github.com/zmap/zcrypto@v0.0.0-20240512203510-0fef58d9a9db/data/test/certificates/fpki.go (about) 1 /* 2 * ZCrypto Copyright 2017 Regents of the University of Michigan 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); you may not 5 * use this file except in compliance with the License. You may obtain a copy 6 * of the License at http://www.apache.org/licenses/LICENSE-2.0 7 * 8 * Unless required by applicable law or agreed to in writing, software 9 * distributed under the License is distributed on an "AS IS" BASIS, 10 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 11 * implied. See the License for the specific language governing 12 * permissions and limitations under the License. 13 */ 14 15 package certificates 16 17 // HexSPKISubjectFingerprintDoDRootCA3 is the hex of the SPKI Subject 18 // Fingerprint for the DoD Root CA 3. 19 const HexSPKISubjectFingerprintDoDRootCA3 = "e90ccfd162ae66b7d6e9771abf6c461837c813a5589f693b65c66c3803cf8f4c" 20 21 // HexSPKISubjectFingerprintDoDInteropCA2 is the hex of the SPKI Subject 22 // Fingerprint for the DoD Interoperability CA 2. 23 const HexSPKISubjectFingerprintDoDInteropCA2 = "a55a05216a8f75908ceec798c466e892cd5b505767d057b2204daa111de0c809" 24 25 // HexSPKISubjectFingerprintFederalBridgeCA is the hex of the SPKI Subject 26 // Fingerprint for the Federal Bridge CA. 27 const HexSPKISubjectFingerprintFederalBridgeCA = "3d12afc9ed8e531eac28d6ac979b629a2472a585bd18fcfddb0084f1997fa362" 28 29 // HexSPKISubjectFingerprintFederalBridgeCA2013 is the hex of the SPKI Subject 30 // Fingerprint of the Federal Bridge CA 2013. 31 const HexSPKISubjectFingerprintFederalBridgeCA2013 = "219718a39232361f3e20d793a57d73897c59baecfd1c358aedcab87b5ab396d8" 32 33 // HexSPKISubjectFingerprintFederalBridgeCA2016 is the hex of the SPKI Subject 34 // Fingerprint of the Federal Bridge CA 2016. 35 const HexSPKISubjectFingerprintFederalBridgeCA2016 = "d02e526c39cc5919006349e57a3f42bccffec8d422964edba1ebdbb43b06a1ce" 36 37 // HexSPKISubjectFingerprintFederalCommonPolicyCA is the hex of the SPKI Subject 38 // Fingerprint of the Federal Common Policy CA. 39 const HexSPKISubjectFingerprintFederalCommonPolicyCA = "be701d4acacaba917b5b936a8aa40e1970827df3b95a70b3c1fe99d4fea0b3c5" 40 41 // PEMDoDRootCA3SignedBySelf is the "DoD Root CA 3" self-signed certificate. 42 const PEMDoDRootCA3SignedBySelf = ` 43 Certificate: 44 Data: 45 Version: 3 (0x2) 46 Serial Number: 1 (0x1) 47 Signature Algorithm: sha256WithRSAEncryption 48 Issuer: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Root CA 3 49 Validity 50 Not Before: Mar 20 18:46:41 2012 GMT 51 Not After : Dec 30 18:46:41 2029 GMT 52 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Root CA 3 53 Subject Public Key Info: 54 Public Key Algorithm: rsaEncryption 55 RSA Public Key: (2048 bit) 56 Modulus (2048 bit): 57 00:a9:ec:14:72:8a:e8:4b:70:a3:da:10:03:84:a6: 58 fb:a7:36:0d:2a:3a:52:16:bf:30:15:52:86:05:47: 59 20:cf:aa:a6:cd:75:c4:64:6e:ef:f1:60:23:cb:0a: 60 66:40:ae:b4:c8:68:2a:00:51:68:49:37:e9:59:32: 61 4d:95:bc:43:27:e9:40:8d:3a:10:ce:14:bc:43:18: 62 a1:f9:de:cc:e7:85:76:73:5e:18:1a:23:5b:bd:3f: 63 1f:f2:ed:8d:19:cc:03:d1:40:a4:8f:a7:20:02:4c: 64 27:5a:79:36:f6:a3:37:21:8e:00:5a:06:16:ca:d3: 65 55:96:6f:31:29:bb:72:0e:cb:e2:48:51:f2:d4:37: 66 a4:35:d6:6f:ee:17:b3:b1:06:ab:0b:19:86:e8:23: 67 6d:31:1b:28:78:65:c5:de:62:52:bc:c1:7d:eb:ee: 68 a0:5d:54:04:fb:b2:cb:2b:b2:23:54:91:82:4c:f0: 69 bf:ba:74:40:3b:0c:04:45:80:67:5c:c5:eb:a2:57: 70 c3:1a:7f:0a:2d:bd:7f:b9:dc:c1:99:b0:c8:07:e4: 71 0c:86:36:94:3a:25:2f:f2:7d:e6:97:3c:1b:94:b4: 72 97:59:06:c9:3a:e4:0b:d9:ea:e9:fc:3b:73:34:6f: 73 fd:e7:98:e4:f3:a1:c2:90:5f:1c:f5:3f:2e:d7:19: 74 d3:7f 75 Exponent: 65537 (0x10001) 76 X509v3 extensions: 77 X509v3 Subject Key Identifier: 78 6C:8A:94:A2:77:B1:80:72:1D:81:7A:16:AA:F2:DC:CE:66:EE:45:C0 79 X509v3 Key Usage: critical 80 Digital Signature, Certificate Sign, CRL Sign 81 X509v3 Basic Constraints: critical 82 CA:TRUE 83 Signature Algorithm: sha256WithRSAEncryption 84 9f:71:a4:c0:b6:96:d2:80:43:a0:48:e9:1f:76:04:f9:c5:3c: 85 ad:66:18:58:63:9b:c3:b6:e8:68:8a:85:5a:42:66:12:b4:d2: 86 e6:8b:88:7f:87:f4:98:f5:a8:c6:09:c9:1f:f0:2c:1f:ec:82: 87 b8:f4:a5:47:38:c1:33:2b:df:4c:7e:9a:be:0b:0b:b1:cb:0f: 88 7c:50:28:10:cf:8a:8d:a2:e9:ba:ac:86:d7:d4:b1:93:5f:22: 89 8f:96:05:b4:4e:0c:75:91:7d:d3:f2:e7:94:c2:94:14:76:4f: 90 8f:0c:ab:10:87:58:32:85:07:75:86:12:0b:5e:ea:53:b4:0a: 91 c8:4c:84:92:1f:eb:e8:41:86:3c:ba:f4:4e:41:4a:d1:6c:58: 92 47:41:c3:86:5a:f2:ee:e9:f2:98:27:82:ea:2e:36:d6:f8:06: 93 5e:82:f1:a0:52:93:44:09:ba:d2:a9:19:5a:58:a3:a8:5d:20: 94 6d:4f:64:f8:30:87:1b:90:13:48:81:cd:ca:90:c7:0d:c1:d4: 95 98:3f:8e:f2:0e:57:68:33:12:8e:99:09:b1:f0:e4:f6:10:f4: 96 36:f2:49:bd:ea:a3:38:c8:56:41:23:83:9a:df:a1:1b:35:7c: 97 eb:3f:41:b3:f5:6f:4b:3a:5e:ae:6f:93:76:98:d2:f1:99:9d: 98 45:c4:8e:72 99 -----BEGIN CERTIFICATE----- 100 MIIDczCCAlugAwIBAgIBATANBgkqhkiG9w0BAQsFADBbMQswCQYDVQQGEwJVUzEY 101 MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsT 102 A1BLSTEWMBQGA1UEAxMNRG9EIFJvb3QgQ0EgMzAeFw0xMjAzMjAxODQ2NDFaFw0y 103 OTEyMzAxODQ2NDFaMFsxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVy 104 bm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMDUEtJMRYwFAYDVQQDEw1Eb0Qg 105 Um9vdCBDQSAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqewUcoro 106 S3Cj2hADhKb7pzYNKjpSFr8wFVKGBUcgz6qmzXXEZG7v8WAjywpmQK60yGgqAFFo 107 STfpWTJNlbxDJ+lAjToQzhS8Qxih+d7M54V2c14YGiNbvT8f8u2NGcwD0UCkj6cg 108 AkwnWnk29qM3IY4AWgYWytNVlm8xKbtyDsviSFHy1DekNdZv7hezsQarCxmG6CNt 109 MRsoeGXF3mJSvMF96+6gXVQE+7LLK7IjVJGCTPC/unRAOwwERYBnXMXrolfDGn8K 110 Lb1/udzBmbDIB+QMhjaUOiUv8n3mlzwblLSXWQbJOuQL2erp/DtzNG/955jk86HC 111 kF8c9T8u1xnTfwIDAQABo0IwQDAdBgNVHQ4EFgQUbIqUonexgHIdgXoWqvLczmbu 112 RcAwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL 113 BQADggEBAJ9xpMC2ltKAQ6BI6R92BPnFPK1mGFhjm8O26GiKhVpCZhK00uaLiH+H 114 9Jj1qMYJyR/wLB/sgrj0pUc4wTMr30x+mr4LC7HLD3xQKBDPio2i6bqshtfUsZNf 115 Io+WBbRODHWRfdPy55TClBR2T48MqxCHWDKFB3WGEgte6lO0CshMhJIf6+hBhjy6 116 9E5BStFsWEdBw4Za8u7p8pgnguouNtb4Bl6C8aBSk0QJutKpGVpYo6hdIG1PZPgw 117 hxuQE0iBzcqQxw3B1Jg/jvIOV2gzEo6ZCbHw5PYQ9DbySb3qozjIVkEjg5rfoRs1 118 fOs/QbP1b0s6Xq5vk3aY0vGZnUXEjnI= 119 -----END CERTIFICATE----- 120 ` 121 122 // HexHashDoDRootCA3SignedBySelf is the hex SHA256 fingerprint of 123 // DoDRootCA3SignedBySelf. 124 const HexHashDoDRootCA3SignedBySelf = "b107b33f453e5510f68e513110c6f6944bacc263df0137f821c1b3c2f8f863d2" 125 126 // PEMDoDRootCA3SignedByDoDInteropCA2Serial655 is the PEM of a certificate for 127 // the DoD Root CA 3 signed by DoD Interoperability CA 2 with serial number 655. 128 const PEMDoDRootCA3SignedByDoDInteropCA2Serial655 string = ` 129 Certificate: 130 Data: 131 Version: 3 (0x2) 132 Serial Number: 655 (0x28f) 133 Signature Algorithm: sha256WithRSAEncryption 134 Issuer: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 135 Validity 136 Not Before: Sep 23 16:37:25 2015 GMT 137 Not After : Sep 23 16:37:25 2018 GMT 138 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Root CA 3 139 Subject Public Key Info: 140 Public Key Algorithm: rsaEncryption 141 RSA Public Key: (2048 bit) 142 Modulus (2048 bit): 143 00:a9:ec:14:72:8a:e8:4b:70:a3:da:10:03:84:a6: 144 fb:a7:36:0d:2a:3a:52:16:bf:30:15:52:86:05:47: 145 20:cf:aa:a6:cd:75:c4:64:6e:ef:f1:60:23:cb:0a: 146 66:40:ae:b4:c8:68:2a:00:51:68:49:37:e9:59:32: 147 4d:95:bc:43:27:e9:40:8d:3a:10:ce:14:bc:43:18: 148 a1:f9:de:cc:e7:85:76:73:5e:18:1a:23:5b:bd:3f: 149 1f:f2:ed:8d:19:cc:03:d1:40:a4:8f:a7:20:02:4c: 150 27:5a:79:36:f6:a3:37:21:8e:00:5a:06:16:ca:d3: 151 55:96:6f:31:29:bb:72:0e:cb:e2:48:51:f2:d4:37: 152 a4:35:d6:6f:ee:17:b3:b1:06:ab:0b:19:86:e8:23: 153 6d:31:1b:28:78:65:c5:de:62:52:bc:c1:7d:eb:ee: 154 a0:5d:54:04:fb:b2:cb:2b:b2:23:54:91:82:4c:f0: 155 bf:ba:74:40:3b:0c:04:45:80:67:5c:c5:eb:a2:57: 156 c3:1a:7f:0a:2d:bd:7f:b9:dc:c1:99:b0:c8:07:e4: 157 0c:86:36:94:3a:25:2f:f2:7d:e6:97:3c:1b:94:b4: 158 97:59:06:c9:3a:e4:0b:d9:ea:e9:fc:3b:73:34:6f: 159 fd:e7:98:e4:f3:a1:c2:90:5f:1c:f5:3f:2e:d7:19: 160 d3:7f 161 Exponent: 65537 (0x10001) 162 X509v3 extensions: 163 X509v3 Authority Key Identifier: 164 keyid:FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 165 166 X509v3 Subject Key Identifier: 167 6C:8A:94:A2:77:B1:80:72:1D:81:7A:16:AA:F2:DC:CE:66:EE:45:C0 168 X509v3 Basic Constraints: critical 169 CA:TRUE 170 X509v3 Key Usage: critical 171 Certificate Sign, CRL Sign 172 X509v3 CRL Distribution Points: 173 URI:http://crl.disa.mil/crl/DODINTEROPERABILITYROOTCA2.crl 174 175 Authority Information Access: 176 CA Issuers - URI:http://crl.disa.mil/issuedto/DODINTEROPERABILITYROOTCA2_IT.p7c 177 OCSP - URI:http://ocsp.disa.mil 178 179 X509v3 Certificate Policies: 180 Policy: 2.16.840.1.101.2.1.11.36 181 Policy: 2.16.840.1.101.2.1.11.39 182 Policy: 2.16.840.1.101.2.1.11.42 183 Policy: 2.16.840.1.101.3.2.1.3.13 184 Policy: 2.16.840.1.101.3.2.1.3.17 185 186 X509v3 Policy Constraints: critical 187 Require Explicit Policy:0 188 Subject Information Access: 189 CA Repository - URI:http://crl.disa.mil/issuedby/DODROOTCA3_IB.p7c 190 191 Signature Algorithm: sha256WithRSAEncryption 192 8c:30:87:13:a9:7d:fb:98:fc:50:ca:a1:20:8a:9c:10:7b:0c: 193 c4:d7:0c:d9:4d:5e:36:26:24:ed:2b:5f:75:ed:9a:0a:b8:e9: 194 6e:5f:20:a3:19:ef:39:24:3e:9e:a2:e1:19:c5:b3:53:fc:58: 195 e6:8e:ca:84:fa:cd:35:94:38:6d:f2:e3:3e:04:31:dc:7b:ec: 196 d5:fc:3a:2e:34:46:1c:e4:50:c1:74:ce:e9:fc:87:89:21:a6: 197 a5:27:a2:9f:fb:f0:88:3a:d8:95:a4:d1:b9:78:d0:fd:c3:54: 198 1a:b9:8d:9f:df:af:b6:60:96:8c:66:bb:55:92:d9:08:53:94: 199 ca:35:f4:e3:87:93:2a:64:e3:ba:69:d1:5c:f3:1d:2e:7b:1c: 200 4f:3a:95:c2:f6:b3:bc:e0:40:c8:83:c2:9e:3d:50:02:cf:7b: 201 eb:f4:2d:b2:06:98:2d:07:5d:d3:06:2a:de:6e:e1:4d:57:0c: 202 81:b6:08:e4:18:98:22:ce:44:94:00:b6:7f:ae:8d:84:57:66: 203 40:b5:b6:67:95:67:41:53:4b:8b:e9:3f:e7:28:e9:b2:80:dd: 204 7d:d9:7c:89:40:2e:55:e1:45:5f:d5:47:6a:9b:b6:34:03:97: 205 5e:32:a5:ec:3e:02:d6:49:a5:c9:4f:85:21:d8:f8:0e:9f:a8: 206 2d:6c:02:f0 207 -----BEGIN CERTIFICATE----- 208 MIIFHDCCBASgAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwbDELMAkGA1UEBhMCVVMx 209 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQL 210 EwNQS0kxJzAlBgNVBAMTHkRvRCBJbnRlcm9wZXJhYmlsaXR5IFJvb3QgQ0EgMjAe 211 Fw0xNTA5MjMxNjM3MjVaFw0xODA5MjMxNjM3MjVaMFsxCzAJBgNVBAYTAlVTMRgw 212 FgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMD 213 UEtJMRYwFAYDVQQDEw1Eb0QgUm9vdCBDQSAzMIIBIjANBgkqhkiG9w0BAQEFAAOC 214 AQ8AMIIBCgKCAQEAqewUcoroS3Cj2hADhKb7pzYNKjpSFr8wFVKGBUcgz6qmzXXE 215 ZG7v8WAjywpmQK60yGgqAFFoSTfpWTJNlbxDJ+lAjToQzhS8Qxih+d7M54V2c14Y 216 GiNbvT8f8u2NGcwD0UCkj6cgAkwnWnk29qM3IY4AWgYWytNVlm8xKbtyDsviSFHy 217 1DekNdZv7hezsQarCxmG6CNtMRsoeGXF3mJSvMF96+6gXVQE+7LLK7IjVJGCTPC/ 218 unRAOwwERYBnXMXrolfDGn8KLb1/udzBmbDIB+QMhjaUOiUv8n3mlzwblLSXWQbJ 219 OuQL2erp/DtzNG/955jk86HCkF8c9T8u1xnTfwIDAQABo4IB1zCCAdMwHwYDVR0j 220 BBgwFoAU//iuE4uSK3mSQaN2XCyBnprFnHgwHQYDVR0OBBYEFGyKlKJ3sYByHYF6 221 Fqry3M5m7kXAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMEcGA1Ud 222 HwRAMD4wPKA6oDiGNmh0dHA6Ly9jcmwuZGlzYS5taWwvY3JsL0RPRElOVEVST1BF 223 UkFCSUxJVFlST09UQ0EyLmNybDB8BggrBgEFBQcBAQRwMG4wSgYIKwYBBQUHMAKG 224 Pmh0dHA6Ly9jcmwuZGlzYS5taWwvaXNzdWVkdG8vRE9ESU5URVJPUEVSQUJJTElU 225 WVJPT1RDQTJfSVQucDdjMCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcC5kaXNhLm1p 226 bDBMBgNVHSAERTBDMAsGCWCGSAFlAgELJDALBglghkgBZQIBCycwCwYJYIZIAWUC 227 AQsqMAwGCmCGSAFlAwIBAw0wDAYKYIZIAWUDAgEDETAPBgNVHSQBAf8EBTADgAEA 228 MEoGCCsGAQUFBwELBD4wPDA6BggrBgEFBQcwBYYuaHR0cDovL2NybC5kaXNhLm1p 229 bC9pc3N1ZWRieS9ET0RST09UQ0EzX0lCLnA3YzANBgkqhkiG9w0BAQsFAAOCAQEA 230 jDCHE6l9+5j8UMqhIIqcEHsMxNcM2U1eNiYk7Stfde2aCrjpbl8goxnvOSQ+nqLh 231 GcWzU/xY5o7KhPrNNZQ4bfLjPgQx3Hvs1fw6LjRGHORQwXTO6fyHiSGmpSein/vw 232 iDrYlaTRuXjQ/cNUGrmNn9+vtmCWjGa7VZLZCFOUyjX044eTKmTjumnRXPMdLnsc 233 TzqVwvazvOBAyIPCnj1QAs976/QtsgaYLQdd0wYq3m7hTVcMgbYI5BiYIs5ElAC2 234 f66NhFdmQLW2Z5VnQVNLi+k/5yjpsoDdfdl8iUAuVeFFX9VHapu2NAOXXjKl7D4C 235 1kmlyU+FIdj4Dp+oLWwC8A== 236 -----END CERTIFICATE----- 237 ` 238 239 // HexHashDoDRootCA3SignedByDoDInteropCA2Serial655 is the hex SHA256 240 // fingerprint of DoDRootCA3SignedByDoDInteropCA2Serial655. 241 const HexHashDoDRootCA3SignedByDoDInteropCA2Serial655 = "fc326b6b92fd2a3dd0c2961428672bf10f974552319f6930c62c6c791d18e84a" 242 243 // PEMDoDRootCA3SignedByDoDInteropCA2Serial748 is the certificate for the DoD 244 // Root CA 3 signed by the DoD Interoperability CA 2 with serial number 748. 245 const PEMDoDRootCA3SignedByDoDInteropCA2Serial748 = ` 246 Certificate: 247 Data: 248 Version: 3 (0x2) 249 Serial Number: 748 (0x2ec) 250 Signature Algorithm: sha256WithRSAEncryption 251 Issuer: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 252 Validity 253 Not Before: Feb 17 14:32:11 2016 GMT 254 Not After : Feb 17 14:32:11 2019 GMT 255 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Root CA 3 256 Subject Public Key Info: 257 Public Key Algorithm: rsaEncryption 258 RSA Public Key: (2048 bit) 259 Modulus (2048 bit): 260 00:a9:ec:14:72:8a:e8:4b:70:a3:da:10:03:84:a6: 261 fb:a7:36:0d:2a:3a:52:16:bf:30:15:52:86:05:47: 262 20:cf:aa:a6:cd:75:c4:64:6e:ef:f1:60:23:cb:0a: 263 66:40:ae:b4:c8:68:2a:00:51:68:49:37:e9:59:32: 264 4d:95:bc:43:27:e9:40:8d:3a:10:ce:14:bc:43:18: 265 a1:f9:de:cc:e7:85:76:73:5e:18:1a:23:5b:bd:3f: 266 1f:f2:ed:8d:19:cc:03:d1:40:a4:8f:a7:20:02:4c: 267 27:5a:79:36:f6:a3:37:21:8e:00:5a:06:16:ca:d3: 268 55:96:6f:31:29:bb:72:0e:cb:e2:48:51:f2:d4:37: 269 a4:35:d6:6f:ee:17:b3:b1:06:ab:0b:19:86:e8:23: 270 6d:31:1b:28:78:65:c5:de:62:52:bc:c1:7d:eb:ee: 271 a0:5d:54:04:fb:b2:cb:2b:b2:23:54:91:82:4c:f0: 272 bf:ba:74:40:3b:0c:04:45:80:67:5c:c5:eb:a2:57: 273 c3:1a:7f:0a:2d:bd:7f:b9:dc:c1:99:b0:c8:07:e4: 274 0c:86:36:94:3a:25:2f:f2:7d:e6:97:3c:1b:94:b4: 275 97:59:06:c9:3a:e4:0b:d9:ea:e9:fc:3b:73:34:6f: 276 fd:e7:98:e4:f3:a1:c2:90:5f:1c:f5:3f:2e:d7:19: 277 d3:7f 278 Exponent: 65537 (0x10001) 279 X509v3 extensions: 280 X509v3 Authority Key Identifier: 281 keyid:FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 282 283 X509v3 Subject Key Identifier: 284 6C:8A:94:A2:77:B1:80:72:1D:81:7A:16:AA:F2:DC:CE:66:EE:45:C0 285 X509v3 Basic Constraints: critical 286 CA:TRUE 287 X509v3 Key Usage: critical 288 Certificate Sign, CRL Sign 289 X509v3 CRL Distribution Points: 290 URI:http://crl.disa.mil/crl/DODINTEROPERABILITYROOTCA2.crl 291 292 Authority Information Access: 293 CA Issuers - URI:http://crl.disa.mil/issuedto/DODINTEROPERABILITYROOTCA2_IT.p7c 294 OCSP - URI:http://ocsp.disa.mil 295 296 X509v3 Certificate Policies: 297 Policy: 2.16.840.1.101.2.1.11.36 298 Policy: 2.16.840.1.101.2.1.11.39 299 Policy: 2.16.840.1.101.2.1.11.42 300 Policy: 2.16.840.1.101.3.2.1.3.13 301 Policy: 2.16.840.1.101.3.2.1.3.17 302 Policy: 2.16.840.1.101.3.2.1.3.39 303 304 X509v3 Policy Constraints: critical 305 Require Explicit Policy:0 306 Subject Information Access: 307 CA Repository - URI:http://crl.disa.mil/issuedby/DODROOTCA3_IB.p7c 308 309 Signature Algorithm: sha256WithRSAEncryption 310 77:f6:ef:07:25:8d:e5:85:60:05:6a:39:83:fb:1c:c4:da:6f: 311 d7:91:78:0d:16:cb:d9:a6:6d:37:94:1d:c7:44:71:d1:e9:41: 312 8f:d2:bb:05:02:52:75:47:0a:10:84:ce:4d:e7:e4:04:5d:42: 313 1e:21:39:c5:88:e3:0a:b6:50:05:31:3f:8f:d0:8c:56:75:d4: 314 43:3e:fe:df:1c:4d:86:97:70:e7:22:62:3f:40:76:96:66:86: 315 41:8f:17:01:29:30:b7:0a:a7:9f:6a:a2:41:be:88:a7:fa:59: 316 75:2f:f3:de:e6:a4:f0:f4:2c:60:65:0f:74:c5:65:5c:b4:bd: 317 d2:c7:e7:33:d8:74:16:d2:ff:a9:29:c7:8d:d0:c7:23:04:3a: 318 e9:eb:1b:6f:9a:59:24:3e:86:5f:e5:9e:0d:ac:c3:2c:6b:c0: 319 64:30:01:eb:13:5d:aa:a7:f6:31:9e:88:fd:29:db:ba:e5:54: 320 a6:86:c2:1e:8e:34:77:02:ea:1f:6c:cc:f6:0b:83:e6:27:8b: 321 b0:4a:88:92:5c:3a:39:10:8b:c9:48:c9:e3:1b:34:1e:41:43: 322 6e:95:de:b0:c7:97:f0:a5:e2:93:0c:de:6a:df:72:9d:be:3e: 323 ee:4c:62:9c:10:b0:ed:2b:fb:c6:95:f8:4a:24:1e:8e:29:1b: 324 dc:93:f5:e4 325 -----BEGIN CERTIFICATE----- 326 MIIFKjCCBBKgAwIBAgICAuwwDQYJKoZIhvcNAQELBQAwbDELMAkGA1UEBhMCVVMx 327 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQL 328 EwNQS0kxJzAlBgNVBAMTHkRvRCBJbnRlcm9wZXJhYmlsaXR5IFJvb3QgQ0EgMjAe 329 Fw0xNjAyMTcxNDMyMTFaFw0xOTAyMTcxNDMyMTFaMFsxCzAJBgNVBAYTAlVTMRgw 330 FgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMD 331 UEtJMRYwFAYDVQQDEw1Eb0QgUm9vdCBDQSAzMIIBIjANBgkqhkiG9w0BAQEFAAOC 332 AQ8AMIIBCgKCAQEAqewUcoroS3Cj2hADhKb7pzYNKjpSFr8wFVKGBUcgz6qmzXXE 333 ZG7v8WAjywpmQK60yGgqAFFoSTfpWTJNlbxDJ+lAjToQzhS8Qxih+d7M54V2c14Y 334 GiNbvT8f8u2NGcwD0UCkj6cgAkwnWnk29qM3IY4AWgYWytNVlm8xKbtyDsviSFHy 335 1DekNdZv7hezsQarCxmG6CNtMRsoeGXF3mJSvMF96+6gXVQE+7LLK7IjVJGCTPC/ 336 unRAOwwERYBnXMXrolfDGn8KLb1/udzBmbDIB+QMhjaUOiUv8n3mlzwblLSXWQbJ 337 OuQL2erp/DtzNG/955jk86HCkF8c9T8u1xnTfwIDAQABo4IB5TCCAeEwHwYDVR0j 338 BBgwFoAU//iuE4uSK3mSQaN2XCyBnprFnHgwHQYDVR0OBBYEFGyKlKJ3sYByHYF6 339 Fqry3M5m7kXAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMEcGA1Ud 340 HwRAMD4wPKA6oDiGNmh0dHA6Ly9jcmwuZGlzYS5taWwvY3JsL0RPRElOVEVST1BF 341 UkFCSUxJVFlST09UQ0EyLmNybDB8BggrBgEFBQcBAQRwMG4wSgYIKwYBBQUHMAKG 342 Pmh0dHA6Ly9jcmwuZGlzYS5taWwvaXNzdWVkdG8vRE9ESU5URVJPUEVSQUJJTElU 343 WVJPT1RDQTJfSVQucDdjMCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcC5kaXNhLm1p 344 bDBaBgNVHSAEUzBRMAsGCWCGSAFlAgELJDALBglghkgBZQIBCycwCwYJYIZIAWUC 345 AQsqMAwGCmCGSAFlAwIBAw0wDAYKYIZIAWUDAgEDETAMBgpghkgBZQMCAQMnMA8G 346 A1UdJAEB/wQFMAOAAQAwSgYIKwYBBQUHAQsEPjA8MDoGCCsGAQUFBzAFhi5odHRw 347 Oi8vY3JsLmRpc2EubWlsL2lzc3VlZGJ5L0RPRFJPT1RDQTNfSUIucDdjMA0GCSqG 348 SIb3DQEBCwUAA4IBAQB39u8HJY3lhWAFajmD+xzE2m/XkXgNFsvZpm03lB3HRHHR 349 6UGP0rsFAlJ1RwoQhM5N5+QEXUIeITnFiOMKtlAFMT+P0IxWddRDPv7fHE2Gl3Dn 350 ImI/QHaWZoZBjxcBKTC3CqefaqJBvoin+ll1L/Pe5qTw9CxgZQ90xWVctL3Sx+cz 351 2HQW0v+pKceN0McjBDrp6xtvmlkkPoZf5Z4NrMMsa8BkMAHrE12qp/Yxnoj9Kdu6 352 5VSmhsIejjR3AuofbMz2C4PmJ4uwSoiSXDo5EIvJSMnjGzQeQUNuld6wx5fwpeKT 353 DN5q33Kdvj7uTGKcELDtK/vGlfhKJB6OKRvck/Xk 354 -----END CERTIFICATE----- 355 ` 356 357 // HexHashDoDRootCA3SignedByDoDInteropCA2Serial748 is the hex SHA256 358 // fingerprint of DoDRootCA3SignedByDoDInteropCA2Serial748. 359 const HexHashDoDRootCA3SignedByDoDInteropCA2Serial748 = "42e59ccbf68c413a10dd1bb6bc41a930bf1228e16905d9301559cfc4083d589b" 360 361 // PEMDoDRootCA3SignedByCCEBInteropRootCA2 is the certificate for DoD Root CA 3 362 // signed by the DoD CCEB Interoperability Root CA 2. 