test.healthcare.gov
- Centers for Medicare & Medicaid Services -
Issued by GeoTrust SSL CA - G3
About this certificate
This digital certificate with serial number 2a:a4:ac:34:55:60:40:da:db:64:d9:6a:e7:dd:63:04 was issued on by GeoTrust Inc..
With 52 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Centers for Medicare & Medicaid Services
Organization:
Centers for Medicare & Medicaid Services
Organization unit: OIS
Organization unit: OIS
State / Province:
Maryland
Locality: Baltimore
Country: US
Locality: Baltimore
Country: US
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 2a:a4:ac:34:55:60:40:da:db:64:d9:6a:e7:dd:63:04Serial Number (int): 56682605228505046204248818334784381700
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: d2:6f:f7:96:f4:85:3f:72:3c:30:7d:23:da:85:78:9b:a3:7c:5a:7c
Fingerprint (sha1): 54:73:6f:87:32:3c:97:fe:d8:5b:57:59:17:3a:51:a6:f6:0d:0a:ba
Fingerprint (sha256): 28:d3:fb:8f:d3:eb:aa:c1:90:65:4c:6b:06:4d:92:da:26:8f:6f:c7:b9:3a:09:07:d5:1d:52:fe:63:91:84:0a
Issuing Certificate URL: http://gn.symcb.com/gn.crt
Revocation information
OCSP Server: http://gn.symcd.comCRL Distribution Point: http://gn.symcb.com/gn.crl
Check the revocation status for certificate test.healthcare.gov
52
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for test.healthcare.gov
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
finder.imp.healthcare.gov
api.finder.dev.healthcare.gov
assets.imp.healthcare.gov
test1.shop.healthcare.gov
imp1a.healthcare.gov
localhelp.imp.healthcare.gov
api.finder.hotfix.healthcare.gov
imp.cuidadodesalud.gov
dev2.healthcare.gov
test0.shop.healthcare.gov
logint.healthcare.gov
api.finder.imp.healthcare.gov
sandbox.healthcare.gov
imp1b.healthcare.gov
dev.healthcare.gov
test3.cuidadodesalud.gov
imp.healthcare.gov
imp2.healthcare.gov
test2.healthcare.gov
dev1.shop.healthcare.gov
api.finder.test.healthcare.gov
logini.healthcare.gov
dev.cuidadodesalud.gov
api.finder.healthcare.gov
localhelp.test.healthcare.gov
localhelp.dev.healthcare.gov
test.address.api.healthcare.gov
imp1a.cuidadodesalud.gov
companyprofiles.hotfix.healthcare.gov
assets.dev.healthcare.gov
test1.healthcare.gov
test2.cuidadodesalud.gov
companyprofiles.dev.healthcare.gov
ayudalocal.test.cuidadodesalud.gov
finder.dev.healthcare.gov
data.test.healthcare.gov
companyprofiles.test.healthcare.gov
dev0.shop.healthcare.gov
imp1b.cuidadodesalud.gov
test.cuidadodesalud.gov
dev2.cuidadodesalud.gov
finder.test.healthcare.gov
companyprofiles.imp.healthcare.gov
test1.cuidadodesalud.gov
dev.address.api.healthcare.gov
ayudalocal.dev.cuidadodesalud.gov
imp.address.api.healthcare.gov
test3.healthcare.gov
assets.test.healthcare.gov
ayudalocal.imp.cuidadodesalud.gov
imp2.cuidadodesalud.gov
test.healthcare.gov
api.finder.dev.healthcare.gov
assets.imp.healthcare.gov
test1.shop.healthcare.gov
imp1a.healthcare.gov
localhelp.imp.healthcare.gov
api.finder.hotfix.healthcare.gov
imp.cuidadodesalud.gov
dev2.healthcare.gov
test0.shop.healthcare.gov
logint.healthcare.gov
api.finder.imp.healthcare.gov
sandbox.healthcare.gov
