www2.cms.gov
- Centers for Medicare & Medicaid Services -
Issued by DigiCert TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 04:f2:21:7d:a8:d0:70:92:0a:c5:02:73:be:50:e8:38 was issued on by DigiCert Inc.
With 41 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Centers for Medicare & Medicaid Services
Organization:
Centers for Medicare & Medicaid Services
State / Province:
Maryland
Locality: Baltimore
Country: US
Locality: Baltimore
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:f2:21:7d:a8:d0:70:92:0a:c5:02:73:be:50:e8:38Serial Number (int): 6574127098187796385398357587968190520
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: d1:ae:87:af:c4:2a:3e:25:b2:8c:20:0b:da:56:93:6e:1e:3e:c6:25
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4
Fingerprint (sha1): 2e:80:34:2b:f8:0e:44:83:5d:f1:c6:ce:c6:47:fb:c9:5c:57:12:66
Fingerprint (sha256): 1a:fc:4d:1d:6a:c5:a9:65:51:50:9a:73:31:1b:73:f5:92:1a:87:3d:fc:8b:f7:db:a9:d5:ae:9c:db:4b:cb:1e
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
Check the revocation status for certificate www2.cms.gov
41
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www2.cms.gov
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www2.cms.gov
api.developer.cms.gov
aps.portal-beta.cms.gov
ar.ocean.cms.gov
bi.cms.gov
cloud.cms.gov
confluence.cms.gov
crowd.cms.gov
datahub.cms.gov
dev.hub.cms.gov
edit.openpaymentsdata.cms.gov
edit.pfs.data.cms.gov
elmo.portal-beta.cms.gov
fruita.momot.cms.gov
fruitb.momot.cms.gov
github.cms.gov
github.test.cms.gov
hipchat.cms.gov
iserv.nginx.backends.cms.gov
jira.cms.gov
jira.prodnr.cms.gov
load.openpaymentsdata.cms.gov
ngd-bb.cms.gov
ocean.cms.gov
pecosai.portal-beta.cms.gov
pfs.data.cms.gov
pm-analytics.insuranceoversight.cms.gov
pm.insuranceoversight.cms.gov
prod2-edit.openpaymentsdata.cms.gov
prod2-edit.pfs.data.cms.gov
prod2.openpaymentsdata.cms.gov
prod2.pfs.data.cms.gov
qic-edit.cms.gov
qic.cms.gov
savi.ocean.cms.gov
scclia.cms.gov
sei.cms.gov
splunk.healthcare.gov
tableau.bi.cms.gov
test.hub.cms.gov
vpn.aws.healthcare.gov
api.developer.cms.gov
aps.portal-beta.cms.gov
ar.ocean.cms.gov
bi.cms.gov
cloud.cms.gov
confluence.cms.gov
crowd.cms.gov
datahub.cms.gov
dev.hub.cms.gov
edit.openpaymentsdata.cms.gov
edit.pfs.data.cms.gov
elmo.portal-beta.cms.gov
fruita.momot.cms.gov
fruitb.momot.cms.gov
github.cms.gov
github.test.cms.gov
hipchat.cms.gov
iserv.nginx.backends.cms.gov
jira.cms.gov
jira.prodnr.cms.gov
load.openpaymentsdata.cms.gov
ngd-bb.cms.gov
ocean.cms.gov
pecosai.portal-beta.cms.gov
pfs.data.cms.gov
pm-analytics.insuranceoversight.cms.gov
pm.insuranceoversight.cms.gov
prod2-edit.openpaymentsdata.cms.gov
prod2-edit.pfs.data.cms.gov
prod2.openpaymentsdata.cms.gov
prod2.pfs.data.cms.gov
qic-edit.cms.gov
qic.cms.gov
savi.ocean.cms.gov
scclia.cms.gov
sei.cms.gov
splunk.healthcare.gov
tableau.bi.cms.gov
test.hub.cms.gov
vpn.aws.healthcare.gov
Other certificates including the domain name cms.gov
(limited to 100 certificates)
qpparimpl.cms.gov
meetings.cms.gov
qppcm-imp.cms.gov