363 const PEMDoDRootCA3SignedByCCEBInteropRootCA2 = ` 364 Certificate: 365 Data: 366 Version: 3 (0x2) 367 Serial Number: 28 (0x1c) 368 Signature Algorithm: sha256WithRSAEncryption 369 Issuer: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=US DoD CCEB Interoperability Root CA 2 370 Validity 371 Not Before: Sep 27 12:41:41 2016 GMT 372 Not After : Sep 27 12:41:41 2019 GMT 373 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Root CA 3 374 Subject Public Key Info: 375 Public Key Algorithm: rsaEncryption 376 RSA Public Key: (2048 bit) 377 Modulus (2048 bit): 378 00:a9:ec:14:72:8a:e8:4b:70:a3:da:10:03:84:a6: 379 fb:a7:36:0d:2a:3a:52:16:bf:30:15:52:86:05:47: 380 20:cf:aa:a6:cd:75:c4:64:6e:ef:f1:60:23:cb:0a: 381 66:40:ae:b4:c8:68:2a:00:51:68:49:37:e9:59:32: 382 4d:95:bc:43:27:e9:40:8d:3a:10:ce:14:bc:43:18: 383 a1:f9:de:cc:e7:85:76:73:5e:18:1a:23:5b:bd:3f: 384 1f:f2:ed:8d:19:cc:03:d1:40:a4:8f:a7:20:02:4c: 385 27:5a:79:36:f6:a3:37:21:8e:00:5a:06:16:ca:d3: 386 55:96:6f:31:29:bb:72:0e:cb:e2:48:51:f2:d4:37: 387 a4:35:d6:6f:ee:17:b3:b1:06:ab:0b:19:86:e8:23: 388 6d:31:1b:28:78:65:c5:de:62:52:bc:c1:7d:eb:ee: 389 a0:5d:54:04:fb:b2:cb:2b:b2:23:54:91:82:4c:f0: 390 bf:ba:74:40:3b:0c:04:45:80:67:5c:c5:eb:a2:57: 391 c3:1a:7f:0a:2d:bd:7f:b9:dc:c1:99:b0:c8:07:e4: 392 0c:86:36:94:3a:25:2f:f2:7d:e6:97:3c:1b:94:b4: 393 97:59:06:c9:3a:e4:0b:d9:ea:e9:fc:3b:73:34:6f: 394 fd:e7:98:e4:f3:a1:c2:90:5f:1c:f5:3f:2e:d7:19: 395 d3:7f 396 Exponent: 65537 (0x10001) 397 X509v3 extensions: 398 X509v3 Authority Key Identifier: 399 keyid:16:2B:91:DA:E2:17:0C:96:AB:5C:7D:DE:7D:48:F2:5D:A8:00:AC:E7 400 401 X509v3 Subject Key Identifier: 402 6C:8A:94:A2:77:B1:80:72:1D:81:7A:16:AA:F2:DC:CE:66:EE:45:C0 403 X509v3 Key Usage: critical 404 Certificate Sign, CRL Sign 405 X509v3 Certificate Policies: 406 Policy: 2.16.840.1.101.2.1.11.36 407 Policy: 2.16.840.1.101.2.1.11.39 408 Policy: 2.16.840.1.101.2.1.11.42 409 410 X509v3 Basic Constraints: critical 411 CA:TRUE 412 X509v3 Policy Constraints: critical 413 Require Explicit Policy:0 414 X509v3 CRL Distribution Points: 415 URI:http://crl.disa.mil/crl/USDODCCEBINTEROPERABILITYROOTCA2.crl 416 417 Authority Information Access: 418 CA Issuers - URI:http://crl.disa.mil/issuedto/USDODCCEBINTEROPERABILITYROOTCA2_IT.p7c 419 OCSP - URI:http://ocsp.disa.mil 420 421 Subject Information Access: 422 CA Repository - URI:http://crl.disa.mil/issuedby/DODROOTCA3_IB.p7c 423 424 Signature Algorithm: sha256WithRSAEncryption 425 47:e1:98:48:c9:7c:2a:1f:60:aa:17:fc:51:bf:57:e1:46:1d: 426 6e:af:2a:47:64:47:d3:f8:23:2c:d0:6f:aa:ae:4c:93:95:b6: 427 18:da:f4:1a:b1:97:e9:09:1e:10:b2:12:66:a5:7c:03:15:e5: 428 b1:ff:98:7b:c2:11:d3:1f:3c:fa:97:43:cb:bc:83:66:1e:01: 429 fd:86:fd:c3:c8:0f:bb:0f:ca:82:72:77:d5:7f:08:7e:ba:b1: 430 d3:27:03:3a:d9:94:81:9d:f8:44:17:b1:bf:20:2e:e8:8e:d3: 431 67:d6:8d:e6:f6:54:bc:7f:fa:cd:37:3d:f6:e6:f8:dd:b6:01: 432 89:b4:a8:b9:7c:a1:40:e4:2b:00:d5:78:be:a1:27:f1:26:48: 433 44:e7:f9:11:c4:dc:df:59:7b:86:70:c4:62:0a:44:79:aa:74: 434 5f:25:ac:2f:9f:7a:d1:d7:f2:85:86:83:89:e4:20:24:57:9f: 435 e7:b5:f0:be:d0:c6:2d:94:ae:f9:01:6a:f3:b6:69:b1:4a:73: 436 76:33:a2:72:5a:5a:2a:96:8b:54:3e:f4:de:90:78:61:88:17: 437 e5:db:8c:4f:a6:13:f7:10:f8:8d:a5:b4:2d:7f:b2:19:65:7f: 438 15:fc:4f:08:8a:0f:06:a5:62:a9:b3:9a:ee:2f:b1:97:31:b2: 439 04:c2:e4:47 440 -----BEGIN CERTIFICATE----- 441 MIIFFDCCA/ygAwIBAgIBHDANBgkqhkiG9w0BAQsFADB0MQswCQYDVQQGEwJVUzEY 442 MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsT 443 A1BLSTEvMC0GA1UEAxMmVVMgRG9EIENDRUIgSW50ZXJvcGVyYWJpbGl0eSBSb290 444 IENBIDIwHhcNMTYwOTI3MTI0MTQxWhcNMTkwOTI3MTI0MTQxWjBbMQswCQYDVQQG 445 EwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAK 446 BgNVBAsTA1BLSTEWMBQGA1UEAxMNRG9EIFJvb3QgQ0EgMzCCASIwDQYJKoZIhvcN 447 AQEBBQADggEPADCCAQoCggEBAKnsFHKK6Etwo9oQA4Sm+6c2DSo6Uha/MBVShgVH 448 IM+qps11xGRu7/FgI8sKZkCutMhoKgBRaEk36VkyTZW8QyfpQI06EM4UvEMYofne 449 zOeFdnNeGBojW70/H/LtjRnMA9FApI+nIAJMJ1p5NvajNyGOAFoGFsrTVZZvMSm7 450 cg7L4khR8tQ3pDXWb+4Xs7EGqwsZhugjbTEbKHhlxd5iUrzBfevuoF1UBPuyyyuy 451 I1SRgkzwv7p0QDsMBEWAZ1zF66JXwxp/Ci29f7ncwZmwyAfkDIY2lDolL/J95pc8 452 G5S0l1kGyTrkC9nq6fw7czRv/eeY5POhwpBfHPU/LtcZ038CAwEAAaOCAcgwggHE 453 MB8GA1UdIwQYMBaAFBYrkdriFwyWq1x93n1I8l2oAKznMB0GA1UdDgQWBBRsipSi 454 d7GAch2Behaq8tzOZu5FwDAOBgNVHQ8BAf8EBAMCAQYwMAYDVR0gBCkwJzALBglg 455 hkgBZQIBCyQwCwYJYIZIAWUCAQsnMAsGCWCGSAFlAgELKjAPBgNVHRMBAf8EBTAD 456 AQH/MA8GA1UdJAEB/wQFMAOAAQAwTQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2Ny 457 bC5kaXNhLm1pbC9jcmwvVVNET0RDQ0VCSU5URVJPUEVSQUJJTElUWVJPT1RDQTIu 458 Y3JsMIGCBggrBgEFBQcBAQR2MHQwUAYIKwYBBQUHMAKGRGh0dHA6Ly9jcmwuZGlz 459 YS5taWwvaXNzdWVkdG8vVVNET0RDQ0VCSU5URVJPUEVSQUJJTElUWVJPT1RDQTJf 460 SVQucDdjMCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcC5kaXNhLm1pbDBKBggrBgEF 461 BQcBCwQ+MDwwOgYIKwYBBQUHMAWGLmh0dHA6Ly9jcmwuZGlzYS5taWwvaXNzdWVk 462 YnkvRE9EUk9PVENBM19JQi5wN2MwDQYJKoZIhvcNAQELBQADggEBAEfhmEjJfCof 463 YKoX/FG/V+FGHW6vKkdkR9P4IyzQb6quTJOVthja9Bqxl+kJHhCyEmalfAMV5bH/ 464 mHvCEdMfPPqXQ8u8g2YeAf2G/cPID7sPyoJyd9V/CH66sdMnAzrZlIGd+EQXsb8g 465 LuiO02fWjeb2VLx/+s03Pfbm+N22AYm0qLl8oUDkKwDVeL6hJ/EmSETn+RHE3N9Z 466 e4ZwxGIKRHmqdF8lrC+fetHX8oWGg4nkICRXn+e18L7Qxi2UrvkBavO2abFKc3Yz 467 onJaWiqWi1Q+9N6QeGGIF+XbjE+mE/cQ+I2ltC1/shllfxX8TwiKDwalYqmzmu4v 468 sZcxsgTC5Ec= 469 -----END CERTIFICATE----- 470 ` 471 472 // HexHashDoDRootCA3SignedByCCEBInteropRootCA2 is the hex SHA256 fingerprint 473 // ofDoDRootCA3SignedByCCEBInteropRootCA2. 474 const HexHashDoDRootCA3SignedByCCEBInteropRootCA2 = "925820ceae31ca372175d0eda58063e0bf8d7f6bd1a6de007d22861bb6270b62" 475 476 // PEMDoDInteropCA2SignedByFederalBridgeCA2016 is a certificate for the DoD 477 // Interoperability CA 2 signed by the Federal Bridge CA 2016. 478 const PEMDoDInteropCA2SignedByFederalBridgeCA2016 = ` 479 Certificate: 480 Data: 481 Version: 3 (0x2) 482 Serial Number: 483 05:d1:6f:14:b3:c9:52:02:58:ab:27:af:8e:14:a9:72:c7:d5:b3:91 484 Signature Algorithm: sha256WithRSAEncryption 485 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2016 486 Validity 487 Not Before: May 10 15:35:12 2017 GMT 488 Not After : Aug 15 15:34:38 2019 GMT 489 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 490 Subject Public Key Info: 491 Public Key Algorithm: rsaEncryption 492 RSA Public Key: (2048 bit) 493 Modulus (2048 bit): 494 00:f7:c6:d0:83:93:e6:0b:83:29:e8:28:3b:b6:4a: 495 e0:ac:8c:9e:b4:55:c3:df:18:7e:e2:b3:73:72:b4: 496 68:a1:66:d8:98:63:ea:be:8f:5e:c0:0e:11:ad:7f: 497 d2:f3:a5:25:2f:ee:7e:a3:d8:90:8d:4b:21:60:d3: 498 df:3f:85:1b:fc:43:17:bd:ac:cd:d1:fe:e0:2d:fe: 499 bd:46:1f:3e:98:56:88:df:07:4c:92:04:b4:05:d5: 500 15:e0:9a:a4:c3:51:d3:0a:78:d8:3c:fc:5c:1c:e5: 501 cd:23:49:97:50:3e:b1:b4:b6:a2:53:52:34:09:31: 502 03:8c:13:e7:e9:4d:c3:fb:03:dc:02:a3:5a:d5:6d: 503 6b:af:16:2b:d4:4e:fe:7b:a0:41:38:ed:4b:af:26: 504 35:b5:9c:89:69:0e:e9:25:cd:b1:4d:33:af:8e:6d: 505 65:91:28:e5:dc:fd:72:e8:f8:a6:31:33:92:ff:f0: 506 02:a3:50:4e:81:c1:f8:34:eb:95:29:09:a5:da:ab: 507 60:61:fd:ea:b9:4f:4a:31:8a:97:66:f8:c3:00:d2: 508 d2:86:a3:42:43:d3:bb:79:27:2e:6f:b5:b2:65:e5: 509 4b:8d:49:af:10:b1:d2:5b:75:77:10:74:e3:16:f2: 510 24:67:78:0c:b6:f6:36:0f:42:ef:ff:a3:c0:bb:c6: 511 5e:b5 512 Exponent: 65537 (0x10001) 513 X509v3 extensions: 514 X509v3 Basic Constraints: critical 515 CA:TRUE 516 X509v3 Certificate Policies: 517 Policy: 2.16.840.1.101.3.2.1.3.3 518 Policy: 2.16.840.1.101.3.2.1.3.12 519 Policy: 2.16.840.1.101.3.2.1.3.37 520 Policy: 2.16.840.1.101.3.2.1.3.13 521 Policy: 2.16.840.1.101.3.2.1.3.17 522 Policy: 2.16.840.1.101.3.2.1.3.18 523 Policy: 2.16.840.1.101.3.2.1.3.19 524 Policy: 2.16.840.1.101.3.2.1.3.20 525 Policy: 2.16.840.1.101.3.2.1.3.39 526 527 Authority Information Access: 528 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c 529 530 X509v3 Policy Mappings: 531 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.2.1.11.39, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.2.1.11.42, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.2.1.11.36, 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.3.2.1.12.4, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.3.2.1.12.5, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.3.2.1.12.9, 2.16.840.1.101.3.2.1.3.18:2.16.840.1.101.3.2.1.12.6, 2.16.840.1.101.3.2.1.3.19:2.16.840.1.101.3.2.1.12.7, 2.16.840.1.101.3.2.1.3.20:2.16.840.1.101.3.2.1.12.8, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.3.2.1.12.10 532 X509v3 Name Constraints: 533 Permitted: 534 DirName: C = US, O = U.S. Government, OU = DoD 535 DirName: DC = mil 536 DirName: C = US, O = U.S. Government, OU = ECA 537 538 Subject Information Access: 539 CA Repository - URI:http://crl.disa.mil/issuedby/DODINTEROPERABILITYROOTCA2_IB.p7c 540 541 X509v3 Policy Constraints: 542 Require Explicit Policy:0, Inhibit Policy Mapping:0 543 X509v3 Inhibit Any Policy: 544 0 545 X509v3 Key Usage: critical 546 Certificate Sign, CRL Sign 547 X509v3 Authority Key Identifier: 548 keyid:23:B0:B3:7D:16:54:D4:02:56:76:EB:3A:BE:A9:6B:2F:43:7B:28:16 549 550 X509v3 CRL Distribution Points: 551 URI:http://http.fpki.gov/bridge/fbca2016.crl 552 553 X509v3 Subject Key Identifier: 554 FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 555 Signature Algorithm: sha256WithRSAEncryption 556 a3:14:ba:01:a3:f9:45:88:5d:c7:52:e3:ff:3b:16:15:fc:af: 557 87:d8:4c:67:f9:ff:30:2d:5a:21:6a:5f:22:d0:06:c5:b6:0b: 558 4c:42:fa:0a:45:01:c3:62:f8:34:86:1e:11:3a:30:e5:cc:b7: 559 76:b7:51:3c:b5:28:08:75:cf:c4:aa:05:ce:0e:04:d9:57:b8: 560 9f:06:8c:b2:28:9c:37:9a:ba:20:92:5b:62:83:e2:27:be:56: 561 b6:48:d2:a0:7c:c2:e9:3f:e0:13:4a:11:cc:bd:98:0a:bb:ae: 562 65:82:91:32:06:f5:15:5a:69:37:3f:77:f5:63:de:63:04:92: 563 51:4d:fa:4a:77:a2:e6:6e:11:a3:64:d5:09:1a:2f:96:19:17: 564 10:b3:e2:de:4d:9b:f8:64:23:2c:16:33:83:1b:0f:37:e3:15: 565 03:83:83:2a:29:1a:c3:5f:d5:f0:16:ff:7e:fe:61:9d:e5:65: 566 c9:27:14:ea:d0:f5:69:1b:b1:93:7b:da:d3:22:8b:53:07:18: 567 8f:ee:ca:a6:03:68:02:89:f6:33:02:2a:a2:36:94:94:c1:73: 568 5b:75:c2:8f:02:9b:c7:8a:68:57:af:e5:2d:07:7e:ca:56:c6: 569 25:2f:bc:7a:fb:77:94:88:66:6c:10:47:72:21:29:10:4d:cc: 570 0c:e1:ec:74 571 -----BEGIN CERTIFICATE----- 572 MIIHADCCBeigAwIBAgIUBdFvFLPJUgJYqyevjhSpcsfVs5EwDQYJKoZIhvcNAQEL 573 BQAwVzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsG 574 A1UECxMERlBLSTEfMB0GA1UEAxMWRmVkZXJhbCBCcmlkZ2UgQ0EgMjAxNjAeFw0x 575 NzA1MTAxNTM1MTJaFw0xOTA4MTUxNTM0MzhaMGwxCzAJBgNVBAYTAlVTMRgwFgYD 576 VQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMDUEtJ 577 MScwJQYDVQQDEx5Eb0QgSW50ZXJvcGVyYWJpbGl0eSBSb290IENBIDIwggEiMA0G 578 CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3xtCDk+YLgynoKDu2SuCsjJ60VcPf 579 GH7is3NytGihZtiYY+q+j17ADhGtf9LzpSUv7n6j2JCNSyFg098/hRv8Qxe9rM3R 580 /uAt/r1GHz6YVojfB0ySBLQF1RXgmqTDUdMKeNg8/Fwc5c0jSZdQPrG0tqJTUjQJ 581 MQOME+fpTcP7A9wCo1rVbWuvFivUTv57oEE47UuvJjW1nIlpDuklzbFNM6+ObWWR 582 KOXc/XLo+KYxM5L/8AKjUE6Bwfg065UpCaXaq2Bh/eq5T0oxipdm+MMA0tKGo0JD 583 07t5Jy5vtbJl5UuNSa8QsdJbdXcQdOMW8iRneAy29jYPQu//o8C7xl61AgMBAAGj 584 ggOtMIIDqTAPBgNVHRMBAf8EBTADAQH/MIGIBgNVHSAEgYAwfjAMBgpghkgBZQMC 585 AQMDMAwGCmCGSAFlAwIBAwwwDAYKYIZIAWUDAgEDJTAMBgpghkgBZQMCAQMNMAwG 586 CmCGSAFlAwIBAxEwDAYKYIZIAWUDAgEDEjAMBgpghkgBZQMCAQMTMAwGCmCGSAFl 587 AwIBAxQwDAYKYIZIAWUDAgEDJzBTBggrBgEFBQcBAQRHMEUwQwYIKwYBBQUHMAKG 588 N2h0dHA6Ly9odHRwLmZwa2kuZ292L2JyaWRnZS9jYUNlcnRzSXNzdWVkVG9mYmNh 589 MjAxNi5wN2MwggEOBgNVHSEEggEFMIIBATAXBgpghkgBZQMCAQMDBglghkgBZQIB 590 CycwFwYKYIZIAWUDAgEDDAYJYIZIAWUCAQsqMBcGCmCGSAFlAwIBAyUGCWCGSAFl 591 AgELJDAYBgpghkgBZQMCAQMDBgpghkgBZQMCAQwEMBgGCmCGSAFlAwIBAwwGCmCG 592 SAFlAwIBDAUwGAYKYIZIAWUDAgEDJQYKYIZIAWUDAgEMCTAYBgpghkgBZQMCAQMS 593 BgpghkgBZQMCAQwGMBgGCmCGSAFlAwIBAxMGCmCGSAFlAwIBDAcwGAYKYIZIAWUD 594 AgEDFAYKYIZIAWUDAgEMCDAYBgpghkgBZQMCAQMMBgpghkgBZQMCAQwKMIGfBgNV 595 HR4EgZcwgZSggZEwOaQ3MDUxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdv 596 dmVybm1lbnQxDDAKBgNVBAsTA0RvRDAZpBcwFTETMBEGCgmSJomT8ixkARkWA21p 597 bDA5pDcwNTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEM 598 MAoGA1UECxMDRUNBMFoGCCsGAQUFBwELBE4wTDBKBggrBgEFBQcwBYY+aHR0cDov 599 L2NybC5kaXNhLm1pbC9pc3N1ZWRieS9ET0RJTlRFUk9QRVJBQklMSVRZUk9PVENB 600 Ml9JQi5wN2MwDwYDVR0kBAgwBoABAIEBADAKBgNVHTYEAwIBADAOBgNVHQ8BAf8E 601 BAMCAQYwHwYDVR0jBBgwFoAUI7CzfRZU1AJWdus6vqlrL0N7KBYwOQYDVR0fBDIw 602 MDAuoCygKoYoaHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdlL2ZiY2EyMDE2LmNy 603 bDAdBgNVHQ4EFgQU//iuE4uSK3mSQaN2XCyBnprFnHgwDQYJKoZIhvcNAQELBQAD 604 ggEBAKMUugGj+UWIXcdS4/87FhX8r4fYTGf5/zAtWiFqXyLQBsW2C0xC+gpFAcNi 605 +DSGHhE6MOXMt3a3UTy1KAh1z8SqBc4OBNlXuJ8GjLIonDeauiCSW2KD4ie+VrZI 606 0qB8wuk/4BNKEcy9mAq7rmWCkTIG9RVaaTc/d/Vj3mMEklFN+kp3ouZuEaNk1Qka 607 L5YZFxCz4t5Nm/hkIywWM4MbDzfjFQODgyopGsNf1fAW/37+YZ3lZcknFOrQ9Wkb 608 sZN72tMii1MHGI/uyqYDaAKJ9jMCKqI2lJTBc1t1wo8Cm8eKaFev5S0HfspWxiUv 609 vHr7d5SIZmwQR3IhKRBNzAzh7HQ= 610 -----END CERTIFICATE----- 611 ` 612 613 // HexHashDoDInteropCA2SignedByFederalBridgeCA2016 is the hex SHA256 fingerprint 614 // of DoDInteropCA2SignedByFederalBridgeCA2016. 615 const HexHashDoDInteropCA2SignedByFederalBridgeCA2016 = "4859a804b9e7e62cbdf1fe18c80bd7df77f0b07f716305efce6e5663358f5738" 616 617 // PEMDoDInteropCA2SignedByFederalBridgeCA is a certificate for the DoD 618 // Interoperability CA 2 signed by the Federal Bridge CA. 619 const PEMDoDInteropCA2SignedByFederalBridgeCA = ` 620 Certificate: 621 Data: 622 Version: 3 (0x2) 623 Serial Number: 4515 (0x11a3) 624 Signature Algorithm: sha256WithRSAEncryption 625 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 626 Validity 627 Not Before: May 21 16:05:18 2013 GMT 628 Not After : May 21 16:03:30 2016 GMT 629 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 630 Subject Public Key Info: 631 Public Key Algorithm: rsaEncryption 632 RSA Public Key: (2048 bit) 633 Modulus (2048 bit): 634 00:f7:c6:d0:83:93:e6:0b:83:29:e8:28:3b:b6:4a: 635 e0:ac:8c:9e:b4:55:c3:df:18:7e:e2:b3:73:72:b4: 636 68:a1:66:d8:98:63:ea:be:8f:5e:c0:0e:11:ad:7f: 637 d2:f3:a5:25:2f:ee:7e:a3:d8:90:8d:4b:21:60:d3: 638 df:3f:85:1b:fc:43:17:bd:ac:cd:d1:fe:e0:2d:fe: 639 bd:46:1f:3e:98:56:88:df:07:4c:92:04:b4:05:d5: 640 15:e0:9a:a4:c3:51:d3:0a:78:d8:3c:fc:5c:1c:e5: 641 cd:23:49:97:50:3e:b1:b4:b6:a2:53:52:34:09:31: 642 03:8c:13:e7:e9:4d:c3:fb:03:dc:02:a3:5a:d5:6d: 643 6b:af:16:2b:d4:4e:fe:7b:a0:41:38:ed:4b:af:26: 644 35:b5:9c:89:69:0e:e9:25:cd:b1:4d:33:af:8e:6d: 645 65:91:28:e5:dc:fd:72:e8:f8:a6:31:33:92:ff:f0: 646 02:a3:50:4e:81:c1:f8:34:eb:95:29:09:a5:da:ab: 647 60:61:fd:ea:b9:4f:4a:31:8a:97:66:f8:c3:00:d2: 648 d2:86:a3:42:43:d3:bb:79:27:2e:6f:b5:b2:65:e5: 649 4b:8d:49:af:10:b1:d2:5b:75:77:10:74:e3:16:f2: 650 24:67:78:0c:b6:f6:36:0f:42:ef:ff:a3:c0:bb:c6: 651 5e:b5 652 Exponent: 65537 (0x10001) 653 X509v3 extensions: 654 X509v3 Basic Constraints: critical 655 CA:TRUE 656 X509v3 Certificate Policies: 657 Policy: 2.16.840.1.101.3.2.1.3.3 658 Policy: 2.16.840.1.101.3.2.1.3.12 659 Policy: 2.16.840.1.101.3.2.1.3.37 660 Policy: 2.16.840.1.101.3.2.1.3.13 661 Policy: 2.16.840.1.101.3.2.1.3.17 662 663 Authority Information Access: 664 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca.p7c 665 666 X509v3 Policy Mappings: 667 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.2.1.11.39, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.2.1.11.42, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.2.1.11.36 668 X509v3 Name Constraints: critical 669 Permitted: 670 DirName: C = US, O = U.S. Government, OU = DoD 671 DirName: DC = mil 672 673 Subject Information Access: 674 CA Repository - URI:http://crl.disa.mil/issuedby/DODINTEROPERABILITYROOTCA2_IB.p7c 675 676 X509v3 Policy Constraints: critical 677 Require Explicit Policy:0, Inhibit Policy Mapping:0 678 X509v3 Key Usage: critical 679 Certificate Sign, CRL Sign 680 X509v3 Authority Key Identifier: 681 keyid:C4:9D:FC:9D:5D:3A:5D:05:7A:BF:02:81:EC:DB:49:70:15:C7:B2:72 682 683 X509v3 CRL Distribution Points: 684 URI:http://http.fpki.gov/bridge/fbca.crl 685 686 X509v3 Subject Key Identifier: 687 FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 688 Signature Algorithm: sha256WithRSAEncryption 689 0d:57:8a:eb:a0:c6:17:d6:b0:f3:36:86:41:b9:9f:20:81:7b: 690 f0:a8:c1:d0:77:60:5a:77:d8:f9:3a:be:92:e5:c3:c8:ed:a1: 691 58:e8:30:46:c7:ee:e3:33:78:97:6a:e6:31:1c:b7:9c:eb:28: 692 80:11:b4:de:12:d4:a8:48:10:b9:58:32:ab:2b:e8:77:39:22: 693 f0:cb:83:05:1a:a6:ad:87:f5:e4:49:cd:09:da:b6:a1:bb:63: 694 cf:b8:86:fb:ab:f9:54:6e:14:77:8e:13:ee:f2:ff:a4:9b:81: 695 3e:ef:c1:d3:16:60:74:76:2b:a3:af:ef:77:e4:2a:d8:fb:d8: 696 c5:e2:cc:d3:d0:49:7b:ac:26:64:3b:ed:33:a6:ab:ae:d1:62: 697 5c:c1:fd:e3:0b:ae:ef:2a:9d:75:12:04:63:d1:05:b5:0f:15: 698 0e:07:c1:4b:04:0c:db:b8:30:0b:e2:93:2f:2c:a8:2e:f0:19: 699 2c:13:29:28:d7:d6:40:00:56:f5:5a:06:11:89:03:11:cb:c8: 700 ee:a7:1c:27:0c:fc:76:64:9f:da:f9:f9:c6:6a:03:f2:07:09: 701 52:9e:09:c8:04:70:d9:bd:de:12:8b:bb:ef:91:06:88:8d:3e: 702 92:3e:31:c1:e0:ff:ea:a6:c7:15:64:69:6f:a6:f4:3c:34:13: 703 da:72:31:98 704 -----BEGIN CERTIFICATE----- 705 MIIFpjCCBI6gAwIBAgICEaMwDQYJKoZIhvcNAQELBQAwUjELMAkGA1UEBhMCVVMx 706 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEaMBgGA1UE 707 AxMRRmVkZXJhbCBCcmlkZ2UgQ0EwHhcNMTMwNTIxMTYwNTE4WhcNMTYwNTIxMTYw 708 MzMwWjBsMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQww 709 CgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEnMCUGA1UEAxMeRG9EIEludGVyb3Bl 710 cmFiaWxpdHkgUm9vdCBDQSAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC 711 AQEA98bQg5PmC4Mp6Cg7tkrgrIyetFXD3xh+4rNzcrRooWbYmGPqvo9ewA4RrX/S 712 86UlL+5+o9iQjUshYNPfP4Ub/EMXvazN0f7gLf69Rh8+mFaI3wdMkgS0BdUV4Jqk 713 w1HTCnjYPPxcHOXNI0mXUD6xtLaiU1I0CTEDjBPn6U3D+wPcAqNa1W1rrxYr1E7+ 714 e6BBOO1LryY1tZyJaQ7pJc2xTTOvjm1lkSjl3P1y6PimMTOS//ACo1BOgcH4NOuV 715 KQml2qtgYf3quU9KMYqXZvjDANLShqNCQ9O7eScub7WyZeVLjUmvELHSW3V3EHTj 716 FvIkZ3gMtvY2D0Lv/6PAu8ZetQIDAQABo4ICajCCAmYwDwYDVR0TAQH/BAUwAwEB 717 /zBPBgNVHSAESDBGMAwGCmCGSAFlAwIBAwMwDAYKYIZIAWUDAgEDDDAMBgpghkgB 718 ZQMCAQMlMAwGCmCGSAFlAwIBAw0wDAYKYIZIAWUDAgEDETBPBggrBgEFBQcBAQRD 719 MEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9odHRwLmZwa2kuZ292L2JyaWRnZS9jYUNl 720 cnRzSXNzdWVkVG9mYmNhLnA3YzBUBgNVHSEETTBLMBcGCmCGSAFlAwIBAwMGCWCG 721 SAFlAgELJzAXBgpghkgBZQMCAQMMBglghkgBZQIBCyowFwYKYIZIAWUDAgEDJQYJ 722 YIZIAWUCAQskMGQGA1UdHgEB/wRaMFigVjA5pDcwNTELMAkGA1UEBhMCVVMxGDAW 723 BgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMBmkFzAVMRMwEQYK 724 CZImiZPyLGQBGRYDbWlsMFoGCCsGAQUFBwELBE4wTDBKBggrBgEFBQcwBYY+aHR0 725 cDovL2NybC5kaXNhLm1pbC9pc3N1ZWRieS9ET0RJTlRFUk9QRVJBQklMSVRZUk9P 726 VENBMl9JQi5wN2MwEgYDVR0kAQH/BAgwBoABAIEBADAOBgNVHQ8BAf8EBAMCAQYw 727 HwYDVR0jBBgwFoAUxJ38nV06XQV6vwKB7NtJcBXHsnIwNQYDVR0fBC4wLDAqoCig 728 JoYkaHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdlL2ZiY2EuY3JsMB0GA1UdDgQW 729 BBT/+K4Ti5IreZJBo3ZcLIGemsWceDANBgkqhkiG9w0BAQsFAAOCAQEADVeK66DG 730 F9aw8zaGQbmfIIF78KjB0HdgWnfY+Tq+kuXDyO2hWOgwRsfu4zN4l2rmMRy3nOso 731 gBG03hLUqEgQuVgyqyvodzki8MuDBRqmrYf15EnNCdq2obtjz7iG+6v5VG4Ud44T 732 7vL/pJuBPu/B0xZgdHYro6/vd+Qq2PvYxeLM09BJe6wmZDvtM6arrtFiXMH94wuu 733 7yqddRIEY9EFtQ8VDgfBSwQM27gwC+KTLyyoLvAZLBMpKNfWQABW9VoGEYkDEcvI 734 7qccJwz8dmSf2vn5xmoD8gcJUp4JyARw2b3eEou775EGiI0+kj4xweD/6qbHFWRp 735 b6b0PDQT2nIxmA== 736 -----END CERTIFICATE----- 737 ` 738 739 // HexHashDoDInteropCA2SignedByFederalBridgeCA is the hex SHA256 fingerprint 740 // ofDoDInteropCA2SignedByFederalBridgeCA. 