imp1b.healthcare.gov
dev.healthcare.gov
test3.cuidadodesalud.gov
imp.healthcare.gov
imp2.healthcare.gov
test2.healthcare.gov
dev1.shop.healthcare.gov
api.finder.test.healthcare.gov
logini.healthcare.gov
dev.cuidadodesalud.gov
api.finder.healthcare.gov
localhelp.test.healthcare.gov
localhelp.dev.healthcare.gov
test.address.api.healthcare.gov
imp1a.cuidadodesalud.gov
companyprofiles.hotfix.healthcare.gov
assets.dev.healthcare.gov
test1.healthcare.gov
test2.cuidadodesalud.gov
companyprofiles.dev.healthcare.gov
ayudalocal.test.cuidadodesalud.gov
finder.dev.healthcare.gov
data.test.healthcare.gov
companyprofiles.test.healthcare.gov
dev0.shop.healthcare.gov
imp1b.cuidadodesalud.gov
test.cuidadodesalud.gov
dev2.cuidadodesalud.gov
finder.test.healthcare.gov
companyprofiles.imp.healthcare.gov
test1.cuidadodesalud.gov
dev.address.api.healthcare.gov
ayudalocal.dev.cuidadodesalud.gov
imp.address.api.healthcare.gov
test3.healthcare.gov
assets.test.healthcare.gov
ayudalocal.imp.cuidadodesalud.gov
imp2.cuidadodesalud.gov
test.healthcare.gov
Other certificates including the domain name healthcare.gov
(limited to 100 certificates)
splunk.aws.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
test3.healthcare.gov
www.healthcare.gov
test2.healthcare.gov
www2.cms.gov
orig.impl1a.ses.api.healthcare.gov
www.healthcare.gov
pet-elb.imp1b.healthcare.gov
test-t.healthcare.gov
shop.prod.healthcare.gov
www.healthcare.gov
www.healthcare.gov
adobe-ep.healthcare.gov
www2.healthcare.gov
tmdsm.aws.healthcare.gov
www2.cms.gov
www2.cms.gov
app-dc01.prod.healthcare.gov
app-dc01.prod.healthcare.gov
test3.healthcare.gov
www2.healthcare.gov
tmdsmdr.aws.healthcare.gov
net.prod.healthcare.gov
test2.healthcare.gov
api.healthcare.gov
www.healthcare.gov
impl.mcr.dsh.healthcare.gov
search.test.healthcare.gov
www2.cms.gov
www2.cms.gov
test.healthcare.gov
dsrs.api.healthcare.gov
test4.healthcare.gov
test4.healthcare.gov
net-dc01.prod.healthcare.gov
test3.healthcare.gov
prod.pc2-elb.healthcare.gov
vpneast.aws.cms.gov
www.healthcare.gov
test3.healthcare.gov
orig.ses.api.healthcare.gov
www2.cms.gov
www2.cms.gov
test2.healthcare.gov
sls-elb.imp.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
test2.healthcare.gov
search1.healthcare.gov
test.healthcare.gov
api.healthcare.gov
tmdsmdr.aws.healthcare.gov
test3.healthcare.gov
chat.healthcare.gov
nagiosdr.aws.healthcare.gov
test2.healthcare.gov
test3.healthcare.gov
elb1.imp1a.healthcare.gov
www2.cms.gov
test3.healthcare.gov
prod-t.healthcare.gov
www2.cms.gov
test2.healthcare.gov
origin-es-app.prod.healthcare.gov
test0.mcr.gw.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
www2.healthcare.gov
test.healthcare.gov
test.healthcare.gov
b.dev.healthcare.gov
www.healthcare.gov
www2.healthcare.gov
test2.healthcare.gov
mcr.api.healthcare.gov
api-manager-elb.dev.healthcare.gov
www2.cms.gov
imp1b-marketplace-elb.api.healthcare.gov
origin-es-app.prod.healthcare.gov
test2.healthcare.gov
test.healthcare.gov
www2.cms.gov
www2.healthcare.gov
app1a.imp.healthcare.gov
test3.healthcare.gov
