Edit this page

System Changes and Notifications

This page lists the changes to certification authorities and supporting systems operating within the Federal PKI community.

The communication of changes, and planned or unplanned system outages, is required by the certificate policies and the incident management process. Strong communication allows for planning and response and benefits the Federal PKI community as a whole. Planned changes of the these types require notifications two (2) weeks in advance:

  • Changes to Certificate Revocation List Distribution Points
  • Changes to Online Certificate Status Protocol (OCSP) endpoints
  • Introducing new URIs or retiring old URIs referenced in the Certificates profiles in use
  • Signing or revoking a Certificate Authority (CA) certificate

System outages - either through a planned maintenance activity or unplanned event - may also be posted on this page, and may trigger the Incident Management process.

To report a change or system outage not listed below, please email fpki@gsa.gov.

Notifications


  • Notice Date: September 3, 2019
  • System: GSA ACES and Federal Bridge CA 2016
  • Type: Intent to Perform CA Certificate Revocation
  • Change Description: WidePoint has decommissioned the ORC ACES 4 CA. The FPKIMA intends to revoke the certificate issued from the Federal Bridge CA to the ORC ACES 4 CA.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN=Federal Bridge CA 2016, OU=FPKI, O=U.S. Government, C=US
  • Certificate Subject: CN=ORC ACES 4, O=ORC PKI, C=US
  • Certificate SHA1 Hash: 5573FCC5E6FFFF2B710181ACCAA2EFDADB8F0F4E

  • Notice Date: August 14, 2019
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Change Description: The Federal Common Policy CA issued an updated certificate to the US Treasury Root CA. The updated certificate adds the following certificate policy object identifiers to the US Treasury Root CA certificate's existing set - id-fpki-certpcy-pivi-hardware (2.16.840.1.101.3.2.1.3.18), id-fpki-certpcy-pivi-cardAuth (2.16.840.1.101.3.2.1.3.19), and id-fpki-certpcy-pivi-contentSigning (2.16.840.1.101.3.2.1.3.20).
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 48ce02a99ae2cc4f790f2989aa153ed565b7e4d2
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/root_sia.p7c

  • Notice Date: August 14, 2019
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Change Description: The Federal Common Policy CA issued a certificate to the re-keyed Entrust Managed Services Root CA. Entrust will cut over to and begin issuance from the re-keyed Entrust Managed Services Root and SSP CA certificates on Friday, September 27, 2019, between 6:00 PM Eastern – 10:00 PM Eastern.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: OU = Entrust Managed Services Root CA, OU = Certification Authorities, O = Entrust, C = US
  • Certificate SHA1 Hash: a09655170c87d0fbfe0328b99a7baf4a1cf0b5d9
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://rootweb.managed.entrust.com/SIA/CertsIssuedByEMSRootCA.p7c

  • Notice Date: August 14, 2019
  • System: Entrust Federal Shared Service Provider
  • Type: CA Certificate Issuance
  • Change Description: The recently re-keyed Entrust Managed Services Root CA issued a certificate to the re-keyed Entrust Managed Services SSP CA. Entrust will publish and begin issuance from the re-keyed Entrust Managed Services SSP CA on Friday, September 27, 2019, between 6:00 PM Eastern – 10:00 PM Eastern. In the meantime, the certificate is available at https://enrollwebfed.managed.entrust.com/fssp/cda-docs/html/FedCertsoverviewfed.html.
  • Contact: Cris dot TenEyck at entrustdatacard dot com and Howard dot Freitag at entrustdatacard dot com
  • Certificate Issuer: OU = Entrust Managed Services Root CA, OU = Certification Authorities, O = Entrust, C = US
  • Certificate Subject: OU = Entrust Managed Services SSP CA, OU = Certification Authorities, O = Entrust, C = US
  • Certificate SHA1 Hash: 722e8abbe6b66e47d1bcec3c7ec47aa5bbe4d3c5
  • Certificate Revocation List: http://rootweb.managed.entrust.com/CRLs/EMSRootCA3.crl
  • Certificate Bundle (AIA): http://rootweb.managed.entrust.com/AIA/CertsIssuedToEMSRootCA.p7c
  • OCSP: http://ocsp.managed.entrust.com/OCSP/EMSRootCAResponder

  • Notice Date: August 14, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge CA 2016
  • Type: CA Certificate Revocation
  • Change Description: On August 14, 2019, the Federal Bridge CA 2016 revoked the cross-certificate issued to ORC NFI CA 2.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = ORC NFI CA 2, O = ORC PKI, C = US
  • Certificate SHA1 Hash: b055c6ee104e01eb688c8fb4f87cf77ca376afdb
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCNFI2_SIA.p7c