741 const HexHashDoDInteropCA2SignedByFederalBridgeCA = "76eb46d3a0808c7ef85fcd7128c2611e840c8299b836cc88d372564e1be1e96f" 742 743 // PEMDoDInteropCA2SignedByFederalBridgeCA2013Serial906 is the certificate for 744 // the DoD Interoperability CA 2 signed by the Federal Bridge CA 2013 with the 745 // serial number 906. 746 const PEMDoDInteropCA2SignedByFederalBridgeCA2013Serial906 = ` 747 Certificate: 748 Data: 749 Version: 3 (0x2) 750 Serial Number: 906 (0x38a) 751 Signature Algorithm: sha256WithRSAEncryption 752 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 753 Validity 754 Not Before: Jan 29 14:20:36 2014 GMT 755 Not After : May 21 13:12:52 2016 GMT 756 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 757 Subject Public Key Info: 758 Public Key Algorithm: rsaEncryption 759 RSA Public Key: (2048 bit) 760 Modulus (2048 bit): 761 00:f7:c6:d0:83:93:e6:0b:83:29:e8:28:3b:b6:4a: 762 e0:ac:8c:9e:b4:55:c3:df:18:7e:e2:b3:73:72:b4: 763 68:a1:66:d8:98:63:ea:be:8f:5e:c0:0e:11:ad:7f: 764 d2:f3:a5:25:2f:ee:7e:a3:d8:90:8d:4b:21:60:d3: 765 df:3f:85:1b:fc:43:17:bd:ac:cd:d1:fe:e0:2d:fe: 766 bd:46:1f:3e:98:56:88:df:07:4c:92:04:b4:05:d5: 767 15:e0:9a:a4:c3:51:d3:0a:78:d8:3c:fc:5c:1c:e5: 768 cd:23:49:97:50:3e:b1:b4:b6:a2:53:52:34:09:31: 769 03:8c:13:e7:e9:4d:c3:fb:03:dc:02:a3:5a:d5:6d: 770 6b:af:16:2b:d4:4e:fe:7b:a0:41:38:ed:4b:af:26: 771 35:b5:9c:89:69:0e:e9:25:cd:b1:4d:33:af:8e:6d: 772 65:91:28:e5:dc:fd:72:e8:f8:a6:31:33:92:ff:f0: 773 02:a3:50:4e:81:c1:f8:34:eb:95:29:09:a5:da:ab: 774 60:61:fd:ea:b9:4f:4a:31:8a:97:66:f8:c3:00:d2: 775 d2:86:a3:42:43:d3:bb:79:27:2e:6f:b5:b2:65:e5: 776 4b:8d:49:af:10:b1:d2:5b:75:77:10:74:e3:16:f2: 777 24:67:78:0c:b6:f6:36:0f:42:ef:ff:a3:c0:bb:c6: 778 5e:b5 779 Exponent: 65537 (0x10001) 780 X509v3 extensions: 781 X509v3 Basic Constraints: critical 782 CA:TRUE 783 X509v3 Certificate Policies: 784 Policy: 2.16.840.1.101.3.2.1.3.3 785 Policy: 2.16.840.1.101.3.2.1.3.12 786 Policy: 2.16.840.1.101.3.2.1.3.37 787 Policy: 2.16.840.1.101.3.2.1.3.13 788 Policy: 2.16.840.1.101.3.2.1.3.17 789 790 Authority Information Access: 791 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca2013.p7c 792 793 X509v3 Policy Mappings: 794 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.2.1.11.39, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.2.1.11.42, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.2.1.11.36 795 X509v3 Name Constraints: critical 796 Permitted: 797 DirName: C = US, O = U.S. Government, OU = DoD 798 DirName: DC = mil 799 800 Subject Information Access: 801 CA Repository - URI:http://crl.disa.mil/issuedby/DODINTEROPERABILITYROOTCA2_IB.p7c 802 803 X509v3 Policy Constraints: critical 804 Require Explicit Policy:0, Inhibit Policy Mapping:0 805 X509v3 Key Usage: critical 806 Certificate Sign, CRL Sign 807 X509v3 Authority Key Identifier: 808 keyid:BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 809 810 X509v3 CRL Distribution Points: 811 URI:http://http.fpki.gov/bridge/fbca2013.crl 812 813 X509v3 Subject Key Identifier: 814 FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 815 Signature Algorithm: sha256WithRSAEncryption 816 49:4f:71:1e:75:c1:69:ff:ed:07:ce:4a:01:71:4e:39:63:9a: 817 59:66:c5:b9:84:04:a9:5c:35:76:33:65:f6:d2:56:bb:6e:8f: 818 4e:63:24:a0:c5:5e:b8:67:1b:c5:9f:a2:e5:44:83:c1:b7:6b: 819 15:ee:4e:21:9a:56:37:3d:15:68:6c:96:24:3b:88:41:d2:23: 820 db:ed:b2:ce:6d:a5:56:66:75:f3:a7:b5:78:86:c1:a3:6f:3e: 821 b7:d9:88:45:23:7e:92:7e:52:86:31:b1:3d:f1:a3:7e:3f:47: 822 37:df:60:fe:a1:4a:0f:fb:80:c6:f6:0c:b6:da:73:20:d4:d2: 823 1e:21:7e:37:fc:dd:60:a8:98:60:37:d4:1a:8b:fb:ea:7b:c1: 824 89:db:32:43:f1:ab:1d:bc:ae:73:9b:45:9d:1e:5d:72:95:ac: 825 47:3b:09:81:1d:c4:b3:ed:1a:49:ec:f9:5a:57:17:f5:94:67: 826 a9:66:fa:59:4a:20:2d:8f:ad:d0:d0:16:69:74:48:49:e2:68: 827 2d:e6:fc:0c:87:12:c0:db:13:3d:73:73:0f:1e:ff:c4:80:b7: 828 df:ff:f8:b3:44:43:1c:71:a5:7c:b6:31:fa:59:78:f9:76:c0: 829 75:65:e0:d5:65:63:ea:f0:e5:ba:b9:dd:d5:56:b6:b8:e1:93: 830 c6:68:af:c6 831 -----BEGIN CERTIFICATE----- 832 MIIFszCCBJugAwIBAgICA4owDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCVVMx 833 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEfMB0GA1UE 834 AxMWRmVkZXJhbCBCcmlkZ2UgQ0EgMjAxMzAeFw0xNDAxMjkxNDIwMzZaFw0xNjA1 835 MjExMzEyNTJaMGwxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1l 836 bnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMDUEtJMScwJQYDVQQDEx5Eb0QgSW50 837 ZXJvcGVyYWJpbGl0eSBSb290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw 838 ggEKAoIBAQD3xtCDk+YLgynoKDu2SuCsjJ60VcPfGH7is3NytGihZtiYY+q+j17A 839 DhGtf9LzpSUv7n6j2JCNSyFg098/hRv8Qxe9rM3R/uAt/r1GHz6YVojfB0ySBLQF 840 1RXgmqTDUdMKeNg8/Fwc5c0jSZdQPrG0tqJTUjQJMQOME+fpTcP7A9wCo1rVbWuv 841 FivUTv57oEE47UuvJjW1nIlpDuklzbFNM6+ObWWRKOXc/XLo+KYxM5L/8AKjUE6B 842 wfg065UpCaXaq2Bh/eq5T0oxipdm+MMA0tKGo0JD07t5Jy5vtbJl5UuNSa8QsdJb 843 dXcQdOMW8iRneAy29jYPQu//o8C7xl61AgMBAAGjggJyMIICbjAPBgNVHRMBAf8E 844 BTADAQH/ME8GA1UdIARIMEYwDAYKYIZIAWUDAgEDAzAMBgpghkgBZQMCAQMMMAwG 845 CmCGSAFlAwIBAyUwDAYKYIZIAWUDAgEDDTAMBgpghkgBZQMCAQMRMFMGCCsGAQUF 846 BwEBBEcwRTBDBggrBgEFBQcwAoY3aHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdl 847 L2NhQ2VydHNJc3N1ZWRUb2ZiY2EyMDEzLnA3YzBUBgNVHSEETTBLMBcGCmCGSAFl 848 AwIBAwMGCWCGSAFlAgELJzAXBgpghkgBZQMCAQMMBglghkgBZQIBCyowFwYKYIZI 849 AWUDAgEDJQYJYIZIAWUCAQskMGQGA1UdHgEB/wRaMFigVjA5pDcwNTELMAkGA1UE 850 BhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMBmk 851 FzAVMRMwEQYKCZImiZPyLGQBGRYDbWlsMFoGCCsGAQUFBwELBE4wTDBKBggrBgEF 852 BQcwBYY+aHR0cDovL2NybC5kaXNhLm1pbC9pc3N1ZWRieS9ET0RJTlRFUk9QRVJB 853 QklMSVRZUk9PVENBMl9JQi5wN2MwEgYDVR0kAQH/BAgwBoABAIEBADAOBgNVHQ8B 854 Af8EBAMCAQYwHwYDVR0jBBgwFoAUu850cYM0TlkyRRVfQGBg3CuwtOQwOQYDVR0f 855 BDIwMDAuoCygKoYoaHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdlL2ZiY2EyMDEz 856 LmNybDAdBgNVHQ4EFgQU//iuE4uSK3mSQaN2XCyBnprFnHgwDQYJKoZIhvcNAQEL 857 BQADggEBAElPcR51wWn/7QfOSgFxTjljmllmxbmEBKlcNXYzZfbSVrtuj05jJKDF 858 XrhnG8WfouVEg8G3axXuTiGaVjc9FWhsliQ7iEHSI9vtss5tpVZmdfOntXiGwaNv 859 PrfZiEUjfpJ+UoYxsT3xo34/RzffYP6hSg/7gMb2DLbacyDU0h4hfjf83WComGA3 860 1BqL++p7wYnbMkPxqx28rnObRZ0eXXKVrEc7CYEdxLPtGkns+VpXF/WUZ6lm+llK 861 IC2PrdDQFml0SEniaC3m/AyHEsDbEz1zcw8e/8SAt9//+LNEQxxxpXy2MfpZePl2 862 wHVl4NVlY+rw5bq53dVWtrjhk8Zor8Y= 863 -----END CERTIFICATE----- 864 ` 865 866 // HexHashDoDInteropCA2SignedByFederalBridgeCA2013Serial906 is the hex SHA256 867 // fingerprint ofDoDInteropCA2SignedByFederalBridgeCA2013Serial906. 868 const HexHashDoDInteropCA2SignedByFederalBridgeCA2013Serial906 = "f1ca80e8c4420f0cab6c2f8b04b4deda19b1cea1f6869e16907674209035d5a1" 869 870 // PEMDoDInteropCA2SignedByFederalBridgeCA2013Serial8225 is the certificate for 871 // the DoD Interoperability CA 2 signed by the Federal Bridge CA 2013 with the 872 // serial number 8225. 873 const PEMDoDInteropCA2SignedByFederalBridgeCA2013Serial8225 = ` 874 Certificate: 875 Data: 876 Version: 3 (0x2) 877 Serial Number: 8225 (0x2021) 878 Signature Algorithm: sha256WithRSAEncryption 879 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 880 Validity 881 Not Before: Apr 6 17:00:49 2016 GMT 882 Not After : May 21 13:56:52 2016 GMT 883 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 884 Subject Public Key Info: 885 Public Key Algorithm: rsaEncryption 886 RSA Public Key: (2048 bit) 887 Modulus (2048 bit): 888 00:f7:c6:d0:83:93:e6:0b:83:29:e8:28:3b:b6:4a: 889 e0:ac:8c:9e:b4:55:c3:df:18:7e:e2:b3:73:72:b4: 890 68:a1:66:d8:98:63:ea:be:8f:5e:c0:0e:11:ad:7f: 891 d2:f3:a5:25:2f:ee:7e:a3:d8:90:8d:4b:21:60:d3: 892 df:3f:85:1b:fc:43:17:bd:ac:cd:d1:fe:e0:2d:fe: 893 bd:46:1f:3e:98:56:88:df:07:4c:92:04:b4:05:d5: 894 15:e0:9a:a4:c3:51:d3:0a:78:d8:3c:fc:5c:1c:e5: 895 cd:23:49:97:50:3e:b1:b4:b6:a2:53:52:34:09:31: 896 03:8c:13:e7:e9:4d:c3:fb:03:dc:02:a3:5a:d5:6d: 897 6b:af:16:2b:d4:4e:fe:7b:a0:41:38:ed:4b:af:26: 898 35:b5:9c:89:69:0e:e9:25:cd:b1:4d:33:af:8e:6d: 899 65:91:28:e5:dc:fd:72:e8:f8:a6:31:33:92:ff:f0: 900 02:a3:50:4e:81:c1:f8:34:eb:95:29:09:a5:da:ab: 901 60:61:fd:ea:b9:4f:4a:31:8a:97:66:f8:c3:00:d2: 902 d2:86:a3:42:43:d3:bb:79:27:2e:6f:b5:b2:65:e5: 903 4b:8d:49:af:10:b1:d2:5b:75:77:10:74:e3:16:f2: 904 24:67:78:0c:b6:f6:36:0f:42:ef:ff:a3:c0:bb:c6: 905 5e:b5 906 Exponent: 65537 (0x10001) 907 X509v3 extensions: 908 X509v3 Basic Constraints: critical 909 CA:TRUE 910 X509v3 Certificate Policies: 911 Policy: 2.16.840.1.101.3.2.1.3.3 912 Policy: 2.16.840.1.101.3.2.1.3.12 913 Policy: 2.16.840.1.101.3.2.1.3.37 914 Policy: 2.16.840.1.101.3.2.1.3.13 915 Policy: 2.16.840.1.101.3.2.1.3.17 916 917 Authority Information Access: 918 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca2013.p7c 919 920 X509v3 Policy Mappings: 921 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.2.1.11.39, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.2.1.11.42, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.2.1.11.36 922 X509v3 Name Constraints: 923 Permitted: 924 DirName: C = US, O = U.S. Government, OU = DoD 925 DirName: DC = mil 926 927 Subject Information Access: 928 CA Repository - URI:http://crl.disa.mil/issuedby/DODINTEROPERABILITYROOTCA2_IB.p7c 929 930 X509v3 Policy Constraints: critical 931 Require Explicit Policy:0, Inhibit Policy Mapping:0 932 X509v3 Inhibit Any Policy: 933 0 934 X509v3 Key Usage: critical 935 Certificate Sign, CRL Sign 936 X509v3 Authority Key Identifier: 937 keyid:BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 938 939 X509v3 CRL Distribution Points: 940 URI:http://http.fpki.gov/bridge/fbca2013.crl 941 942 X509v3 Subject Key Identifier: 943 FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 944 Signature Algorithm: sha256WithRSAEncryption 945 3b:cc:08:c7:bf:ca:a7:6d:88:45:23:1b:7a:01:d3:ce:c9:f6: 946 4e:29:43:73:34:a5:ed:2a:f3:fa:db:2f:14:ee:b7:d8:08:34: 947 78:a8:32:6e:6f:61:ea:d1:44:f2:6a:c3:a7:3c:ce:46:72:2d: 948 37:78:28:c2:e6:ac:18:a9:45:55:9c:65:1a:45:8b:71:d5:23: 949 69:96:63:a0:f8:c8:3d:cd:6e:70:63:fa:9f:1b:b8:cb:f5:9c: 950 01:ba:ec:0a:c6:32:85:db:8e:57:f8:78:f2:08:a6:1a:99:34: 951 d6:46:96:bd:15:f8:dc:64:c0:c9:9c:95:34:5d:fe:2a:9f:9c: 952 e8:fc:de:73:36:1d:1b:98:f4:3a:51:37:14:c4:7e:33:91:1e: 953 88:c3:08:c8:95:dd:ae:f1:f9:b9:f3:77:05:41:4a:56:3f:b9: 954 69:7b:69:99:ca:54:50:a9:c0:29:84:f8:69:5e:99:89:ba:d1: 955 7e:04:c2:10:91:a7:7e:14:9a:b6:ad:ad:62:5b:e3:5d:44:90: 956 a5:75:e5:04:f8:a4:83:6e:c4:5d:67:4d:52:f3:12:1f:c8:ec: 957 92:6b:a2:d9:1e:a6:b0:12:fc:36:60:a4:8d:c7:4a:4c:6a:c1: 958 d9:d0:7d:6e:20:85:22:5f:91:5f:9f:76:9a:db:4c:01:03:03: 959 5c:b6:70:59 960 -----BEGIN CERTIFICATE----- 961 MIIFvDCCBKSgAwIBAgICICEwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCVVMx 962 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEfMB0GA1UE 963 AxMWRmVkZXJhbCBCcmlkZ2UgQ0EgMjAxMzAeFw0xNjA0MDYxNzAwNDlaFw0xNjA1 964 MjExMzU2NTJaMGwxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1l 965 bnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMDUEtJMScwJQYDVQQDEx5Eb0QgSW50 966 ZXJvcGVyYWJpbGl0eSBSb290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw 967 ggEKAoIBAQD3xtCDk+YLgynoKDu2SuCsjJ60VcPfGH7is3NytGihZtiYY+q+j17A 968 DhGtf9LzpSUv7n6j2JCNSyFg098/hRv8Qxe9rM3R/uAt/r1GHz6YVojfB0ySBLQF 969 1RXgmqTDUdMKeNg8/Fwc5c0jSZdQPrG0tqJTUjQJMQOME+fpTcP7A9wCo1rVbWuv 970 FivUTv57oEE47UuvJjW1nIlpDuklzbFNM6+ObWWRKOXc/XLo+KYxM5L/8AKjUE6B 971 wfg065UpCaXaq2Bh/eq5T0oxipdm+MMA0tKGo0JD07t5Jy5vtbJl5UuNSa8QsdJb 972 dXcQdOMW8iRneAy29jYPQu//o8C7xl61AgMBAAGjggJ7MIICdzAPBgNVHRMBAf8E 973 BTADAQH/ME8GA1UdIARIMEYwDAYKYIZIAWUDAgEDAzAMBgpghkgBZQMCAQMMMAwG 974 CmCGSAFlAwIBAyUwDAYKYIZIAWUDAgEDDTAMBgpghkgBZQMCAQMRMFMGCCsGAQUF 975 BwEBBEcwRTBDBggrBgEFBQcwAoY3aHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdl 976 L2NhQ2VydHNJc3N1ZWRUb2ZiY2EyMDEzLnA3YzBUBgNVHSEETTBLMBcGCmCGSAFl 977 AwIBAwMGCWCGSAFlAgELJzAXBgpghkgBZQMCAQMMBglghkgBZQIBCyowFwYKYIZI 978 AWUDAgEDJQYJYIZIAWUCAQskMGEGA1UdHgRaMFigVjA5pDcwNTELMAkGA1UEBhMC 979 VVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMBmkFzAV 980 MRMwEQYKCZImiZPyLGQBGRYDbWlsMFoGCCsGAQUFBwELBE4wTDBKBggrBgEFBQcw 981 BYY+aHR0cDovL2NybC5kaXNhLm1pbC9pc3N1ZWRieS9ET0RJTlRFUk9QRVJBQklM 982 SVRZUk9PVENBMl9JQi5wN2MwEgYDVR0kAQH/BAgwBoABAIEBADAKBgNVHTYEAwIB 983 ADAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUu850cYM0TlkyRRVfQGBg3Cuw 984 tOQwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdl 985 L2ZiY2EyMDEzLmNybDAdBgNVHQ4EFgQU//iuE4uSK3mSQaN2XCyBnprFnHgwDQYJ 986 KoZIhvcNAQELBQADggEBADvMCMe/yqdtiEUjG3oB087J9k4pQ3M0pe0q8/rbLxTu 987 t9gINHioMm5vYerRRPJqw6c8zkZyLTd4KMLmrBipRVWcZRpFi3HVI2mWY6D4yD3N 988 bnBj+p8buMv1nAG67ArGMoXbjlf4ePIIphqZNNZGlr0V+NxkwMmclTRd/iqfnOj8 989 3nM2HRuY9DpRNxTEfjORHojDCMiV3a7x+bnzdwVBSlY/uWl7aZnKVFCpwCmE+Gle 990 mYm60X4EwhCRp34UmratrWJb411EkKV15QT4pINuxF1nTVLzEh/I7JJrotkeprAS 991 /DZgpI3HSkxqwdnQfW4ghSJfkV+fdprbTAEDA1y2cFk= 992 -----END CERTIFICATE----- 993 ` 994 995 // HexHashDoDInteropCA2SignedByFederalBridgeCA2013Serial8225 is the hex 996 // SHA256 fingerprint ofDoDInteropCA2SignedByFederalBridgeCA2013Serial8225. 997 const HexHashDoDInteropCA2SignedByFederalBridgeCA2013Serial8225 = "15fc3efd4294832257ba5a24a232fee2244880dcdc297a2872a6b75727557b1f" 998 999 // PEMDoDInteropCA2SignedByFederalBridgeCA2013Serial8844 is the certificate for 1000 // the DoD Interoperability CA 2 signed by the Federal Bridge CA 2013 with the 1001 // serial number 8844. 1002 const PEMDoDInteropCA2SignedByFederalBridgeCA2013Serial8844 = `Certificate: 1003 Data: 1004 Version: 3 (0x2) 1005 Serial Number: 8844 (0x228c) 1006 Signature Algorithm: sha256WithRSAEncryption 1007 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 1008 Validity 1009 Not Before: May 18 17:25:34 2016 GMT 1010 Not After : Aug 21 21:24:28 2016 GMT 1011 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 1012 Subject Public Key Info: 1013 Public Key Algorithm: rsaEncryption 1014 RSA Public Key: (2048 bit) 1015 Modulus (2048 bit): 1016 00:f7:c6:d0:83:93:e6:0b:83:29:e8:28:3b:b6:4a: 1017 e0:ac:8c:9e:b4:55:c3:df:18:7e:e2:b3:73:72:b4: 1018 68:a1:66:d8:98:63:ea:be:8f:5e:c0:0e:11:ad:7f: 1019 d2:f3:a5:25:2f:ee:7e:a3:d8:90:8d:4b:21:60:d3: 1020 df:3f:85:1b:fc:43:17:bd:ac:cd:d1:fe:e0:2d:fe: 1021 bd:46:1f:3e:98:56:88:df:07:4c:92:04:b4:05:d5: 1022 15:e0:9a:a4:c3:51:d3:0a:78:d8:3c:fc:5c:1c:e5: 1023 cd:23:49:97:50:3e:b1:b4:b6:a2:53:52:34:09:31: 1024 03:8c:13:e7:e9:4d:c3:fb:03:dc:02:a3:5a:d5:6d: 1025 6b:af:16:2b:d4:4e:fe:7b:a0:41:38:ed:4b:af:26: 1026 35:b5:9c:89:69:0e:e9:25:cd:b1:4d:33:af:8e:6d: 1027 65:91:28:e5:dc:fd:72:e8:f8:a6:31:33:92:ff:f0: 1028 02:a3:50:4e:81:c1:f8:34:eb:95:29:09:a5:da:ab: 1029 60:61:fd:ea:b9:4f:4a:31:8a:97:66:f8:c3:00:d2: 1030 d2:86:a3:42:43:d3:bb:79:27:2e:6f:b5:b2:65:e5: 1031 4b:8d:49:af:10:b1:d2:5b:75:77:10:74:e3:16:f2: 1032 24:67:78:0c:b6:f6:36:0f:42:ef:ff:a3:c0:bb:c6: 1033 5e:b5 1034 Exponent: 65537 (0x10001) 1035 X509v3 extensions: 1036 X509v3 Basic Constraints: critical 1037 CA:TRUE 1038 X509v3 Certificate Policies: 1039 Policy: 2.16.840.1.101.3.2.1.3.3 1040 Policy: 2.16.840.1.101.3.2.1.3.12 1041 Policy: 2.16.840.1.101.3.2.1.3.37 1042 Policy: 2.16.840.1.101.3.2.1.3.13 1043 Policy: 2.16.840.1.101.3.2.1.3.17 1044 1045 Authority Information Access: 1046 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca2013.p7c 1047 1048 X509v3 Policy Mappings: 1049 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.2.1.11.39, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.2.1.11.42, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.2.1.11.36 1050 X509v3 Name Constraints: 1051 Permitted: 1052 DirName: C = US, O = U.S. Government, OU = DoD 1053 DirName: DC = mil 1054 1055 Subject Information Access: 1056 CA Repository - URI:http://crl.disa.mil/issuedby/DODINTEROPERABILITYROOTCA2_IB.p7c 1057 1058 X509v3 Policy Constraints: 1059 Require Explicit Policy:0, Inhibit Policy Mapping:0 1060 X509v3 Inhibit Any Policy: 1061 0 1062 X509v3 Key Usage: critical 1063 Certificate Sign, CRL Sign 1064 X509v3 Authority Key Identifier: 1065 keyid:BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 1066 1067 X509v3 CRL Distribution Points: 1068 URI:http://http.fpki.gov/bridge/fbca2013.crl 1069 1070 X509v3 Subject Key Identifier: 1071 FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 1072 Signature Algorithm: sha256WithRSAEncryption 1073 1a:b0:c5:ce:3c:14:22:41:a3:70:5a:ed:d3:3a:24:9a:a1:61: 1074 ee:5b:0e:7a:46:0c:e0:7d:e8:8f:9c:dc:38:6b:27:83:a3:dd: 1075 f4:38:2f:09:39:b5:63:0b:ac:25:2c:4e:1d:ad:39:fe:92:7b: 1076 2d:a0:6e:02:d0:a8:21:4e:c1:fa:54:ec:7c:7d:08:ff:69:c7: 1077 05:e7:f7:71:c8:65:8d:6c:c8:bf:d7:c7:17:98:d3:a6:c2:d6: 1078 a3:bc:b5:37:cd:57:bb:58:35:83:22:5d:3e:8e:9d:dd:8c:f6: 1079 e4:36:2a:95:5c:50:73:10:99:1a:c0:d9:f7:e0:1d:34:b0:aa: 1080 d5:0d:ae:27:9f:3c:a2:c7:5e:57:20:0b:0e:51:17:58:d0:aa: 1081 dc:93:35:93:15:61:6b:c6:13:97:4a:fe:e2:f6:0f:11:ae:0c: 1082 39:66:9c:24:14:d7:16:00:60:10:80:38:9e:b8:12:46:89:70: 1083 37:21:73:74:6d:db:c6:7c:41:15:27:7a:1a:a3:d1:3d:08:26: 1084 65:17:aa:b1:ca:11:af:6c:67:60:4a:ca:3c:20:bc:e6:53:27: 1085 37:bb:de:26:b1:66:da:b5:93:1c:23:e5:27:36:99:18:bb:fb: 1086 7d:1f:3c:01:4f:2d:da:e2:3a:7e:75:8b:0c:a9:d7:30:3b:e9: 1087 19:28:16:d0 1088 -----BEGIN CERTIFICATE----- 1089 MIIFuTCCBKGgAwIBAgICIowwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCVVMx 1090 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEfMB0GA1UE 1091 AxMWRmVkZXJhbCBCcmlkZ2UgQ0EgMjAxMzAeFw0xNjA1MTgxNzI1MzRaFw0xNjA4 1092 MjEyMTI0MjhaMGwxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1l 1093 bnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMDUEtJMScwJQYDVQQDEx5Eb0QgSW50 1094 ZXJvcGVyYWJpbGl0eSBSb290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw 1095 ggEKAoIBAQD3xtCDk+YLgynoKDu2SuCsjJ60VcPfGH7is3NytGihZtiYY+q+j17A 1096 DhGtf9LzpSUv7n6j2JCNSyFg098/hRv8Qxe9rM3R/uAt/r1GHz6YVojfB0ySBLQF 1097 1RXgmqTDUdMKeNg8/Fwc5c0jSZdQPrG0tqJTUjQJMQOME+fpTcP7A9wCo1rVbWuv 1098 FivUTv57oEE47UuvJjW1nIlpDuklzbFNM6+ObWWRKOXc/XLo+KYxM5L/8AKjUE6B 1099 wfg065UpCaXaq2Bh/eq5T0oxipdm+MMA0tKGo0JD07t5Jy5vtbJl5UuNSa8QsdJb 1100 dXcQdOMW8iRneAy29jYPQu//o8C7xl61AgMBAAGjggJ4MIICdDAPBgNVHRMBAf8E 1101 BTADAQH/ME8GA1UdIARIMEYwDAYKYIZIAWUDAgEDAzAMBgpghkgBZQMCAQMMMAwG 1102 CmCGSAFlAwIBAyUwDAYKYIZIAWUDAgEDDTAMBgpghkgBZQMCAQMRMFMGCCsGAQUF 1103 BwEBBEcwRTBDBggrBgEFBQcwAoY3aHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdl 1104 L2NhQ2VydHNJc3N1ZWRUb2ZiY2EyMDEzLnA3YzBUBgNVHSEETTBLMBcGCmCGSAFl 1105 AwIBAwMGCWCGSAFlAgELJzAXBgpghkgBZQMCAQMMBglghkgBZQIBCyowFwYKYIZI 1106 AWUDAgEDJQYJYIZIAWUCAQskMGEGA1UdHgRaMFigVjA5pDcwNTELMAkGA1UEBhMC 1107 VVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMBmkFzAV 1108 MRMwEQYKCZImiZPyLGQBGRYDbWlsMFoGCCsGAQUFBwELBE4wTDBKBggrBgEFBQcw 1109 BYY+aHR0cDovL2NybC5kaXNhLm1pbC9pc3N1ZWRieS9ET0RJTlRFUk9QRVJBQklM 1110 SVRZUk9PVENBMl9JQi5wN2MwDwYDVR0kBAgwBoABAIEBADAKBgNVHTYEAwIBADAO 1111 BgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUu850cYM0TlkyRRVfQGBg3CuwtOQw 1112 OQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdlL2Zi 1113 Y2EyMDEzLmNybDAdBgNVHQ4EFgQU//iuE4uSK3mSQaN2XCyBnprFnHgwDQYJKoZI 1114 hvcNAQELBQADggEBABqwxc48FCJBo3Ba7dM6JJqhYe5bDnpGDOB96I+c3DhrJ4Oj 1115 3fQ4Lwk5tWMLrCUsTh2tOf6Sey2gbgLQqCFOwfpU7Hx9CP9pxwXn93HIZY1syL/X 1116 xxeY06bC1qO8tTfNV7tYNYMiXT6Ond2M9uQ2KpVcUHMQmRrA2ffgHTSwqtUNrief 1117 PKLHXlcgCw5RF1jQqtyTNZMVYWvGE5dK/uL2DxGuDDlmnCQU1xYAYBCAOJ64EkaJ 1118 cDchc3Rt28Z8QRUnehqj0T0IJmUXqrHKEa9sZ2BKyjwgvOZTJze73iaxZtq1kxwj 1119 5Sc2mRi7+30fPAFPLdriOn51iwyp1zA76RkoFtA= 1120 -----END CERTIFICATE----- 1121 ` 1122 1123 // HexHashDoDInteropCA2SignedByFederalBridgeCA2013Serial8844 is the hex 1124 // SHA256 fingerprint ofDoDInteropCA2SignedByFederalBridgeCA2013Serial8844. 