test0.shop.healthcare.gov
test2.healthcare.gov
chat.healthcare.gov
api-manager-elb.imp.healthcare.gov
www.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www.healthcare.gov
test.healthcare.gov
www2.cms.gov
api.healthcare.gov
www2.cms.gov
test2.healthcare.gov
test3.healthcare.gov
Certificate
The complete raw certificate details for test.healthcare.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKpDCCCYygAwIBAgIQKqSsNFVgQNrbZNlq591jBDANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTYwOTEyMDAwMDAwWhcNMTcxMTExMjM1 OTU5WjCBkzELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE1hcnlsYW5kMRIwEAYDVQQH DAlCYWx0aW1vcmUxMTAvBgNVBAoMKENlbnRlcnMgZm9yIE1lZGljYXJlICYgTWVk aWNhaWQgU2VydmljZXMxDDAKBgNVBAsMA09JUzEcMBoGA1UEAwwTdGVzdC5oZWFs dGhjYXJlLmdvdjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANYfmBQ0 K9QsqcNzOgMOoh5lJ7ofRszW3XxDVPNZI+Fv0kkxgMVwrLxhTndkURM18FIQZfYM smNX0cCMKLtJCIvRlrPtzlvYymO17GoDN8QHURrnz7FSsIx14vrNH5QSn/ruY6Qj cczICkssAONEx8/a/5Yimo+ZdF9KIa31kUnGHUtDtgYlnYsY6UzdDzEjaeIU4fj3 SKmi4Ws5TJc0AgrPoJ3bHNYilme5M0KcvQXmYPma8Ndj60DZ0X6VlXZpQ9Usr6in vZPYewGXwH8HwchqP18rc8lDTRjvLVzWnZZK78SPOpOy3PD1FaPSBPJoi3h5vSK4 IChXO+4CE7W7UuMCAwEAAaOCB0Awggc8MIIFogYDVR0RBIIFmTCCBZWCGWZpbmRl ci5pbXAuaGVhbHRoY2FyZS5nb3aCHWFwaS5maW5kZXIuZGV2LmhlYWx0aGNhcmUu Z292ghlhc3NldHMuaW1wLmhlYWx0aGNhcmUuZ292ghl0ZXN0MS5zaG9wLmhlYWx0 aGNhcmUuZ292ghRpbXAxYS5oZWFsdGhjYXJlLmdvdoIcbG9jYWxoZWxwLmltcC5o ZWFsdGhjYXJlLmdvdoIgYXBpLmZpbmRlci5ob3RmaXguaGVhbHRoY2FyZS5nb3aC FmltcC5jdWlkYWRvZGVzYWx1ZC5nb3aCE2RldjIuaGVhbHRoY2FyZS5nb3aCGXRl c3QwLnNob3AuaGVhbHRoY2FyZS5nb3aCFWxvZ2ludC5oZWFsdGhjYXJlLmdvdoId YXBpLmZpbmRlci5pbXAuaGVhbHRoY2FyZS5nb3aCFnNhbmRib3guaGVhbHRoY2Fy ZS5nb3aCFGltcDFiLmhlYWx0aGNhcmUuZ292ghJkZXYuaGVhbHRoY2FyZS5nb3aC GHRlc3QzLmN1aWRhZG9kZXNhbHVkLmdvdoISaW1wLmhlYWx0aGNhcmUuZ292ghNp bXAyLmhlYWx0aGNhcmUuZ292ghR0ZXN0Mi5oZWFsdGhjYXJlLmdvdoIYZGV2MS5z aG9wLmhlYWx0aGNhcmUuZ292gh5hcGkuZmluZGVyLnRlc3QuaGVhbHRoY2FyZS5n b3aCFWxvZ2luaS5oZWFsdGhjYXJlLmdvdoIWZGV2LmN1aWRhZG9kZXNhbHVkLmdv doIZYXBpLmZpbmRlci5oZWFsdGhjYXJlLmdvdoIdbG9jYWxoZWxwLnRlc3QuaGVh bHRoY2FyZS5nb3aCHGxvY2FsaGVscC5kZXYuaGVhbHRoY2FyZS5nb3aCH3Rlc3Qu YWRkcmVzcy5hcGkuaGVhbHRoY2FyZS5nb3aCGGltcDFhLmN1aWRhZG9kZXNhbHVk LmdvdoIlY29tcGFueXByb2ZpbGVzLmhvdGZpeC5oZWFsdGhjYXJlLmdvdoIZYXNz ZXRzLmRldi5oZWFsdGhjYXJlLmdvdoIUdGVzdDEuaGVhbHRoY2FyZS5nb3aCGHRl c3QyLmN1aWRhZG9kZXNhbHVkLmdvdoIiY29tcGFueXByb2ZpbGVzLmRldi5oZWFs dGhjYXJlLmdvdoIiYXl1ZGFsb2NhbC50ZXN0LmN1aWRhZG9kZXNhbHVkLmdvdoIZ ZmluZGVyLmRldi5oZWFsdGhjYXJlLmdvdoIYZGF0YS50ZXN0LmhlYWx0aGNhcmUu Z292giNjb21wYW55cHJvZmlsZXMudGVzdC5oZWFsdGhjYXJlLmdvdoIYZGV2MC5z aG9wLmhlYWx0aGNhcmUuZ292ghhpbXAxYi5jdWlkYWRvZGVzYWx1ZC5nb3aCF3Rl c3QuY3VpZGFkb2Rlc2FsdWQuZ292ghdkZXYyLmN1aWRhZG9kZXNhbHVkLmdvdoIa ZmluZGVyLnRlc3QuaGVhbHRoY2FyZS5nb3aCImNvbXBhbnlwcm9maWxlcy5pbXAu aGVhbHRoY2FyZS5nb3aCGHRlc3QxLmN1aWRhZG9kZXNhbHVkLmdvdoIeZGV2LmFk ZHJlc3MuYXBpLmhlYWx0aGNhcmUuZ292giFheXVkYWxvY2FsLmRldi5jdWlkYWRv ZGVzYWx1ZC5nb3aCHmltcC5hZGRyZXNzLmFwaS5oZWFsdGhjYXJlLmdvdoIUdGVz dDMuaGVhbHRoY2FyZS5nb3aCGmFzc2V0cy50ZXN0LmhlYWx0aGNhcmUuZ292giFh