  • Notice Date: August 09, 2019
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: The Federal Common Policy CA intends to issue an updated certificate to the US Treasury Root CA. The updated certificate will add the following certificate policy object identifiers to the US Treasury Root CA certificate's existing set - id-fpki-certpcy-pivi-hardware (2.16.840.1.101.3.2.1.3.18), id-fpki-certpcy-pivi-cardAuth (2.16.840.1.101.3.2.1.3.19), and id-fpki-certpcy-pivi-contentSigning (2.16.840.1.101.3.2.1.3.20).
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate SHA1 Hash:

  • Notice Date: August 08, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge CA 2016
  • Type: CA Certificate Issuance
  • Change Description: The Federal Bridge CA 2016 issued a cross-certificate to the TSCP SHA256 Bridge CA.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US
  • Certificate SHA1 Hash: 874007002a4a2fff3edcf90eb41adce7c2fb4915
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://tscp-sia.symauth.com/IssuedBy-tscpbcasha256.p7c

  • Notice Date: August 08, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge CA 2016
  • Type: CA Certificate Issuance
  • Change Description: The Federal Bridge CA 2016 issued a cross-certificate to WidePoint NFI Root 1.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = WidePoint NFI Root 1, OU = Certification Authorities, O = WidePoint, C = US
  • Certificate SHA1 Hash: 92bc06fe6b27cbe4723f309f34681fc57c8166ce
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/WIDEPOINTNFIROOT1.p7c

  • Notice Date: August 08, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge CA 2016
  • Type: CA Certificate Issuance
  • Change Description: The Federal Bridge CA 2016 issued a cross-certificate to DoD Interoperability Root CA 2.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = DoD Interoperability Root CA 2, OU = PKI, OU = DoD, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 73050d5b629cf6286be972afddfa31d2864b4f35
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl.disa.mil/issuedby/DODINTEROPERABILITYROOTCA2_IB.p7c

  • Notice Date: August 08, 2019
  • System: Verizon NFI
  • Type: CA Certificate Revocation
  • Change Description: On August 08, 2019, Verizon NFI revoked the certificate issued from CT-CSSP-CA-A1 to the Federal Bridge CA 2016.
  • Contact: andre dot varacka at verizon dot com
  • Certificate Issuer: CN = CT-CSSP-CA-A1, OU = PKI, OU = Services, O = Cybertrust, C = US
  • Certificate Subject: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 73dccf6418522b69a50a96721aeb96441e6ef3c0
  • Certificate Revocation List: http://cdp1.com-strong-id.net/CDP/CT-CSSP-CA-A1.cr
  • Certificate Bundle (AIA): http://aia1.com-strong-id.net/CA/CT-CSSP-CA-A1.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c
  • OCSP: http://ocsp1.com-strong-id.net/CT-CSSP-CA-A1

  • Notice Date: August 08, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge CA 2016
  • Type: CA Certificate Revocation
  • Change Description: On August 06, 2019, the Federal Bridge CA 2016 revoked the cross-certificate issued to CN = CT-CSSP-CA-A1, OU = PKI, OU = Services, O = Cybertrust, C = US (operated by Verizon NFI).
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = CT-CSSP-CA-A1, OU = PKI, OU = Services, O = Cybertrust, C = US
  • Certificate SHA1 Hash: 687066bce56b6e20aea0c605b9b6679342269f21
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://sia1.com-strong-id.net/CA/CT-CSSP-CA-A1-SIA.p7c

  • Notice Date: August 07, 2019
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: The Federal Common Policy CA intends to issue a certificate to the Entrust Managed Services Root CA, pending the Entrust Managed Services Root CA re-key.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: ou=Entrust Managed Services Root CA, ou=Certification Authorities, o=Entrust, c=US
  • Certificate SHA1 Hash:

  • Notice Date: August 5, 2019
  • System: SAFE-BioPharma Bridge
  • Type: CA Certificate Revocation
  • Change Description: Synchronoss decommissioned the Trans Sped SAFE CA III. Previously active end entity certificates issued from Trans Sped SAFE CA III were revoked before CA decommissioning. On August 2, 2019, SAFE-BioPharma revoked the cross-certificate issued to Trans Sped SAFE CA III.
  • Contact: kyle dot neuman at makeidentitysafe dot com
  • Certificate Issuer: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate Subject: CN = Trans Sped SAFE CA III, OU = Individual Subscriber CA, O = Trans Sped SRL, C = RO
  • Certificate SHA1 Hash: 833D2A24326C8EA10B60FD0FEB4AA0811B1747DD
  • Certificate Revocation List: http://sbca2.safe-biopharma.org/sbca/SBCA02.crl
  • Certificate Bundle (AIA): http://sbca2.safe-biopharma.org/sbca/issuedtoSBCA02.p7c