1125 const HexHashDoDInteropCA2SignedByFederalBridgeCA2013Serial8844 = "ce1a4657b4649ba5701126c740642a56c464225eec3bf398a1a45b57e33356b6" 1126 1127 // PEMDoDInteropCA2SignedByFederalBridgeCA2013Serial9644 is the certificate for 1128 // the Dod Interoperability CA 2 signed by the Federal Bridge CA 2013 with the 1129 // serial number 9644. 1130 const PEMDoDInteropCA2SignedByFederalBridgeCA2013Serial9644 = ` 1131 Certificate: 1132 Data: 1133 Version: 3 (0x2) 1134 Serial Number: 9644 (0x25ac) 1135 Signature Algorithm: sha256WithRSAEncryption 1136 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 1137 Validity 1138 Not Before: Aug 15 15:47:46 2016 GMT 1139 Not After : Aug 15 15:47:23 2019 GMT 1140 Subject: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 1141 Subject Public Key Info: 1142 Public Key Algorithm: rsaEncryption 1143 RSA Public Key: (2048 bit) 1144 Modulus (2048 bit): 1145 00:f7:c6:d0:83:93:e6:0b:83:29:e8:28:3b:b6:4a: 1146 e0:ac:8c:9e:b4:55:c3:df:18:7e:e2:b3:73:72:b4: 1147 68:a1:66:d8:98:63:ea:be:8f:5e:c0:0e:11:ad:7f: 1148 d2:f3:a5:25:2f:ee:7e:a3:d8:90:8d:4b:21:60:d3: 1149 df:3f:85:1b:fc:43:17:bd:ac:cd:d1:fe:e0:2d:fe: 1150 bd:46:1f:3e:98:56:88:df:07:4c:92:04:b4:05:d5: 1151 15:e0:9a:a4:c3:51:d3:0a:78:d8:3c:fc:5c:1c:e5: 1152 cd:23:49:97:50:3e:b1:b4:b6:a2:53:52:34:09:31: 1153 03:8c:13:e7:e9:4d:c3:fb:03:dc:02:a3:5a:d5:6d: 1154 6b:af:16:2b:d4:4e:fe:7b:a0:41:38:ed:4b:af:26: 1155 35:b5:9c:89:69:0e:e9:25:cd:b1:4d:33:af:8e:6d: 1156 65:91:28:e5:dc:fd:72:e8:f8:a6:31:33:92:ff:f0: 1157 02:a3:50:4e:81:c1:f8:34:eb:95:29:09:a5:da:ab: 1158 60:61:fd:ea:b9:4f:4a:31:8a:97:66:f8:c3:00:d2: 1159 d2:86:a3:42:43:d3:bb:79:27:2e:6f:b5:b2:65:e5: 1160 4b:8d:49:af:10:b1:d2:5b:75:77:10:74:e3:16:f2: 1161 24:67:78:0c:b6:f6:36:0f:42:ef:ff:a3:c0:bb:c6: 1162 5e:b5 1163 Exponent: 65537 (0x10001) 1164 X509v3 extensions: 1165 X509v3 Basic Constraints: critical 1166 CA:TRUE 1167 X509v3 Certificate Policies: 1168 Policy: 2.16.840.1.101.3.2.1.3.3 1169 Policy: 2.16.840.1.101.3.2.1.3.12 1170 Policy: 2.16.840.1.101.3.2.1.3.37 1171 Policy: 2.16.840.1.101.3.2.1.3.13 1172 Policy: 2.16.840.1.101.3.2.1.3.17 1173 Policy: 2.16.840.1.101.3.2.1.3.18 1174 Policy: 2.16.840.1.101.3.2.1.3.19 1175 Policy: 2.16.840.1.101.3.2.1.3.20 1176 Policy: 2.16.840.1.101.3.2.1.3.39 1177 1178 Authority Information Access: 1179 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca2013.p7c 1180 1181 X509v3 Policy Mappings: 1182 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.2.1.11.39, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.2.1.11.42, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.2.1.11.36, 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.3.2.1.12.4, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.3.2.1.12.5, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.3.2.1.12.9, 2.16.840.1.101.3.2.1.3.18:2.16.840.1.101.3.2.1.12.6, 2.16.840.1.101.3.2.1.3.19:2.16.840.1.101.3.2.1.12.7, 2.16.840.1.101.3.2.1.3.20:2.16.840.1.101.3.2.1.12.8, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.3.2.1.12.10 1183 X509v3 Name Constraints: 1184 Permitted: 1185 DirName: C = US, O = U.S. Government, OU = DoD 1186 DirName: DC = mil 1187 DirName: C = US, O = U.S. Government, OU = ECA 1188 1189 Subject Information Access: 1190 CA Repository - URI:http://crl.disa.mil/issuedby/DODINTEROPERABILITYROOTCA2_IB.p7c 1191 1192 X509v3 Policy Constraints: 1193 Require Explicit Policy:0, Inhibit Policy Mapping:0 1194 X509v3 Inhibit Any Policy: 1195 0 1196 X509v3 Key Usage: critical 1197 Certificate Sign, CRL Sign 1198 X509v3 Authority Key Identifier: 1199 keyid:BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 1200 1201 X509v3 CRL Distribution Points: 1202 URI:http://http.fpki.gov/bridge/fbca2013.crl 1203 1204 X509v3 Subject Key Identifier: 1205 FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 1206 Signature Algorithm: sha256WithRSAEncryption 1207 85:a2:4c:ab:e0:9b:d4:27:69:4e:e0:f4:05:6f:2e:55:90:5a: 1208 ce:8f:6d:8e:03:43:9f:23:83:33:91:de:64:6d:b3:fd:3b:57: 1209 84:59:04:d3:0f:83:e1:56:d2:34:73:d1:c6:9f:a7:46:c5:70: 1210 93:02:db:cb:95:c0:0d:6c:38:ce:be:81:13:48:4b:af:8f:a7: 1211 5c:1d:cd:7d:3f:e4:09:db:83:df:75:5d:91:8a:b2:ef:5c:3a: 1212 e7:05:8f:cd:27:a3:f1:fd:f0:b5:3c:60:28:76:3a:f7:bb:c6: 1213 b5:a6:36:27:d4:7a:5e:6c:92:dc:f9:20:ce:db:84:67:69:f8: 1214 c0:82:59:98:8d:5d:50:81:7e:90:06:75:61:9e:ec:e4:87:58: 1215 3c:e7:ed:8c:d8:da:45:24:80:e5:3e:2d:2a:3a:ea:1f:29:e3: 1216 bc:dd:94:b2:bc:d8:58:17:e2:3f:99:b8:c4:67:35:44:f5:24: 1217 f3:d0:57:68:b5:91:af:b2:f7:4a:1c:15:7c:1b:44:2b:d9:84: 1218 4c:85:b7:87:d9:be:10:c6:26:1c:ba:e9:f0:ad:6d:4d:8e:d2: 1219 a9:2d:fc:ec:3c:bf:ae:ce:1d:17:c6:d4:d8:60:33:3f:76:61: 1220 75:66:f6:be:78:b6:47:ac:ce:4a:43:44:14:56:bf:81:92:10: 1221 82:49:c1:da 1222 -----BEGIN CERTIFICATE----- 1223 MIIG7jCCBdagAwIBAgICJawwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCVVMx 1224 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEfMB0GA1UE 1225 AxMWRmVkZXJhbCBCcmlkZ2UgQ0EgMjAxMzAeFw0xNjA4MTUxNTQ3NDZaFw0xOTA4 1226 MTUxNTQ3MjNaMGwxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1l 1227 bnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMDUEtJMScwJQYDVQQDEx5Eb0QgSW50 1228 ZXJvcGVyYWJpbGl0eSBSb290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw 1229 ggEKAoIBAQD3xtCDk+YLgynoKDu2SuCsjJ60VcPfGH7is3NytGihZtiYY+q+j17A 1230 DhGtf9LzpSUv7n6j2JCNSyFg098/hRv8Qxe9rM3R/uAt/r1GHz6YVojfB0ySBLQF 1231 1RXgmqTDUdMKeNg8/Fwc5c0jSZdQPrG0tqJTUjQJMQOME+fpTcP7A9wCo1rVbWuv 1232 FivUTv57oEE47UuvJjW1nIlpDuklzbFNM6+ObWWRKOXc/XLo+KYxM5L/8AKjUE6B 1233 wfg065UpCaXaq2Bh/eq5T0oxipdm+MMA0tKGo0JD07t5Jy5vtbJl5UuNSa8QsdJb 1234 dXcQdOMW8iRneAy29jYPQu//o8C7xl61AgMBAAGjggOtMIIDqTAPBgNVHRMBAf8E 1235 BTADAQH/MIGIBgNVHSAEgYAwfjAMBgpghkgBZQMCAQMDMAwGCmCGSAFlAwIBAwww 1236 DAYKYIZIAWUDAgEDJTAMBgpghkgBZQMCAQMNMAwGCmCGSAFlAwIBAxEwDAYKYIZI 1237 AWUDAgEDEjAMBgpghkgBZQMCAQMTMAwGCmCGSAFlAwIBAxQwDAYKYIZIAWUDAgED 1238 JzBTBggrBgEFBQcBAQRHMEUwQwYIKwYBBQUHMAKGN2h0dHA6Ly9odHRwLmZwa2ku 1239 Z292L2JyaWRnZS9jYUNlcnRzSXNzdWVkVG9mYmNhMjAxMy5wN2MwggEOBgNVHSEE 1240 ggEFMIIBATAXBgpghkgBZQMCAQMDBglghkgBZQIBCycwFwYKYIZIAWUDAgEDDAYJ 1241 YIZIAWUCAQsqMBcGCmCGSAFlAwIBAyUGCWCGSAFlAgELJDAYBgpghkgBZQMCAQMD 1242 BgpghkgBZQMCAQwEMBgGCmCGSAFlAwIBAwwGCmCGSAFlAwIBDAUwGAYKYIZIAWUD 1243 AgEDJQYKYIZIAWUDAgEMCTAYBgpghkgBZQMCAQMSBgpghkgBZQMCAQwGMBgGCmCG 1244 SAFlAwIBAxMGCmCGSAFlAwIBDAcwGAYKYIZIAWUDAgEDFAYKYIZIAWUDAgEMCDAY 1245 BgpghkgBZQMCAQMMBgpghkgBZQMCAQwKMIGfBgNVHR4EgZcwgZSggZEwOaQ3MDUx 1246 CzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT 1247 A0RvRDAZpBcwFTETMBEGCgmSJomT8ixkARkWA21pbDA5pDcwNTELMAkGA1UEBhMC 1248 VVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRUNBMFoGCCsG 1249 AQUFBwELBE4wTDBKBggrBgEFBQcwBYY+aHR0cDovL2NybC5kaXNhLm1pbC9pc3N1 1250 ZWRieS9ET0RJTlRFUk9QRVJBQklMSVRZUk9PVENBMl9JQi5wN2MwDwYDVR0kBAgw 1251 BoABAIEBADAKBgNVHTYEAwIBADAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAU 1252 u850cYM0TlkyRRVfQGBg3CuwtOQwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2h0 1253 dHAuZnBraS5nb3YvYnJpZGdlL2ZiY2EyMDEzLmNybDAdBgNVHQ4EFgQU//iuE4uS 1254 K3mSQaN2XCyBnprFnHgwDQYJKoZIhvcNAQELBQADggEBAIWiTKvgm9QnaU7g9AVv 1255 LlWQWs6PbY4DQ58jgzOR3mRts/07V4RZBNMPg+FW0jRz0cafp0bFcJMC28uVwA1s 1256 OM6+gRNIS6+Pp1wdzX0/5Anbg991XZGKsu9cOucFj80no/H98LU8YCh2Ove7xrWm 1257 NifUel5sktz5IM7bhGdp+MCCWZiNXVCBfpAGdWGe7OSHWDzn7YzY2kUkgOU+LSo6 1258 6h8p47zdlLK82FgX4j+ZuMRnNUT1JPPQV2i1ka+y90ocFXwbRCvZhEyFt4fZvhDG 1259 Jhy66fCtbU2O0qkt/Ow8v67OHRfG1NhgMz92YXVm9r54tkeszkpDRBRWv4GSEIJJ 1260 wdo= 1261 -----END CERTIFICATE----- 1262 ` 1263 1264 // HexHashDoDInteropCA2SignedByFederalBridgeCA2013Serial9644 is the hex 1265 // SHA256 fingerprint forDoDInteropCA2SignedByFederalBridgeCA2013Serial9644. 1266 const HexHashDoDInteropCA2SignedByFederalBridgeCA2013Serial9644 = "f72ccd4b250e9e53ebf1d8d400322c21456afb255be1a23d8053eaa8763d3c80" 1267 1268 // PEMFederalBridgeCASignedByDoDInteropCA2 is the certificate for the Federal 1269 // Bridge CA signed by the DoD Interoperability Root CA 2. 1270 const PEMFederalBridgeCASignedByDoDInteropCA2 = ` 1271 Certificate: 1272 Data: 1273 Version: 3 (0x2) 1274 Serial Number: 140 (0x8c) 1275 Signature Algorithm: sha256WithRSAEncryption 1276 Issuer: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 1277 Validity 1278 Not Before: Jul 17 14:01:43 2013 GMT 1279 Not After : Jul 17 14:01:43 2016 GMT 1280 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 1281 Subject Public Key Info: 1282 Public Key Algorithm: rsaEncryption 1283 RSA Public Key: (2048 bit) 1284 Modulus (2048 bit): 1285 00:b9:33:6e:9e:e1:55:12:96:26:f6:6e:b6:85:58: 1286 a6:21:69:4b:37:41:24:7d:27:0b:90:40:76:50:4e: 1287 6b:a1:4c:e4:12:70:f3:bb:83:f2:40:74:db:d3:17: 1288 29:8e:20:79:d7:ae:29:e4:3e:63:86:f9:8c:aa:c5: 1289 04:1e:98:d7:48:ab:7c:a2:e4:00:14:b7:e2:3a:54: 1290 e8:6c:7d:23:61:65:36:49:b1:22:a8:36:c6:7b:d9: 1291 3c:6a:39:59:0b:32:f2:96:37:26:71:bd:c6:4a:dd: 1292 b1:b5:c3:1e:5e:12:bb:4a:aa:54:4c:8d:3a:2f:c4: 1293 65:f0:56:4b:41:e3:f2:7e:8a:ef:7b:e5:22:31:4f: 1294 59:88:68:db:0d:5a:dc:90:39:41:77:4f:83:fb:2b: 1295 cf:ee:d5:5c:0f:99:9d:92:8c:c3:58:8c:a9:c5:41: 1296 4e:c4:d1:57:e8:d4:e1:06:59:4a:d1:d0:aa:d2:05: 1297 44:f6:56:ee:8f:4a:3d:8e:c2:41:ab:e5:ea:7a:ae: 1298 bf:b6:be:36:e8:1e:95:86:eb:8a:8e:a0:14:07:c8: 1299 6c:1d:ee:ee:9f:ff:64:cf:92:80:f9:38:ea:86:74: 1300 a3:83:e1:bc:a2:7f:08:b8:2f:96:ab:6a:eb:27:c5: 1301 8f:98:cb:b8:cc:33:e8:9f:1b:5a:8a:0c:68:2e:a4: 1302 c2:63 1303 Exponent: 65537 (0x10001) 1304 X509v3 extensions: 1305 X509v3 Authority Key Identifier: 1306 keyid:FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 1307 1308 X509v3 Subject Key Identifier: 1309 C4:9D:FC:9D:5D:3A:5D:05:7A:BF:02:81:EC:DB:49:70:15:C7:B2:72 1310 X509v3 Key Usage: critical 1311 Certificate Sign, CRL Sign 1312 X509v3 Certificate Policies: 1313 Policy: 2.16.840.1.101.2.1.11.36 1314 Policy: 2.16.840.1.101.2.1.11.42 1315 Policy: 2.16.840.1.101.3.2.1.3.13 1316 Policy: 2.16.840.1.101.3.2.1.3.17 1317 Policy: 2.16.840.1.101.3.2.1.3.18 1318 Policy: 2.16.840.1.101.3.2.1.3.19 1319 Policy: 2.16.840.1.101.3.2.1.3.20 1320 1321 X509v3 Policy Mappings: 1322 2.16.840.1.101.2.1.11.36:2.16.840.1.101.3.2.1.3.38, 2.16.840.1.101.2.1.11.42:2.16.840.1.101.3.2.1.3.12, 2.16.840.1.101.2.1.11.42:2.16.840.1.101.3.2.1.3.4 1323 X509v3 Basic Constraints: critical 1324 CA:TRUE 1325 X509v3 Name Constraints: critical 1326 Excluded: 1327 DirName: C = US, O = U.S. Government, OU = DoD 1328 1329 X509v3 Policy Constraints: critical 1330 Require Explicit Policy:0 1331 X509v3 CRL Distribution Points: 1332 URI:http://crl.disa.mil/crl/DODINTEROPERABILITYROOTCA2.crl 1333 1334 Authority Information Access: 1335 CA Issuers - URI:http://crl.disa.mil/issuedto/DODINTEROPERABILITYROOTCA2_IT.p7c 1336 1337 Subject Information Access: 1338 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca.p7c 1339 1340 Signature Algorithm: sha256WithRSAEncryption 1341 2f:67:3e:c3:5e:21:4e:c2:cf:c5:a1:76:3b:c3:1e:cc:e5:32: 1342 fe:1f:9d:a8:9b:2f:0d:af:2b:e1:61:ef:d4:5b:0e:d5:05:d7: 1343 a8:b8:14:b8:a3:8d:f1:7b:c8:c5:c3:0b:6c:14:c8:87:43:d4: 1344 89:2c:ac:d0:8c:e2:8c:a8:62:d2:05:d5:e6:a4:99:82:00:3e: 1345 e0:aa:47:e7:7d:a8:58:69:e5:ac:85:fa:bc:fa:65:3b:8b:93: 1346 eb:bb:23:57:9d:41:e7:2b:d1:0d:5c:21:c4:a0:76:5c:15:99: 1347 3a:a3:9e:77:fa:0e:98:f2:54:11:fc:74:be:7f:c9:d1:17:f7: 1348 9e:ae:55:26:51:8a:1b:c6:84:00:b3:f2:32:8f:e4:37:0f:96: 1349 cf:f6:2a:c1:cd:b8:71:63:ed:4f:4c:70:ef:88:d1:18:67:e2: 1350 39:f0:34:60:a9:60:ff:37:9c:21:b9:1b:d1:2c:ba:59:43:7c: 1351 d2:56:ac:13:33:13:6e:b6:b3:3d:c8:89:3f:43:2a:31:5f:9f: 1352 a8:65:2e:e8:dc:33:e3:6f:dd:3b:d0:7e:c4:27:87:ae:50:a5: 1353 8a:41:00:86:9e:91:bb:f9:85:fe:2b:83:a4:da:7a:73:34:0f: 1354 7d:bf:a9:39:d9:03:91:0e:b4:72:16:da:67:43:02:fe:16:f3: 1355 b8:43:e4:eb 1356 -----BEGIN CERTIFICATE----- 1357 MIIFtDCCBJygAwIBAgICAIwwDQYJKoZIhvcNAQELBQAwbDELMAkGA1UEBhMCVVMx 1358 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQL 1359 EwNQS0kxJzAlBgNVBAMTHkRvRCBJbnRlcm9wZXJhYmlsaXR5IFJvb3QgQ0EgMjAe 1360 Fw0xMzA3MTcxNDAxNDNaFw0xNjA3MTcxNDAxNDNaMFIxCzAJBgNVBAYTAlVTMRgw 1361 FgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDTALBgNVBAsTBEZQS0kxGjAYBgNVBAMT 1362 EUZlZGVyYWwgQnJpZGdlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC 1363 AQEAuTNunuFVEpYm9m62hVimIWlLN0EkfScLkEB2UE5roUzkEnDzu4PyQHTb0xcp 1364 jiB5164p5D5jhvmMqsUEHpjXSKt8ouQAFLfiOlTobH0jYWU2SbEiqDbGe9k8ajlZ 1365 CzLyljcmcb3GSt2xtcMeXhK7SqpUTI06L8Rl8FZLQePyforve+UiMU9ZiGjbDVrc 1366 kDlBd0+D+yvP7tVcD5mdkozDWIypxUFOxNFX6NThBllK0dCq0gVE9lbuj0o9jsJB 1367 q+Xqeq6/tr426B6VhuuKjqAUB8hsHe7un/9kz5KA+TjqhnSjg+G8on8IuC+Wq2rr 1368 J8WPmMu4zDPonxtaigxoLqTCYwIDAQABo4ICeDCCAnQwHwYDVR0jBBgwFoAU//iu 1369 E4uSK3mSQaN2XCyBnprFnHgwHQYDVR0OBBYEFMSd/J1dOl0Fer8CgezbSXAVx7Jy 1370 MA4GA1UdDwEB/wQEAwIBBjBpBgNVHSAEYjBgMAsGCWCGSAFlAgELJDALBglghkgB 1371 ZQIBCyowDAYKYIZIAWUDAgEDDTAMBgpghkgBZQMCAQMRMAwGCmCGSAFlAwIBAxIw 1372 DAYKYIZIAWUDAgEDEzAMBgpghkgBZQMCAQMUMFQGA1UdIQRNMEswFwYJYIZIAWUC 1373 AQskBgpghkgBZQMCAQMmMBcGCWCGSAFlAgELKgYKYIZIAWUDAgEDDDAXBglghkgB 1374 ZQIBCyoGCmCGSAFlAwIBAwQwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR4BAf8EPzA9 1375 oTswOaQ3MDUxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQx 1376 DDAKBgNVBAsTA0RvRDAPBgNVHSQBAf8EBTADgAEAMEcGA1UdHwRAMD4wPKA6oDiG 1377 Nmh0dHA6Ly9jcmwuZGlzYS5taWwvY3JsL0RPRElOVEVST1BFUkFCSUxJVFlST09U 1378 Q0EyLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly9jcmwu 1379 ZGlzYS5taWwvaXNzdWVkdG8vRE9ESU5URVJPUEVSQUJJTElUWVJPT1RDQTJfSVQu 1380 cDdjME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwBYYzaHR0cDovL2h0dHAuZnBr 1381 aS5nb3YvYnJpZGdlL2NhQ2VydHNJc3N1ZWRCeWZiY2EucDdjMA0GCSqGSIb3DQEB 1382 CwUAA4IBAQAvZz7DXiFOws/FoXY7wx7M5TL+H52omy8NryvhYe/UWw7VBdeouBS4 1383 o43xe8jFwwtsFMiHQ9SJLKzQjOKMqGLSBdXmpJmCAD7gqkfnfahYaeWshfq8+mU7 1384 i5PruyNXnUHnK9ENXCHEoHZcFZk6o553+g6Y8lQR/HS+f8nRF/eerlUmUYobxoQA 1385 s/Iyj+Q3D5bP9irBzbhxY+1PTHDviNEYZ+I58DRgqWD/N5whuRvRLLpZQ3zSVqwT 1386 MxNutrM9yIk/QyoxX5+oZS7o3DPjb9070H7EJ4euUKWKQQCGnpG7+YX+K4Ok2npz 1387 NA99v6k52QORDrRyFtpnQwL+FvO4Q+Tr 1388 -----END CERTIFICATE----- 1389 ` 1390 1391 // HexHashFederalBridgeCASignedByDoDInteropCA2 is the hex SHA256 fingerprint 1392 // ofFederalBridgeCASignedByDoDInteropCA2. 1393 const HexHashFederalBridgeCASignedByDoDInteropCA2 = "fa22bf37e4111e66c0c0761eae45adc973a88a87a47b7d8f65b485d563fa5c2b" 1394 1395 // PEMFederalBridgeCASignedByFederalBridgeCA2013 is the certificate for the Federal 1396 // Bridge CA signed by the Federal Bridge CA 2013. 1397 const PEMFederalBridgeCASignedByFederalBridgeCA2013 = ` 1398 Certificate: 1399 Data: 1400 Version: 3 (0x2) 1401 Serial Number: 6 (0x6) 1402 Signature Algorithm: sha256WithRSAEncryption 1403 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 1404 Validity 1405 Not Before: Oct 21 19:28:34 2013 GMT 1406 Not After : Oct 11 05:25:13 2016 GMT 1407 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 1408 Subject Public Key Info: 1409 Public Key Algorithm: rsaEncryption 1410 RSA Public Key: (2048 bit) 1411 Modulus (2048 bit): 1412 00:b9:33:6e:9e:e1:55:12:96:26:f6:6e:b6:85:58: 1413 a6:21:69:4b:37:41:24:7d:27:0b:90:40:76:50:4e: 1414 6b:a1:4c:e4:12:70:f3:bb:83:f2:40:74:db:d3:17: 1415 29:8e:20:79:d7:ae:29:e4:3e:63:86:f9:8c:aa:c5: 1416 04:1e:98:d7:48:ab:7c:a2:e4:00:14:b7:e2:3a:54: 1417 e8:6c:7d:23:61:65:36:49:b1:22:a8:36:c6:7b:d9: 1418 3c:6a:39:59:0b:32:f2:96:37:26:71:bd:c6:4a:dd: 1419 b1:b5:c3:1e:5e:12:bb:4a:aa:54:4c:8d:3a:2f:c4: 1420 65:f0:56:4b:41:e3:f2:7e:8a:ef:7b:e5:22:31:4f: 1421 59:88:68:db:0d:5a:dc:90:39:41:77:4f:83:fb:2b: 1422 cf:ee:d5:5c:0f:99:9d:92:8c:c3:58:8c:a9:c5:41: 1423 4e:c4:d1:57:e8:d4:e1:06:59:4a:d1:d0:aa:d2:05: 1424 44:f6:56:ee:8f:4a:3d:8e:c2:41:ab:e5:ea:7a:ae: 1425 bf:b6:be:36:e8:1e:95:86:eb:8a:8e:a0:14:07:c8: 1426 6c:1d:ee:ee:9f:ff:64:cf:92:80:f9:38:ea:86:74: 1427 a3:83:e1:bc:a2:7f:08:b8:2f:96:ab:6a:eb:27:c5: 1428 8f:98:cb:b8:cc:33:e8:9f:1b:5a:8a:0c:68:2e:a4: 1429 c2:63 1430 Exponent: 65537 (0x10001) 1431 X509v3 extensions: 1432 X509v3 Basic Constraints: critical 1433 CA:TRUE 1434 Authority Information Access: 1435 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca2013.p7c 1436 1437 Subject Information Access: 1438 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca.p7c 1439 1440 X509v3 Key Usage: critical 1441 Certificate Sign, CRL Sign 1442 X509v3 Authority Key Identifier: 1443 keyid:BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 1444 1445 X509v3 CRL Distribution Points: 1446 URI:http://http.fpki.gov/bridge/fbca2013.crl 1447 1448 X509v3 Subject Key Identifier: 1449 C4:9D:FC:9D:5D:3A:5D:05:7A:BF:02:81:EC:DB:49:70:15:C7:B2:72 1450 Signature Algorithm: sha256WithRSAEncryption 1451 4c:c2:92:36:81:b2:ae:46:74:bc:cf:a9:87:37:34:4d:88:76: 1452 c8:85:9d:51:ef:45:2b:a8:c2:88:50:67:79:48:17:72:f7:8c: 1453 61:a0:4a:ba:1a:30:89:15:9d:66:64:87:1d:42:d2:1d:40:6f: 1454 1c:44:58:84:06:f3:37:59:95:a3:8f:99:95:91:93:4a:8f:40: 1455 86:23:26:49:03:63:c6:d8:9f:ef:5d:11:02:4f:55:12:c3:c7: 1456 b9:72:c5:23:65:d6:86:71:21:8b:9e:48:1a:cf:0d:d4:6e:df: 1457 f4:c3:8c:e0:db:a6:6e:e5:e9:91:0c:23:99:f7:3c:a0:77:75: 1458 6e:5f:9d:e4:f8:1c:9a:eb:b7:f0:d9:24:ab:9b:b5:cc:84:dd: 1459 e8:87:ea:53:9a:aa:d2:25:0f:11:74:39:01:be:03:dc:6d:ef: 1460 e8:e4:35:94:8b:c7:74:1d:77:38:3a:2e:92:50:ad:bd:ee:45: 1461 d8:e3:f8:bf:50:14:1d:6e:25:48:84:38:9e:65:d8:28:bb:72: 1462 1c:8e:8a:11:12:60:f7:22:b9:09:a1:43:01:cd:5f:22:5b:0c: 1463 52:e1:6a:f8:ba:17:60:8b:81:e0:4d:24:03:ce:f0:6d:7a:0c: 1464 42:92:99:e3:86:7e:d9:4e:cb:51:e4:c3:7e:5f:dc:55:e1:39: 1465 83:71:8d:48 1466 -----BEGIN CERTIFICATE----- 1467 MIIEbDCCA1SgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBXMQswCQYDVQQGEwJVUzEY 1468 MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQ0wCwYDVQQLEwRGUEtJMR8wHQYDVQQD 1469 ExZGZWRlcmFsIEJyaWRnZSBDQSAyMDEzMB4XDTEzMTAyMTE5MjgzNFoXDTE2MTAx 1470 MTA1MjUxM1owUjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVu 1471 dDENMAsGA1UECxMERlBLSTEaMBgGA1UEAxMRRmVkZXJhbCBCcmlkZ2UgQ0EwggEi 1472 MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5M26e4VUSlib2braFWKYhaUs3 1473 QSR9JwuQQHZQTmuhTOQScPO7g/JAdNvTFymOIHnXrinkPmOG+YyqxQQemNdIq3yi 1474 5AAUt+I6VOhsfSNhZTZJsSKoNsZ72TxqOVkLMvKWNyZxvcZK3bG1wx5eErtKqlRM 1475 jTovxGXwVktB4/J+iu975SIxT1mIaNsNWtyQOUF3T4P7K8/u1VwPmZ2SjMNYjKnF 1476 QU7E0Vfo1OEGWUrR0KrSBUT2Vu6PSj2OwkGr5ep6rr+2vjboHpWG64qOoBQHyGwd 1477 7u6f/2TPkoD5OOqGdKOD4byifwi4L5arausnxY+Yy7jMM+ifG1qKDGgupMJjAgMB 1478 AAGjggFGMIIBQjAPBgNVHRMBAf8EBTADAQH/MFMGCCsGAQUFBwEBBEcwRTBDBggr 1479 BgEFBQcwAoY3aHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdlL2NhQ2VydHNJc3N1 1480 ZWRUb2ZiY2EyMDEzLnA3YzBPBggrBgEFBQcBCwRDMEEwPwYIKwYBBQUHMAWGM2h0 1481 dHA6Ly9odHRwLmZwa2kuZ292L2JyaWRnZS9jYUNlcnRzSXNzdWVkQnlmYmNhLnA3 1482 YzAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUu850cYM0TlkyRRVfQGBg3Cuw 1483 tOQwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2h0dHAuZnBraS5nb3YvYnJpZGdl 1484 L2ZiY2EyMDEzLmNybDAdBgNVHQ4EFgQUxJ38nV06XQV6vwKB7NtJcBXHsnIwDQYJ 1485 KoZIhvcNAQELBQADggEBAEzCkjaBsq5GdLzPqYc3NE2IdsiFnVHvRSuowohQZ3lI 1486 F3L3jGGgSroaMIkVnWZkhx1C0h1AbxxEWIQG8zdZlaOPmZWRk0qPQIYjJkkDY8bY 1487 n+9dEQJPVRLDx7lyxSNl1oZxIYueSBrPDdRu3/TDjODbpm7l6ZEMI5n3PKB3dW5f 1488 neT4HJrrt/DZJKubtcyE3eiH6lOaqtIlDxF0OQG+A9xt7+jkNZSLx3Qddzg6LpJQ 1489 rb3uRdjj+L9QFB1uJUiEOJ5l2Ci7chyOihESYPciuQmhQwHNXyJbDFLhavi6F2CL 1490 geBNJAPO8G16DEKSmeOGftlOy1Hkw35f3FXhOYNxjUg= 1491 -----END CERTIFICATE----- 1492 ` 1493 1494 // HexHashFederalBridgeCASignedByFederalBridgeCA2013 is the hex SHA256 1495 // fingerprint ofFederalBridgeCASignedByFederalBridgeCA2013. 