eft1.feps.cms.gov
impl.qnetdashboard.cms.gov
sandbox.idp.idm.cms.gov
*.portalval.cms.gov
uat.cpms.cms.gov
clair-dev.west.cms.gov
mdctmfp.cms.gov
mearis-impl.cms.gov
www.cms.gov
go.cms.gov
dev.pds.mps.cms.gov
cmsintranet.share-test.cms.gov
hpportal.cms.gov
impl.eft.feps.cms.gov
vpnextp1.cms.gov
owa.hhs.gov
soap.hets-270-271.cms.gov
cbt-imp.cms.gov
impl.eft.cloud.cms.gov
hiosvalgateway.cms.gov
its-status.colby.edu
www.cms.gov
www.qhpcertification.cms.gov
pm-prodp.insuranceoversight.cms.gov
eua.cms.gov
imp1bi.mlms.cms.gov
www.eacms.cms.gov
www.healthcare.gov
na21-1.cdn.salesforce-communities.com
testrailentdev.cms.gov
med.cms.hhs.gov
test2.cms.gov
sasweb.radvcdat.cms.gov
sso.cms.gov
iqies.cms.gov
sg.test.vdc.midas.cms.gov
eidmi.cms.gov
imp.qlik.midas.cms.gov
imp.wcmsmedicaid.cms.gov
test.filecloud.cms.gov
HPMSDASHBOARD.CMS.GOV
search.usa.gov
masaws-l3-ws.cms.gov
hdt.cms.gov
med.cms.gov
maintenance.rapidcourt.com
www.mccm.cms.gov
hapg-dev-api.cms.gov
ns.cms.gov
mf.cms.gov
eidmhpd1.cms.gov
hics.cms.gov
cloud-marketplace.status.broadcom.com
ar.ocean.cms.gov
qppcm-imp.cms.gov
www2.cms.gov
test3-hcms-apigateway.cms.gov
val.cpi-iview.cms.gov
lifeline-auth-val.cms.gov
maistro.cms.gov
www.mccm.cms.gov
acoms-impl.cms.gov
med.cms.gov
macprodev1.cms.gov
qa.cms.gov
impl3.admin.gagateway.qnetmft.cms.gov
dns.sterda.com
dev.api-gateway.cms.gov
hglvdidr.cms.gov
prod-api.pdc.backends.cms.gov
4innovation-dev.west.cms.gov
akamaisecure7.qualtrics.com
www.healthcare.gov
test.qnetapi.cms.gov
rdradvcdat.cms.gov
meetings.cms.gov
mheiges-argocd.iqies.cms.gov
app-impl.mpsm.cms.gov
confluence.prodnr.cms.gov
dev.testrail.cms.gov
reg.hcia.cms.gov
4innovation-impl.west.cms.gov
macprotest0.cms.gov
circle-sbx.west.cms.gov
edcdpres.dc11.cms.gov
hats2.cms.gov
www.cert.cms.gov
macprodev1.cms.gov
hiosvalgateway.cms.gov
akamaisecure7.qualtrics.com
impl.cqp.cms.gov
beta.pecos.cms.gov
test.cms.gov
dev.vdc.midas.cms.gov
cmit.cms.gov
drfpval.cms.gov
impl.reg.idm.cms.gov
meetings.cms.gov
qppcm-imp.cms.gov
eft1.feps.cms.gov
impl.qnetdashboard.cms.gov
sandbox.idp.idm.cms.gov
*.portalval.cms.gov
uat.cpms.cms.gov
clair-dev.west.cms.gov
mdctmfp.cms.gov
mearis-impl.cms.gov
www.cms.gov
go.cms.gov
dev.pds.mps.cms.gov
cmsintranet.share-test.cms.gov
hpportal.cms.gov
impl.eft.feps.cms.gov
vpnextp1.cms.gov
owa.hhs.gov
soap.hets-270-271.cms.gov
cbt-imp.cms.gov
impl.eft.cloud.cms.gov
hiosvalgateway.cms.gov
its-status.colby.edu
www.cms.gov
www.qhpcertification.cms.gov
pm-prodp.insuranceoversight.cms.gov
eua.cms.gov
imp1bi.mlms.cms.gov
www.eacms.cms.gov
www.healthcare.gov
na21-1.cdn.salesforce-communities.com
testrailentdev.cms.gov
med.cms.hhs.gov
test2.cms.gov
sasweb.radvcdat.cms.gov
sso.cms.gov
iqies.cms.gov
sg.test.vdc.midas.cms.gov
eidmi.cms.gov
imp.qlik.midas.cms.gov
imp.wcmsmedicaid.cms.gov
test.filecloud.cms.gov
HPMSDASHBOARD.CMS.GOV
search.usa.gov
masaws-l3-ws.cms.gov
hdt.cms.gov
med.cms.gov
maintenance.rapidcourt.com
www.mccm.cms.gov
hapg-dev-api.cms.gov
ns.cms.gov
mf.cms.gov
eidmhpd1.cms.gov
hics.cms.gov
