www.healthcare.gov
- Centers for Medicare & Medicaid Services -
Issued by DigiCert TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 0a:1e:93:d5:e8:85:2c:6d:69:1e:1f:3e:71:c4:a5:ea was issued on by DigiCert Inc.
With 44 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Centers for Medicare & Medicaid Services
Organization:
Centers for Medicare & Medicaid Services
State / Province:
Maryland
Locality: Baltimore
Country: US
Locality: Baltimore
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0a:1e:93:d5:e8:85:2c:6d:69:1e:1f:3e:71:c4:a5:eaSerial Number (int): 13451047325377075106705891062937069034
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f4:f3:2f:40:fd:33:96:98:b0:7b:95:12:25:be:cd:69:6c:ac:b9:6e
AuthorityKeyId: b7:6b:a2:ea:a8:aa:84:8c:79:ea:b4:da:0f:98:b2:c5:95:76:b9:f4
Fingerprint (sha1): 29:13:73:53:43:56:c1:f9:88:73:b9:be:6a:f3:1d:ab:0d:2b:74:a2
Fingerprint (sha256): 27:28:5d:fe:98:5a:e8:63:bc:96:53:0f:5c:89:02:fe:52:ff:d3:d0:a2:c0:a9:22:08:08:30:9a:c7:a1:c1:e4
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-2.crl
Check the revocation status for certificate www.healthcare.gov
44
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.healthcare.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.healthcare.gov
www.cuidadodesalud.gov
www.cciio.cms.gov
styleguide.healthcare.gov
status.healthcare.gov
signup.healthcare.gov
scclia.cms.gov
ratereview.healthcare.gov
prodprime.healthcare.gov
prodprime.cuidadodesalud.gov
portalnextgen.cms.gov
portal.cms.gov
portal-theta.cms.gov
portal-beta.cms.gov
openpaymentsdata.cms.gov
marketplace.cms.gov
marketplace.api.healthcare.gov
marketplace-int.api.healthcare.gov
login.healthcare.gov
localhelp.healthcare.gov
hfpp.cms.gov
healthcare.gov
go.healthcare.gov
geo.api.healthcare.gov
finder.healthcare.gov
elmo.portal.cms.gov
eidm.cms.gov
edit.marketplace.cms.gov
edit.data.healthcare.gov
eap.cms.gov
downloads.cms.gov
developer.cms.gov
data.healthcare.gov
cuidadodesalud.gov
companyprofiles.healthcare.gov
cciio.cms.gov
billing.healthcare.gov
ayudalocal.cuidadodesalud.gov
assets.healthcare.gov
assets.cms.gov
api.finder.healthcare.gov
ahrcvo.cms.gov
ahrc.cms.gov
aca.api.healthcare.gov
www.cuidadodesalud.gov
www.cciio.cms.gov
styleguide.healthcare.gov
status.healthcare.gov
signup.healthcare.gov
scclia.cms.gov
ratereview.healthcare.gov
prodprime.healthcare.gov
prodprime.cuidadodesalud.gov
portalnextgen.cms.gov
portal.cms.gov
portal-theta.cms.gov
portal-beta.cms.gov
openpaymentsdata.cms.gov
marketplace.cms.gov
marketplace.api.healthcare.gov
marketplace-int.api.healthcare.gov
login.healthcare.gov
localhelp.healthcare.gov
hfpp.cms.gov
healthcare.gov
go.healthcare.gov
geo.api.healthcare.gov
finder.healthcare.gov
elmo.portal.cms.gov
eidm.cms.gov
edit.marketplace.cms.gov
edit.data.healthcare.gov
eap.cms.gov
downloads.cms.gov
developer.cms.gov
data.healthcare.gov
cuidadodesalud.gov
companyprofiles.healthcare.gov
cciio.cms.gov
billing.healthcare.gov
ayudalocal.cuidadodesalud.gov
assets.healthcare.gov
assets.cms.gov
api.finder.healthcare.gov
ahrcvo.cms.gov
ahrc.cms.gov
aca.api.healthcare.gov
Other certificates including the domain name healthcare.gov
(limited to 100 certificates)
splunk.aws.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
test3.healthcare.gov
Certificate
The complete raw certificate details for www.healthcare.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKkzCCCXugAwIBAgIQCh6T1eiFLG1pHh8+ccSl6jANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMzAxMjUwMDAwMDBa Fw0yNDAxMjQyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzERMA8GA1UECBMITWFyeWxh bmQxEjAQBgNVBAcTCUJhbHRpbW9yZTExMC8GA1UECgwoQ2VudGVycyBmb3IgTWVk aWNhcmUgJiBNZWRpY2FpZCBTZXJ2aWNlczEbMBkGA1UEAxMSd3d3LmhlYWx0aGNh cmUuZ292MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwioSCN9Qhk20 i/DiUQTc3gA8BC44Rgl6N4zX+HlL3vqC8+n2JVAYWYUzUrzpTaIwzHGccfrwz+ct oGOtf2+qHNkEgEXxxG6Adh8cig6fJ17MSp8boKqC94eDK1RNS2/NBZ3uRTenpTam h2HC5w0UZj+jRAx4j34j1OThbXq8ZjOgohwU4rNSsu24tZMfH6k/ods+/VtNIRz5 52tPe/CwC1CnVJ35OD0tXIiwgOOlZi3Hbxpq/ba7tdkieRUY4smYuG0Cd5ahPr+4 