1496 const HexHashFederalBridgeCASignedByFederalBridgeCA2013 = "687cae341a976f2862ce9c7543f5bbbc466a6cb9719cad755b14b76bc1e7788b" 1497 1498 // PEMFederalBridgeCASignedByFederalCommonPolicyCA is the certificate for the 1499 // Federal Bridge CA signed by the Federal Common Policy CA. 1500 const PEMFederalBridgeCASignedByFederalCommonPolicyCA = ` 1501 Certificate: 1502 Data: 1503 Version: 3 (0x2) 1504 Serial Number: 2004 (0x7d4) 1505 Signature Algorithm: sha256WithRSAEncryption 1506 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA 1507 Validity 1508 Not Before: Dec 29 19:28:58 2011 GMT 1509 Not After : Dec 29 19:27:54 2014 GMT 1510 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 1511 Subject Public Key Info: 1512 Public Key Algorithm: rsaEncryption 1513 RSA Public Key: (2048 bit) 1514 Modulus (2048 bit): 1515 00:b9:33:6e:9e:e1:55:12:96:26:f6:6e:b6:85:58: 1516 a6:21:69:4b:37:41:24:7d:27:0b:90:40:76:50:4e: 1517 6b:a1:4c:e4:12:70:f3:bb:83:f2:40:74:db:d3:17: 1518 29:8e:20:79:d7:ae:29:e4:3e:63:86:f9:8c:aa:c5: 1519 04:1e:98:d7:48:ab:7c:a2:e4:00:14:b7:e2:3a:54: 1520 e8:6c:7d:23:61:65:36:49:b1:22:a8:36:c6:7b:d9: 1521 3c:6a:39:59:0b:32:f2:96:37:26:71:bd:c6:4a:dd: 1522 b1:b5:c3:1e:5e:12:bb:4a:aa:54:4c:8d:3a:2f:c4: 1523 65:f0:56:4b:41:e3:f2:7e:8a:ef:7b:e5:22:31:4f: 1524 59:88:68:db:0d:5a:dc:90:39:41:77:4f:83:fb:2b: 1525 cf:ee:d5:5c:0f:99:9d:92:8c:c3:58:8c:a9:c5:41: 1526 4e:c4:d1:57:e8:d4:e1:06:59:4a:d1:d0:aa:d2:05: 1527 44:f6:56:ee:8f:4a:3d:8e:c2:41:ab:e5:ea:7a:ae: 1528 bf:b6:be:36:e8:1e:95:86:eb:8a:8e:a0:14:07:c8: 1529 6c:1d:ee:ee:9f:ff:64:cf:92:80:f9:38:ea:86:74: 1530 a3:83:e1:bc:a2:7f:08:b8:2f:96:ab:6a:eb:27:c5: 1531 8f:98:cb:b8:cc:33:e8:9f:1b:5a:8a:0c:68:2e:a4: 1532 c2:63 1533 Exponent: 65537 (0x10001) 1534 X509v3 extensions: 1535 X509v3 Basic Constraints: critical 1536 CA:TRUE 1537 X509v3 Certificate Policies: 1538 Policy: 2.16.840.1.101.3.2.1.3.2 1539 Policy: 2.16.840.1.101.3.2.1.3.13 1540 Policy: 2.16.840.1.101.3.2.1.3.1 1541 Policy: 2.16.840.1.101.3.2.1.3.6 1542 Policy: 2.16.840.1.101.3.2.1.3.7 1543 Policy: 2.16.840.1.101.3.2.1.3.8 1544 Policy: 2.16.840.1.101.3.2.1.3.16 1545 Policy: 2.16.840.1.101.3.2.1.3.36 1546 Policy: 2.16.840.1.101.3.2.1.3.17 1547 Policy: 2.16.840.1.101.3.2.1.3.14 1548 Policy: 2.16.840.1.101.3.2.1.3.15 1549 Policy: 2.16.840.1.101.3.2.1.3.18 1550 Policy: 2.16.840.1.101.3.2.1.3.20 1551 Policy: 2.16.840.1.101.3.2.1.3.19 1552 Policy: 2.16.840.1.101.3.2.1.3.21 1553 Policy: 2.16.840.1.101.3.2.1.3.23 1554 Policy: 2.16.840.1.101.3.2.1.3.22 1555 Policy: 2.16.840.1.101.3.2.1.3.24 1556 Policy: 2.16.840.1.101.3.2.1.3.25 1557 Policy: 2.16.840.1.101.3.2.1.3.26 1558 Policy: 2.16.840.1.101.3.2.1.3.27 1559 1560 Authority Information Access: 1561 CA Issuers - URI:http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c 1562 1563 X509v3 Policy Mappings: 1564 2.16.840.1.101.3.2.1.3.6:2.16.840.1.101.3.2.1.3.3, 2.16.840.1.101.3.2.1.3.7:2.16.840.1.101.3.2.1.3.12, 2.16.840.1.101.3.2.1.3.16:2.16.840.1.101.3.2.1.3.4, 2.16.840.1.101.3.2.1.3.8:2.16.840.1.101.3.2.1.3.37, 2.16.840.1.101.3.2.1.3.36:2.16.840.1.101.3.2.1.3.38 1565 Subject Information Access: 1566 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca.p7c 1567 1568 X509v3 Key Usage: critical 1569 Certificate Sign, CRL Sign 1570 X509v3 Authority Key Identifier: 1571 keyid:AD:0C:7A:75:5C:E5:F3:98:C4:79:98:0E:AC:28:FD:97:F4:E7:02:FC 1572 1573 X509v3 CRL Distribution Points: 1574 URI:http://http.fpki.gov/fcpca/fcpca.crl 1575 1576 X509v3 Subject Key Identifier: 1577 C4:9D:FC:9D:5D:3A:5D:05:7A:BF:02:81:EC:DB:49:70:15:C7:B2:72 1578 Signature Algorithm: sha256WithRSAEncryption 1579 73:86:2a:f3:5b:fb:e2:d5:c1:47:41:b5:11:a8:50:11:63:11: 1580 08:67:a5:64:23:b3:30:07:66:e5:be:61:ff:35:89:7e:5d:87: 1581 c3:75:25:d8:63:99:ab:8f:30:50:a9:87:70:ae:8b:8f:ea:26: 1582 ac:3b:bd:47:84:a0:86:85:6c:89:ca:b3:a5:04:cd:eb:16:b6: 1583 b9:de:bc:6c:b0:27:8a:d0:c4:b0:5c:a5:27:8c:c5:5d:ff:e3: 1584 e8:eb:e8:fb:37:78:82:19:47:98:0f:25:dc:a7:b3:bd:a4:33: 1585 56:86:cf:75:c7:ae:9a:2b:ac:ca:22:d5:a9:38:79:f5:c6:2c: 1586 4b:69:73:a4:8a:d7:9f:2c:17:dc:33:92:77:d0:95:48:7b:c2: 1587 6f:3d:6f:64:eb:42:d5:eb:1d:39:2d:5d:46:22:15:36:9c:cb: 1588 0f:ff:a9:2f:7a:63:b5:3e:cc:45:a3:df:22:15:06:c4:90:07: 1589 7d:fc:9d:2d:e8:e1:12:09:30:9c:66:84:61:61:b4:98:63:da: 1590 83:c6:a7:e0:f1:a7:c2:ba:88:2a:29:55:52:32:08:3b:2a:77: 1591 30:f4:74:06:c3:d2:d8:64:e1:08:33:33:65:1e:02:2c:d1:5e: 1592 fc:6c:44:a8:de:87:19:1b:6f:07:d7:67:cd:11:62:70:9b:c8: 1593 cf:f9:fa:a4 1594 -----BEGIN CERTIFICATE----- 1595 MIIGLjCCBRagAwIBAgICB9QwDQYJKoZIhvcNAQELBQAwWTELMAkGA1UEBhMCVVMx 1596 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEhMB8GA1UE 1597 AxMYRmVkZXJhbCBDb21tb24gUG9saWN5IENBMB4XDTExMTIyOTE5Mjg1OFoXDTE0 1598 MTIyOTE5Mjc1NFowUjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu 1599 bWVudDENMAsGA1UECxMERlBLSTEaMBgGA1UEAxMRRmVkZXJhbCBCcmlkZ2UgQ0Ew 1600 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5M26e4VUSlib2braFWKYh 1601 aUs3QSR9JwuQQHZQTmuhTOQScPO7g/JAdNvTFymOIHnXrinkPmOG+YyqxQQemNdI 1602 q3yi5AAUt+I6VOhsfSNhZTZJsSKoNsZ72TxqOVkLMvKWNyZxvcZK3bG1wx5eErtK 1603 qlRMjTovxGXwVktB4/J+iu975SIxT1mIaNsNWtyQOUF3T4P7K8/u1VwPmZ2SjMNY 1604 jKnFQU7E0Vfo1OEGWUrR0KrSBUT2Vu6PSj2OwkGr5ep6rr+2vjboHpWG64qOoBQH 1605 yGwd7u6f/2TPkoD5OOqGdKOD4byifwi4L5arausnxY+Yy7jMM+ifG1qKDGgupMJj 1606 AgMBAAGjggMFMIIDATAPBgNVHRMBAf8EBTADAQH/MIIBMwYDVR0gBIIBKjCCASYw 1607 DAYKYIZIAWUDAgEDAjAMBgpghkgBZQMCAQMNMAwGCmCGSAFlAwIBAwEwDAYKYIZI 1608 AWUDAgEDBjAMBgpghkgBZQMCAQMHMAwGCmCGSAFlAwIBAwgwDAYKYIZIAWUDAgED 1609 EDAMBgpghkgBZQMCAQMkMAwGCmCGSAFlAwIBAxEwDAYKYIZIAWUDAgEDDjAMBgpg 1610 hkgBZQMCAQMPMAwGCmCGSAFlAwIBAxIwDAYKYIZIAWUDAgEDFDAMBgpghkgBZQMC 1611 AQMTMAwGCmCGSAFlAwIBAxUwDAYKYIZIAWUDAgEDFzAMBgpghkgBZQMCAQMWMAwG 1612 CmCGSAFlAwIBAxgwDAYKYIZIAWUDAgEDGTAMBgpghkgBZQMCAQMaMAwGCmCGSAFl 1613 AwIBAxswTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8vaHR0cC5m 1614 cGtpLmdvdi9mY3BjYS9jYUNlcnRzSXNzdWVkVG9mY3BjYS5wN2MwgY0GA1UdIQSB 1615 hTCBgjAYBgpghkgBZQMCAQMGBgpghkgBZQMCAQMDMBgGCmCGSAFlAwIBAwcGCmCG 1616 SAFlAwIBAwwwGAYKYIZIAWUDAgEDEAYKYIZIAWUDAgEDBDAYBgpghkgBZQMCAQMI 1617 BgpghkgBZQMCAQMlMBgGCmCGSAFlAwIBAyQGCmCGSAFlAwIBAyYwTwYIKwYBBQUH 1618 AQsEQzBBMD8GCCsGAQUFBzAFhjNodHRwOi8vaHR0cC5mcGtpLmdvdi9icmlkZ2Uv 1619 Y2FDZXJ0c0lzc3VlZEJ5ZmJjYS5wN2MwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQY 1620 MBaAFK0MenVc5fOYxHmYDqwo/Zf05wL8MDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6 1621 Ly9odHRwLmZwa2kuZ292L2ZjcGNhL2ZjcGNhLmNybDAdBgNVHQ4EFgQUxJ38nV06 1622 XQV6vwKB7NtJcBXHsnIwDQYJKoZIhvcNAQELBQADggEBAHOGKvNb++LVwUdBtRGo 1623 UBFjEQhnpWQjszAHZuW+Yf81iX5dh8N1JdhjmauPMFCph3Cui4/qJqw7vUeEoIaF 1624 bInKs6UEzesWtrnevGywJ4rQxLBcpSeMxV3/4+jr6Ps3eIIZR5gPJdyns72kM1aG 1625 z3XHrporrMoi1ak4efXGLEtpc6SK158sF9wzknfQlUh7wm89b2TrQtXrHTktXUYi 1626 FTacyw//qS96Y7U+zEWj3yIVBsSQB338nS3o4RIJMJxmhGFhtJhj2oPGp+Dxp8K6 1627 iCopVVIyCDsqdzD0dAbD0thk4QgzM2UeAizRXvxsRKjehxkbbwfXZ80RYnCbyM/5 1628 +qQ= 1629 -----END CERTIFICATE----- 1630 ` 1631 1632 // HexHashFederalBridgeCASignedByFederalCommonPolicyCA is the hex SHA256 1633 // fingeprint ofFederalBridgeCASignedByFederalCommonPolicyCA. 1634 const HexHashFederalBridgeCASignedByFederalCommonPolicyCA = "8a51e575c2eac47ad7d9739684e9bbabcc28caff53bc6a1ebb860a2bdcf732c8" 1635 1636 // PEMFederalBridgeCA2013SignedByCommonPolicyCASerial5524 is the certificate for 1637 // the Federal Bridge CA 2013 signed by the Federal Common Policy CA with serial 1638 // numbewr 5524. 1639 const PEMFederalBridgeCA2013SignedByCommonPolicyCASerial5524 = ` 1640 Certificate: 1641 Data: 1642 Version: 3 (0x2) 1643 Serial Number: 5524 (0x1594) 1644 Signature Algorithm: sha256WithRSAEncryption 1645 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA 1646 Validity 1647 Not Before: Oct 21 17:12:58 2013 GMT 1648 Not After : Oct 21 17:12:58 2016 GMT 1649 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 1650 Subject Public Key Info: 1651 Public Key Algorithm: rsaEncryption 1652 RSA Public Key: (2048 bit) 1653 Modulus (2048 bit): 1654 00:9c:e8:17:25:c2:59:ef:34:a5:c5:44:3b:00:35: 1655 ec:31:40:a5:7a:02:d2:3e:19:14:9b:25:89:cd:4a: 1656 8c:3b:e6:5e:6a:da:1c:6b:dd:0c:03:2a:45:84:29: 1657 9d:4f:2e:ff:b0:a0:6c:02:c6:5a:a7:78:67:a5:77: 1658 bb:c6:98:f8:b1:7e:e2:94:bb:fa:11:4f:63:38:1c: 1659 1e:7c:08:0c:9e:f6:2a:15:63:22:62:14:12:e7:9f: 1660 d4:ea:50:2e:d4:7e:3e:64:25:e4:2e:1c:1b:b8:ed: 1661 5f:65:b4:f3:00:15:4f:0d:24:92:2c:71:50:22:3c: 1662 eb:11:69:b3:2c:38:f3:e0:73:a1:98:26:75:a6:2d: 1663 56:a9:05:af:9b:c9:38:8c:66:c0:c8:08:3b:43:3c: 1664 83:dd:2a:52:ab:08:21:7e:cd:4f:ef:45:69:70:0c: 1665 7c:b5:fe:1b:51:4e:09:28:2c:07:2b:4a:79:8c:41: 1666 45:c4:53:0b:cd:e5:d4:a6:bb:93:33:d8:37:96:c3: 1667 b0:2b:5b:c5:c5:e6:49:5c:41:5b:75:a3:02:db:15: 1668 9e:73:d0:a6:cc:e4:c8:9a:1a:c7:01:07:93:b0:df: 1669 eb:b8:fd:7f:dc:ab:18:94:92:8b:8d:f4:0c:29:09: 1670 50:4f:5b:71:e1:da:50:5e:a3:bf:df:dc:a4:8a:f0: 1671 07:4b 1672 Exponent: 65537 (0x10001) 1673 X509v3 extensions: 1674 X509v3 Basic Constraints: critical 1675 CA:TRUE 1676 X509v3 Certificate Policies: 1677 Policy: 2.16.840.1.101.3.2.1.3.6 1678 Policy: 2.16.840.1.101.3.2.1.3.7 1679 Policy: 2.16.840.1.101.3.2.1.3.8 1680 Policy: 2.16.840.1.101.3.2.1.3.13 1681 Policy: 2.16.840.1.101.3.2.1.3.16 1682 Policy: 2.16.840.1.101.3.2.1.3.1 1683 Policy: 2.16.840.1.101.3.2.1.3.2 1684 Policy: 2.16.840.1.101.3.2.1.3.14 1685 Policy: 2.16.840.1.101.3.2.1.3.15 1686 Policy: 2.16.840.1.101.3.2.1.3.17 1687 Policy: 2.16.840.1.101.3.2.1.3.18 1688 Policy: 2.16.840.1.101.3.2.1.3.19 1689 Policy: 2.16.840.1.101.3.2.1.3.20 1690 Policy: 2.16.840.1.101.3.2.1.3.21 1691 Policy: 2.16.840.1.101.3.2.1.3.22 1692 Policy: 2.16.840.1.101.3.2.1.3.23 1693 Policy: 2.16.840.1.101.3.2.1.3.24 1694 Policy: 2.16.840.1.101.3.2.1.3.25 1695 Policy: 2.16.840.1.101.3.2.1.3.26 1696 Policy: 2.16.840.1.101.3.2.1.3.27 1697 Policy: 2.16.840.1.101.3.2.1.3.36 1698 1699 Authority Information Access: 1700 CA Issuers - URI:http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c 1701 1702 X509v3 Policy Mappings: 1703 2.16.840.1.101.3.2.1.3.6:2.16.840.1.101.3.2.1.3.3, 2.16.840.1.101.3.2.1.3.7:2.16.840.1.101.3.2.1.3.12, 2.16.840.1.101.3.2.1.3.16:2.16.840.1.101.3.2.1.3.4, 2.16.840.1.101.3.2.1.3.8:2.16.840.1.101.3.2.1.3.37, 2.16.840.1.101.3.2.1.3.36:2.16.840.1.101.3.2.1.3.38 1704 Subject Information Access: 1705 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca2013.p7c 1706 1707 X509v3 Key Usage: critical 1708 Certificate Sign, CRL Sign 1709 X509v3 Authority Key Identifier: 1710 keyid:AD:0C:7A:75:5C:E5:F3:98:C4:79:98:0E:AC:28:FD:97:F4:E7:02:FC 1711 1712 X509v3 CRL Distribution Points: 1713 URI:http://http.fpki.gov/fcpca/fcpca.crl 1714 1715 X509v3 Subject Key Identifier: 1716 BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 1717 Signature Algorithm: sha256WithRSAEncryption 1718 c7:50:ad:8a:75:35:28:65:8c:18:1c:e7:ed:89:35:17:f9:e3: 1719 c6:61:94:e2:2b:89:ba:3a:91:19:13:09:36:34:84:8c:f8:b6: 1720 d5:5c:ad:6b:2a:5b:ff:77:11:2f:6a:e9:be:1c:74:c3:b0:7c: 1721 35:dc:e8:c7:c4:d9:0b:8a:88:8b:ac:20:fc:96:db:37:d4:38: 1722 96:5e:c0:b5:12:f1:88:2a:2d:9c:2d:5c:a2:25:59:4e:7b:bb: 1723 31:c8:6b:5c:7c:57:77:a6:9c:0a:6f:a6:8b:4f:af:6b:b0:51: 1724 6e:e9:23:b1:bb:6f:06:eb:82:5d:e4:81:cf:63:7e:6d:5c:f1: 1725 0c:86:cd:d4:f2:50:59:74:39:18:7a:99:1d:a1:7f:31:03:49: 1726 f7:6d:06:69:6d:b4:6a:49:4d:dc:5c:e7:64:54:59:a2:5b:39: 1727 27:86:7d:ec:73:71:65:98:60:80:3d:b8:0d:b0:be:61:7b:d2: 1728 d3:ae:f7:c3:80:72:a7:47:00:2e:98:fb:9c:b6:9f:34:df:99: 1729 14:b2:c4:80:65:bf:7b:8c:95:9f:b7:89:68:fb:7b:22:2c:c9: 1730 32:55:75:f1:f0:22:d1:d0:f6:00:44:a9:f6:9c:00:58:d9:18: 1731 9b:b8:03:ee:b0:e3:f6:3f:8f:a9:53:22:16:2b:d4:e8:16:69: 1732 52:ea:b3:5a 1733 -----BEGIN CERTIFICATE----- 1734 MIIGNzCCBR+gAwIBAgICFZQwDQYJKoZIhvcNAQELBQAwWTELMAkGA1UEBhMCVVMx 1735 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEhMB8GA1UE 1736 AxMYRmVkZXJhbCBDb21tb24gUG9saWN5IENBMB4XDTEzMTAyMTE3MTI1OFoXDTE2 1737 MTAyMTE3MTI1OFowVzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu 1738 bWVudDENMAsGA1UECxMERlBLSTEfMB0GA1UEAxMWRmVkZXJhbCBCcmlkZ2UgQ0Eg 1739 MjAxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzoFyXCWe80pcVE 1740 OwA17DFApXoC0j4ZFJslic1KjDvmXmraHGvdDAMqRYQpnU8u/7CgbALGWqd4Z6V3 1741 u8aY+LF+4pS7+hFPYzgcHnwIDJ72KhVjImIUEuef1OpQLtR+PmQl5C4cG7jtX2W0 1742 8wAVTw0kkixxUCI86xFpsyw48+BzoZgmdaYtVqkFr5vJOIxmwMgIO0M8g90qUqsI 1743 IX7NT+9FaXAMfLX+G1FOCSgsBytKeYxBRcRTC83l1Ka7kzPYN5bDsCtbxcXmSVxB 1744 W3WjAtsVnnPQpszkyJoaxwEHk7Df67j9f9yrGJSSi430DCkJUE9bceHaUF6jv9/c 1745 pIrwB0sCAwEAAaOCAwkwggMFMA8GA1UdEwEB/wQFMAMBAf8wggEzBgNVHSAEggEq 1746 MIIBJjAMBgpghkgBZQMCAQMGMAwGCmCGSAFlAwIBAwcwDAYKYIZIAWUDAgEDCDAM 1747 BgpghkgBZQMCAQMNMAwGCmCGSAFlAwIBAxAwDAYKYIZIAWUDAgEDATAMBgpghkgB 1748 ZQMCAQMCMAwGCmCGSAFlAwIBAw4wDAYKYIZIAWUDAgEDDzAMBgpghkgBZQMCAQMR 1749 MAwGCmCGSAFlAwIBAxIwDAYKYIZIAWUDAgEDEzAMBgpghkgBZQMCAQMUMAwGCmCG 1750 SAFlAwIBAxUwDAYKYIZIAWUDAgEDFjAMBgpghkgBZQMCAQMXMAwGCmCGSAFlAwIB 1751 AxgwDAYKYIZIAWUDAgEDGTAMBgpghkgBZQMCAQMaMAwGCmCGSAFlAwIBAxswDAYK 1752 YIZIAWUDAgEDJDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9o 1753 dHRwLmZwa2kuZ292L2ZjcGNhL2NhQ2VydHNJc3N1ZWRUb2ZjcGNhLnA3YzCBjQYD 1754 VR0hBIGFMIGCMBgGCmCGSAFlAwIBAwYGCmCGSAFlAwIBAwMwGAYKYIZIAWUDAgED 1755 BwYKYIZIAWUDAgEDDDAYBgpghkgBZQMCAQMQBgpghkgBZQMCAQMEMBgGCmCGSAFl 1756 AwIBAwgGCmCGSAFlAwIBAyUwGAYKYIZIAWUDAgEDJAYKYIZIAWUDAgEDJjBTBggr 1757 BgEFBQcBCwRHMEUwQwYIKwYBBQUHMAWGN2h0dHA6Ly9odHRwLmZwa2kuZ292L2Jy 1758 aWRnZS9jYUNlcnRzSXNzdWVkQnlmYmNhMjAxMy5wN2MwDgYDVR0PAQH/BAQDAgEG 1759 MB8GA1UdIwQYMBaAFK0MenVc5fOYxHmYDqwo/Zf05wL8MDUGA1UdHwQuMCwwKqAo 1760 oCaGJGh0dHA6Ly9odHRwLmZwa2kuZ292L2ZjcGNhL2ZjcGNhLmNybDAdBgNVHQ4E 1761 FgQUu850cYM0TlkyRRVfQGBg3CuwtOQwDQYJKoZIhvcNAQELBQADggEBAMdQrYp1 1762 NShljBgc5+2JNRf548ZhlOIribo6kRkTCTY0hIz4ttVcrWsqW/93ES9q6b4cdMOw 1763 fDXc6MfE2QuKiIusIPyW2zfUOJZewLUS8YgqLZwtXKIlWU57uzHIa1x8V3emnApv 1764 potPr2uwUW7pI7G7bwbrgl3kgc9jfm1c8QyGzdTyUFl0ORh6mR2hfzEDSfdtBmlt 1765 tGpJTdxc52RUWaJbOSeGfexzcWWYYIA9uA2wvmF70tOu98OAcqdHAC6Y+5y2nzTf 1766 mRSyxIBlv3uMlZ+3iWj7eyIsyTJVdfHwItHQ9gBEqfacAFjZGJu4A+6w4/Y/j6lT 1767 IhYr1OgWaVLqs1o= 1768 -----END CERTIFICATE----- 1769 ` 1770 1771 // HexHashFederalBridgeCA2013SignedByCommonPolicyCASerial5524 is the hex 1772 // SHA256 fingerprint ofFederalBridgeCA2013SignedByCommonPolicyCASerial5524. 1773 const HexHashFederalBridgeCA2013SignedByCommonPolicyCASerial5524 = "ae014e287fb3709f7d57c29065cdc0d37499e52f83f5ffbe83b883698a2c03f6" 1774 1775 // PEMFederalBridgeCA2013SignedByCommonPolicyCASerial11424 is the certificate 1776 // for the Federal Bridge CA 2013 signed by the Federal Common Policy CA with 1777 // the serial number 11424. 