cloud-marketplace.status.broadcom.com
ar.ocean.cms.gov
qppcm-imp.cms.gov
www2.cms.gov
test3-hcms-apigateway.cms.gov
val.cpi-iview.cms.gov
lifeline-auth-val.cms.gov
maistro.cms.gov
www.mccm.cms.gov
acoms-impl.cms.gov
med.cms.gov
macprodev1.cms.gov
qa.cms.gov
impl3.admin.gagateway.qnetmft.cms.gov
dns.sterda.com
dev.api-gateway.cms.gov
hglvdidr.cms.gov
prod-api.pdc.backends.cms.gov
4innovation-dev.west.cms.gov
akamaisecure7.qualtrics.com
www.healthcare.gov
test.qnetapi.cms.gov
rdradvcdat.cms.gov
meetings.cms.gov
mheiges-argocd.iqies.cms.gov
app-impl.mpsm.cms.gov
confluence.prodnr.cms.gov
dev.testrail.cms.gov
reg.hcia.cms.gov
4innovation-impl.west.cms.gov
macprotest0.cms.gov
circle-sbx.west.cms.gov
edcdpres.dc11.cms.gov
hats2.cms.gov
www.cert.cms.gov
macprodev1.cms.gov
hiosvalgateway.cms.gov
akamaisecure7.qualtrics.com
impl.cqp.cms.gov
beta.pecos.cms.gov
test.cms.gov
dev.vdc.midas.cms.gov
cmit.cms.gov
drfpval.cms.gov
impl.reg.idm.cms.gov
Certificate
The complete raw certificate details for www2.cms.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJajCCCFKgAwIBAgIQBPIhfajQcJIKxQJzvlDoODANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzA2MTMwMDAwMDBa Fw0yMzEyMjAyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhNYXJ5bGFu ZDESMBAGA1UEBxMJQmFsdGltb3JlMTEwLwYDVQQKDChDZW50ZXJzIGZvciBNZWRp Y2FyZSAmIE1lZGljYWlkIFNlcnZpY2VzMRUwEwYDVQQDEwx3d3cyLmNtcy5nb3Yw WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARdJfI3uo/VeyM7GIG3dzCfLa9wrPxQ UaLaLErlhWontS+dPJQM+iAIzyqLxvQ983OLw99Y3APBIX30KUWOPoOAo4IG3DCC BtgwHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTaD5iyxZV2ufQwHQYDVR0OBBYEFNGu h6/EKj4lsowgC9pWk24ePsYlMIIDhAYDVR0RBIIDezCCA3eCDHd3dzIuY21zLmdv doIVYXBpLmRldmVsb3Blci5jbXMuZ292ghdhcHMucG9ydGFsLWJldGEuY21zLmdv doIQYXIub2NlYW4uY21zLmdvdoIKYmkuY21zLmdvdoINY2xvdWQuY21zLmdvdoIS Y29uZmx1ZW5jZS5jbXMuZ292gg1jcm93ZC5jbXMuZ292gg9kYXRhaHViLmNtcy5n b3aCD2Rldi5odWIuY21zLmdvdoIdZWRpdC5vcGVucGF5bWVudHNkYXRhLmNtcy5n b3aCFWVkaXQucGZzLmRhdGEuY21zLmdvdoIYZWxtby5wb3J0YWwtYmV0YS5jbXMu Z292ghRmcnVpdGEubW9tb3QuY21zLmdvdoIUZnJ1aXRiLm1vbW90LmNtcy5nb3aC DmdpdGh1Yi5jbXMuZ292ghNnaXRodWIudGVzdC5jbXMuZ292gg9oaXBjaGF0LmNt cy5nb3aCHGlzZXJ2Lm5naW54LmJhY2tlbmRzLmNtcy5nb3aCDGppcmEuY21zLmdv doITamlyYS5wcm9kbnIuY21zLmdvdoIdbG9hZC5vcGVucGF5bWVudHNkYXRhLmNt cy5nb3aCDm5nZC1iYi5jbXMuZ292gg1vY2Vhbi5jbXMuZ292ghtwZWNvc2FpLnBv cnRhbC1iZXRhLmNtcy5nb3aCEHBmcy5kYXRhLmNtcy5nb3aCJ3BtLWFuYWx5dGlj cy5pbnN1cmFuY2VvdmVyc2lnaHQuY21zLmdvdoIdcG0uaW5zdXJhbmNlb3ZlcnNp Z2h0LmNtcy5nb3aCI3Byb2QyLWVkaXQub3BlbnBheW1lbnRzZGF0YS5jbXMuZ292 ghtwcm9kMi1lZGl0LnBmcy5kYXRhLmNtcy5nb3aCHnByb2QyLm9wZW5wYXltZW50 c2RhdGEuY21zLmdvdoIWcHJvZDIucGZzLmRhdGEuY21zLmdvdoIQcWljLWVkaXQu Y21zLmdvdoILcWljLmNtcy5nb3aCEnNhdmkub2NlYW4uY21zLmdvdoIOc2NjbGlh LmNtcy5nb3aCC3NlaS5jbXMuZ292ghVzcGx1bmsuaGVhbHRoY2FyZS5nb3aCEnRh YmxlYXUuYmkuY21zLmdvdoIQdGVzdC5odWIuY21zLmdvdoIWdnBuLmF3cy5oZWFs dGhjYXJlLmdvdjAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2lj ZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEtNC5jcmwwQKA+oDyG