  • Notice Date: July 26, 2019
  • System: Verizon Non-Federal Issuer (NFI)
  • Type: Intent to Perform CA Certificate Revocation
  • Change Description: Verizon NFI intends to revoke the cross-certificate issued from CT-CSSP-CA-A1 to the Federal Bridge CA 2016.
  • Contact: andre dot varacka at verizon dot com
  • Certificate Issuer: CN = CT-CSSP-CA-A1, OU = PKI, OU = Services, O = Cybertrust, C = US
  • Certificate Subject: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 73 dc cf 64 18 52 2b 69 a5 0a 96 72 1a eb 96 44 1e 6e f3 c0

  • Notice Date: July 25, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: Intent to Perform CA Certificate Revocation
  • Change Description: The Federal Bridge CA 2016 intends to revoke the cross-certificate issued to CN = CT-CSSP-CA-A1, OU = PKI, OU = Services, O = Cybertrust, C = US (operated by Verizon NFI).
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = CT-CSSP-CA-A1, OU = PKI, OU = Services, O = Cybertrust, C = US
  • Certificate SHA1 Hash: 68 70 66 bc e5 6b 6e 20 ae a0 c6 05 b9 b6 67 93 42 26 9f 21

  • Notice Date: July 24, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: The Federal Bridge CA 2016 intends to issue cross-certificates to DoD Interoperability Root CA 2, TSCP SHA256 Bridge CA, and WidePoint NFI Root CA 1. Certificate issuance is expected to take place before August 15, 2019.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: Three certificates are planned for issuance. (1) CN = DoD Interoperability Root CA 2, OU = PKI, OU = DoD, O = U.S. Government, C = US, (2) CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US, and (3) CN = WidePoint NFI Root 1, OU = Certification Authorities, O = WidePoint, C = US
  • Certificate SHA1 Hash:

  • Notice Date: July 23, 2019
  • System: Entrust Federal Shared Service Provider
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: Entrust intends to re-key both the Entrust Managed Services Root CA and the Entrust Managed Services SSP CA. The Entrust Managed Services Root CA re-key event is planned for August 13, 2019. Entrust also communicated intent to request a new cross-certificate from the Federal Common Policy CA to the Entrust Managed Services Root CA, once the re-key is complete. This notification will be updated as Entrust communicates the finalized event timeline with the Federal PKI Support Team.
  • Contact: Cris dot TenEyck at entrustdatacard dot com and Howard dot Freitag at entrustdatacard dot com
  • Certificate Issuer: ou=Entrust Managed Services Root CA, ou=Certification Authorities, o=Entrust, c=US
  • Certificate Subject: Two certificates are planned for issuance (1) ou=Entrust Managed Services Root CA, ou=Certification Authorities and (2) o=Entrust, c=US and ou=Entrust Managed Services SSP CA, ou=Certification Authorities, o=Entrust, c=US
  • Certificate SHA1 Hash:

  • Notice Date: July 11, 2019
  • System: Symantec Class 3 SSP Intermediate CA - G3 (DigiCert)
  • Type: CA Certificate Revocation
  • Change Description: On July 10, 2019, DigiCert decommissioned the CSRA FBCA C3 CA. Previously active end entity certificates issued from CSRA FBCA C3 CA were revoked before CA decommissioning.
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: Symantec Class 3 SSP Intermediate CA - G3
  • Certificate Subject: CSRA FBCA C3 CA
  • Certificate SHA1 Hash: faed5b3aa85bfea0ba8ba884689706044dfc0ec9
  • Certificate Revocation List: http://ssp-crl.symauth.com/STNSSP/Class3SSPCAG3.crl
  • Certificate Bundle (AIA): http://ssp-aia.symauth.com/STNSSP/Certs_issued_to_Class3SSPCA-G3.p7c
  • Certificate Bundle (SIA): http://ssp-sia.symauth.com/STNSSP/Certs_Issued_by_Class3SSPCA-G3.p7c
  • OCSP: http://ssp-ocsp.symauth.com