1778 const PEMFederalBridgeCA2013SignedByCommonPolicyCASerial11424 = ` 1779 Certificate: 1780 Data: 1781 Version: 3 (0x2) 1782 Serial Number: 11424 (0x2ca0) 1783 Signature Algorithm: sha256WithRSAEncryption 1784 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA 1785 Validity 1786 Not Before: Jun 24 15:45:07 2015 GMT 1787 Not After : Jun 24 15:45:07 2018 GMT 1788 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 1789 Subject Public Key Info: 1790 Public Key Algorithm: rsaEncryption 1791 RSA Public Key: (2048 bit) 1792 Modulus (2048 bit): 1793 00:9c:e8:17:25:c2:59:ef:34:a5:c5:44:3b:00:35: 1794 ec:31:40:a5:7a:02:d2:3e:19:14:9b:25:89:cd:4a: 1795 8c:3b:e6:5e:6a:da:1c:6b:dd:0c:03:2a:45:84:29: 1796 9d:4f:2e:ff:b0:a0:6c:02:c6:5a:a7:78:67:a5:77: 1797 bb:c6:98:f8:b1:7e:e2:94:bb:fa:11:4f:63:38:1c: 1798 1e:7c:08:0c:9e:f6:2a:15:63:22:62:14:12:e7:9f: 1799 d4:ea:50:2e:d4:7e:3e:64:25:e4:2e:1c:1b:b8:ed: 1800 5f:65:b4:f3:00:15:4f:0d:24:92:2c:71:50:22:3c: 1801 eb:11:69:b3:2c:38:f3:e0:73:a1:98:26:75:a6:2d: 1802 56:a9:05:af:9b:c9:38:8c:66:c0:c8:08:3b:43:3c: 1803 83:dd:2a:52:ab:08:21:7e:cd:4f:ef:45:69:70:0c: 1804 7c:b5:fe:1b:51:4e:09:28:2c:07:2b:4a:79:8c:41: 1805 45:c4:53:0b:cd:e5:d4:a6:bb:93:33:d8:37:96:c3: 1806 b0:2b:5b:c5:c5:e6:49:5c:41:5b:75:a3:02:db:15: 1807 9e:73:d0:a6:cc:e4:c8:9a:1a:c7:01:07:93:b0:df: 1808 eb:b8:fd:7f:dc:ab:18:94:92:8b:8d:f4:0c:29:09: 1809 50:4f:5b:71:e1:da:50:5e:a3:bf:df:dc:a4:8a:f0: 1810 07:4b 1811 Exponent: 65537 (0x10001) 1812 X509v3 extensions: 1813 X509v3 Basic Constraints: critical 1814 CA:TRUE 1815 Authority Information Access: 1816 CA Issuers - URI:http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c 1817 1818 X509v3 Policy Mappings: 1819 2.16.840.1.101.3.2.1.3.6:2.16.840.1.101.3.2.1.3.3, 2.16.840.1.101.3.2.1.3.7:2.16.840.1.101.3.2.1.3.12, 2.16.840.1.101.3.2.1.3.8:2.16.840.1.101.3.2.1.3.37, 2.16.840.1.101.3.2.1.3.16:2.16.840.1.101.3.2.1.3.4, 2.16.840.1.101.3.2.1.3.36:2.16.840.1.101.3.2.1.3.38 1820 X509v3 Certificate Policies: 1821 Policy: 2.16.840.1.101.3.2.1.3.1 1822 Policy: 2.16.840.1.101.3.2.1.3.2 1823 Policy: 2.16.840.1.101.3.2.1.3.3 1824 Policy: 2.16.840.1.101.3.2.1.3.12 1825 Policy: 2.16.840.1.101.3.2.1.3.14 1826 Policy: 2.16.840.1.101.3.2.1.3.15 1827 Policy: 2.16.840.1.101.3.2.1.3.37 1828 Policy: 2.16.840.1.101.3.2.1.3.38 1829 Policy: 2.16.840.1.101.3.2.1.3.4 1830 Policy: 2.16.840.1.101.3.2.1.3.18 1831 Policy: 2.16.840.1.101.3.2.1.3.19 1832 Policy: 2.16.840.1.101.3.2.1.3.20 1833 Policy: 2.16.840.1.101.3.2.1.3.6 1834 Policy: 2.16.840.1.101.3.2.1.3.7 1835 Policy: 2.16.840.1.101.3.2.1.3.8 1836 Policy: 2.16.840.1.101.3.2.1.3.36 1837 Policy: 2.16.840.1.101.3.2.1.3.13 1838 Policy: 2.16.840.1.101.3.2.1.3.16 1839 Policy: 2.16.840.1.101.3.2.1.3.17 1840 Policy: 2.16.840.1.101.3.2.1.3.40 1841 Policy: 2.16.840.1.101.3.2.1.3.41 1842 Policy: 2.16.840.1.101.3.2.1.3.39 1843 1844 Subject Information Access: 1845 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca2013.p7c 1846 1847 X509v3 Policy Constraints: critical 1848 Inhibit Policy Mapping:2 1849 X509v3 Inhibit Any Policy: critical 1850 0 1851 X509v3 Key Usage: critical 1852 Certificate Sign, CRL Sign 1853 X509v3 Authority Key Identifier: 1854 keyid:AD:0C:7A:75:5C:E5:F3:98:C4:79:98:0E:AC:28:FD:97:F4:E7:02:FC 1855 1856 X509v3 CRL Distribution Points: 1857 URI:http://http.fpki.gov/fcpca/fcpca.crl 1858 1859 X509v3 Subject Key Identifier: 1860 BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 1861 Signature Algorithm: sha256WithRSAEncryption 1862 c0:1e:6d:27:f0:79:47:52:46:84:c8:88:5d:2e:9c:a6:76:fd: 1863 fc:f9:85:d2:79:3c:06:21:fb:cc:fd:27:39:bc:a3:1a:91:64: 1864 57:a8:5e:80:71:b0:43:66:9d:2a:f8:11:47:ba:0c:7e:58:5f: 1865 b7:51:8f:23:b9:dd:13:ef:18:f2:89:f4:51:37:59:81:4a:c4: 1866 70:ad:47:ec:8b:1a:53:71:e7:2f:49:66:c6:ef:84:1b:2c:f3: 1867 43:5d:3c:11:7b:41:20:5b:8e:5a:72:d5:01:84:f6:32:f5:01: 1868 f1:3a:c8:7e:8f:f4:fa:d0:c5:78:d6:bf:a3:84:1c:18:66:c8: 1869 4d:bc:33:fd:df:4d:ce:78:b2:52:1b:46:88:72:67:4d:6d:72: 1870 5b:bb:e1:57:2d:cf:3e:0a:4d:07:37:70:94:b2:23:bb:da:d5: 1871 be:6f:87:52:f6:57:53:a8:6b:33:3b:60:d9:b0:84:0e:b0:4a: 1872 59:4f:6b:ac:b7:4c:95:be:37:b1:d3:39:83:c8:b3:8d:eb:dc: 1873 38:65:cf:16:33:66:ae:72:92:8f:0d:68:e4:d2:5d:72:73:30: 1874 08:a5:4c:74:5a:dc:1f:9b:4b:71:60:9c:d3:5e:50:bf:2e:6d: 1875 ce:b2:5b:e6:c6:ed:c9:7c:8b:01:d1:db:b1:cd:a7:a1:62:6e: 1876 d4:67:5e:31 1877 -----BEGIN CERTIFICATE----- 1878 MIIGZTCCBU2gAwIBAgICLKAwDQYJKoZIhvcNAQELBQAwWTELMAkGA1UEBhMCVVMx 1879 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEhMB8GA1UE 1880 AxMYRmVkZXJhbCBDb21tb24gUG9saWN5IENBMB4XDTE1MDYyNDE1NDUwN1oXDTE4 1881 MDYyNDE1NDUwN1owVzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu 1882 bWVudDENMAsGA1UECxMERlBLSTEfMB0GA1UEAxMWRmVkZXJhbCBCcmlkZ2UgQ0Eg 1883 MjAxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzoFyXCWe80pcVE 1884 OwA17DFApXoC0j4ZFJslic1KjDvmXmraHGvdDAMqRYQpnU8u/7CgbALGWqd4Z6V3 1885 u8aY+LF+4pS7+hFPYzgcHnwIDJ72KhVjImIUEuef1OpQLtR+PmQl5C4cG7jtX2W0 1886 8wAVTw0kkixxUCI86xFpsyw48+BzoZgmdaYtVqkFr5vJOIxmwMgIO0M8g90qUqsI 1887 IX7NT+9FaXAMfLX+G1FOCSgsBytKeYxBRcRTC83l1Ka7kzPYN5bDsCtbxcXmSVxB 1888 W3WjAtsVnnPQpszkyJoaxwEHk7Df67j9f9yrGJSSi430DCkJUE9bceHaUF6jv9/c 1889 pIrwB0sCAwEAAaOCAzcwggMzMA8GA1UdEwEB/wQFMAMBAf8wTwYIKwYBBQUHAQEE 1890 QzBBMD8GCCsGAQUFBzAChjNodHRwOi8vaHR0cC5mcGtpLmdvdi9mY3BjYS9jYUNl 1891 cnRzSXNzdWVkVG9mY3BjYS5wN2MwgY0GA1UdIQSBhTCBgjAYBgpghkgBZQMCAQMG 1892 BgpghkgBZQMCAQMDMBgGCmCGSAFlAwIBAwcGCmCGSAFlAwIBAwwwGAYKYIZIAWUD 1893 AgEDCAYKYIZIAWUDAgEDJTAYBgpghkgBZQMCAQMQBgpghkgBZQMCAQMEMBgGCmCG 1894 SAFlAwIBAyQGCmCGSAFlAwIBAyYwggFBBgNVHSAEggE4MIIBNDAMBgpghkgBZQMC 1895 AQMBMAwGCmCGSAFlAwIBAwIwDAYKYIZIAWUDAgEDAzAMBgpghkgBZQMCAQMMMAwG 1896 CmCGSAFlAwIBAw4wDAYKYIZIAWUDAgEDDzAMBgpghkgBZQMCAQMlMAwGCmCGSAFl 1897 AwIBAyYwDAYKYIZIAWUDAgEDBDAMBgpghkgBZQMCAQMSMAwGCmCGSAFlAwIBAxMw 1898 DAYKYIZIAWUDAgEDFDAMBgpghkgBZQMCAQMGMAwGCmCGSAFlAwIBAwcwDAYKYIZI 1899 AWUDAgEDCDAMBgpghkgBZQMCAQMkMAwGCmCGSAFlAwIBAw0wDAYKYIZIAWUDAgED 1900 EDAMBgpghkgBZQMCAQMRMAwGCmCGSAFlAwIBAygwDAYKYIZIAWUDAgEDKTAMBgpg 1901 hkgBZQMCAQMnMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwBYY3aHR0cDovL2h0 1902 dHAuZnBraS5nb3YvYnJpZGdlL2NhQ2VydHNJc3N1ZWRCeWZiY2EyMDEzLnA3YzAP 1903 BgNVHSQBAf8EBTADgQECMA0GA1UdNgEB/wQDAgEAMA4GA1UdDwEB/wQEAwIBBjAf 1904 BgNVHSMEGDAWgBStDHp1XOXzmMR5mA6sKP2X9OcC/DA1BgNVHR8ELjAsMCqgKKAm 1905 hiRodHRwOi8vaHR0cC5mcGtpLmdvdi9mY3BjYS9mY3BjYS5jcmwwHQYDVR0OBBYE 1906 FLvOdHGDNE5ZMkUVX0BgYNwrsLTkMA0GCSqGSIb3DQEBCwUAA4IBAQDAHm0n8HlH 1907 UkaEyIhdLpymdv38+YXSeTwGIfvM/Sc5vKMakWRXqF6AcbBDZp0q+BFHugx+WF+3 1908 UY8jud0T7xjyifRRN1mBSsRwrUfsixpTcecvSWbG74QbLPNDXTwRe0EgW45actUB 1909 hPYy9QHxOsh+j/T60MV41r+jhBwYZshNvDP9303OeLJSG0aIcmdNbXJbu+FXLc8+ 1910 Ck0HN3CUsiO72tW+b4dS9ldTqGszO2DZsIQOsEpZT2ust0yVvjex0zmDyLON69w4 1911 Zc8WM2aucpKPDWjk0l1yczAIpUx0Wtwfm0txYJzTXlC/Lm3Oslvmxu3JfIsB0dux 1912 zaehYm7UZ14x 1913 -----END CERTIFICATE----- 1914 ` 1915 1916 // HexHashFederalBridgeCA2013SignedByCommonPolicyCASerial11424 is the hex 1917 // SHA256 fingerprint of 1918 // FederalBridgeCA2013SignedByCommonPolicyCASerial11424. 1919 const HexHashFederalBridgeCA2013SignedByCommonPolicyCASerial11424 = "8ed99089806b1005d6a6417c50f182325b670b9d87b17f3fd7aefc360a300e91" 1920 1921 // PEMFederalBridgeCA2013SignedByIdenTrust is the certificate for the Federal 1922 // Bridge CA 2013 signed by IdenTrust ACES CA 1. 1923 const PEMFederalBridgeCA2013SignedByIdenTrust = ` 1924 Certificate: 1925 Data: 1926 Version: 3 (0x2) 1927 Serial Number: 1928 7f:00:00:01:00:00:01:4a:f3:fc:79:ab:00:00:00:02 1929 Signature Algorithm: sha256WithRSAEncryption 1930 Issuer: C=US, O=IdenTrust, OU=IdenTrust Public Sector, CN=IdenTrust ACES CA 1 1931 Validity 1932 Not Before: Jan 16 18:23:37 2015 GMT 1933 Not After : Jan 14 18:23:37 2018 GMT 1934 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 1935 Subject Public Key Info: 1936 Public Key Algorithm: rsaEncryption 1937 RSA Public Key: (2048 bit) 1938 Modulus (2048 bit): 1939 00:9c:e8:17:25:c2:59:ef:34:a5:c5:44:3b:00:35: 1940 ec:31:40:a5:7a:02:d2:3e:19:14:9b:25:89:cd:4a: 1941 8c:3b:e6:5e:6a:da:1c:6b:dd:0c:03:2a:45:84:29: 1942 9d:4f:2e:ff:b0:a0:6c:02:c6:5a:a7:78:67:a5:77: 1943 bb:c6:98:f8:b1:7e:e2:94:bb:fa:11:4f:63:38:1c: 1944 1e:7c:08:0c:9e:f6:2a:15:63:22:62:14:12:e7:9f: 1945 d4:ea:50:2e:d4:7e:3e:64:25:e4:2e:1c:1b:b8:ed: 1946 5f:65:b4:f3:00:15:4f:0d:24:92:2c:71:50:22:3c: 1947 eb:11:69:b3:2c:38:f3:e0:73:a1:98:26:75:a6:2d: 1948 56:a9:05:af:9b:c9:38:8c:66:c0:c8:08:3b:43:3c: 1949 83:dd:2a:52:ab:08:21:7e:cd:4f:ef:45:69:70:0c: 1950 7c:b5:fe:1b:51:4e:09:28:2c:07:2b:4a:79:8c:41: 1951 45:c4:53:0b:cd:e5:d4:a6:bb:93:33:d8:37:96:c3: 1952 b0:2b:5b:c5:c5:e6:49:5c:41:5b:75:a3:02:db:15: 1953 9e:73:d0:a6:cc:e4:c8:9a:1a:c7:01:07:93:b0:df: 1954 eb:b8:fd:7f:dc:ab:18:94:92:8b:8d:f4:0c:29:09: 1955 50:4f:5b:71:e1:da:50:5e:a3:bf:df:dc:a4:8a:f0: 1956 07:4b 1957 Exponent: 65537 (0x10001) 1958 X509v3 extensions: 1959 X509v3 Key Usage: critical 1960 Certificate Sign, CRL Sign 1961 X509v3 Basic Constraints: critical 1962 CA:TRUE 1963 X509v3 Inhibit Any Policy: critical 1964 0 1965 X509v3 Policy Mappings: 1966 2.16.840.1.101.3.2.1.1.2:2.16.840.1.101.3.2.1.3.2, 2.16.840.1.101.3.2.1.1.3:2.16.840.1.101.3.2.1.3.3, 2.16.840.1.101.3.2.1.1.5:2.16.840.1.101.3.2.1.3.3, 2.16.840.1.101.3.2.1.1.6:2.16.840.1.101.3.2.1.3.3, 2.16.840.1.101.3.2.1.1.7:2.16.840.1.101.3.2.1.3.3 1967 X509v3 Certificate Policies: 1968 Policy: 2.16.840.1.101.3.2.1.1.2 1969 Policy: 2.16.840.1.101.3.2.1.1.3 1970 Policy: 2.16.840.1.101.3.2.1.1.5 1971 Policy: 2.16.840.1.101.3.2.1.1.6 1972 Policy: 2.16.840.1.101.3.2.1.1.7 1973 1974 X509v3 Subject Key Identifier: 1975 BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 1976 X509v3 CRL Distribution Points: 1977 URI:http://crl.identrust.com/acespublicsector1.crl 1978 1979 Subject Information Access: 1980 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca2013.p7c 1981 1982 Authority Information Access: 1983 CA Issuers - URI:http://apps.identrust.com/roots/acespublicsector1.p7c 1984 OCSP - URI:https://aces.ocsp.identrust.com 1985 1986 X509v3 Authority Key Identifier: 1987 keyid:E6:33:09:63:89:B5:66:1A:4F:D5:B3:CC:0F:AB:FB:B5:0C:C7:F3:47 1988 1989 Signature Algorithm: sha256WithRSAEncryption 1990 6c:c3:71:b3:ed:4e:73:c3:b7:16:83:05:81:bb:17:bb:eb:34: 1991 a3:af:a2:f3:18:8d:3e:65:5b:3c:44:ec:a2:c5:58:ed:1b:6d: 1992 e9:38:4d:d9:30:b8:bb:57:73:df:3f:64:3c:be:b4:8d:7b:9d: 1993 13:c7:93:85:b9:86:c2:82:ff:7a:e5:03:12:f0:9a:84:31:06: 1994 b9:4a:5c:8e:e9:3e:42:d7:35:d0:17:9e:d2:8b:89:bc:cd:84: 1995 d4:73:e0:ed:0c:b9:c9:1c:9e:56:05:79:af:f2:8e:a1:f5:a0: 1996 9e:b0:02:75:80:6a:ac:ac:97:9c:5c:76:af:f0:3f:ab:1f:6f: 1997 7d:cb:ea:78:b3:42:91:8e:19:5e:e0:f8:2d:20:2e:66:3f:7f: 1998 80:b7:44:88:ab:3a:29:c3:59:c7:5b:d2:9a:18:e3:33:2f:39: 1999 47:41:db:d3:c7:4e:12:b3:4b:2b:ef:58:c1:d4:3d:11:f1:7b: 2000 e5:5f:8b:43:c6:92:34:78:1e:f8:42:fe:75:cb:52:89:41:34: 2001 e0:73:80:12:90:2c:94:2a:26:3e:44:36:72:26:73:c0:5c:c0: 2002 88:d0:5f:1f:04:de:3f:9a:66:03:56:b3:d8:73:fd:5a:45:19: 2003 de:99:6b:66:96:43:f3:4a:4a:66:30:32:21:c5:66:45:17:0d: 2004 ce:5b:7c:63 2005 -----BEGIN CERTIFICATE----- 2006 MIIFrzCCBJegAwIBAgIQfwAAAQAAAUrz/HmrAAAAAjANBgkqhkiG9w0BAQsFADBh 2007 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSAwHgYDVQQLExdJZGVu 2008 VHJ1c3QgUHVibGljIFNlY3RvcjEcMBoGA1UEAxMTSWRlblRydXN0IEFDRVMgQ0Eg 2009 MTAeFw0xNTAxMTYxODIzMzdaFw0xODAxMTQxODIzMzdaMFcxCzAJBgNVBAYTAlVT 2010 MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDTALBgNVBAsTBEZQS0kxHzAdBgNV 2011 BAMTFkZlZGVyYWwgQnJpZGdlIENBIDIwMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB 2012 DwAwggEKAoIBAQCc6BclwlnvNKXFRDsANewxQKV6AtI+GRSbJYnNSow75l5q2hxr 2013 3QwDKkWEKZ1PLv+woGwCxlqneGeld7vGmPixfuKUu/oRT2M4HB58CAye9ioVYyJi 2014 FBLnn9TqUC7Ufj5kJeQuHBu47V9ltPMAFU8NJJIscVAiPOsRabMsOPPgc6GYJnWm 2015 LVapBa+byTiMZsDICDtDPIPdKlKrCCF+zU/vRWlwDHy1/htRTgkoLAcrSnmMQUXE 2016 UwvN5dSmu5Mz2DeWw7ArW8XF5klcQVt1owLbFZ5z0KbM5MiaGscBB5Ow3+u4/X/c 2017 qxiUkouN9AwpCVBPW3Hh2lBeo7/f3KSK8AdLAgMBAAGjggJrMIICZzAOBgNVHQ8B 2018 Af8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgNVHTYBAf8EAwIBADCBjQYDVR0h 2019 BIGFMIGCMBgGCmCGSAFlAwIBAQIGCmCGSAFlAwIBAwIwGAYKYIZIAWUDAgEBAwYK 2020 YIZIAWUDAgEDAzAYBgpghkgBZQMCAQEFBgpghkgBZQMCAQMDMBgGCmCGSAFlAwIB 2021 AQYGCmCGSAFlAwIBAwMwGAYKYIZIAWUDAgEBBwYKYIZIAWUDAgEDAzBPBgNVHSAE 2022 SDBGMAwGCmCGSAFlAwIBAQIwDAYKYIZIAWUDAgEBAzAMBgpghkgBZQMCAQEFMAwG 2023 CmCGSAFlAwIBAQYwDAYKYIZIAWUDAgEBBzAdBgNVHQ4EFgQUu850cYM0TlkyRRVf 2024 QGBg3CuwtOQwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NybC5pZGVudHJ1c3Qu 2025 Y29tL2FjZXNwdWJsaWNzZWN0b3IxLmNybDBTBggrBgEFBQcBCwRHMEUwQwYIKwYB 2026 BQUHMAWGN2h0dHA6Ly9odHRwLmZwa2kuZ292L2JyaWRnZS9jYUNlcnRzSXNzdWVk 2027 QnlmYmNhMjAxMy5wN2MwfgYIKwYBBQUHAQEEcjBwMEEGCCsGAQUFBzAChjVodHRw 2028 Oi8vYXBwcy5pZGVudHJ1c3QuY29tL3Jvb3RzL2FjZXNwdWJsaWNzZWN0b3IxLnA3 2029 YzArBggrBgEFBQcwAYYfaHR0cHM6Ly9hY2VzLm9jc3AuaWRlbnRydXN0LmNvbTAf 2030 BgNVHSMEGDAWgBTmMwljibVmGk/Vs8wPq/u1DMfzRzANBgkqhkiG9w0BAQsFAAOC 2031 AQEAbMNxs+1Oc8O3FoMFgbsXu+s0o6+i8xiNPmVbPETsosVY7Rtt6ThN2TC4u1dz 2032 3z9kPL60jXudE8eThbmGwoL/euUDEvCahDEGuUpcjuk+Qtc10Bee0ouJvM2E1HPg 2033 7Qy5yRyeVgV5r/KOofWgnrACdYBqrKyXnFx2r/A/qx9vfcvqeLNCkY4ZXuD4LSAu 2034 Zj9/gLdEiKs6KcNZx1vSmhjjMy85R0Hb08dOErNLK+9YwdQ9EfF75V+LQ8aSNHge 2035 +EL+dctSiUE04HOAEpAslComPkQ2ciZzwFzAiNBfHwTeP5pmA1az2HP9WkUZ3plr 2036 ZpZD80pKZjAyIcVmRRcNzlt8Yw== 2037 -----END CERTIFICATE----- 2038 ` 2039 2040 // HexHashFederalBridgeCA2013SignedByIdenTrust is the hex SHA256 fingerprint 2041 // ofFederalBridgeCA2013SignedByIdenTrust. 2042 const HexHashFederalBridgeCA2013SignedByIdenTrust = "a2d96559f2237d3962a5d879e0327f9610097f83fe3e6f4e8d9fa567e88efca4" 2043 2044 // PEMFederalBridgeCA2013SignedByDoDInteropCA2 is the certificate for the 2045 // Federal Bridge CA 2013 signed by the DoD Interoperability Root CA 2. 2046 const PEMFederalBridgeCA2013SignedByDoDInteropCA2 = ` 2047 Certificate: 2048 Data: 2049 Version: 3 (0x2) 2050 Serial Number: 302 (0x12e) 2051 Signature Algorithm: sha256WithRSAEncryption 2052 Issuer: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 2053 Validity 2054 Not Before: Apr 16 13:41:32 2014 GMT 2055 Not After : Apr 16 13:41:32 2017 GMT 2056 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2013 2057 Subject Public Key Info: 2058 Public Key Algorithm: rsaEncryption 2059 RSA Public Key: (2048 bit) 2060 Modulus (2048 bit): 2061 00:9c:e8:17:25:c2:59:ef:34:a5:c5:44:3b:00:35: 2062 ec:31:40:a5:7a:02:d2:3e:19:14:9b:25:89:cd:4a: 2063 8c:3b:e6:5e:6a:da:1c:6b:dd:0c:03:2a:45:84:29: 2064 9d:4f:2e:ff:b0:a0:6c:02:c6:5a:a7:78:67:a5:77: 2065 bb:c6:98:f8:b1:7e:e2:94:bb:fa:11:4f:63:38:1c: 2066 1e:7c:08:0c:9e:f6:2a:15:63:22:62:14:12:e7:9f: 2067 d4:ea:50:2e:d4:7e:3e:64:25:e4:2e:1c:1b:b8:ed: 2068 5f:65:b4:f3:00:15:4f:0d:24:92:2c:71:50:22:3c: 2069 eb:11:69:b3:2c:38:f3:e0:73:a1:98:26:75:a6:2d: 2070 56:a9:05:af:9b:c9:38:8c:66:c0:c8:08:3b:43:3c: 2071 83:dd:2a:52:ab:08:21:7e:cd:4f:ef:45:69:70:0c: 2072 7c:b5:fe:1b:51:4e:09:28:2c:07:2b:4a:79:8c:41: 2073 45:c4:53:0b:cd:e5:d4:a6:bb:93:33:d8:37:96:c3: 2074 b0:2b:5b:c5:c5:e6:49:5c:41:5b:75:a3:02:db:15: 2075 9e:73:d0:a6:cc:e4:c8:9a:1a:c7:01:07:93:b0:df: 2076 eb:b8:fd:7f:dc:ab:18:94:92:8b:8d:f4:0c:29:09: 2077 50:4f:5b:71:e1:da:50:5e:a3:bf:df:dc:a4:8a:f0: 2078 07:4b 2079 Exponent: 65537 (0x10001) 2080 X509v3 extensions: 2081 X509v3 Authority Key Identifier: 2082 keyid:FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 2083 2084 X509v3 Subject Key Identifier: 2085 BB:CE:74:71:83:34:4E:59:32:45:15:5F:40:60:60:DC:2B:B0:B4:E4 2086 X509v3 Key Usage: critical 2087 Certificate Sign, CRL Sign 2088 X509v3 Certificate Policies: 2089 Policy: 2.16.840.1.101.2.1.11.36 2090 Policy: 2.16.840.1.101.2.1.11.42 2091 Policy: 2.16.840.1.101.3.2.1.3.13 2092 Policy: 2.16.840.1.101.3.2.1.3.17 2093 Policy: 2.16.840.1.101.3.2.1.3.39 2094 Policy: 2.16.840.1.101.3.2.1.3.18 2095 Policy: 2.16.840.1.101.3.2.1.3.19 2096 Policy: 2.16.840.1.101.3.2.1.3.20 2097 2098 X509v3 Policy Mappings: 2099 2.16.840.1.101.2.1.11.36:2.16.840.1.101.3.2.1.3.38, 2.16.840.1.101.2.1.11.42:2.16.840.1.101.3.2.1.3.12, 2.16.840.1.101.2.1.11.42:2.16.840.1.101.3.2.1.3.4 2100 X509v3 Basic Constraints: critical 2101 CA:TRUE 2102 X509v3 Name Constraints: critical 2103 Excluded: 2104 DirName: C = US, O = U.S. Government, OU = DoD 2105 2106 X509v3 Policy Constraints: critical 2107 Require Explicit Policy:0 2108 X509v3 CRL Distribution Points: 2109 URI:http://crl.disa.mil/crl/DODINTEROPERABILITYROOTCA2.crl 2110 2111 Authority Information Access: 2112 CA Issuers - URI:http://crl.disa.mil/issuedto/DODINTEROPERABILITYROOTCA2_IT.p7c 2113 2114 Subject Information Access: 2115 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca2013.p7c 2116 2117 Signature Algorithm: sha256WithRSAEncryption 2118 68:6d:52:24:9d:4c:98:71:ca:aa:3c:72:42:69:76:db:93:11: 2119 28:6c:12:7c:93:cb:89:28:c4:b0:b9:a6:8d:58:8f:16:e2:aa: 2120 82:a3:d7:cb:55:cf:b7:b8:5a:c6:01:3e:39:e8:19:4e:e5:ce: 2121 fc:a6:29:a8:f7:72:c0:9c:48:32:a2:dd:d0:e2:c8:a3:ac:1e: 2122 65:f8:66:79:68:55:ab:7a:02:42:d5:88:57:87:05:a5:60:0c: 2123 05:d7:0d:ce:eb:e3:25:cf:19:8b:a0:19:ba:48:04:41:14:21: 2124 c1:c8:f7:16:de:1b:c5:45:c6:e5:26:a2:e2:5e:2d:13:35:2f: 2125 2a:99:37:8d:7f:0f:dc:ba:97:61:92:af:51:2e:a9:be:de:bd: 2126 82:1a:c3:f6:27:53:b5:f5:52:8b:70:39:2d:c8:1e:80:36:db: 2127 49:d2:c8:0b:f9:8b:f4:02:8e:1b:bc:00:88:e5:db:db:2d:59: 2128 17:b4:8f:b0:0b:10:c7:f8:c7:ed:e2:01:1b:a4:50:69:23:5f: 2129 6e:94:79:81:1c:28:27:dd:f3:a9:b5:dd:62:c1:80:fe:e9:12: 2130 31:28:d9:66:47:f5:9a:46:7c:ad:b0:c1:8c:15:9f:b6:51:b5: 2131 17:34:41:f0:2d:28:0e:a8:94:ca:a2:83:42:2a:d8:dc:b0:fd: 2132 59:80:09:7d 2133 -----BEGIN CERTIFICATE----- 2134 MIIFyzCCBLOgAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwbDELMAkGA1UEBhMCVVMx 2135 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQL 2136 EwNQS0kxJzAlBgNVBAMTHkRvRCBJbnRlcm9wZXJhYmlsaXR5IFJvb3QgQ0EgMjAe 2137 Fw0xNDA0MTYxMzQxMzJaFw0xNzA0MTYxMzQxMzJaMFcxCzAJBgNVBAYTAlVTMRgw 2138 FgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDTALBgNVBAsTBEZQS0kxHzAdBgNVBAMT 2139 FkZlZGVyYWwgQnJpZGdlIENBIDIwMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw 2140 ggEKAoIBAQCc6BclwlnvNKXFRDsANewxQKV6AtI+GRSbJYnNSow75l5q2hxr3QwD 2141 KkWEKZ1PLv+woGwCxlqneGeld7vGmPixfuKUu/oRT2M4HB58CAye9ioVYyJiFBLn 2142 n9TqUC7Ufj5kJeQuHBu47V9ltPMAFU8NJJIscVAiPOsRabMsOPPgc6GYJnWmLVap 2143 Ba+byTiMZsDICDtDPIPdKlKrCCF+zU/vRWlwDHy1/htRTgkoLAcrSnmMQUXEUwvN 2144 5dSmu5Mz2DeWw7ArW8XF5klcQVt1owLbFZ5z0KbM5MiaGscBB5Ow3+u4/X/cqxiU 2145 kouN9AwpCVBPW3Hh2lBeo7/f3KSK8AdLAgMBAAGjggKKMIIChjAfBgNVHSMEGDAW 2146 gBT/+K4Ti5IreZJBo3ZcLIGemsWceDAdBgNVHQ4EFgQUu850cYM0TlkyRRVfQGBg 2147 3CuwtOQwDgYDVR0PAQH/BAQDAgEGMHcGA1UdIARwMG4wCwYJYIZIAWUCAQskMAsG 2148 CWCGSAFlAgELKjAMBgpghkgBZQMCAQMNMAwGCmCGSAFlAwIBAxEwDAYKYIZIAWUD 2149 AgEDJzAMBgpghkgBZQMCAQMSMAwGCmCGSAFlAwIBAxMwDAYKYIZIAWUDAgEDFDBU 2150 BgNVHSEETTBLMBcGCWCGSAFlAgELJAYKYIZIAWUDAgEDJjAXBglghkgBZQIBCyoG 2151 CmCGSAFlAwIBAwwwFwYJYIZIAWUCAQsqBgpghkgBZQMCAQMEMA8GA1UdEwEB/wQF 2152 MAMBAf8wSQYDVR0eAQH/BD8wPaE7MDmkNzA1MQswCQYDVQQGEwJVUzEYMBYGA1UE 2153 ChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QwDwYDVR0kAQH/BAUwA4AB 2154 ADBHBgNVHR8EQDA+MDygOqA4hjZodHRwOi8vY3JsLmRpc2EubWlsL2NybC9ET0RJ 2155 TlRFUk9QRVJBQklMSVRZUk9PVENBMi5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsG 2156 AQUFBzAChj5odHRwOi8vY3JsLmRpc2EubWlsL2lzc3VlZHRvL0RPRElOVEVST1BF 2157 UkFCSUxJVFlST09UQ0EyX0lULnA3YzBTBggrBgEFBQcBCwRHMEUwQwYIKwYBBQUH 2158 MAWGN2h0dHA6Ly9odHRwLmZwa2kuZ292L2JyaWRnZS9jYUNlcnRzSXNzdWVkQnlm 2159 YmNhMjAxMy5wN2MwDQYJKoZIhvcNAQELBQADggEBAGhtUiSdTJhxyqo8ckJpdtuT 2160 EShsEnyTy4koxLC5po1YjxbiqoKj18tVz7e4WsYBPjnoGU7lzvymKaj3csCcSDKi 2161 3dDiyKOsHmX4ZnloVat6AkLViFeHBaVgDAXXDc7r4yXPGYugGbpIBEEUIcHI9xbe 2162 G8VFxuUmouJeLRM1LyqZN41/D9y6l2GSr1Euqb7evYIaw/YnU7X1UotwOS3IHoA2 2163 20nSyAv5i/QCjhu8AIjl29stWRe0j7ALEMf4x+3iARukUGkjX26UeYEcKCfd86m1 2164 3WLBgP7pEjEo2WZH9ZpGfK2wwYwVn7ZRtRc0QfAtKA6olMqig0Iq2Nyw/VmACX0= 2165 -----END CERTIFICATE----- 2166 ` 2167 2168 // HexHashFederalBridgeCA2013SignedByDoDInteropCA2 is the hex SHA256 2169 // fingerprint ofFederalBridgeCA2013SignedByDoDInteropCA2. 