orap.ihs.gov
- US Department of Health and Human Services -
Issued by HydrantID Server CA O1
About this certificate
This digital certificate with serial number 40:01:84:a5:af:1b:32:40:7a:4b:43:0e:b3:0d:f5:ba was issued on by IdenTrust.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
US Department of Health and Human Services
Organization:
US Department of Health and Human Services
State / Province:
District of Columbia
Locality: Washington
Country: US
Locality: Washington
Country: US
IdenTrust
Organization:
IdenTrust
Organization unit: HydrantID Trusted Certificate Service
Organization unit: HydrantID Trusted Certificate Service
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 40:01:84:a5:af:1b:32:40:7a:4b:43:0e:b3:0d:f5:baSerial Number (int): 85078474432000402591176803366711719354
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: fe:cc:52:83:6a:9a:5b:08:16:ce:e6:1d:21:2e:f1:eb:e0:b4:e7:31
AuthorityKeyId: 89:b8:9b:b6:9e:ed:fb:b0:c6:bd:0d:ec:67:4e:3c:a3:92:9d:2d:f9
Fingerprint (sha1): f6:b8:79:2a:75:42:7f:17:0a:71:21:89:cb:30:17:ed:ae:2f:7b:e6
Fingerprint (sha256): 1a:8a:18:ec:35:5e:1d:6a:e4:b1:45:0b:19:ac:18:c7:b9:ec:61:ea:bf:ce:4d:5c:52:2c:49:6e:85:42:ee:d2
Issuing Certificate URL: http://validation.identrust.com/certs/hydrantidcaO1.p7c
Revocation information
OCSP Server: http://commercial.ocsp.identrust.comCRL Distribution Point: http://validation.identrust.com/crl/hydrantidcao1.crl
Check the revocation status for certificate orap.ihs.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for orap.ihs.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
orap.ihs.gov
Other certificates including the domain name ihs.gov
(limited to 100 certificates)
meet.ihs.gov
i-star.ihs.gov
hq1apps.ihs.gov
SMTPALTXWAY3.ihs.gov
cesrtcaccess1.ihs.gov
www.ihs.gov
auth.ihs.gov
SMTPXWAY1.ihs.gov
dqmd.mpi.ihs.gov
seal6.ihs.gov
IHSDEV4DHAPIM.ihs.gov
ihsazuditd4dhs2.ihs.gov
h1003sjccm001-ms.d1.na.ihs.gov
SMTPXWAY1.ihs.gov
smtpre.ihs.gov
listserv.ihs.gov
h1003vcecluster.ihs.gov
SMTPXWAY4.ihs.gov
hqrnsp02.ihs.gov
mstofficeonlineapp1.ihs.gov
phradmin.ihs.gov
wstars.ihs.gov
h1003sjccm001-ms.d1.na.ihs.gov
phrperfm.ihs.gov
mstrtcaccess1.ihs.gov
webplus.ihs.gov
www.maps.ihs.gov
phr.ihs.gov
www.maps.ihs.gov
telehealthtest.ihs.gov
staging.surescripts.ihs.gov
SMTPALTXWAY1.ihs.gov
wireless.ihs.gov
SMTPXWAY1.ihs.gov
telehealthtest.ihs.gov
SMTPXWAY0.ihs.gov
SMTPALTXWAY4.ihs.gov
hqrnsp01.ihs.gov
adfs.ihs.gov
authpreview.ihs.gov
seal6.ihs.gov
hq2apps.ihs.gov
webplus.ihs.gov
vpn.remote.ihs.gov
mail.ihs.gov
hqansp02.ihs.gov
hqrcknoscfw1.ihs.gov
vpn.remote.ihs.gov
ABRSFOEXPE2.ihs.gov
hqrnsp02.ihs.gov
dtsservices.ihs.gov
aas.ihs.gov
wwwQA.ihs.gov
diabetes.ihs.gov
authpreview.ihs.gov
phrperfm.ihs.gov
orap.ihs.gov