  • Notice Date: July 8, 2019
  • System: Symantec Class 3 SSP Intermediate CA - G3 (DigiCert)
  • Type: CA Certificate Revocation
  • Change Description: On July 3, 2019, DigiCert decommissioned several CAs chaining to Symantec Class 3 SSP Intermediate CA - G3. Previously active end entity certificates issued from the CAs listed below were revoked before CA decommissioning.
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: Symantec Class 3 SSP Intermediate CA - G3
  • Certificate Subject: Multiple CA certificates were revoked. Comma-separated list of CA Subject Names - CSRA FBCA C4 Device CA, CSRA FBCA C4 CA, CSRA FBCA C3 Device CA, SureID Inc. CA2, SureID Inc. Device CA1, Eid Passport LRA Content Signer CA 3, and Eid Passport LRA Device 2 CA
  • Certificate SHA1 Hash: Multiple CA certificates were revoked. Comma-separated list of CA hashes - 3DFB1CB09BE5D1430DF9CE8E04F501ADB86CA176, 1EC98449B18472D6C2F516A4D0976350D5DD829A, CF9229CB50BF5DC25C156C4F825A67E2964236C8, D4C786468511920E538C24384B3132D07DBACAF0, D514632CE34BF94C816A565DBB8FBB6BAD5FF335, 82E6536172F69E30786C9670840DB37077B5C08C, and F8912B3C9F3EB30F8A8D5A14E8038BD9BC6B771D
  • Certificate Revocation List: http://ssp-crl.symauth.com/STNSSP/Class3SSPCAG3.crl
  • Certificate Bundle (AIA): http://ssp-aia.symauth.com/STNSSP/Certs_issued_to_Class3SSPCA-G3.p7c
  • Certificate Bundle (SIA): http://ssp-sia.symauth.com/STNSSP/Certs_Issued_by_Class3SSPCA-G3.p7c
  • OCSP: http://ssp-ocsp.symauth.com

  • Notice Date: July 2, 2019
  • System: Verizon NFI
  • Type: CA Certificate Revocation
  • Change Description: On July 1, 2019, Verizon decommissioned Trans Sped Mobile QCA and VZ-SMC-CA-B2. Previously active end entity certificates issued from the CAs were revoked before CA decommissioning.
  • Contact: abdul dot nur at verizon dot com
  • Certificate Issuer: CT-CSSP-CA-A1
  • Certificate Subject: Trans Sped Mobile QCA and VZ-SMC-CA-B2
  • Certificate SHA1 Hash: 8EF17043FAD28004F407BABECE21A7C42BE4F275 and A4108B1D93D4F8837584FAEA8496847914606C29
  • Certificate Revocation List: http://cdp1.com-strong-id.net/CDP/CT-CSSP-CA-A1.crl
  • Certificate Bundle (AIA): http://aia1.com-strong-id.net/CA/CT-CSSP-CA-A1.p7c
  • OCSP: http://ocsp1.com-strong-id.net/CT-CSSP-CA-A1

  • Notice Date: June 25, 2019
  • System: US Treasury Root CA
  • Type: CA Certificate Issuance
  • Change Description: Treasury re-keyed the OCIO CA. Treasury communicated the intent to re-key this CA on March 13, 2019. Although the re-keyed certificate has been published, its private key will not be used for signing end entity certificates until June 29, 2019. The new certificate is available at https://pki.treasury.gov/crl_certs.htm
  • Contact: pki dot pmo at fiscal dot treasury dot gov
  • Certificate Issuer: OU = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate Subject: OU = OCIO CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate SHA1 Hash: e651a5dc6a1305613a22e46548e1666650c2825f
  • Certificate Revocation List: http://pki.treasury.gov/US_Treasury_Root_CA1.crl
  • Certificate Bundle (AIA): http://pki.treasury.gov/toca_aia.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/toca_sia.p7c

  • Notice Date: June 25, 2019
  • System: US Treasury Root CA
  • Type: CA Certificate Issuance
  • Change Description: Treasury re-keyed the Department of Veterans Affairs CA. Treasury communicated the intent to re-key this CA on March 13, 2019. Although the re-keyed certificate has been published, its private key will not be used for signing end entity certificates until June 29, 2019. The new certificate is available at https://pki.treasury.gov/crl_certs.htm
  • Contact: pki dot pmo at fiscal dot treasury dot gov
  • Certificate Issuer: OU = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate Subject: OU = Department of Veterans Affairs CA, OU = Certification Authorities, OU = Department of Veterans Affairs, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 76cc898f03eb0fc7e0877aac30a0c1340bb34879
  • Certificate Revocation List: http://pki.treasury.gov/US_Treasury_Root_CA1.crl
  • Certificate Bundle (AIA): http://pki.treasury.gov/vaca_aia.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/vaca_sia.p7c