2170 const HexHashFederalBridgeCA2013SignedByDoDInteropCA2 = "d19ee1728a2fbe37342f3b993d6c3f771516dbba190823ab059b2da0b3e44617" 2171 2172 // PEMFederalBridgeCA2016SignedByDodInteropCA2 is the certificate for the 2173 // Federal Bridge CA 2016 signed by the Dod Interoperability Root CA 2. 2174 const PEMFederalBridgeCA2016SignedByDodInteropCA2 = ` 2175 Certificate: 2176 Data: 2177 Version: 3 (0x2) 2178 Serial Number: 1061 (0x425) 2179 Signature Algorithm: sha256WithRSAEncryption 2180 Issuer: C=US, O=U.S. Government, OU=DoD, OU=PKI, CN=DoD Interoperability Root CA 2 2181 Validity 2182 Not Before: May 9 13:14:15 2017 GMT 2183 Not After : May 9 13:14:15 2020 GMT 2184 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2016 2185 Subject Public Key Info: 2186 Public Key Algorithm: rsaEncryption 2187 RSA Public Key: (2048 bit) 2188 Modulus (2048 bit): 2189 00:be:9d:35:79:6f:25:b5:f4:90:83:6e:13:bf:53: 2190 50:ca:cd:1c:96:d4:1c:6b:81:f2:8a:9b:0f:46:a7: 2191 df:b7:ef:ff:ed:44:59:ce:87:96:6f:5f:57:b1:fe: 2192 33:ab:47:c7:85:97:77:3c:8a:0e:14:cd:2f:79:6a: 2193 27:14:d2:78:5b:a5:a5:4b:38:3a:b8:df:f6:8b:0b: 2194 da:53:11:23:59:9f:a9:62:32:90:f4:1a:4f:05:83: 2195 3e:3d:cd:9b:15:7b:90:d8:8b:a1:cd:cc:b8:c0:43: 2196 9f:cd:a7:8b:be:23:41:7d:29:33:df:59:7d:40:c0: 2197 e3:da:73:c3:af:43:bf:96:58:4a:c2:83:b2:2a:e2: 2198 21:7e:93:97:6a:f9:15:69:8c:7e:0c:68:91:3a:f0: 2199 b7:2c:81:5a:0a:bd:92:86:b9:84:99:92:98:04:9f: 2200 d4:c4:89:c2:91:e1:21:52:48:7e:dd:00:9f:8f:f9: 2201 2d:3e:f2:e8:5e:0a:54:cc:4f:82:48:2f:0c:02:5e: 2202 07:b6:32:e4:93:29:37:cc:56:77:21:76:66:1a:99: 2203 f2:0b:13:e2:c3:f9:3b:e0:98:1c:9c:3f:f5:23:c8: 2204 86:2f:8f:cb:e9:bf:5f:1a:e2:68:32:07:bd:bb:b6: 2205 37:89:de:b8:70:fd:c8:c9:83:44:2b:18:be:86:77: 2206 12:39 2207 Exponent: 65537 (0x10001) 2208 X509v3 extensions: 2209 X509v3 Authority Key Identifier: 2210 keyid:FF:F8:AE:13:8B:92:2B:79:92:41:A3:76:5C:2C:81:9E:9A:C5:9C:78 2211 2212 X509v3 Subject Key Identifier: 2213 23:B0:B3:7D:16:54:D4:02:56:76:EB:3A:BE:A9:6B:2F:43:7B:28:16 2214 X509v3 Key Usage: critical 2215 Certificate Sign, CRL Sign 2216 X509v3 Certificate Policies: 2217 Policy: 2.16.840.1.101.2.1.11.36 2218 Policy: 2.16.840.1.101.2.1.11.42 2219 Policy: 2.16.840.1.101.3.2.1.3.13 2220 Policy: 2.16.840.1.101.3.2.1.3.17 2221 Policy: 2.16.840.1.101.3.2.1.3.18 2222 Policy: 2.16.840.1.101.3.2.1.3.19 2223 Policy: 2.16.840.1.101.3.2.1.3.20 2224 Policy: 2.16.840.1.101.3.2.1.3.39 2225 2226 X509v3 Policy Mappings: 2227 2.16.840.1.101.2.1.11.36:2.16.840.1.101.3.2.1.3.38, 2.16.840.1.101.2.1.11.42:2.16.840.1.101.3.2.1.3.12, 2.16.840.1.101.2.1.11.42:2.16.840.1.101.3.2.1.3.4 2228 X509v3 Basic Constraints: critical 2229 CA:TRUE 2230 X509v3 Name Constraints: critical 2231 Excluded: 2232 DirName: C = US, O = U.S. Government, OU = DoD 2233 DirName: C = US, O = U.S. Government, OU = ECA 2234 2235 X509v3 Policy Constraints: critical 2236 Require Explicit Policy:0 2237 X509v3 CRL Distribution Points: 2238 URI:http://crl.disa.mil/crl/DODINTEROPERABILITYROOTCA2.crl 2239 2240 Authority Information Access: 2241 CA Issuers - URI:http://crl.disa.mil/issuedto/DODINTEROPERABILITYROOTCA2_IT.p7c 2242 OCSP - URI:http://ocsp.disa.mil 2243 2244 Subject Information Access: 2245 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c 2246 2247 X509v3 Inhibit Any Policy: 2248 0 2249 Signature Algorithm: sha256WithRSAEncryption 2250 b7:02:a4:e4:61:66:40:58:e5:6a:bf:78:d2:02:40:b8:c6:53: 2251 2a:6e:16:26:46:e1:b4:75:ba:48:94:eb:b5:ec:4c:85:b0:3e: 2252 6f:70:26:af:10:2d:9e:a3:4a:f0:a4:ab:14:e7:7b:c2:7f:01: 2253 4b:f9:5d:52:18:0e:cd:9b:1d:5c:85:0d:24:54:51:60:1f:c8: 2254 70:2c:ff:55:5d:c4:93:d1:7a:79:a2:ea:7c:85:40:72:7a:12: 2255 f8:fa:d5:e3:25:44:41:6b:5a:20:48:b6:f8:59:83:ed:54:7b: 2256 d7:f5:97:0b:24:d8:99:20:56:78:05:65:87:0f:ab:cd:3b:87: 2257 00:d7:29:5e:67:71:df:79:32:46:e9:ca:87:62:75:52:0f:26: 2258 1c:ca:1a:0e:33:13:da:2c:32:1d:6e:fc:11:f4:19:1b:5b:ac: 2259 bd:9b:26:bc:6a:f3:bd:63:73:8b:f3:66:e7:6b:cb:d8:9b:ae: 2260 a9:d0:71:a9:ae:0a:c3:6b:ea:fb:0b:29:b1:40:ee:0c:ed:4d: 2261 99:08:dc:55:79:50:90:26:fb:e3:f1:d6:53:6b:1a:c7:05:15: 2262 df:29:33:62:55:f9:b0:db:12:ad:a9:a0:ad:a2:c7:7f:de:f9: 2263 53:5c:90:f5:f0:80:7f:98:a2:7d:e7:63:55:76:cb:33:49:e4: 2264 86:c1:cb:e9 2265 -----BEGIN CERTIFICATE----- 2266 MIIGNTCCBR2gAwIBAgICBCUwDQYJKoZIhvcNAQELBQAwbDELMAkGA1UEBhMCVVMx 2267 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQL 2268 EwNQS0kxJzAlBgNVBAMTHkRvRCBJbnRlcm9wZXJhYmlsaXR5IFJvb3QgQ0EgMjAe 2269 Fw0xNzA1MDkxMzE0MTVaFw0yMDA1MDkxMzE0MTVaMFcxCzAJBgNVBAYTAlVTMRgw 2270 FgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDTALBgNVBAsTBEZQS0kxHzAdBgNVBAMT 2271 FkZlZGVyYWwgQnJpZGdlIENBIDIwMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw 2272 ggEKAoIBAQC+nTV5byW19JCDbhO/U1DKzRyW1BxrgfKKmw9Gp9+37//tRFnOh5Zv 2273 X1ex/jOrR8eFl3c8ig4UzS95aicU0nhbpaVLODq43/aLC9pTESNZn6liMpD0Gk8F 2274 gz49zZsVe5DYi6HNzLjAQ5/Np4u+I0F9KTPfWX1AwOPac8OvQ7+WWErCg7Iq4iF+ 2275 k5dq+RVpjH4MaJE68LcsgVoKvZKGuYSZkpgEn9TEicKR4SFSSH7dAJ+P+S0+8uhe 2276 ClTMT4JILwwCXge2MuSTKTfMVnchdmYamfILE+LD+TvgmBycP/UjyIYvj8vpv18a 2277 4mgyB727tjeJ3rhw/cjJg0QrGL6GdxI5AgMBAAGjggL0MIIC8DAfBgNVHSMEGDAW 2278 gBT/+K4Ti5IreZJBo3ZcLIGemsWceDAdBgNVHQ4EFgQUI7CzfRZU1AJWdus6vqlr 2279 L0N7KBYwDgYDVR0PAQH/BAQDAgEGMHcGA1UdIARwMG4wCwYJYIZIAWUCAQskMAsG 2280 CWCGSAFlAgELKjAMBgpghkgBZQMCAQMNMAwGCmCGSAFlAwIBAxEwDAYKYIZIAWUD 2281 AgEDEjAMBgpghkgBZQMCAQMTMAwGCmCGSAFlAwIBAxQwDAYKYIZIAWUDAgEDJzBU 2282 BgNVHSEETTBLMBcGCWCGSAFlAgELJAYKYIZIAWUDAgEDJjAXBglghkgBZQIBCyoG 2283 CmCGSAFlAwIBAwwwFwYJYIZIAWUCAQsqBgpghkgBZQMCAQMEMA8GA1UdEwEB/wQF 2284 MAMBAf8wgYQGA1UdHgEB/wR6MHihdjA5pDcwNTELMAkGA1UEBhMCVVMxGDAWBgNV 2285 BAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMDmkNzA1MQswCQYDVQQG 2286 EwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNFQ0EwDwYD 2287 VR0kAQH/BAUwA4ABADBHBgNVHR8EQDA+MDygOqA4hjZodHRwOi8vY3JsLmRpc2Eu 2288 bWlsL2NybC9ET0RJTlRFUk9QRVJBQklMSVRZUk9PVENBMi5jcmwwfAYIKwYBBQUH 2289 AQEEcDBuMEoGCCsGAQUFBzAChj5odHRwOi8vY3JsLmRpc2EubWlsL2lzc3VlZHRv 2290 L0RPRElOVEVST1BFUkFCSUxJVFlST09UQ0EyX0lULnA3YzAgBggrBgEFBQcwAYYU 2291 aHR0cDovL29jc3AuZGlzYS5taWwwUwYIKwYBBQUHAQsERzBFMEMGCCsGAQUFBzAF 2292 hjdodHRwOi8vaHR0cC5mcGtpLmdvdi9icmlkZ2UvY2FDZXJ0c0lzc3VlZEJ5ZmJj 2293 YTIwMTYucDdjMAoGA1UdNgQDAgEAMA0GCSqGSIb3DQEBCwUAA4IBAQC3AqTkYWZA 2294 WOVqv3jSAkC4xlMqbhYmRuG0dbpIlOu17EyFsD5vcCavEC2eo0rwpKsU53vCfwFL 2295 +V1SGA7Nmx1chQ0kVFFgH8hwLP9VXcST0Xp5oup8hUByehL4+tXjJURBa1ogSLb4 2296 WYPtVHvX9ZcLJNiZIFZ4BWWHD6vNO4cA1yleZ3HfeTJG6cqHYnVSDyYcyhoOMxPa 2297 LDIdbvwR9BkbW6y9mya8avO9Y3OL82bna8vYm66p0HGprgrDa+r7CymxQO4M7U2Z 2298 CNxVeVCQJvvj8dZTaxrHBRXfKTNiVfmw2xKtqaCtosd/3vlTXJD18IB/mKJ952NV 2299 dsszSeSGwcvp 2300 -----END CERTIFICATE----- 2301 ` 2302 2303 // HexHashFederalBridgeCA2016SignedByDodInteropCA2 is the hex SHA256 2304 // fingerprint ofFederalBridgeCA2016SignedByDodInteropCA2. 2305 const HexHashFederalBridgeCA2016SignedByDodInteropCA2 = "bf6cbf5649bc6eacf8cc906ecb6b23c190bd926e49cafeb23c3ecf4dc5906bbb" 2306 2307 // PEMFederalBridgeCA2016SignedByFederalCommonPolicyCA is the certificate for 2308 // the Federal Bridge CA 2016 signed by the Federal Common Policy CA. 2309 const PEMFederalBridgeCA2016SignedByFederalCommonPolicyCA = ` 2310 Certificate: 2311 Data: 2312 Version: 3 (0x2) 2313 Serial Number: 16194 (0x3f42) 2314 Signature Algorithm: sha256WithRSAEncryption 2315 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA 2316 Validity 2317 Not Before: Nov 8 18:20:38 2016 GMT 2318 Not After : Nov 8 18:20:38 2019 GMT 2319 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2016 2320 Subject Public Key Info: 2321 Public Key Algorithm: rsaEncryption 2322 RSA Public Key: (2048 bit) 2323 Modulus (2048 bit): 2324 00:be:9d:35:79:6f:25:b5:f4:90:83:6e:13:bf:53: 2325 50:ca:cd:1c:96:d4:1c:6b:81:f2:8a:9b:0f:46:a7: 2326 df:b7:ef:ff:ed:44:59:ce:87:96:6f:5f:57:b1:fe: 2327 33:ab:47:c7:85:97:77:3c:8a:0e:14:cd:2f:79:6a: 2328 27:14:d2:78:5b:a5:a5:4b:38:3a:b8:df:f6:8b:0b: 2329 da:53:11:23:59:9f:a9:62:32:90:f4:1a:4f:05:83: 2330 3e:3d:cd:9b:15:7b:90:d8:8b:a1:cd:cc:b8:c0:43: 2331 9f:cd:a7:8b:be:23:41:7d:29:33:df:59:7d:40:c0: 2332 e3:da:73:c3:af:43:bf:96:58:4a:c2:83:b2:2a:e2: 2333 21:7e:93:97:6a:f9:15:69:8c:7e:0c:68:91:3a:f0: 2334 b7:2c:81:5a:0a:bd:92:86:b9:84:99:92:98:04:9f: 2335 d4:c4:89:c2:91:e1:21:52:48:7e:dd:00:9f:8f:f9: 2336 2d:3e:f2:e8:5e:0a:54:cc:4f:82:48:2f:0c:02:5e: 2337 07:b6:32:e4:93:29:37:cc:56:77:21:76:66:1a:99: 2338 f2:0b:13:e2:c3:f9:3b:e0:98:1c:9c:3f:f5:23:c8: 2339 86:2f:8f:cb:e9:bf:5f:1a:e2:68:32:07:bd:bb:b6: 2340 37:89:de:b8:70:fd:c8:c9:83:44:2b:18:be:86:77: 2341 12:39 2342 Exponent: 65537 (0x10001) 2343 X509v3 extensions: 2344 X509v3 Basic Constraints: critical 2345 CA:TRUE 2346 X509v3 Certificate Policies: 2347 Policy: 2.16.840.1.101.3.2.1.3.6 2348 Policy: 2.16.840.1.101.3.2.1.3.7 2349 Policy: 2.16.840.1.101.3.2.1.3.8 2350 Policy: 2.16.840.1.101.3.2.1.3.13 2351 Policy: 2.16.840.1.101.3.2.1.3.16 2352 Policy: 2.16.840.1.101.3.2.1.3.1 2353 Policy: 2.16.840.1.101.3.2.1.3.2 2354 Policy: 2.16.840.1.101.3.2.1.3.14 2355 Policy: 2.16.840.1.101.3.2.1.3.15 2356 Policy: 2.16.840.1.101.3.2.1.3.17 2357 Policy: 2.16.840.1.101.3.2.1.3.18 2358 Policy: 2.16.840.1.101.3.2.1.3.19 2359 Policy: 2.16.840.1.101.3.2.1.3.20 2360 Policy: 2.16.840.1.101.3.2.1.3.36 2361 Policy: 2.16.840.1.101.3.2.1.3.3 2362 Policy: 2.16.840.1.101.3.2.1.3.4 2363 Policy: 2.16.840.1.101.3.2.1.3.12 2364 Policy: 2.16.840.1.101.3.2.1.3.37 2365 Policy: 2.16.840.1.101.3.2.1.3.38 2366 Policy: 2.16.840.1.101.3.2.1.3.39 2367 Policy: 2.16.840.1.101.3.2.1.3.40 2368 Policy: 2.16.840.1.101.3.2.1.3.41 2369 2370 Authority Information Access: 2371 CA Issuers - URI:http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c 2372 2373 X509v3 Policy Mappings: 2374 2.16.840.1.101.3.2.1.3.6:2.16.840.1.101.3.2.1.3.3, 2.16.840.1.101.3.2.1.3.16:2.16.840.1.101.3.2.1.3.4, 2.16.840.1.101.3.2.1.3.7:2.16.840.1.101.3.2.1.3.12, 2.16.840.1.101.3.2.1.3.8:2.16.840.1.101.3.2.1.3.37, 2.16.840.1.101.3.2.1.3.36:2.16.840.1.101.3.2.1.3.38 2375 Subject Information Access: 2376 CA Repository - URI:http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c 2377 2378 X509v3 Policy Constraints: critical 2379 Inhibit Policy Mapping:2 2380 X509v3 Inhibit Any Policy: critical 2381 0 2382 X509v3 Key Usage: critical 2383 Certificate Sign, CRL Sign 2384 X509v3 Authority Key Identifier: 2385 keyid:AD:0C:7A:75:5C:E5:F3:98:C4:79:98:0E:AC:28:FD:97:F4:E7:02:FC 2386 2387 X509v3 CRL Distribution Points: 2388 URI:http://http.fpki.gov/fcpca/fcpca.crl 2389 2390 X509v3 Subject Key Identifier: 2391 23:B0:B3:7D:16:54:D4:02:56:76:EB:3A:BE:A9:6B:2F:43:7B:28:16 2392 Signature Algorithm: sha256WithRSAEncryption 2393 23:ad:f1:65:e7:65:6a:bc:ec:f3:f2:ef:cf:6a:d1:42:8e:42: 2394 41:0d:ad:f7:c1:47:95:2f:bc:34:ce:ee:fe:97:a4:ec:30:94: 2395 99:6c:fb:0f:65:7e:ee:a5:80:10:29:fd:a9:49:68:f5:b2:d7: 2396 5b:be:97:bb:40:b9:71:18:fd:9b:8c:6f:99:5c:25:e2:04:95: 2397 15:db:e2:89:1d:1d:61:15:0c:75:36:9c:ca:7d:78:bf:b2:a9: 2398 68:2e:b5:01:81:a3:87:12:03:4a:49:7e:18:9c:9a:28:8f:7d: 2399 d5:68:4c:9f:84:48:a4:ef:2f:df:5c:97:8f:1e:8e:99:fe:86: 2400 09:2c:9c:55:e9:c6:a0:1e:6a:f0:90:33:07:c7:cb:a3:bd:dc: 2401 81:0f:3a:2e:6b:6f:41:20:e1:f4:46:f7:d9:04:3e:70:4f:c5: 2402 26:ae:78:3e:da:28:83:72:84:d3:fe:28:2b:b3:73:1d:12:2a: 2403 81:ee:0d:dc:4e:a1:6b:24:9d:fa:33:46:47:5a:8c:0e:ae:69: 2404 f6:1e:52:c8:f9:7d:e2:94:2f:ba:5a:80:79:0e:b7:5b:62:02: 2405 56:b9:31:c6:b8:6d:f7:b2:14:30:af:78:8a:e7:b8:d3:72:0a: 2406 b1:10:9c:80:b7:1e:f6:ea:3d:08:f8:a5:ba:58:bf:ab:f6:fe: 2407 da:ca:43:68 2408 -----BEGIN CERTIFICATE----- 2409 MIIGZTCCBU2gAwIBAgICP0IwDQYJKoZIhvcNAQELBQAwWTELMAkGA1UEBhMCVVMx 2410 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEhMB8GA1UE 2411 AxMYRmVkZXJhbCBDb21tb24gUG9saWN5IENBMB4XDTE2MTEwODE4MjAzOFoXDTE5 2412 MTEwODE4MjAzOFowVzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu 2413 bWVudDENMAsGA1UECxMERlBLSTEfMB0GA1UEAxMWRmVkZXJhbCBCcmlkZ2UgQ0Eg 2414 MjAxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6dNXlvJbX0kINu 2415 E79TUMrNHJbUHGuB8oqbD0an37fv/+1EWc6Hlm9fV7H+M6tHx4WXdzyKDhTNL3lq 2416 JxTSeFulpUs4Orjf9osL2lMRI1mfqWIykPQaTwWDPj3NmxV7kNiLoc3MuMBDn82n 2417 i74jQX0pM99ZfUDA49pzw69Dv5ZYSsKDsiriIX6Tl2r5FWmMfgxokTrwtyyBWgq9 2418 koa5hJmSmASf1MSJwpHhIVJIft0An4/5LT7y6F4KVMxPgkgvDAJeB7Yy5JMpN8xW 2419 dyF2ZhqZ8gsT4sP5O+CYHJw/9SPIhi+Py+m/XxriaDIHvbu2N4neuHD9yMmDRCsY 2420 voZ3EjkCAwEAAaOCAzcwggMzMA8GA1UdEwEB/wQFMAMBAf8wggFBBgNVHSAEggE4 2421 MIIBNDAMBgpghkgBZQMCAQMGMAwGCmCGSAFlAwIBAwcwDAYKYIZIAWUDAgEDCDAM 2422 BgpghkgBZQMCAQMNMAwGCmCGSAFlAwIBAxAwDAYKYIZIAWUDAgEDATAMBgpghkgB 2423 ZQMCAQMCMAwGCmCGSAFlAwIBAw4wDAYKYIZIAWUDAgEDDzAMBgpghkgBZQMCAQMR 2424 MAwGCmCGSAFlAwIBAxIwDAYKYIZIAWUDAgEDEzAMBgpghkgBZQMCAQMUMAwGCmCG 2425 SAFlAwIBAyQwDAYKYIZIAWUDAgEDAzAMBgpghkgBZQMCAQMEMAwGCmCGSAFlAwIB 2426 AwwwDAYKYIZIAWUDAgEDJTAMBgpghkgBZQMCAQMmMAwGCmCGSAFlAwIBAycwDAYK 2427 YIZIAWUDAgEDKDAMBgpghkgBZQMCAQMpME8GCCsGAQUFBwEBBEMwQTA/BggrBgEF 2428 BQcwAoYzaHR0cDovL2h0dHAuZnBraS5nb3YvZmNwY2EvY2FDZXJ0c0lzc3VlZFRv 2429 ZmNwY2EucDdjMIGNBgNVHSEEgYUwgYIwGAYKYIZIAWUDAgEDBgYKYIZIAWUDAgED 2430 AzAYBgpghkgBZQMCAQMQBgpghkgBZQMCAQMEMBgGCmCGSAFlAwIBAwcGCmCGSAFl 2431 AwIBAwwwGAYKYIZIAWUDAgEDCAYKYIZIAWUDAgEDJTAYBgpghkgBZQMCAQMkBgpg 2432 hkgBZQMCAQMmMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwBYY3aHR0cDovL2h0 2433 dHAuZnBraS5nb3YvYnJpZGdlL2NhQ2VydHNJc3N1ZWRCeWZiY2EyMDE2LnA3YzAP 2434 BgNVHSQBAf8EBTADgQECMA0GA1UdNgEB/wQDAgEAMA4GA1UdDwEB/wQEAwIBBjAf 2435 BgNVHSMEGDAWgBStDHp1XOXzmMR5mA6sKP2X9OcC/DA1BgNVHR8ELjAsMCqgKKAm 2436 hiRodHRwOi8vaHR0cC5mcGtpLmdvdi9mY3BjYS9mY3BjYS5jcmwwHQYDVR0OBBYE 2437 FCOws30WVNQCVnbrOr6pay9DeygWMA0GCSqGSIb3DQEBCwUAA4IBAQAjrfFl52Vq 2438 vOzz8u/PatFCjkJBDa33wUeVL7w0zu7+l6TsMJSZbPsPZX7upYAQKf2pSWj1stdb 2439 vpe7QLlxGP2bjG+ZXCXiBJUV2+KJHR1hFQx1NpzKfXi/sqloLrUBgaOHEgNKSX4Y 2440 nJooj33VaEyfhEik7y/fXJePHo6Z/oYJLJxV6cagHmrwkDMHx8ujvdyBDzoua29B 2441 IOH0RvfZBD5wT8Umrng+2iiDcoTT/igrs3MdEiqB7g3cTqFrJJ36M0ZHWowOrmn2 2442 HlLI+X3ilC+6WoB5DrdbYgJWuTHGuG33shQwr3iK57jTcgqxEJyAtx726j0I+KW6 2443 WL+r9v7aykNo 2444 -----END CERTIFICATE----- 2445 ` 2446 2447 // HexHashFederalBridgeCA2016SignedByFederalCommonPolicyCA is the hex SHA256 2448 // fingerprint ofFederalBridgeCA2016SignedByFederalCommonPolicyCA. 2449 const HexHashFederalBridgeCA2016SignedByFederalCommonPolicyCA = "039c1473089282fb36a4dbc23b1125aec83219c6e624fd169b02e08e6409c3f2" 2450 2451 // PEMFederalCommonPolicyCASignedBySelf is the self-signed certificate for the 2452 // Federal Common Policy CA. 2453 const PEMFederalCommonPolicyCASignedBySelf = ` 2454 Certificate: 2455 Data: 2456 Version: 3 (0x2) 2457 Serial Number: 304 (0x130) 2458 Signature Algorithm: sha256WithRSAEncryption 2459 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA 2460 Validity 2461 Not Before: Dec 1 16:45:27 2010 GMT 2462 Not After : Dec 1 16:45:27 2030 GMT 2463 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA 2464 Subject Public Key Info: 2465 Public Key Algorithm: rsaEncryption 2466 RSA Public Key: (2048 bit) 2467 Modulus (2048 bit): 2468 00:d8:75:fb:35:16:34:5a:41:bf:5a:af:5c:30:04: 2469 14:1c:ad:78:44:b5:ea:26:ea:75:61:c7:cd:36:79: 2470 f8:7c:d8:bd:29:51:66:59:21:e3:79:ab:d4:78:be: 2471 b0:2d:b0:a1:d5:b2:35:16:23:d0:cc:1e:be:0e:e8: 2472 ab:dc:c3:c9:d6:12:d7:a7:72:68:18:31:b8:17:22: 2473 b2:3e:7e:ba:08:6d:c6:fd:d1:58:2c:69:a0:03:f0: 2474 2a:a3:f6:3f:21:25:3d:df:b7:32:c5:8e:27:b3:23: 2475 a5:e0:52:b3:5d:96:e9:b0:b8:c5:c5:9f:bb:c5:a0: 2476 6e:82:40:bb:c5:27:05:36:49:d6:26:27:69:0c:34: 2477 8f:cf:27:7a:2a:0a:a3:41:5f:8d:1d:03:86:83:15: 2478 e0:55:c1:c5:98:2c:9e:ec:1a:72:dc:48:c1:3e:f9: 2479 84:d2:84:82:c1:1b:c3:74:36:b7:b9:c7:36:32:7a: 2480 f8:32:b6:d0:36:ae:22:18:31:8c:50:73:21:9e:fe: 2481 83:3b:30:88:24:e3:e9:c1:7e:de:ed:98:c7:1f:92: 2482 10:8a:9f:5b:62:2f:9d:a4:bc:d5:85:6f:3a:fd:c9: 2483 53:a7:20:4b:aa:db:20:ab:21:4e:1d:0d:4e:e6:98: 2484 85:e5:ab:11:47:5d:9d:3f:c4:23:c0:e3:14:06:6e: 2485 fe:9d 2486 Exponent: 65537 (0x10001) 2487 X509v3 extensions: 2488 X509v3 Basic Constraints: critical 2489 CA:TRUE 2490 Subject Information Access: 2491 CA Repository - URI:http://http.fpki.gov/fcpca/caCertsIssuedByfcpca.p7c 2492 CA Repository - URI:ldap://ldap.fpki.gov/cn=Federal%20Common%20Policy%20CA,ou=FPKI,o=U.S.%20Government,c=US?cACertificate;binary,crossCertificatePair;binary 2493 2494 X509v3 Key Usage: critical 2495 Certificate Sign, CRL Sign 2496 X509v3 Subject Key Identifier: 2497 AD:0C:7A:75:5C:E5:F3:98:C4:79:98:0E:AC:28:FD:97:F4:E7:02:FC 2498 Signature Algorithm: sha256WithRSAEncryption 2499 8f:73:da:e1:7f:80:b1:87:f6:ec:2c:cf:d1:84:63:1e:f6:f1: 2500 88:b7:9a:f2:11:b5:ef:54:ad:8a:6e:18:37:28:ef:5c:1b:e4: 2501 ef:50:b7:6c:26:18:23:22:4d:1d:26:47:20:e9:09:9c:e2:70: 2502 62:71:ab:11:cf:91:89:e8:b3:f5:2a:a0:47:c0:14:cb:4e:42: 2503 c1:dd:0c:0e:1b:f0:87:5b:ec:e5:77:d7:aa:e0:54:d7:45:f4: 2504 85:3e:ec:b4:1d:de:7c:8a:7f:5b:4d:9c:96:8a:d0:a2:32:9f: 2505 da:6c:31:0c:f8:a4:ef:7e:73:e8:91:dc:08:7a:70:5a:a0:af: 2506 62:81:59:f8:00:74:a2:c8:dd:54:ca:41:56:47:bd:e9:c0:4f: 2507 ed:20:dd:e3:a5:09:df:ae:28:c2:fc:d1:c8:17:d8:12:c7:6f: 2508 de:2e:e9:bd:9a:91:f2:3c:5a:94:2e:91:22:80:89:a1:8c:58: 2509 cc:83:7a:26:19:75:02:a5:0e:7d:0a:26:73:51:ea:86:cb:07: 2510 a8:c8:fd:63:5a:35:9b:d2:af:bf:4f:31:48:c1:84:70:db:35: 2511 7b:9a:19:0f:e5:8f:f4:6a:0c:6f:33:d9:eb:1c:70:a2:0d:e3: 2512 b9:50:03:61:02:ff:4a:ec:92:a4:dc:2d:ee:2a:34:93:07:b7: 2513 2c:e7:18:8f 2514 -----BEGIN CERTIFICATE----- 2515 MIIEYDCCA0igAwIBAgICATAwDQYJKoZIhvcNAQELBQAwWTELMAkGA1UEBhMCVVMx 2516 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEhMB8GA1UE 2517 AxMYRmVkZXJhbCBDb21tb24gUG9saWN5IENBMB4XDTEwMTIwMTE2NDUyN1oXDTMw 2518 MTIwMTE2NDUyN1owWTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu 2519 bWVudDENMAsGA1UECxMERlBLSTEhMB8GA1UEAxMYRmVkZXJhbCBDb21tb24gUG9s 2520 aWN5IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HX7NRY0WkG/ 2521 Wq9cMAQUHK14RLXqJup1YcfNNnn4fNi9KVFmWSHjeavUeL6wLbCh1bI1FiPQzB6+ 2522 Duir3MPJ1hLXp3JoGDG4FyKyPn66CG3G/dFYLGmgA/Aqo/Y/ISU937cyxY4nsyOl 2523 4FKzXZbpsLjFxZ+7xaBugkC7xScFNknWJidpDDSPzyd6KgqjQV+NHQOGgxXgVcHF 2524 mCye7Bpy3EjBPvmE0oSCwRvDdDa3ucc2Mnr4MrbQNq4iGDGMUHMhnv6DOzCIJOPp 2525 wX7e7ZjHH5IQip9bYi+dpLzVhW86/clTpyBLqtsgqyFOHQ1O5piF5asRR12dP8Qj 2526 wOMUBm7+nQIDAQABo4IBMDCCASwwDwYDVR0TAQH/BAUwAwEB/zCB6QYIKwYBBQUH 2527 AQsEgdwwgdkwPwYIKwYBBQUHMAWGM2h0dHA6Ly9odHRwLmZwa2kuZ292L2ZjcGNh 2528 L2NhQ2VydHNJc3N1ZWRCeWZjcGNhLnA3YzCBlQYIKwYBBQUHMAWGgYhsZGFwOi8v 2529 bGRhcC5mcGtpLmdvdi9jbj1GZWRlcmFsJTIwQ29tbW9uJTIwUG9saWN5JTIwQ0Es 2530 b3U9RlBLSSxvPVUuUy4lMjBHb3Zlcm5tZW50LGM9VVM/Y0FDZXJ0aWZpY2F0ZTti 2531 aW5hcnksY3Jvc3NDZXJ0aWZpY2F0ZVBhaXI7YmluYXJ5MA4GA1UdDwEB/wQEAwIB 2532 BjAdBgNVHQ4EFgQUrQx6dVzl85jEeZgOrCj9l/TnAvwwDQYJKoZIhvcNAQELBQAD 2533 ggEBAI9z2uF/gLGH9uwsz9GEYx728Yi3mvIRte9UrYpuGDco71wb5O9Qt2wmGCMi 2534 TR0mRyDpCZzicGJxqxHPkYnos/UqoEfAFMtOQsHdDA4b8Idb7OV316rgVNdF9IU+ 2535 7LQd3nyKf1tNnJaK0KIyn9psMQz4pO9+c+iR3Ah6cFqgr2KBWfgAdKLI3VTKQVZH 2536 venAT+0g3eOlCd+uKML80cgX2BLHb94u6b2akfI8WpQukSKAiaGMWMyDeiYZdQKl 2537 Dn0KJnNR6obLB6jI/WNaNZvSr79PMUjBhHDbNXuaGQ/lj/RqDG8z2esccKIN47lQ 2538 A2EC/0rskqTcLe4qNJMHtyznGI8= 2539 -----END CERTIFICATE----- 2540 ` 2541 2542 // HexHashFederalCommonPolicyCASignedBySelf is the hex SHA256 fingerprint of 2543 // FederalCommonPolicyCASignedBySelf. 