Omh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIw MjBDQTEtNC5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYb aHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMH8GCCsGAQUFBwEBBHMwcTAkBggr BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1o dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYy MDIwQ0ExLTEuY3J0MAkGA1UdEwQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsB aQB1AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABiLVYjTIAAAQD AEYwRAIgQNm9IV6A487R2iaREPzhRLyE8vFZbheTYZjFNp2pGzYCIBM0VkZwSbEV iXKOH/+yj2ThXf0Nkf9QNHPFgyIUsacSAHcAs3N3B+GEUPhjhtYFqdwRCUp5LbFn DAuH3PADDnk2pZoAAAGItViNNQAABAMASDBGAiEArgoTNZHlDZshAVK4kvd7y2Ms x1Dmg7Mz3KtMQZ+sUkICIQD/3oT7EnoNkl67KbsWHnAoLFXv64RSeX9ghSx+aZVc iQB3AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLVYjKkAAAQD AEgwRgIhALlSbHp29kA7MiAspqsfErJcMRt48YIgrOqmDOLVdxKhAiEAmr5O3tRU QIgLPAGZVrum0QcXC+6vco9Z5ZMqxUzYVwgwDQYJKoZIhvcNAQELBQADggEBAJQd vNCJxxKFcvvLkcMcPOnQN5+OS2dIRBtVheDs3ibz+x1Pn2zPRvKJbo//JUlfKrcK rMOWGgSoCl2DaMZijnN6cqdxsF7zzYcc2BGf1nRbJpGxboXwEMz/4+maeTvZq8rj 96TwGAdgts5FMEgm1leBu7Ilm7vyftVQ3qQ8UfjuyxUqc5U5UGCscTLla01KyAUk 6tBMWZDK3xNYXJZ7I2j2/ajfWkJWtNOvCaouRXqiOQlr6MBpCgvqZFni5ajBNgfQ 4rAX7i+zsg51hRKluLi/L0dJVuX4wJnzRUXjlQqtwUOsBhKiYw/XkeN/1iHigLc9 ub65DJN46RG6iagU63s= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXSXyN7qP1XsjOxiBt3cwny2vcKz8 UFGi2ixK5YVqJ7UvnTyUDPogCM8qi8b0PfNzi8PfWNwDwSF99ClFjj6DgA== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6574127098187796385398357587968190520 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-20 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baltimore' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Centers for Medicare & Medicaid Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www2.cms.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 00045d25f237ba8fd57b233b1881b777309f2daf70acfc5051a2da2c4ae5856a27b52f9d3c940cfa2008cf2a8bc6f43df3738bc3df58dc03c1217df429458e3e8380 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d1ae87afc42a3e25b28c200bda56936e1e3ec625 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (891 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.developer.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aps.portal-beta.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ar.ocean.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bi.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cloud.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'confluence.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crowd.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'datahub.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.hub.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edit.openpaymentsdata.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edit.pfs.data.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'elmo.portal-beta.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fruita.momot.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fruitb.momot.