  • Notice Date: June 25, 2019
  • System: CertiPath Bridge CA - G2
  • Type: CA Certificate Issuance
  • Change Description: CertiPath Bridge CA - G2 issued a new cross-certificate to the Ministerie van Defensie Certificatie Autoriteit - G2 CA.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN=CertiPath Bridge CA - G2, OU=Certification Authorities, O=CertiPath LLC, C=US
  • Certificate Subject: CN=Ministerie van Defensie Certificatie Autoriteit - G2, O=Ministerie van Defensie, C=NL
  • Certificate SHA1 Hash: b94b710964a6c1d53b3809e45d5805eca1e0c786
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: June 25, 2019
  • System: CertiPath Bridge CA - G2
  • Type: CA Certificate Issuance
  • Change Description: CertiPath Bridge CA - G2 issued a new cross-certificate to the Raytheon Root CA.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN=CertiPath Bridge CA - G2, OU=Certification Authorities, O=CertiPath LLC, C=US
  • Certificate Subject: CN=Raytheon Root CA, OU=RaytheonRoot-g2, O=CAs, DC=raytheon, DC=com
  • Certificate SHA1 Hash: 3afe40cb546fdec2d0b77454cebe5fb01d3dbb3a
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: June 14, 2019
  • System: DocuSign Root CA
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: The DocuSign Root CA (cross-certified with the TSCP SHA256 Bridge CA) intends to certify an issuing certification authority.
  • Contact: steve.race at tscp dot org
  • Certificate Issuer: CN = DocuSign Root CA, OU = TSCP, O = DocuSign Inc., C = US
  • Certificate Subject:
  • Certificate SHA1 Hash:
  • Certificate Revocation List: http://crl.dsf.docusign.net/DocuSignRootCA.crl
  • Certificate Bundle (AIA): http://crt.dsf.docusign.net/DocuSignRootCA.p7c

  • Notice Date: June 14, 2019
  • System: TSCP SHA256 Bridge CA
  • Type: CA Certificate Issuance
  • Change Description: The TSCP SHA256 Bridge CA issued a cross-certificate to the DocuSign Root CA
  • Contact: steve.race at tscp dot org
  • Certificate Issuer: CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US
  • Certificate Subject: CN = DocuSign Root CA, OU = TSCP, O = DocuSign Inc., C = US
  • Certificate SHA1 Hash: D1382AE6DACA5A69FE75B34635F529C79D5E2D90
  • Certificate Revocation List: http://tscp-crl.symauth.com/tscpbcasha256.crl
  • Certificate Bundle (AIA): http://tscp-aia.symauth.com/IssuedTo-tscpbcasha256.p7c

  • Notice Date: June 6, 2019
  • System: Department of Homeland Security Certification Authority (DHSCA)
  • Type: CA Certificate Issuance
  • Change Description: DHS re-keyed the DHSCA on June 6, 2019. DHS communicated the intent to re-key this CA on April 20, 2019. The new certificate is available at https://pki.treasury.gov/crl_certs.htm
  • Contact: gladys dot garcia at hq dot dhs dot gov
  • Certificate Issuer: OU = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate Subject: OU = DHS CA4, OU = Certification Authorities, OU = Department of Homeland Security, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 58085a64e181573f4fd917c5c021eb1cf344dd5f
  • Certificate Revocation List: http://pki.treasury.gov/US_Treasury_Root_CA1.crl
  • Certificate Bundle (AIA): http://pki.treasury.gov/dhsca_aia.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/dhsca_sia.p7c

  • Notice Date: June 3, 2019
  • System: ECA Root CA 4
  • Type: CA Certificate Issuance
  • Change Description: ECA Root CA 4 issued a certificate to the new IdenTrust ECA S22C CA
  • Contact: disa dot meade dot mae dot list dot pkieca at mail dot mil
  • Certificate Issuer: CN=ECA Root CA 4,OU=ECA,O=U.S. Government,C=US
  • Certificate Subject: CN=IdenTrust ECA S22C,OU=Certification Authorities,OU=ECA,O=U.S. Government,C=US
  • Certificate SHA1 Hash: 858169080268C6473EC59293A412224659F1AC7B
  • Certificate Revocation List: http://crl.disa.mil/crl/ECAROOTCA4.crl
  • Certificate Bundle (AIA): http://crl.disa.mil/issuedto/ECAROOTCA4_IT.p7c
  • OCSP: http://ocsp.disa.mil

