Rpc2NvdmVy
Lm9zLmhocy5nb3aCFGF1dG9kaXNjb3Zlci5wc2MuZ292ghhhdXRvZGlzY292ZXIu
cHNjLmhocy5nb3aCF2F1dG9kaXNjb3Zlci5zYW1oc2EuZ292ghthdXRvZGlzY292
ZXIuc2FtaHNhLmhocy5nb3aCGGF1dG9kaXNjb3Zlci53aGFnaW5nLmdvdoIaYXV0
b2Rpc2NvdmVyLndoY29hLmhocy5nb3aCEmV4c210cC5lZXMuaGhzLmdvdoIPd2Vi
bWFpbC5oaHMuZ292gg1jYXNwbC5oaHMuZ292gg5jYXNoaGguaGhzLmdvdoIXcGwt
aTItZXhjaDEuZWVzLmhocy5nb3aCF3BsLWkyLWV4Y2gyLmVlcy5oaHMuZ292ghdw
bC1pMi1leGNoMy5lZXMuaGhzLmdvdoIXcGwtaTItZXhjaDQuZWVzLmhocy5nb3aC
GGhoaC1pMi1leGNoMS5lZXMuaGhzLmdvdoIYaGhoLWkyLWV4Y2gyLmVlcy5oaHMu
Z292ghhoaGgtaTItZXhjaDMuZWVzLmhocy5nb3aCGGhoaC1pMi1leGNoNC5lZXMu
aGhzLmdvdoIWaGhoLWkyLWh5YnJpZDEuaGhzLmdvdoIWaGhoLWkyLWh5YnJpZDIu
aGhzLmdvdoIWaGhoLWkyLWh5YnJpZDMuaGhzLmdvdoIVcGwtaTItaHlicmlkMS5o
aHMuZ292ghVwbC1pMi1oeWJyaWQyLmhocy5nb3aCFXBsLWkyLWh5YnJpZDMuaGhz
LmdvdoIHSElWLmdvdoIhdXNwcmV2ZW50aXZlc2VydmljZXN0YXNrZm9yY2Uub3Jn
ggpwc29wcGMub3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDovL2NybDMuZGln
aWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAyMENBMS00LmNybDBAoD6g
PIY6aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2
MjAyMENBMS00LmNybDA+BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIB
FhtodHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwfwYIKwYBBQUHAQEEczBxMCQG
CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSQYIKwYBBQUHMAKG
PWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1
NjIwMjBDQTEtMS5jcnQwCQYDVR0TBAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIB
aQFnAHUAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGIRTT2GQAA
BAMARjBEAiBx6BB24ZdKfv5/sNJ9Ra6Oj3s7lAJcAoOwk0soYDypuwIgK6N8Tvpt
XAV/oJBYdNBehgCzJ4Zh6fOcMEe6Po5ljEEAdwBIsONr2qZHNA/lagL6nTDrHFIB
y1bdLIHZu7+rOdiEcwAAAYhFNPXkAAAEAwBIMEYCIQCP2H7JJngLipTjOyVzE78W
IcOA2JYlLdDQXIbwkjEY0AIhAOF8po6U9w8J/tHS8Hf196+buIpbJOzN65DCpdkJ
oumhAHUA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGIRTT1rQAA
BAMARjBEAiAjfakx/26YdpP4DrUZIzkLHoTu9ac1Wvk3Yyac1XBbDgIgPpwLgtLw
N8a9W822Yzi//1ueAknwqRCrKnUeYogGpyEwDQYJKoZIhvcNAQELBQADggEBACyw
h/gIcLLnBPbccZfDaQfXqOBxW8/u8dFj8x/bCqECBYIObdR9dBEzo7P1RAqNVBxY
Iw3nvh7VUxNXK9XokTvdWH36SrX8Hjf/F/afttbNGo8EY3o8akmdrEhY+nC6XZEd
zZ7+cGAo66XtdyyccPG1QcbZyJy3ilDi/McBPF/WuLDdUek0iS8k859lqX+TM6vi
J5ajnwQVktK7DOebcEdM2G/aX95fCEtUkd5NvCMfbje6wFUP49bU2sRh5TGo89Au
HlcWnyvqlz2rslK4m/63r4E8+7J3DB2fwMA3Fbh5JRCesumfjJAZVNyPRrVQSZIw
bAx2qih2H2PJGLnqWlg=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA+iDJ31pgQqfsZ2LG3J
yqVx+SwF7duKwxeVueYd1RziVEnphFYQJykmd9NJPimmrnrt8zmV1nH+/CExBJk9
fdMRu8rSMuDvqGRlATYjjzPh9dLlSSNCewNfKSPLGWzvyxVvQfuxA5xc0TivWOxU
2lpNFPAp/TGlJn95V+5RwkDarAiqYVhU/aDTL/HZpa/CF75lHDNRkNmMpiOepfAV
a8vNOzNujw7LsGmnl/bsHdnYx+8t+yufmb3NbNabUmmKuZgf9/QvtzU0pX0TRWMG
6V7yFb0zowzMfBZuk1EnBEZ1+z9JaWKd2OIrKK5aduLDLBYQkxcmoYwdFqA5hnv0
/QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13471874375579821842164903503062232079
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'United States Department of Health & Human Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'owa.hhs.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21720697376253198181865071949421931235637782331892808238348745022339815708286336726297232173570591366198081410340685048109701278819286490043507827542086874552131868601920174168640867681593655538779897054806037011874997041128080517072217657709544208209805336692158960810431640634071644216078863181169590445586629505346429941334201629232966280406374918041468157992219305542970240064850022756759601999059436253861708658522317070731018223854598939028707811349131702265630973934450210923277083820859440645437401794656342065646448294264732173081448903908418963158484655409799360403284600314257371867863670819256031847904509
