mybenefits.pnnl.gov

Issued by Entrust Certification Authority - L1C

About this certificate


This digital certificate with serial number 4c:24:27:bd was issued on by Entrust, Inc. .

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present

Pacific Northwest National Laboratory

Organization: Pacific Northwest National Laboratory
State / Province: Washington
Locality: Richland
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
State / Province: Washington
Locality: Richland
Country: US

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 4c:24:27:bd
Serial Number (int): 1277437885
Serial Number lenght: 31 bits, 4 octets

SubjectKeyId: c6:4d:57:f6:fd:59:39:fe:9a:a2:94:3a:be:16:04:e0:a0:d6:18:28
AuthorityKeyId: 1e:f1:ab:89:06:f8:49:0f:01:33:77:ee:14:7a:ee:19:7c:93:28:4d

Fingerprint (sha1): 33:20:e9:fd:21:5c:9d:9a:0c:82:12:b6:44:d9:18:04:b5:91:50:2c
Fingerprint (sha256): 2a:bb:c9:0b:4f:89:57:7d:82:24:ec:ae:3c:6d:f6:70:6e:90:13:56:9e:7e:91:d3:0d:32:60:e2:a0:d2:a8:2d

Issuing Certificate URL: http://aia.entrust.net/2048-l1csha2.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1c.crl

Check the revocation status for the current certificate on mybenefits.pnnl.gov
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: mybenefits.pnnl.gov

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIETCQnvTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xNDA5MTAxOTAxMzNaFw0xODExMTAy MTQ0MDBaMIGDMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjERMA8G A1UEBxMIUmljaGxhbmQxLjAsBgNVBAoTJVBhY2lmaWMgTm9ydGh3ZXN0IE5hdGlv bmFsIExhYm9yYXRvcnkxHDAaBgNVBAMTE215YmVuZWZpdHMucG5ubC5nb3YwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCg3OZCXVgXJlyP6JyTudXb1xH 0KNJQJynU3e6anTSNyLy1niUmhrfbo40AqAsC7xFaOQD7gjwRCHItk2pMjLwL+i0 /LEruTMyzSYoXGZyE7K90akUaCBXFL2jUhiZdWC0fu1TBJvcB13UTls1NdZ9+CMK xk1KT9n+fqE/SQ6vP0HefMqHUHNCx4vABiP5k626WDhiok52LASPFA87Nyh2mF00 WQ940Dig/LXyGAN/WSNfoE2rVbF6tkofrD1kv6va0jx72Z57s+HTcGJzhsBf5vik U7zEVeYmhEguBNFAc5e6C5pFQWKF8E1qesNbTjvzTwL70CVFst+49rfMC33JAgMB AAGjggF8MIIBeDALBgNVHQ8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwMwYD VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFjLmNy bDBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1 c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlhLmVudHJ1c3QubmV0LzIwNDgt bDFjc2hhMi5jZXIwSgYDVR0gBEMwQTA1BgkqhkiG9n0HSwIwKDAmBggrBgEFBQcC ARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwCAYGZ4EMAQICMB4GA1UdEQQX MBWCE215YmVuZWZpdHMucG5ubC5nb3YwHwYDVR0jBBgwFoAUHvGriQb4SQ8BM3fu FHruGXyTKE0wHQYDVR0OBBYEFMZNV/b9WTn+mqKUOr4WBOCg1hgoMAkGA1UdEwQC MAAwDQYJKoZIhvcNAQELBQADggEBAHMZOjSEgX/7DiulR++L+Cmz/5WFo8I0tkS4 tTOWFjnSq0DUH0ZgLeBzokgvHs+MRqVpWj7xoFhMZFnX4QN/rMWrwjnGZl3YY5nB 4C7f8yLxfGYe0qlLtEf2El3zCRL4LF/0D2z3eyi8nwxbrJWDa07VM6deJpVLZtCi E+wFw7X+naI3XGvPBQ/ka6C9PkTjqaxMiKNXSvdnFoWTN0KTN1TqSliKFNhs3NLy oRLv60HboRKjeIkTAlTaE6+rV+r3jbRF6tE778COLwaNDyVKqFPs4KU4u4C+Zt5m YA0F757BKwyLGuiQPBwSBsDaXpSkBBYwPYQZPdwIqz31zAKgc1s= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoNzmQl1YFyZcj+ick7n V29cR9CjSUCcp1N3ump00jci8tZ4lJoa326ONAKgLAu8RWjkA+4I8EQhyLZNqTIy 8C/otPyxK7kzMs0mKFxmchOyvdGpFGggVxS9o1IYmXVgtH7tUwSb3Add1E5bNTXW ffgjCsZNSk/Z/n6hP0kOrz9B3nzKh1BzQseLwAYj+ZOtulg4YqJOdiwEjxQPOzco dphdNFkPeNA4oPy18hgDf1kjX6BNq1WxerZKH6w9ZL+r2tI8e9mee7Ph03Bic4bA X+b4pFO8xFXmJoRILgTRQHOXuguaRUFihfBNanrDW047808C+9AlRbLfuPa3zAt9 yQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1277437885 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1C' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-09-10 19:01:33 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-10 21:44:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Richland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Pacific Northwest National Laboratory' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mybenefits.pnnl.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24555052340566010078185785051062466843282149229099548213100726966521293340468018209394139425893407633766728823991831736618137908519171758353422642592875514205496000702108298416613469978663396785965432867220091456178532150331896476678630696322283415488605227886711348251180373381018083592366222162060017625211961520961689537224163438532927130781800611840397452462510722045080188813226532721541067951045651570521111619374518940642221778087043000715898661630603716075979529026124310943822315673830412092092744139711215296425393040124480052718183101209922026953397148398771429672260426843502337185872054088978003894435273 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/2048-l1csha2.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.75.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mybenefits.pnnl.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1ef1ab8906f8490f013377ee147aee197c93284d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c64d57f6fd5939fe9aa2943abe1604e0a0d61828 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0073193a3484817ffb0e2ba547ef8bf829b3ff9585a3c234b644b8b533961639d2ab40d41f46602de073a2482f1ecf8c46a5695a3ef1a0584c6459d7e1037facc5abc239c6665dd86399c1e02edff322f17c661ed2a94bb447f6125df30912f82c5ff40f6cf77b28bc9f0c5bac95836b4ed533a75e26954b66d0a213ec05c3b5fe9da2375c6bcf050fe46ba0bd3e44e3a9ac4c88a3574af7671685933742933754ea4a588a14d86cdcd2f2a112efeb41dba112a37889130254da13afab57eaf78db445ead13befc08e2f068d0f254aa853ece0a538bb80be66de66600d05ef9ec12b0c8b1ae8903c1c1206c0da5e94a40416303d84193ddc08ab3df5cc02a0735b