  • Notice Date: June 3, 2019
  • System: ECA Root CA 4
  • Type: CA Certificate Issuance
  • Change Description: ECA Root CA 4 issued a certificate to the new IdenTrust ECA S22 CA
  • Contact: disa dot meade dot mae dot list dot pkieca at mail dot mil
  • Certificate Issuer: CN=ECA Root CA 4,OU=ECA,O=U.S. Government,C=US
  • Certificate Subject: CN=IdenTrust ECA S22,OU=Certification Authorities,OU=ECA,O=U.S. Government,C=US
  • Certificate SHA1 Hash: A7BCFC00C818D2697D49C9407A5C7C2EEE250F00
  • Certificate Revocation List: http://crl.disa.mil/crl/ECAROOTCA4.crl
  • Certificate Bundle (AIA): http://crl.disa.mil/issuedto/ECAROOTCA4_IT.p7c
  • OCSP: http://ocsp.disa.mil

  • Notice Date: May 15, 2019
  • System: Federal Common Policy CA
  • Type: CA Certificate Revocation
  • Change Description: ORC SSP 3 CA has been decommissioned and the CA certificate from the Federal Common Policy CA revoked
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = ORC SSP 3, O = ORC PKI, C = US
  • Certificate SHA1 Hash: BBFA5ABD8A09D73BE1FA30363F87402FEC5316F9

  • Notice Date: May 9, 2019
  • System: SAFE-BioPharma
  • Type: Intent to Decommission CA
  • Change Description: Synchronoss has informed SAFE-BioPharma that it will decommission the Zentry Certificate Authority that is currently cross-certified with the SAFE-BioPharma Bridge CA on July 1, 2019. Synchronoss will perform the following actions on this date - 1) Revoke all unexpired certificates issued from this CA, 2) Issue a long-term CRL, and 3) Destroy the CA signing keys. Synchronoss confirms that a long-term data archive is being implemented in accordance with SAFE-BioPharma archive requirements.
  • Contact: dsimonetti at safe-biopharma dot org
  • Certificate Issuer: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate Subject: CN = Trans Sped SAFE CA III, OU = Individual Subscriber CA, O = Trans Sped SRL, C = RO
  • Certificate SHA1 Hash: 833D2A24326C8EA10B60FD0FEB4AA0811B1747DD
  • Certificate Revocation List: http://sbca2.safe-biopharma.org/sbca/SBCA02.crl
  • Certificate Bundle (AIA): http://sbca2.safe-biopharma.org/sbca/issuedtoSBCA02.p7c

  • Notice Date: May 6, 2019
  • System: US Treasury Root CA
  • Type: CA Certificate Issuance
  • Change Description: Treasury re-keyed the NASA Operational Certification Authority.
  • Contact: pki dot pmo at fiscal dot treasury dot gov.
  • Certificate Issuer: OU = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate Subject: OU = NASA Operational CA, OU = Certification Authorities, OU = NASA, O = U.S. Government, C = US
  • Certificate SHA1 Hash: f504012b1fe57b4381e3bf5ba9f491144ed76ee1
  • Certificate Revocation List: http://pki.treasury.gov/US_Treasury_Root_CA1.crl
  • Certificate Bundle (AIA): http://pki.treasury.gov/noca_aia.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/noca_sia.p7c

  • Notice Date: April 29, 2019
  • System: FPKI Trust Infrastructure
  • Type: Infrastructure Change
  • Change Description: The Federal Public Key Infrastructure Management Authority has completed its implementation of a Content Delivery Network for HyperText Transfer Protocol (HTTP) artifacts of the Federal Bridge CA 2016, Federal Common Policy CA, and SHA1 Federal Root CA. See https://fpki.idmanagement.gov/announcements/fpki-repository-migration/ for more information.
  • Contact: fpki dash help at gsa dot gov

  • Notice Date: April 26, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA–G2 to Lockheed Martin Root Certification Authority 2.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Lockheed Martin Root Certification Authority 2, OU = Certification Authorities, O = Lockheed Martin Corporation, L = Denver, S = Colorado, C = US
  • Certificate SHA1 Hash: 90c55c1fa32a82c6e8f44e3e4ad8e4c08ade150f
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: April 26, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA–G2 to Federal Bridge CA 2016.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate SHA1 Hash: fce64c867d1af8e1c1ff5b07a869af5f3e6f823f
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c