eXVkYWxvY2FsLmltcC5jdWlkYWRvZGVzYWx1ZC5nb3aCF2ltcDIuY3VpZGFkb2Rl c2FsdWQuZ292ghN0ZXN0LmhlYWx0aGNhcmUuZ292MAkGA1UdEwQCMAAwDgYDVR0P AQH/BAQDAgWgMCsGA1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9nbi5zeW1jYi5jb20v Z24uY3JsMIGdBgNVHSAEgZUwgZIwgY8GBmeBDAECAjCBhDA/BggrBgEFBQcCARYz aHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xl Z2FsMEEGCCsGAQUFBwICMDUMM2h0dHBzOi8vd3d3Lmdlb3RydXN0LmNvbS9yZXNv dXJjZXMvcmVwb3NpdG9yeS9sZWdhbDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwHwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4m6N8WnwwVwYIKwYBBQUH AQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ24uc3ltY2QuY29tMCYGCCsGAQUF BzAChhpodHRwOi8vZ24uc3ltY2IuY29tL2duLmNydDATBgorBgEEAdZ5AgQDAQH/ BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUVxNNKzs43XACw0tW2Jha2qgKfwxcDHg rkkh6SQB9FDx0Yk8iJWEMMC3aVMKjcZ7vIJcKo7nQLq2mzHJZW4sLeAFj9lgtNkh j6ep92SjHKtygehD+YyVQqGx3IEtZa1oOzOpB7oXrP604+1XQenRSeJyKcFj91pf R1hrfMvn2uAfaQdObH+WPlR1JyPyHXXW6XGK7jgVYcg7UY/EZ7gMfLoowRhDU4qM kVaw7hH+VGyyWemeZkgwW3+smmRhAqIWWlNK8L1zJklgeL7B4DzZThKyT3jONKe8 mhTPz4upWcu2tcPCmHEKMGYzrWDqZeeMaH4l3gQk8wgwP+4x9GAjiA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1h+YFDQr1Cypw3M6Aw6i HmUnuh9GzNbdfENU81kj4W/SSTGAxXCsvGFOd2RREzXwUhBl9gyyY1fRwIwou0kI i9GWs+3OW9jKY7XsagM3xAdRGufPsVKwjHXi+s0flBKf+u5jpCNxzMgKSywA40TH z9r/liKaj5l0X0ohrfWRScYdS0O2BiWdixjpTN0PMSNp4hTh+PdIqaLhazlMlzQC Cs+gndsc1iKWZ7kzQpy9BeZg+Zrw12PrQNnRfpWVdmlD1SyvqKe9k9h7AZfAfwfB yGo/XytzyUNNGO8tXNadlkrvxI86k7Lc8PUVo9IE8miLeHm9IrggKFc77gITtbtS 4wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 56682605228505046204248818334784381700 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Baltimore' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Centers for Medicare & Medicaid Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OIS' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'test.healthcare.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27030576873537135883556803684987439801405903245542772019704239603662418593326764806089541114757661662770449657253907235605193508199303273778036095393677947421556134253771125610573319139571598044166746867711044911977640682109483395564319658030854282940611530347175726310521221883273190470192897514868757012736780941168970573296635358751098225033634633464864053486493850794855862837825238520180303108440572337920959980959681252040557200079183441307390495401764977632694365420348396613838650578898183846831517545597971157828539130667401455204871791764164637864420704521880130767023117645938930848227064589582310460576483 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1433 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.imp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.dev.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.imp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.shop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp1a.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'localhelp.imp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev2.