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'github.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'github.test.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hipchat.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iserv.nginx.backends.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jira.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jira.prodnr.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'load.openpaymentsdata.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ngd-bb.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ocean.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pecosai.portal-beta.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pfs.data.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pm-analytics.insuranceoversight.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pm.insuranceoversight.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod2-edit.openpaymentsdata.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod2-edit.pfs.data.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod2.openpaymentsdata.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prod2.pfs.data.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qic-edit.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qic.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'savi.ocean.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scclia.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sei.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'splunk.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tableau.bi.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.hub.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpn.aws.healthcare.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (115 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000188b5588d320000040300463044022040d9bd215e80e3ced1da269110fce144bc84f2f1596e17936198c5369da91b360220133456467049b11589728e1fffb28f64e15dfd0d91ff503473c5832214b1a712007700b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000188b5588d350000040300483046022100ae0a133591e50d9b210152b892f77bcb632cc750e683b333dcab4c419fac5242022100ffde84fb127a0d925ebb29bb161e70282c55efeb8452797f60852c7e69955c890077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000188b5588ca90000040300483046022100b9526c7a76f6403b32202ca6ab1f12b25c311b78f18220aceaa60ce2d57712a10221009abe4eded45440880b3c019956bba6d107170beeaf728f59e5932ac54cd85708 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00941dbcd089c7128572fbcb91c31c3ce9d0379f8e4b6748441b5585e0ecde26f3fb1d4f9f6ccf46f2896e8fff25495f2ab70aacc3961a04a80a5d8368c6628e737a72a771b05ef3cd871cd8119fd6745b2691b16e85f010ccffe3e99a793bd9abcae3f7a4f0180760b6ce45304826d65781bbb2259bbbf27ed550dea43c51f8eecb152a7395395060ac7132e56b4d4ac80524ead04c5990cadf13585c967b2368f6fda8df5a4256b4d3af09aa2e457aa239096be8c0690a0bea6459e2e5a8c13607d0e2b017ee2fb3b20e758512a5b8b8bf2f474956e5f8c099f34545e3950aadc143ac0612a2630fd791e37fd621e280b73db9beb90c9378e911ba89a814eb7b