2544 const HexHashFederalCommonPolicyCASignedBySelf = "894ebc0b23da2a50c0186b7f8f25ef1f6b2935af32a94584ef80aaf877a3a06e" 2545 2546 // PEMFederalCommonPolicyCASignedByFederalBridgeCA is the certificate for the 2547 // Federal Common Policy CA signed by the Federal Bridge CA. 2548 const PEMFederalCommonPolicyCASignedByFederalBridgeCA = ` 2549 Certificate: 2550 Data: 2551 Version: 3 (0x2) 2552 Serial Number: 1905 (0x771) 2553 Signature Algorithm: sha256WithRSAEncryption 2554 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2555 Validity 2556 Not Before: Dec 29 18:55:46 2011 GMT 2557 Not After : Dec 29 18:53:04 2014 GMT 2558 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA 2559 Subject Public Key Info: 2560 Public Key Algorithm: rsaEncryption 2561 RSA Public Key: (2048 bit) 2562 Modulus (2048 bit): 2563 00:d8:75:fb:35:16:34:5a:41:bf:5a:af:5c:30:04: 2564 14:1c:ad:78:44:b5:ea:26:ea:75:61:c7:cd:36:79: 2565 f8:7c:d8:bd:29:51:66:59:21:e3:79:ab:d4:78:be: 2566 b0:2d:b0:a1:d5:b2:35:16:23:d0:cc:1e:be:0e:e8: 2567 ab:dc:c3:c9:d6:12:d7:a7:72:68:18:31:b8:17:22: 2568 b2:3e:7e:ba:08:6d:c6:fd:d1:58:2c:69:a0:03:f0: 2569 2a:a3:f6:3f:21:25:3d:df:b7:32:c5:8e:27:b3:23: 2570 a5:e0:52:b3:5d:96:e9:b0:b8:c5:c5:9f:bb:c5:a0: 2571 6e:82:40:bb:c5:27:05:36:49:d6:26:27:69:0c:34: 2572 8f:cf:27:7a:2a:0a:a3:41:5f:8d:1d:03:86:83:15: 2573 e0:55:c1:c5:98:2c:9e:ec:1a:72:dc:48:c1:3e:f9: 2574 84:d2:84:82:c1:1b:c3:74:36:b7:b9:c7:36:32:7a: 2575 f8:32:b6:d0:36:ae:22:18:31:8c:50:73:21:9e:fe: 2576 83:3b:30:88:24:e3:e9:c1:7e:de:ed:98:c7:1f:92: 2577 10:8a:9f:5b:62:2f:9d:a4:bc:d5:85:6f:3a:fd:c9: 2578 53:a7:20:4b:aa:db:20:ab:21:4e:1d:0d:4e:e6:98: 2579 85:e5:ab:11:47:5d:9d:3f:c4:23:c0:e3:14:06:6e: 2580 fe:9d 2581 Exponent: 65537 (0x10001) 2582 X509v3 extensions: 2583 X509v3 Basic Constraints: critical 2584 CA:TRUE 2585 X509v3 Certificate Policies: 2586 Policy: 2.16.840.1.101.3.2.1.3.2 2587 Policy: 2.16.840.1.101.3.2.1.3.3 2588 Policy: 2.16.840.1.101.3.2.1.3.12 2589 Policy: 2.16.840.1.101.3.2.1.3.1 2590 Policy: 2.16.840.1.101.3.2.1.3.14 2591 Policy: 2.16.840.1.101.3.2.1.3.15 2592 Policy: 2.16.840.1.101.3.2.1.3.37 2593 Policy: 2.16.840.1.101.3.2.1.3.18 2594 Policy: 2.16.840.1.101.3.2.1.3.20 2595 Policy: 2.16.840.1.101.3.2.1.3.19 2596 Policy: 2.16.840.1.101.3.2.1.3.4 2597 Policy: 2.16.840.1.101.3.2.1.3.21 2598 Policy: 2.16.840.1.101.3.2.1.3.22 2599 Policy: 2.16.840.1.101.3.2.1.3.23 2600 Policy: 2.16.840.1.101.3.2.1.3.24 2601 Policy: 2.16.840.1.101.3.2.1.3.25 2602 Policy: 2.16.840.1.101.3.2.1.3.26 2603 Policy: 2.16.840.1.101.3.2.1.3.27 2604 Policy: 2.16.840.1.101.3.2.1.3.17 2605 Policy: 2.16.840.1.101.3.2.1.3.13 2606 Policy: 2.16.840.1.101.3.2.1.3.38 2607 2608 Authority Information Access: 2609 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca.p7c 2610 2611 X509v3 Policy Mappings: 2612 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.3.2.1.3.6, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.3.2.1.3.7, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.3.2.1.3.8, 2.16.840.1.101.3.2.1.3.4:2.16.840.1.101.3.2.1.3.16, 2.16.840.1.101.3.2.1.3.38:2.16.840.1.101.3.2.1.3.36 2613 Subject Information Access: 2614 CA Repository - URI:http://http.fpki.gov/fcpca/caCertsIssuedByfcpca.p7c 2615 2616 X509v3 Key Usage: critical 2617 Certificate Sign, CRL Sign 2618 X509v3 Authority Key Identifier: 2619 keyid:C4:9D:FC:9D:5D:3A:5D:05:7A:BF:02:81:EC:DB:49:70:15:C7:B2:72 2620 2621 X509v3 CRL Distribution Points: 2622 URI:http://http.fpki.gov/bridge/fbca.crl 2623 2624 X509v3 Subject Key Identifier: 2625 AD:0C:7A:75:5C:E5:F3:98:C4:79:98:0E:AC:28:FD:97:F4:E7:02:FC 2626 Signature Algorithm: sha256WithRSAEncryption 2627 3c:fb:d6:ac:b6:07:3b:af:87:c5:6d:36:44:41:91:3e:a9:ee: 2628 1e:96:e9:1d:96:6d:2b:af:4f:4e:a3:5b:b4:38:e3:be:96:b4: 2629 d0:be:7a:38:2c:c6:7c:1a:ce:a3:90:ed:bb:25:6c:f3:68:cd: 2630 9c:30:ea:ed:0f:1f:12:87:e2:24:41:1d:92:e2:00:50:62:6d: 2631 65:13:88:4e:4b:3e:af:b3:df:f7:4f:3f:78:8f:ae:1f:9e:1d: 2632 76:39:aa:d7:3c:1d:9f:f3:2f:60:44:2e:1c:03:8e:bd:ab:0b: 2633 92:fd:02:4a:17:81:f8:4e:3a:26:a3:36:d9:cd:ad:a4:ee:4d: 2634 21:ec:2d:39:a1:2a:6b:79:e8:e4:2d:dc:ea:25:02:37:86:4b: 2635 d5:3a:45:3a:d8:03:76:46:e1:1d:44:47:74:9d:d2:c3:4d:fe: 2636 e7:cb:ac:80:23:b0:50:3e:bc:5a:d3:36:8e:97:ae:4d:1f:0f: 2637 46:0e:84:3a:29:88:27:94:65:a0:d2:b6:a7:9b:db:7f:65:0d: 2638 e9:e9:de:57:b5:ed:33:bf:27:10:bc:69:5c:06:db:ba:b0:0e: 2639 f9:e2:67:9a:80:5b:47:5c:6f:82:04:6c:b6:11:7e:cb:68:a8: 2640 0e:59:5a:96:f9:a6:de:94:d4:eb:f1:65:9d:a1:ee:26:fc:33: 2641 06:b5:78:78 2642 -----BEGIN CERTIFICATE----- 2643 MIIGLjCCBRagAwIBAgICB3EwDQYJKoZIhvcNAQELBQAwUjELMAkGA1UEBhMCVVMx 2644 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEaMBgGA1UE 2645 AxMRRmVkZXJhbCBCcmlkZ2UgQ0EwHhcNMTExMjI5MTg1NTQ2WhcNMTQxMjI5MTg1 2646 MzA0WjBZMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQ0w 2647 CwYDVQQLEwRGUEtJMSEwHwYDVQQDExhGZWRlcmFsIENvbW1vbiBQb2xpY3kgQ0Ew 2648 ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYdfs1FjRaQb9ar1wwBBQc 2649 rXhEteom6nVhx802efh82L0pUWZZIeN5q9R4vrAtsKHVsjUWI9DMHr4O6Kvcw8nW 2650 EtencmgYMbgXIrI+froIbcb90VgsaaAD8Cqj9j8hJT3ftzLFjiezI6XgUrNdlumw 2651 uMXFn7vFoG6CQLvFJwU2SdYmJ2kMNI/PJ3oqCqNBX40dA4aDFeBVwcWYLJ7sGnLc 2652 SME++YTShILBG8N0Nre5xzYyevgyttA2riIYMYxQcyGe/oM7MIgk4+nBft7tmMcf 2653 khCKn1tiL52kvNWFbzr9yVOnIEuq2yCrIU4dDU7mmIXlqxFHXZ0/xCPA4xQGbv6d 2654 AgMBAAGjggMFMIIDATAPBgNVHRMBAf8EBTADAQH/MIIBMwYDVR0gBIIBKjCCASYw 2655 DAYKYIZIAWUDAgEDAjAMBgpghkgBZQMCAQMDMAwGCmCGSAFlAwIBAwwwDAYKYIZI 2656 AWUDAgEDATAMBgpghkgBZQMCAQMOMAwGCmCGSAFlAwIBAw8wDAYKYIZIAWUDAgED 2657 JTAMBgpghkgBZQMCAQMSMAwGCmCGSAFlAwIBAxQwDAYKYIZIAWUDAgEDEzAMBgpg 2658 hkgBZQMCAQMEMAwGCmCGSAFlAwIBAxUwDAYKYIZIAWUDAgEDFjAMBgpghkgBZQMC 2659 AQMXMAwGCmCGSAFlAwIBAxgwDAYKYIZIAWUDAgEDGTAMBgpghkgBZQMCAQMaMAwG 2660 CmCGSAFlAwIBAxswDAYKYIZIAWUDAgEDETAMBgpghkgBZQMCAQMNMAwGCmCGSAFl 2661 AwIBAyYwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8vaHR0cC5m 2662 cGtpLmdvdi9icmlkZ2UvY2FDZXJ0c0lzc3VlZFRvZmJjYS5wN2MwgY0GA1UdIQSB 2663 hTCBgjAYBgpghkgBZQMCAQMDBgpghkgBZQMCAQMGMBgGCmCGSAFlAwIBAwwGCmCG 2664 SAFlAwIBAwcwGAYKYIZIAWUDAgEDJQYKYIZIAWUDAgEDCDAYBgpghkgBZQMCAQME 2665 BgpghkgBZQMCAQMQMBgGCmCGSAFlAwIBAyYGCmCGSAFlAwIBAyQwTwYIKwYBBQUH 2666 AQsEQzBBMD8GCCsGAQUFBzAFhjNodHRwOi8vaHR0cC5mcGtpLmdvdi9mY3BjYS9j 2667 YUNlcnRzSXNzdWVkQnlmY3BjYS5wN2MwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQY 2668 MBaAFMSd/J1dOl0Fer8CgezbSXAVx7JyMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6 2669 Ly9odHRwLmZwa2kuZ292L2JyaWRnZS9mYmNhLmNybDAdBgNVHQ4EFgQUrQx6dVzl 2670 85jEeZgOrCj9l/TnAvwwDQYJKoZIhvcNAQELBQADggEBADz71qy2Bzuvh8VtNkRB 2671 kT6p7h6W6R2WbSuvT06jW7Q4476WtNC+ejgsxnwazqOQ7bslbPNozZww6u0PHxKH 2672 4iRBHZLiAFBibWUTiE5LPq+z3/dPP3iPrh+eHXY5qtc8HZ/zL2BELhwDjr2rC5L9 2673 AkoXgfhOOiajNtnNraTuTSHsLTmhKmt56OQt3OolAjeGS9U6RTrYA3ZG4R1ER3Sd 2674 0sNN/ufLrIAjsFA+vFrTNo6Xrk0fD0YOhDopiCeUZaDStqeb239lDenp3le17TO/ 2675 JxC8aVwG27qwDvniZ5qAW0dcb4IEbLYRfstoqA5ZWpb5pt6U1OvxZZ2h7ib8Mwa1 2676 eHg= 2677 -----END CERTIFICATE----- 2678 ` 2679 2680 // HexHashFederalCommonPolicyCASignedByFederalBridgeCA is the hex SHA256 2681 // fingeprint ofFederalCommonPolicyCASignedByFederalBridgeCA. 2682 const HexHashFederalCommonPolicyCASignedByFederalBridgeCA = "96289a5f9a419d10c9cf3739c477a3fb8cd1c56f8f69528b97a2dbb1b6a3270f" 2683 2684 // PEMFederalCommonPolicyCASignedByFederalBridgeCA2013 is the certificate for 2685 // the Federal Common Policy CA signed by the Federal Bridge CA 2013. 2686 const PEMFederalCommonPolicyCASignedByFederalBridgeCA2013 = ` 2687 -----BEGIN CERTIFICATE----- 2688 MIIGaTCCBVGgAwIBAgICFlwwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCVVMx 2689 GDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsGA1UECxMERlBLSTEfMB0GA1UE 2690 AxMWRmVkZXJhbCBCcmlkZ2UgQ0EgMjAxMzAeFw0xNTA2MjQxNTUyMDdaFw0xODA2 2691 MjQxNTUyMDdaMFkxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1l 2692 bnQxDTALBgNVBAsTBEZQS0kxITAfBgNVBAMTGEZlZGVyYWwgQ29tbW9uIFBvbGlj 2693 eSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANh1+zUWNFpBv1qv 2694 XDAEFByteES16ibqdWHHzTZ5+HzYvSlRZlkh43mr1Hi+sC2wodWyNRYj0Mwevg7o 2695 q9zDydYS16dyaBgxuBcisj5+ughtxv3RWCxpoAPwKqP2PyElPd+3MsWOJ7MjpeBS 2696 s12W6bC4xcWfu8WgboJAu8UnBTZJ1iYnaQw0j88neioKo0FfjR0DhoMV4FXBxZgs 2697 nuwactxIwT75hNKEgsEbw3Q2t7nHNjJ6+DK20DauIhgxjFBzIZ7+gzswiCTj6cF+ 2698 3u2Yxx+SEIqfW2IvnaS81YVvOv3JU6cgS6rbIKshTh0NTuaYheWrEUddnT/EI8Dj 2699 FAZu/p0CAwEAAaOCAzswggM3MA8GA1UdEwEB/wQFMAMBAf8wUwYIKwYBBQUHAQEE 2700 RzBFMEMGCCsGAQUFBzAChjdodHRwOi8vaHR0cC5mcGtpLmdvdi9icmlkZ2UvY2FD 2701 ZXJ0c0lzc3VlZFRvZmJjYTIwMTMucDdjMIIBQQYDVR0gBIIBODCCATQwDAYKYIZI 2702 AWUDAgEDATAMBgpghkgBZQMCAQMCMAwGCmCGSAFlAwIBAwMwDAYKYIZIAWUDAgED 2703 DDAMBgpghkgBZQMCAQMOMAwGCmCGSAFlAwIBAw8wDAYKYIZIAWUDAgEDJTAMBgpg 2704 hkgBZQMCAQMmMAwGCmCGSAFlAwIBAwQwDAYKYIZIAWUDAgEDEjAMBgpghkgBZQMC 2705 AQMTMAwGCmCGSAFlAwIBAxQwDAYKYIZIAWUDAgEDBjAMBgpghkgBZQMCAQMHMAwG 2706 CmCGSAFlAwIBAwgwDAYKYIZIAWUDAgEDJDAMBgpghkgBZQMCAQMNMAwGCmCGSAFl 2707 AwIBAxAwDAYKYIZIAWUDAgEDETAMBgpghkgBZQMCAQMoMAwGCmCGSAFlAwIBAykw 2708 DAYKYIZIAWUDAgEDJzBPBggrBgEFBQcBCwRDMEEwPwYIKwYBBQUHMAWGM2h0dHA6 2709 Ly9odHRwLmZwa2kuZ292L2ZjcGNhL2NhQ2VydHNJc3N1ZWRCeWZjcGNhLnA3YzCB 2710 jQYDVR0hBIGFMIGCMBgGCmCGSAFlAwIBAwMGCmCGSAFlAwIBAwYwGAYKYIZIAWUD 2711 AgEDBAYKYIZIAWUDAgEDEDAYBgpghkgBZQMCAQMMBgpghkgBZQMCAQMHMBgGCmCG 2712 SAFlAwIBAyUGCmCGSAFlAwIBAwgwGAYKYIZIAWUDAgEDJgYKYIZIAWUDAgEDJDAN 2713 BgNVHTYBAf8EAwIBADAPBgNVHSQBAf8EBTADgQEBMA4GA1UdDwEB/wQEAwIBBjAf 2714 BgNVHSMEGDAWgBS7znRxgzROWTJFFV9AYGDcK7C05DA5BgNVHR8EMjAwMC6gLKAq 2715 hihodHRwOi8vaHR0cC5mcGtpLmdvdi9icmlkZ2UvZmJjYTIwMTMuY3JsMB0GA1Ud 2716 DgQWBBStDHp1XOXzmMR5mA6sKP2X9OcC/DANBgkqhkiG9w0BAQsFAAOCAQEAfcpu 2717 K1Y69/mTqMBJ7RV2rNfTExexIdU67nwadpT2izyN4qUKFyCN3jXl1P32pSUr1Moz 2718 Ml7NOA5oHRYC88I1D5auCymCW55sOt5fs9QAbNbM9nwhbyq6ROMDH68j4nV6sb2D 2719 g7slYPbf5UbacCmqIGzjGpks349Cpi3/2Kd1brzx4/13tinNlC9Vocs1RyCDecC7 2720 NJNoE6nApq43m3Ns598EY6aVlXHpCWA913A+yUG4H7rmm4fr+5MrXT79j8iqTLR3 2721 ZbE+MYKadMsXhFkpcp2J4hKPsoycvRXegy00411ZLkUcn48Ha8DdDJSktUQgJolZ 2722 IeSPIo86WvJEwAAVhg== 2723 -----END CERTIFICATE-----` 2724 2725 // HexHashFederalCommonPolicyCASignedByFederalBridgeCA2013 is the hex SHA256 2726 // fingerprint ofFederalCommonPolicyCASignedByFederalBridgeCA2013. 2727 const HexHashFederalCommonPolicyCASignedByFederalBridgeCA2013 = "59cb0702bc82d6a6c58eedbf84e610c3d9ce4630e61fba5745ded0cb371e675c" 2728 2729 // PEMFederalCommonPolicyCASignedByFederalBridgeCA2016 is the certificate for 2730 // the Federal Common Policy CA signed by the Federal Bridge CA 2016. 2731 const PEMFederalCommonPolicyCASignedByFederalBridgeCA2016 = ` 2732 Certificate: 2733 Data: 2734 Version: 3 (0x2) 2735 Serial Number: 2736 7b:6f:fe:26:1a:79:65:43:cd:c7:88:e1:5f:90:f5:e3:ec:e6:9b:f4 2737 Signature Algorithm: sha256WithRSAEncryption 2738 Issuer: C=US, O=U.S. Government, OU=FPKI, CN=Federal Bridge CA 2016 2739 Validity 2740 Not Before: Nov 8 18:14:36 2016 GMT 2741 Not After : Nov 8 18:14:36 2019 GMT 2742 Subject: C=US, O=U.S. Government, OU=FPKI, CN=Federal Common Policy CA 2743 Subject Public Key Info: 2744 Public Key Algorithm: rsaEncryption 2745 RSA Public Key: (2048 bit) 2746 Modulus (2048 bit): 2747 00:d8:75:fb:35:16:34:5a:41:bf:5a:af:5c:30:04: 2748 14:1c:ad:78:44:b5:ea:26:ea:75:61:c7:cd:36:79: 2749 f8:7c:d8:bd:29:51:66:59:21:e3:79:ab:d4:78:be: 2750 b0:2d:b0:a1:d5:b2:35:16:23:d0:cc:1e:be:0e:e8: 2751 ab:dc:c3:c9:d6:12:d7:a7:72:68:18:31:b8:17:22: 2752 b2:3e:7e:ba:08:6d:c6:fd:d1:58:2c:69:a0:03:f0: 2753 2a:a3:f6:3f:21:25:3d:df:b7:32:c5:8e:27:b3:23: 2754 a5:e0:52:b3:5d:96:e9:b0:b8:c5:c5:9f:bb:c5:a0: 2755 6e:82:40:bb:c5:27:05:36:49:d6:26:27:69:0c:34: 2756 8f:cf:27:7a:2a:0a:a3:41:5f:8d:1d:03:86:83:15: 2757 e0:55:c1:c5:98:2c:9e:ec:1a:72:dc:48:c1:3e:f9: 2758 84:d2:84:82:c1:1b:c3:74:36:b7:b9:c7:36:32:7a: 2759 f8:32:b6:d0:36:ae:22:18:31:8c:50:73:21:9e:fe: 2760 83:3b:30:88:24:e3:e9:c1:7e:de:ed:98:c7:1f:92: 2761 10:8a:9f:5b:62:2f:9d:a4:bc:d5:85:6f:3a:fd:c9: 2762 53:a7:20:4b:aa:db:20:ab:21:4e:1d:0d:4e:e6:98: 2763 85:e5:ab:11:47:5d:9d:3f:c4:23:c0:e3:14:06:6e: 2764 fe:9d 2765 Exponent: 65537 (0x10001) 2766 X509v3 extensions: 2767 X509v3 Basic Constraints: critical 2768 CA:TRUE 2769 X509v3 Certificate Policies: 2770 Policy: 2.16.840.1.101.3.2.1.3.13 2771 Policy: 2.16.840.1.101.3.2.1.3.1 2772 Policy: 2.16.840.1.101.3.2.1.3.2 2773 Policy: 2.16.840.1.101.3.2.1.3.14 2774 Policy: 2.16.840.1.101.3.2.1.3.15 2775 Policy: 2.16.840.1.101.3.2.1.3.17 2776 Policy: 2.16.840.1.101.3.2.1.3.18 2777 Policy: 2.16.840.1.101.3.2.1.3.19 2778 Policy: 2.16.840.1.101.3.2.1.3.20 2779 Policy: 2.16.840.1.101.3.2.1.3.3 2780 Policy: 2.16.840.1.101.3.2.1.3.12 2781 Policy: 2.16.840.1.101.3.2.1.3.4 2782 Policy: 2.16.840.1.101.3.2.1.3.37 2783 Policy: 2.16.840.1.101.3.2.1.3.38 2784 Policy: 2.16.840.1.101.3.2.1.3.6 2785 Policy: 2.16.840.1.101.3.2.1.3.7 2786 Policy: 2.16.840.1.101.3.2.1.3.8 2787 Policy: 2.16.840.1.101.3.2.1.3.36 2788 Policy: 2.16.840.1.101.3.2.1.3.16 2789 Policy: 2.16.840.1.101.3.2.1.3.39 2790 Policy: 2.16.840.1.101.3.2.1.3.40 2791 Policy: 2.16.840.1.101.3.2.1.3.41 2792 2793 Authority Information Access: 2794 CA Issuers - URI:http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c 2795 2796 X509v3 Policy Mappings: 2797 2.16.840.1.101.3.2.1.3.3:2.16.840.1.101.3.2.1.3.6, 2.16.840.1.101.3.2.1.3.4:2.16.840.1.101.3.2.1.3.16, 2.16.840.1.101.3.2.1.3.12:2.16.840.1.101.3.2.1.3.7, 2.16.840.1.101.3.2.1.3.37:2.16.840.1.101.3.2.1.3.8, 2.16.840.1.101.3.2.1.3.38:2.16.840.1.101.3.2.1.3.36 2798 Subject Information Access: 2799 CA Repository - URI:http://http.fpki.gov/fcpca/caCertsIssuedByfcpca.p7c 2800 2801 X509v3 Policy Constraints: critical 2802 Inhibit Policy Mapping:1 2803 X509v3 Inhibit Any Policy: critical 2804 0 2805 X509v3 Key Usage: critical 2806 Certificate Sign, CRL Sign 2807 X509v3 Authority Key Identifier: 2808 keyid:23:B0:B3:7D:16:54:D4:02:56:76:EB:3A:BE:A9:6B:2F:43:7B:28:16 2809 2810 X509v3 CRL Distribution Points: 2811 URI:http://http.fpki.gov/bridge/fbca2016.crl 2812 2813 X509v3 Subject Key Identifier: 2814 AD:0C:7A:75:5C:E5:F3:98:C4:79:98:0E:AC:28:FD:97:F4:E7:02:FC 2815 Signature Algorithm: sha256WithRSAEncryption 2816 67:c8:d1:37:2d:db:6c:88:3a:4f:93:42:3b:89:c6:46:d7:cb: 2817 38:23:6f:bd:15:ff:1b:a9:f3:f0:0c:7b:14:6d:ff:c6:b6:50: 2818 cb:d8:f0:0f:29:9d:a7:4c:10:4c:9d:6f:2a:1b:69:43:43:6f: 2819 d0:1c:54:df:3c:35:3b:3b:a3:2a:80:fa:cb:b9:9b:e4:4b:2e: 2820 9c:65:d5:8b:b4:65:b7:0d:4b:25:56:42:69:70:b8:d0:37:c3: 2821 54:4a:b1:e2:15:5d:d0:97:68:16:5b:81:05:8b:3c:5d:91:1d: 2822 bd:ed:6c:a1:b9:04:01:f3:54:86:7e:4b:30:29:25:a8:66:f9: 2823 e6:34:8f:49:d5:c3:37:91:c9:de:dd:ef:27:9c:63:5d:b7:96: 2824 6e:c4:c0:87:44:da:dd:9e:e9:64:0e:68:b0:c2:b1:df:d5:70: 2825 5c:8b:56:63:26:81:7c:2c:4e:2d:16:fd:36:ef:b0:12:aa:f1: 2826 a6:57:7c:de:91:84:26:9c:ef:47:b4:96:7c:18:ab:7d:56:1a: 2827 dc:4d:64:1e:2c:e3:4e:c3:35:19:8e:e9:8e:d1:c6:c0:cd:a2: 2828 62:02:54:b8:9c:16:df:61:c7:3f:1c:25:33:00:2b:e3:3c:46: 2829 e5:eb:ff:55:4c:46:86:66:70:f5:b6:e4:6c:bb:e6:2e:f5:d7: 2830 10:66:fa:05 2831 -----BEGIN CERTIFICATE----- 2832 MIIGezCCBWOgAwIBAgIUe2/+Jhp5ZUPNx4jhX5D14+zmm/QwDQYJKoZIhvcNAQEL 2833 BQAwVzELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDENMAsG 2834 A1UECxMERlBLSTEfMB0GA1UEAxMWRmVkZXJhbCBCcmlkZ2UgQ0EgMjAxNjAeFw0x 2835 NjExMDgxODE0MzZaFw0xOTExMDgxODE0MzZaMFkxCzAJBgNVBAYTAlVTMRgwFgYD 2836 VQQKEw9VLlMuIEdvdmVybm1lbnQxDTALBgNVBAsTBEZQS0kxITAfBgNVBAMTGEZl 2837 ZGVyYWwgQ29tbW9uIFBvbGljeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC 2838 AQoCggEBANh1+zUWNFpBv1qvXDAEFByteES16ibqdWHHzTZ5+HzYvSlRZlkh43mr 2839 1Hi+sC2wodWyNRYj0Mwevg7oq9zDydYS16dyaBgxuBcisj5+ughtxv3RWCxpoAPw 2840 KqP2PyElPd+3MsWOJ7MjpeBSs12W6bC4xcWfu8WgboJAu8UnBTZJ1iYnaQw0j88n 2841 eioKo0FfjR0DhoMV4FXBxZgsnuwactxIwT75hNKEgsEbw3Q2t7nHNjJ6+DK20Dau 2842 IhgxjFBzIZ7+gzswiCTj6cF+3u2Yxx+SEIqfW2IvnaS81YVvOv3JU6cgS6rbIKsh 2843 Th0NTuaYheWrEUddnT/EI8DjFAZu/p0CAwEAAaOCAzswggM3MA8GA1UdEwEB/wQF 2844 MAMBAf8wggFBBgNVHSAEggE4MIIBNDAMBgpghkgBZQMCAQMNMAwGCmCGSAFlAwIB 2845 AwEwDAYKYIZIAWUDAgEDAjAMBgpghkgBZQMCAQMOMAwGCmCGSAFlAwIBAw8wDAYK 2846 YIZIAWUDAgEDETAMBgpghkgBZQMCAQMSMAwGCmCGSAFlAwIBAxMwDAYKYIZIAWUD 2847 AgEDFDAMBgpghkgBZQMCAQMDMAwGCmCGSAFlAwIBAwwwDAYKYIZIAWUDAgEDBDAM 2848 BgpghkgBZQMCAQMlMAwGCmCGSAFlAwIBAyYwDAYKYIZIAWUDAgEDBjAMBgpghkgB 2849 ZQMCAQMHMAwGCmCGSAFlAwIBAwgwDAYKYIZIAWUDAgEDJDAMBgpghkgBZQMCAQMQ 2850 MAwGCmCGSAFlAwIBAycwDAYKYIZIAWUDAgEDKDAMBgpghkgBZQMCAQMpMFMGCCsG 2851 AQUFBwEBBEcwRTBDBggrBgEFBQcwAoY3aHR0cDovL2h0dHAuZnBraS5nb3YvYnJp 2852 ZGdlL2NhQ2VydHNJc3N1ZWRUb2ZiY2EyMDE2LnA3YzCBjQYDVR0hBIGFMIGCMBgG 2853 CmCGSAFlAwIBAwMGCmCGSAFlAwIBAwYwGAYKYIZIAWUDAgEDBAYKYIZIAWUDAgED 2854 EDAYBgpghkgBZQMCAQMMBgpghkgBZQMCAQMHMBgGCmCGSAFlAwIBAyUGCmCGSAFl 2855 AwIBAwgwGAYKYIZIAWUDAgEDJgYKYIZIAWUDAgEDJDBPBggrBgEFBQcBCwRDMEEw 2856 PwYIKwYBBQUHMAWGM2h0dHA6Ly9odHRwLmZwa2kuZ292L2ZjcGNhL2NhQ2VydHNJ 2857 c3N1ZWRCeWZjcGNhLnA3YzAPBgNVHSQBAf8EBTADgQEBMA0GA1UdNgEB/wQDAgEA 2858 MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQjsLN9FlTUAlZ26zq+qWsvQ3so 2859 FjA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vaHR0cC5mcGtpLmdvdi9icmlkZ2Uv 2860 ZmJjYTIwMTYuY3JsMB0GA1UdDgQWBBStDHp1XOXzmMR5mA6sKP2X9OcC/DANBgkq 2861 hkiG9w0BAQsFAAOCAQEAZ8jRNy3bbIg6T5NCO4nGRtfLOCNvvRX/G6nz8Ax7FG3/ 2862 xrZQy9jwDymdp0wQTJ1vKhtpQ0Nv0BxU3zw1OzujKoD6y7mb5EsunGXVi7Rltw1L 2863 JVZCaXC40DfDVEqx4hVd0JdoFluBBYs8XZEdve1sobkEAfNUhn5LMCklqGb55jSP 2864 SdXDN5HJ3t3vJ5xjXbeWbsTAh0Ta3Z7pZA5osMKx39VwXItWYyaBfCxOLRb9Nu+w 2865 Eqrxpld83pGEJpzvR7SWfBirfVYa3E1kHizjTsM1GY7pjtHGwM2iYgJUuJwW32HH 2866 PxwlMwAr4zxG5ev/VUxGhmZw9bbkbLvmLvXXEGb6BQ== 2867 -----END CERTIFICATE----- 2868 ` 2869 2870 // HexHashFederalCommonPolicyCASignedByFederalBridgeCA2016 is the hex SHA256 2871 // fingerprint ofFederalCommonPolicyCASignedByFederalBridgeCA2016. 2872 const HexHashFederalCommonPolicyCASignedByFederalBridgeCA2016 = "343293348becda9784b09e5e252a25355772e488cb75dc8b5075dc89541b3cc9"