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							cfd2b951624cf393d7754e857701a3d66718a16c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1050 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'owa.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'activesync.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.acf.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.acl.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.ahrq.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.ahrq.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.aids.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.aoa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.aoa.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.bioethics.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.email.foh.dhhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.fatherhood.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.foh.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.os.dhhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.os.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.psc.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.psc.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.samhsa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.samhsa.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.whaging.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.whcoa.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'exsmtp.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'caspl.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cashhh.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pl-i2-exch1.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pl-i2-exch2.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pl-i2-exch3.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pl-i2-exch4.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhh-i2-exch1.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhh-i2-exch2.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhh-i2-exch3.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhh-i2-exch4.ees.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhh-i2-hybrid1.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhh-i2-hybrid2.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hhh-i2-hybrid3.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pl-i2-hybrid1.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pl-i2-hybrid2.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pl-i2-hybrid3.hhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'HIV.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uspreventiveservicestaskforce.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'psoppc.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a74000001884534f6190000040300463044022071e81076e1974a7efe7fb0d27d45ae8e8f7b3b94025c0283b0934b28603ca9bb02202ba37c4efa6d5c057fa0905874d05e8600b3278661e9f39c3047ba3e8e658c4100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001884534f5e400000403004830460221008fd87ec926780b8a94e33b257313bf1621c380d896252dd0d05c86f0923118d0022100e17ca68e94f70f09fed1d2f077f5f7af9bb88a5b24eccdeb90c2a5d909a2e9a1007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001884534f5ad00000403004630440220237da931ff6e987693f80eb51923390b1e84eef5a7355af93763269cd5705b0e02203e9c0b82d2f037c6bd5bcdb66338bfff5b9e0249f0a910ab2a751e628806a721
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002cb087f80870b2e704f6dc7197c36907d7a8e0715bcfeef1d163f31fdb0aa10205820e6dd47d741133a3b3f5440a8d541c58230de7be1ed55313572bd5e8913bdd587dfa4ab5fc1e37ff17f69fb6d6cd1a8f04637a3c6a499dac4858fa70ba5d911dcd9efe706028eba5ed772c9c70f1b541c6d9c89cb78a50e2fcc7013c5fd6b8b0dd51e934892f24f39f65a97f9333abe22796a39f041592d2bb0ce79b70474cd86fda5fde5f084b5491de4dbc231f6e37bac0550fe3d6d4dac461e531a8f3d02e1e57169f2bea973dabb252b89bfeb7af813cfbb2770c1d9fc0c03715b87925109eb2e99f8c901954dc8f46b5504992306c0c76aa28761f63c918b9ea5a58