Comments (3)
ryancdickson
commented on July 28, 2024
Decommissioning rescheduled to November 24, 2020.
from fpki-guides.
grandamp
commented on July 28, 2024
Afternoon,
This has been completed, and the CRL containing this CA's serial number (Hex: 4A61D1DB / Int: 1247924699) has been published:
$ curl -v http://pki.treas.gov/US_Treasury_Root_CA.crl --output US_Treasury_Root_CA.crl
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 166.123.219.25...
* TCP_NODELAY set
* Connected to pki.treas.gov (166.123.219.25) port 80 (#0)
> GET /US_Treasury_Root_CA.crl HTTP/1.1
> Host: pki.treas.gov
> User-Agent: curl/7.55.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Tue, 24 Nov 2020 17:58:08 GMT
< Connection: Keep-Alive
< Server: Web Services
< Last-Modified: Tue, 24 Nov 2020 16:15:07 GMT
< ETag: "WAf1436d592474a927"
< Content-Type: application/pkix-crl
< Cache-Control: max-age=1200
< Age: 558
< Accept-Ranges: bytes
< Content-Length: 752
<
{ [752 bytes data]
100 752 100 752 0 0 752 0 0:00:01 --:--:-- 0:00:01 3704
* Connection #0 to host pki.treas.gov left intact
$ openssl crl -inform DER -in US_Treasury_Root_CA.crl -text
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: /C=US/O=U.S. Government/OU=Department of the Treasury/OU=Certification Authorities/OU=US Treasury Root CA
Last Update: Nov 24 16:15:06 2020 GMT
Next Update: Dec 26 04:59:00 2020 GMT
CRL extensions:
X509v3 CRL Number:
322
X509v3 Authority Key Identifier:
keyid:68:84:15:48:8C:54:70:7F:2D:12:58:0E:EC:1C:78:EF:3C:2E:59:64
Revoked Certificates:
Serial Number: 4A61D1DB
Revocation Date: Nov 24 16:13:02 2020 GMT
CRL entry extensions:
X509v3 CRL Reason Code:
Unspecified
Serial Number: 5CCB3261
Revocation Date: Aug 15 18:19:28 2020 GMT
CRL entry extensions:
X509v3 CRL Reason Code:
Unspecified
Serial Number: 5AC4ED34
Revocation Date: Aug 14 17:36:19 2019 GMT
CRL entry extensions:
X509v3 CRL Reason Code:
Unspecified
Serial Number: 590752EA
Revocation Date: Jul 26 15:32:48 2018 GMT
CRL entry extensions:
X509v3 CRL Reason Code:
Unspecified
Serial Number: 570D2C34
Revocation Date: Jul 19 14:06:42 2017 GMT
CRL entry extensions:
X509v3 CRL Reason Code:
Unspecified
Serial Number: 4E398151
Revocation Date: Jul 13 13:34:28 2016 GMT
CRL entry extensions:
X509v3 CRL Reason Code:
Unspecified
Signature Algorithm: sha256WithRSAEncryption
ca:20:40:2b:1d:89:4e:d8:e0:b4:e5:ca:24:23:fa:97:3a:1e:
5a:ff:f1:a7:6a:05:7a:36:a0:a3:dc:88:7f:19:f9:51:cd:39:
4e:35:23:ff:05:c2:b0:86:ad:0b:35:94:de:66:b0:64:b3:a6:
b2:d7:40:08:ca:64:ec:86:40:a2:9a:c3:41:b0:71:c0:b5:c9:
f4:95:82:26:f1:17:be:60:d7:78:01:7d:f4:4f:ac:87:db:f4:
54:1a:80:a8:08:1b:af:91:f4:dc:ab:14:dc:62:c8:74:c4:05:
08:76:83:7f:3d:fa:cc:89:5e:bc:1e:08:08:50:50:ea:b3:86:
95:37:ed:8b:5b:23:1c:67:c7:fd:92:7a:5e:fe:67:bf:1e:1b:
ad:de:1b:76:3f:0b:ae:37:65:2c:b3:0b:7d:59:84:7c:e3:ce:
b6:d4:a9:3d:62:b0:94:58:e8:48:cd:19:e8:79:d9:f9:6c:dc:
6e:68:a1:d1:00:08:ee:85:ec:43:19:2c:7c:ad:95:60:e4:ab:
f5:a1:3f:ff:3b:96:2f:85:74:c2:c4:8f:d2:a7:a9:cc:06:c8:
07:46:01:67:8c:a3:32:e1:ef:54:4e:28:dd:8e:d9:f1:c4:c8:
7d:a6:50:41:4a:07:fc:85:91:26:2f:f3:2e:6f:31:1c:26:11:
0f:b6:16:f2
-----BEGIN X509 CRL-----
MIIC7DCCAdQCAQEwDQYJKoZIhvcNAQELBQAwgY4xCzAJBgNVBAYTAlVTMRgwFgYD
VQQKEw9VLlMuIEdvdmVybm1lbnQxIzAhBgNVBAsTGkRlcGFydG1lbnQgb2YgdGhl
IFRyZWFzdXJ5MSIwIAYDVQQLExlDZXJ0aWZpY2F0aW9uIEF1dGhvcml0aWVzMRww
GgYDVQQLExNVUyBUcmVhc3VyeSBSb290IENBFw0yMDExMjQxNjE1MDZaFw0yMDEy
MjYwNDU5MDBaMIHeMCMCBEph0dsXDTIwMTEyNDE2MTMwMlowDDAKBgNVHRUEAwoB
ADAjAgRcyzJhFw0yMDA4MTUxODE5MjhaMAwwCgYDVR0VBAMKAQAwIwIEWsTtNBcN
MTkwODE0MTczNjE5WjAMMAoGA1UdFQQDCgEAMCMCBFkHUuoXDTE4MDcyNjE1MzI0
OFowDDAKBgNVHRUEAwoBADAjAgRXDSw0Fw0xNzA3MTkxNDA2NDJaMAwwCgYDVR0V
BAMKAQAwIwIETjmBURcNMTYwNzEzMTMzNDI4WjAMMAoGA1UdFQQDCgEAoDAwLjAL
BgNVHRQEBAICAUIwHwYDVR0jBBgwFoAUaIQVSIxUcH8tElgO7Bx47zwuWWQwDQYJ
KoZIhvcNAQELBQADggEBAMogQCsdiU7Y4LTlyiQj+pc6Hlr/8adqBXo2oKPciH8Z
+VHNOU41I/8FwrCGrQs1lN5msGSzprLXQAjKZOyGQKKaw0GwccC1yfSVgibxF75g
13gBffRPrIfb9FQagKgIG6+R9NyrFNxiyHTEBQh2g389+syJXrweCAhQUOqzhpU3
7YtbIxxnx/2Sel7+Z78eG63eG3Y/C643ZSyzC31ZhHzjzrbUqT1isJRY6EjNGeh5
2fls3G5oodEACO6F7EMZLHytlWDkq/WhP/87li+FdMLEj9KnqcwGyAdGAWeMozLh
71ROKN2O2fHEyH2mUEFKB/yFkSYv8y5vMRwmEQ+2FvI=
-----END X509 CRL-----
from fpki-guides.
ryancdickson
commented on July 28, 2024
Thanks, @grandamp. Will add to this morning's pull request.
from fpki-guides.
Related Issues (20)
- System Notification for: Federal Bridge CA G4 (Intent to issue to Entrust Managed Services NFI Root CA) HOT 1
- System Notification for: WidePoint Federal Shared Service Provider (Intent to deploy a new CA) HOT 1
- System Notification for: Federal Bridge CA G4 (Intent to issue to SAFE) HOT 2
- System Notification for: Federal Bridge CA G4 (Intent to issue to USPTO) HOT 2
- Editorial Updates from the FPKIMA HOT 2
- Federal Common CA playbook - one minor nit (FAQs) HOT 3
- Update: PIV CAs and Agencies (FTC) HOT 1
- System Notification for: Entrust SSP CA and Entrust NFI CA (issuing CAs) - URI change HOT 2
- System Notification for: Federal Bridge CA G4 (Intent to Revoke USPTO_INTR_CA1) HOT 1
- System Notification for: SAFE Identity Bridge CA HOT 1
- System Notification for: Federal Common Policy CA G2 (multiple certificates issued) HOT 1
- FBCA2016 P7C appears corrupted HOT 3
- System Notification for: TSCP SHA256 Bridge CA (intent to issue to Alexion Pharmaceuticals Issue 2 CA) HOT 1
- System Notification for: WidePoint Non-Federal Issuer (Intent to deploy a new CA) HOT 3
- macOS Outlook - (signing) certificate is not standards compliant HOT 5
- Agency Contribution to Federal Common Policy CA Migration Playbook (distributing root certificate on RHEL/CentOS/OEL)
- System Notification for: CertiPath Bridge (intent to issue) HOT 1
- System Notification for: DoD Root CA 3 (new certificate detected)
- System Notification for: Federal Common Policy CA (intent to revoke CA certificates) HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fpki-guides.