SMTPALTXWAY4.ihs.gov
cesofficewebapp1.ihs.gov
SMTPOUT2.ihs.gov
webplus.ihs.gov
i-star.ihs.gov
i-star.ihs.gov
smtpre.ihs.gov
Gis.ihs.gov
dtsservices.ihs.gov
mdmmail1.ihs.gov
www.maps.ihs.gov
h1003sjccm001-ms.d1.na.ihs.gov
hsp.ihs.gov
doh.ihs.gov
IHSABQEXPE1.ihs.gov
hqabqdistarws01.d1.na.ihs.gov
IHSRCKEXPE1.ihs.gov
d1.na.ihs.gov
diabetes.ihs.gov
mds.ihs.gov
smtpex2.ihs.gov
4DeHXD.ihs.gov
securedata.ihs.gov
hqrcknoscfw1.ihs.gov
ABRSFOEXPE1.ihs.gov
hqansp02.ihs.gov
ftp.ihs.gov
webehrs.ihs.gov
securedata.ihs.gov
SMTPALTXWAY3.ihs.gov
cesrtcaccess1.ihs.gov
GIS.IHS.GOV
cesofficewebapp1.ihs.gov
hqansp01.ihs.gov
phr.ihs.gov
SMTPXWAY4.ihs.gov
phrperfm.ihs.gov
hqansp02.ihs.gov
SMTPALTXWAY2.ihs.gov
FacilOps.ihs.gov
SMTPALTXWAY4.ihs.gov
4DeHXT.ihs.gov
extauth.ihs.gov
i-star.ihs.gov
hq1apps.ihs.gov
SMTPALTXWAY3.ihs.gov
cesrtcaccess1.ihs.gov
www.ihs.gov
auth.ihs.gov
SMTPXWAY1.ihs.gov
dqmd.mpi.ihs.gov
seal6.ihs.gov
IHSDEV4DHAPIM.ihs.gov
ihsazuditd4dhs2.ihs.gov
h1003sjccm001-ms.d1.na.ihs.gov
SMTPXWAY1.ihs.gov
smtpre.ihs.gov
listserv.ihs.gov
h1003vcecluster.ihs.gov
SMTPXWAY4.ihs.gov
hqrnsp02.ihs.gov
mstofficeonlineapp1.ihs.gov
phradmin.ihs.gov
wstars.ihs.gov
h1003sjccm001-ms.d1.na.ihs.gov
phrperfm.ihs.gov
mstrtcaccess1.ihs.gov
webplus.ihs.gov
www.maps.ihs.gov
phr.ihs.gov
www.maps.ihs.gov
telehealthtest.ihs.gov
staging.surescripts.ihs.gov
SMTPALTXWAY1.ihs.gov
wireless.ihs.gov
SMTPXWAY1.ihs.gov
telehealthtest.ihs.gov
SMTPXWAY0.ihs.gov
SMTPALTXWAY4.ihs.gov
hqrnsp01.ihs.gov
adfs.ihs.gov
authpreview.ihs.gov
seal6.ihs.gov
hq2apps.ihs.gov
webplus.ihs.gov
vpn.remote.ihs.gov
mail.ihs.gov
hqansp02.ihs.gov
hqrcknoscfw1.ihs.gov
vpn.remote.ihs.gov
ABRSFOEXPE2.ihs.gov
hqrnsp02.ihs.gov
dtsservices.ihs.gov
aas.ihs.gov
wwwQA.ihs.gov
diabetes.ihs.gov
authpreview.ihs.gov
phrperfm.ihs.gov
orap.ihs.gov
SMTPALTXWAY4.ihs.gov
cesofficewebapp1.ihs.gov
SMTPOUT2.ihs.gov
webplus.ihs.gov
i-star.ihs.gov
i-star.ihs.gov
smtpre.ihs.gov
Gis.ihs.gov
dtsservices.ihs.gov
mdmmail1.ihs.gov
www.maps.ihs.gov
h1003sjccm001-ms.d1.na.ihs.gov
hsp.ihs.gov
doh.ihs.gov
IHSABQEXPE1.ihs.gov
hqabqdistarws01.d1.na.ihs.gov
IHSRCKEXPE1.ihs.gov
d1.na.ihs.gov
diabetes.ihs.gov
mds.ihs.gov
smtpex2.ihs.gov
4DeHXD.ihs.gov
securedata.ihs.gov
hqrcknoscfw1.ihs.gov
ABRSFOEXPE1.ihs.gov
hqansp02.ihs.gov
ftp.ihs.gov
webehrs.ihs.gov
securedata.ihs.gov
SMTPALTXWAY3.ihs.gov
cesrtcaccess1.ihs.gov
GIS.IHS.GOV
cesofficewebapp1.ihs.gov
hqansp01.ihs.gov
phr.ihs.gov
SMTPXWAY4.ihs.gov
phrperfm.ihs.gov
hqansp02.ihs.gov
SMTPALTXWAY2.ihs.gov
FacilOps.ihs.gov
SMTPALTXWAY4.ihs.gov
4DeHXT.ihs.gov
extauth.ihs.gov
Certificate