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test0.shop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'logint.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.imp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sandbox.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp1b.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test3.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp2.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test2.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev1.shop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.test.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'logini.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.finder.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'localhelp.test.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'localhelp.dev.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.address.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp1a.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofiles.hotfix.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.dev.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test2.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofiles.dev.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ayudalocal.test.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.dev.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.test.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofiles.test.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev0.shop.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp1b.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev2.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finder.test.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'companyprofiles.imp.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test1.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.address.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ayudalocal.dev.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp.address.api.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test3.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.test.healthcare.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ayudalocal.imp.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imp2.cuidadodesalud.gov' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.healthcare.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (149 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d26ff796f4853f723c307d23da85789ba37c5a7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00515c4d34acece375c00b0d2d5b62616b6aa029fc317031e0ae4921e92401f450f1d1893c88958430c0b769530a8dc67bbc825c2a8ee740bab69b31c9656e2c2de0058fd960b4d9218fa7a9f764a31cab7281e843f98c9542a1b1dc812d65ad683b33a907ba17acfeb4e3ed5741e9d149e27229c163f75a5f47586b7ccbe7dae01f69074e6c7f963e54752723f21d75d6e9718aee381561c83b518fc467b80c7cba28c11843538a8c9156b0ee11fe546cb259e99e6648305b7fac9a646102a2165a534af0bd7326496078bec1e03cd94e12b24f78ce34a7bc9a14cfcf8ba959cbb6b5c3c298710a306633ad60ea65e78c687e25de0424f308303fee31f4602388