kHg2QES130QTz4oru9wCV8Jk0lFm19Xyi8d9JG/5iBrfDtOUOFXZqNGZ5WmEwJez xmC14hQCDwIDAQABo4IHMzCCBy8wHwYDVR0jBBgwFoAUt2ui6qiqhIx56rTaD5iy xZV2ufQwHQYDVR0OBBYEFPTzL0D9M5aYsHuVEiW+zWlsrLluMIID3gYDVR0RBIID 1TCCA9GCEnd3dy5oZWFsdGhjYXJlLmdvdoIWd3d3LmN1aWRhZG9kZXNhbHVkLmdv doIRd3d3LmNjaWlvLmNtcy5nb3aCGXN0eWxlZ3VpZGUuaGVhbHRoY2FyZS5nb3aC FXN0YXR1cy5oZWFsdGhjYXJlLmdvdoIVc2lnbnVwLmhlYWx0aGNhcmUuZ292gg5z Y2NsaWEuY21zLmdvdoIZcmF0ZXJldmlldy5oZWFsdGhjYXJlLmdvdoIYcHJvZHBy aW1lLmhlYWx0aGNhcmUuZ292ghxwcm9kcHJpbWUuY3VpZGFkb2Rlc2FsdWQuZ292 ghVwb3J0YWxuZXh0Z2VuLmNtcy5nb3aCDnBvcnRhbC5jbXMuZ292ghRwb3J0YWwt dGhldGEuY21zLmdvdoITcG9ydGFsLWJldGEuY21zLmdvdoIYb3BlbnBheW1lbnRz ZGF0YS5jbXMuZ292ghNtYXJrZXRwbGFjZS5jbXMuZ292gh5tYXJrZXRwbGFjZS5h cGkuaGVhbHRoY2FyZS5nb3aCIm1hcmtldHBsYWNlLWludC5hcGkuaGVhbHRoY2Fy ZS5nb3aCFGxvZ2luLmhlYWx0aGNhcmUuZ292ghhsb2NhbGhlbHAuaGVhbHRoY2Fy ZS5nb3aCDGhmcHAuY21zLmdvdoIOaGVhbHRoY2FyZS5nb3aCEWdvLmhlYWx0aGNh cmUuZ292ghZnZW8uYXBpLmhlYWx0aGNhcmUuZ292ghVmaW5kZXIuaGVhbHRoY2Fy ZS5nb3aCE2VsbW8ucG9ydGFsLmNtcy5nb3aCDGVpZG0uY21zLmdvdoIYZWRpdC5t YXJrZXRwbGFjZS5jbXMuZ292ghhlZGl0LmRhdGEuaGVhbHRoY2FyZS5nb3aCC2Vh cC5jbXMuZ292ghFkb3dubG9hZHMuY21zLmdvdoIRZGV2ZWxvcGVyLmNtcy5nb3aC E2RhdGEuaGVhbHRoY2FyZS5nb3aCEmN1aWRhZG9kZXNhbHVkLmdvdoIeY29tcGFu eXByb2ZpbGVzLmhlYWx0aGNhcmUuZ292gg1jY2lpby5jbXMuZ292ghZiaWxsaW5n LmhlYWx0aGNhcmUuZ292gh1heXVkYWxvY2FsLmN1aWRhZG9kZXNhbHVkLmdvdoIV YXNzZXRzLmhlYWx0aGNhcmUuZ292gg5hc3NldHMuY21zLmdvdoIZYXBpLmZpbmRl ci5oZWFsdGhjYXJlLmdvdoIOYWhyY3ZvLmNtcy5nb3aCDGFocmMuY21zLmdvdoIW YWNhLmFwaS5oZWFsdGhjYXJlLmdvdjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6 Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU1JTQVNIQTI1NjIwMjBDQTEt Mi5jcmwwQKA+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRM U1JTQVNIQTI1NjIwMjBDQTEtMi5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAn BggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20vQ1BTMH0GCCsGAQUF BwEBBHEwbzAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEcG CCsGAQUFBzAChjtodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRU TFNSU0FTSEEyNTYyMDIwQ0ExLmNydDAJBgNVHRMEAjAAMIIBfgYKKwYBBAHWeQIE AgSCAW4EggFqAWgAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAA AYXrO1nDAAAEAwBHMEUCIER17fgMZLafECccvkEhNJyEJOyi6JRicklAQ9sWMguf AiEAi9g/ARyvxQZaHqVV7ugJXrt9x7NGxbFu9vWIKSbuEscAdgBz2Z6JG0yWeKAg fUed5rLGHNBRXnEZKoxrgBB6wXdytQAAAYXrO1orAAAEAwBHMEUCIQCbzCxur9Ua /DCdPa93aHNOYoWs5KLVchGZITAwHC5vLgIgXL1y3fx/fLCXp7drCFRgWH7kbytN qa/twJQ7ZkO3GCYAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAA AYXrO1nxAAAEAwBHMEUCIQDFqaPsqHefmNcyMKTBl7Utl22m8EvUsKyarNwfHp1K pQIgWMdQ6lfznf5YEvPbtNda/zrhqSSy9EyQItRMGkCrA8EwDQYJKoZIhvcNAQEL BQADggEBACJF2cyFJ9jUNZ6s2IcMFeYpHNA/rGRxqamruss8KpkO1ox0FKQGZO8d TiskxXit8VcrYlJlmnBb+ZS9Tbqjj3vWmh649QtEAuHjxWN/hsSmmcednHCt3D/o JpqN8WjyTjH9ojvIqPyb36G564VbwS5OBdZJpVx/Jfqxs7e5OaImXGsn7T+BTTN7 ajEYwbKjDrDbiPogfy2zCXcONa0aVuIvlfftlC7BIX+3F6Vw53gF6M42RtF7fRWM fh7tsZrwn8LwC+3Ybd2ONNNu/BNwoMQ9iJg4ZC8DEtVBINqk1+odbDvWf7ZTyYl7 ojmLOFv4DCbg0oHOsWXUEfm62taVmko= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwioSCN9Qhk20i/DiUQTc 3gA8BC44Rgl6N4zX+HlL3vqC8+n2JVAYWYUzUrzpTaIwzHGccfrwz+ctoGOtf2+q HNkEgEXxxG6Adh8cig6fJ17MSp8boKqC94eDK1RNS2/NBZ3uRTenpTamh2HC5w0U Zj+jRAx4j34j1OThbXq8ZjOgohwU4rNSsu24tZMfH6k/ods+/VtNIRz552tPe/Cw C1CnVJ35OD0tXIiwgOOlZi3Hbxpq/ba7tdkieRUY4smYuG0Cd5ahPr+4kHg2QES1 30QTz4oru9wCV8Jk0lFm19Xyi8d9JG/5iBrfDtOUOFXZqNGZ5WmEwJezxmC14hQC DwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 13451047325377075106705891062937069034 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-24 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Baltimore' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Centers for Medicare & Medicaid Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.healthcare.