  • Notice Date: April 26, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA–G2 to Boeing PCA G3.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Boeing PCA G3, OU = certservers, O = Boeing, C = US
  • Certificate SHA1 Hash: de7b8e78b8866caac3af1fb871be49369cdd6c5c
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: April 26, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA to Boeing PCA G2.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Boeing PCA G2, OU = certservers, O = Boeing, C = US
  • Certificate SHA1 Hash: e88050f8628bc42cae691fd96c3bb676411e2c24
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathLLCCertiPathBridgeCA.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeRootCA.p7c

  • Notice Date: April 26, 2019
  • System: Verizon Non-Federal Issuer (NFI)
  • Type: Intent to Decommission Multiple CAs
  • Change Description: Verizon is planning to decommission several CAs. Any valid end entity certificates will be revoked; the CAs will be decommissioned and archived; and then the CA certificate issued to CT-CSSP-CA-A1 from the Federal Bridge CA will be revoked.
  • Contact: abdul dot nur at verizon dot com
  • Certificate Issuer: CT-CSSP-CA-A1 (issuer of Trans Sped Mobile QCA and VZ-SMC-CA-B2) and Federal Bridge CA 2016 (issuer of CT-CSSP-CA-A1)
  • Certificate Subject: Comma-separated list of CA Subject Names planned for revocation/decommissioning - CN=Trans Sped Mobile QCA,OU=Individual Subscriber CA,O=Trans Sped SRL,C=RO, CN=VZ-SMC-CA-B2,OU=PKI,OU=Services,O=Cybertrust,C=US, and CN=CT-CSSP-CA-A1,OU=PKI,OU=Services,O=Cybertrust,C=US
  • Certificate SHA1 Hash: Comma-separated list of CA hashes planned for revocation/decommissioning - 687066BCE56B6E20AEA0C605B9B6679342269F21, 8EF17043FAD28004F407BABECE21A7C42BE4F275, and A4108B1D93D4F8837584FAEA8496847914606C29

  • Notice Date: April 20, 2019
  • System: Department of Homeland Security Certification Authority (DHSCA)
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: DHS intends to re-key the DHSCA on 6/6/2019. Certificates will be available following the key update at https://pki.treasury.gov/crl_certs.htm
  • Contact: gladys dot garcia at hq dot dhs dot gov

  • Notice Date: April 12, 2019
  • System: Federal PKI Trust Infrastructure
  • Type: Infrastructure Change
  • Change Description: The Federal Public Key Infrastructure Management Authority is implementing a Content Delivery Network for HyperText Transfer Protocol (HTTP) artifacts of the Federal Bridge CA 2016, Federal Common Policy CA, SHA1 Federal Root CA, and the soon to be commissioned TLS Root CA. The HTTP artifacts include certificate revocation lists, certificates, and certificate bundles (P7C files). No URLs will change with this migration. See https://fpki.idmanagement.gov/announcements/fpki-repository-migration/ for more information.
  • Contact: fpki dash help at gsa dot gov

  • Notice Date: April 7, 2019
  • System: US Treasury Root CA
  • Type: CA Certificate Issuance
  • Change Description: Treasury re-keyed the Social Security Administration Certification Authority. Treasury communicated the intent to re-key this CA on February 26, 2019.
  • Contact: pki dot pmo at fiscal dot treasury dot gov.
  • Certificate Issuer: OU = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate Subject: OU = Social Security Administration Certification Authority, OU = SSA, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 897A79FD488D426D6C50D0BA026F698BCA3334F4
  • Certificate Revocation List: http://pki.treasury.gov/US_Treasury_Root_CA1.crl
  • Certificate Bundle (AIA): http://pki.treasury.gov/ssaca_aia.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/ssaca_sia.p7c

  • Notice Date: April 2, 2019
  • System: Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Change Description: CA certificate issuance from Federal Common Policy CA to Treasury Root CA
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: Treasury Root CA
  • Certificate SHA1 Hash: fa392ea2972eb4edd1929932602a1909ac9558bc
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/root_sia.p7c

  • Notice Date: April 2, 2019
  • System: Federal Common Policy CA
  • Type: CA Certificate Revocation
  • Change Description: The Verizon SSP CA A2 was issued a new CA certificate on December 5, 2018. This notification communicates the revocation of the prior certificate.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: Verizon SSP CA A2
  • Certificate SHA1 Hash: a9d3a8ac016dba9fa12685bf59dcc39f5dcaf781