The complete raw certificate details for orap.ihs.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJzCCBQ+gAwIBAgIQQAGEpa8bMkB6S0MOsw31ujANBgkqhkiG9w0BAQsFADBy MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MS4wLAYDVQQLEyVIeWRy YW50SUQgVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlMR8wHQYDVQQDExZIeWRy YW50SUQgU2VydmVyIENBIE8xMB4XDTIyMTEyMzE4MTAyN1oXDTIzMTIyMzE4MDky N1owgY0xFTATBgNVBAMTDG9yYXAuaWhzLmdvdjEzMDEGA1UEChMqVVMgRGVwYXJ0 bWVudCBvZiBIZWFsdGggYW5kIEh1bWFuIFNlcnZpY2VzMRMwEQYDVQQHEwpXYXNo aW5ndG9uMR0wGwYDVQQIExREaXN0cmljdCBvZiBDb2x1bWJpYTELMAkGA1UEBhMC VVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoWC4MCXS+iLfw7llL fLPo8L+vO8Ye401DduXeJHmwgK8MeI+dtOvppj9LaL9LNcmLtE65kHhV3EQhhgG+ lC+jTmb4Det04O28bc1DQF54GRWSSFHs3N+c4LB8AxfmwdrN+sUA1PsNhVs5I6VX fxczLycPC26EVhhPD0hrtfuzpHKrpSSlQ5TZah1W6eNpWFERvbc5LHZuRaoxIH1d dAjVQSgFS3qOdkJXnW6bszG+ZXpgqSffUtfTRdSaivaUQ69y/7nRNO3WNZQ0Roq1 OREXG3M8wPFv/n05taRyrdlhxa7V2leDXxTfb1JgrlZ9Y4/JH5YqFlGEjzjIL6Xk jDuBAgMBAAGjggKbMIIClzAOBgNVHQ8BAf8EBAMCBaAwgYUGCCsGAQUFBwEBBHkw dzAwBggrBgEFBQcwAYYkaHR0cDovL2NvbW1lcmNpYWwub2NzcC5pZGVudHJ1c3Qu Y29tMEMGCCsGAQUFBzAChjdodHRwOi8vdmFsaWRhdGlvbi5pZGVudHJ1c3QuY29t L2NlcnRzL2h5ZHJhbnRpZGNhTzEucDdjMB8GA1UdIwQYMBaAFIm4m7ae7fuwxr0N 7GdOPKOSnS35MIIBJgYDVR0gBIIBHTCCARkwDAYKYIZIAYb5LwAGAzCCAQcGBmeB DAECAjCB/DBABggrBgEFBQcCARY0aHR0cHM6Ly9zZWN1cmUuaWRlbnRydXN0LmNv bS9jZXJ0aWZpY2F0ZXMvcG9saWN5L3RzLzCBtwYIKwYBBQUHAgIwgaoMgadUaGlz IFRydXN0SUQgU2VydmVyIENlcnRpZmljYXRlIGhhcyBiZWVuIGlzc3VlZCBpbiBh Y2NvcmRhbmNlIHdpdGggSWRlblRydXN0J3MgVHJ1c3RJRCBDZXJ0aWZpY2F0ZSBQ b2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9zZWN1cmUuaWRlbnRydXN0LmNvbS9jZXJ0 aWZpY2F0ZXMvcG9saWN5L3RzLzBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vdmFs aWRhdGlvbi5pZGVudHJ1c3QuY29tL2NybC9oeWRyYW50aWRjYW8xLmNybDAXBgNV HREEEDAOggxvcmFwLmlocy5nb3YwHQYDVR0OBBYEFP7MUoNqmlsIFs7mHSEu8evg tOcxMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjATBgorBgEEAdZ5AgQD AQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr4wRC6A6GNC3n6zAEly2NqA1eGfy 87UOsbXAZ9bLPW8VDoTFtI0luXJQ4iBTT8PP3YexESlAAp8+AB+L3rU1hT8cdMoX nv320aeq+nvhUjzuwgBduhJ4lMKparAkFyHrdoD7hNu7hBb51VTTUJhktL0yPCb5 dJSeR8FtGr3yzJXbSZ9rr9h7ylDEHZnwTIIVaZ/ROCi9uYA6K1FX8aiXK7vhEyPY cMPi3m3OvunZJrTvXAFgNg22xZxSFbhukhea5SnzKsktpbdZeW7RUi4OMix4cfQY 3PEWUxpYoU2r7+FVxnNIlkA5tt8CqxAlBDjTVJoEwtxsOBEfZeUpvTxNBg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FguDAl0voi38O5ZS3yz 6PC/rzvGHuNNQ3bl3iR5sICvDHiPnbTr6aY/S2i/SzXJi7ROuZB4VdxEIYYBvpQv o05m+A3rdODtvG3NQ0BeeBkVkkhR7NzfnOCwfAMX5sHazfrFANT7DYVbOSOlV38X My8nDwtuhFYYTw9Ia7X7s6Ryq6UkpUOU2WodVunjaVhREb23OSx2bkWqMSB9XXQI 1UEoBUt6jnZCV51um7MxvmV6YKkn31LX00XUmor2lEOvcv+50TTt1jWUNEaKtTkR FxtzPMDxb/59ObWkcq3ZYcWu1dpXg18U329SYK5WfWOPyR+WKhZRhI84yC+l5Iw7 gQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 85078474432000402591176803366711719354 