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24510976874468682624951484053757445317146983115833289868084193197018420967916724908382101795525099472173357467284848150889936815858164105790427194860838416258995702296831165015957234420521816141058091197862955977406024166927482815939206913368969741433576483621168675474851765246251818049307594385678447349224039988344898290905010465393485607556449523953112318382282505658201862336013068414766385107561117566221443929135851288645002338496414784582218143686352893375272272210840626373734211014892273497888055933344384783784475347837685306235238203946568102717462064800309918828133275708019653255282661856963853238403599 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b76ba2eaa8aa848c79eab4da0f98b2c59576b9f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f4f32f40fd339698b07b951225becd696cacb96e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (981 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cciio.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'styleguide.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'status.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'signup.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scclia.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ratereview.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodprime.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prodprime.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portalnextgen.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal-theta.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal-beta.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'openpaymentsdata.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marketplace.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marketplace.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marketplace-int.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'login.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'localhelp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hfpp.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'go.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'geo.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'elmo.portal.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eidm.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edit.marketplace.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edit.data.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eap.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'downloads.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'developer.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofiles.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cciio.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'billing.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ayudalocal.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ahrcvo.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ahrc.cms.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aca.api.healthcare.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000185eb3b59c3000004030047304502204475edf80c64b69f10271cbe4121349c8424eca2e8946272494043db16320b9f0221008bd83f011cafc5065a1ea555eee8095ebb7dc7b346c5b16ef6f5882926ee12c700760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000185eb3b5a2b00000403004730450221009bcc2c6eafd51afc309d3daf7768734e6285ace4a2d57211992130301c2e6f2e02205cbd72ddfc7f7cb097a7b76b085460587ee46f2b4da9afedc0943b6643b7182600760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000185eb3b59f10000040300473045022100c5a9a3eca8779f98d73230a4c197b52d976da6f04bd4b0ac9aacdc1f1e9d4aa5022058c750ea57f39dfe5812f3dbb4d75aff3ae1a924b2f44c9022d44c1a40ab03c1 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002245d9cc8527d8d4359eacd8870c15e6291cd03fac6471a9a9abbacb3c2a990ed68c7414a40664ef1d4e2b24c578adf1572b6252659a705bf994bd4dbaa38f7bd69a1eb8f50b4402e1e3c5637f86c4a699c79d9c70addc3fe8269a8df168f24e31fda23bc8a8fc9bdfa1b9eb855bc12e4e05d649a55c7f25fab1b3b7b939a2265c6b27ed3f814d337b6a3118c1b2a30eb0db88fa207f2db309770e35ad1a56e22f95f7ed942ec1217fb717a570e77805e8ce3646d17b7d158c7e1eedb19af09fc2f00bedd86ddd8e34d36efc1370a0c43d889838642f0312d54120daa4d7ea1d6c3bd67fb653c9897ba2398b385bf80c26e0d281ceb165d411f9badad6959a4a