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IdenTrust' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HydrantID Trusted Certificate Service' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HydrantID Server CA O1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-23 18:10:27 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-23 18:09:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'orap.ihs.gov' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US Department of Health and Human Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'District of Columbia' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29330769867236973886067616779390336977412516307849069303040188753665191554907787687194287270765683159582190695055766023207891483582301471444370239418427875882967942364216835254638281916264088113287439614622075714247994053113190150090797372473494282490653714164409055671941029178500519933590141724077498904043053738642990347723797609918240352805151554282433680388602574212191331291325897309069631699488983624481470336968042391214219565495764517494146503187483406309238162804861720185133324130437321980767344996339572262978274413516208628238182329901265524092703085071750857516145025133672639342459180660551297901804417 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://commercial.ocsp.identrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://validation.identrust.com/certs/hydrantidcaO1.p7c' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 89b89bb69eedfbb0c6bd0dec674e3ca3929d2df9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (285 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113839.0.6.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.identrust.com/certificates/policy/ts/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This TrustID Server Certificate has been issued in accordance with IdenTrust's TrustID Certificate Policy found at https://secure.identrust.com/certificates/policy/ts/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://validation.identrust.com/crl/hydrantidcao1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'orap.ihs.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fecc52836a9a5b0816cee61d212ef1ebe0b4e731 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00af8c110ba03a18d0b79facc0125cb636a0357867f2f3b50eb1b5c067d6cb3d6f150e84c5b48d25b97250e220534fc3cfdd87b1112940029f3e001f8bdeb535853f1c74ca179efdf6d1a7aafa7be1523ceec2005dba127894c2a96ab0241721eb7680fb84dbbb8416f9d554d3509864b4bd323c26f974949e47c16d1abdf2cc95db499f6bafd87bca50c41d99f04c8215699fd13828bdb9803a2b5157f1a8972bbbe11323d870c3e2de6dcebee9d926b4ef5c0160360db6c59c5215b86e92179ae529f32ac92da5b759796ed1522e0e322c7871f418dcf116531a58a14dabefe155c67348964039b6df02ab10250438d3549a04c2dc6c38111f65e529bd3c4d06