  • Notice Date: March 25, 2019
  • System: Symantec Class 3 SSP Intermediate CA - G3 (DigiCert)
  • Type: Intent to Decommission Multiple CAs
  • Change Description: DigiCert is planning to decommission several CAs chaining to Symantec Class 3 SSP Intermediate CA - G3. Any remaining active certificates issued from the CAs listed below will be revoked before CA decommissioning.
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: Symantec Class 3 SSP Intermediate CA - G3
  • Certificate Subject: Multiple CA certificates will be revoked before decommissioning. Comma-separated list of CA Subject Names planned for revocation/decommissioning - CSC CA - 2, CSRA FBCA C4 Device CA, CSRA FBCA C4 CA, CSRA FBCA C3 Device CA, CSRA FBCA C3 CA, SureID Inc. CA2, SureID Inc. Device CA1, Eid Passport LRA Content Signer CA 3, and Eid Passport LRA Device 2 CA
  • Certificate SHA1 Hash: Multiple CA certificates will be revoked before decommissioning. Comma-separated list of CA hashes planned for revocation/decommissioning - 2938CC1B586C8B1A76832973389AB25C53F3658F, 3DFB1CB09BE5D1430DF9CE8E04F501ADB86CA176, 1EC98449B18472D6C2F516A4D0976350D5DD829A, CF9229CB50BF5DC25C156C4F825A67E2964236C8, FAED5B3AA85BFEA0BA8BA884689706044DFC0EC9, D4C786468511920E538C24384B3132D07DBACAF0, D514632CE34BF94C816A565DBB8FBB6BAD5FF335, 82E6536172F69E30786C9670840DB37077B5C08C, and F8912B3C9F3EB30F8A8D5A14E8038BD9BC6B771D
  • Certificate Revocation List: http://ssp-crl.symauth.com/STNSSP/Class3SSPCAG3.crl
  • Certificate Bundle (AIA): http://ssp-aia.symauth.com/STNSSP/Certs_issued_to_Class3SSPCA-G3.p7c
  • Certificate Bundle (SIA): http://ssp-sia.symauth.com/STNSSP/Certs_Issued_by_Class3SSPCA-G3.p7c
  • OCSP: http://ssp-ocsp.symauth.com

  • Notice Date: March 13, 2019
  • System: US Treasury
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: Treasury intends to re-key the Treasury OCIO CA (TOCA) on 6/29/2019. Certificates will be available following the key update at https://pki.treasury.gov.
  • Contact: pki dot pmo at fiscal dot treasury dot gov

  • Notice Date: March 6, 2019
  • System: DigiCert Federal SSP Intermediate CA - G5
  • Type: CA Certificate Issuance
  • Change Description: DigiCert Federal SSP Intermediate CA - G5 issued a certificate to U.S. Department of Transportation Agency CA G5.
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate Subject: CN = U.S. Department of Transportation Agency CA G5, OU = U.S. Department of Transportation, O = U.S. Government, C = US
  • Certificate SHA1 Hash: b1d05e5b9e025ea4b3b3e30dc3f45a19f9ec51f6
  • Certificate Revocation List: http://ssp-crl.digicert.com/SSP/SSPG5.crl
  • Certificate Bundle (AIA): http://ssp-aia.digicert.com/SSP/Certs_issued_to_SSPCAG5.p7c
  • OCSP: http://ssp-ocsp.digicert.com

  • Notice Date: March 6, 2019
  • System: DigiCert Federal SSP Intermediate CA - G5
  • Type: CA Certificate Issuance
  • Change Description: DigiCert Federal SSP Intermediate CA - G5 issued a certificate to U.S. Department of Transportation Device CA G5.
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate Subject: CN = U.S. Department of Transportation Device CA G5, OU = U.S. Department of Transportation, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 263a035b50fc26368dd9a38894764b3f3592fb17
  • Certificate Revocation List: http://ssp-crl.digicert.com/SSP/SSPG5.crl
  • Certificate Bundle (AIA): http://ssp-aia.digicert.com/SSP/Certs_issued_to_SSPCAG5.p7c
  • OCSP: http://ssp-ocsp.digicert.com

  • Notice Date: March 5, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: CA Certificate Revocation
  • Change Description: Revocation performed on the certificate issued from the Federal Bridge CA 2016 to DigiCert Federated ID CA-1
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: DigiCert Federated ID CA-1
  • Certificate SHA1 Hash: e8 0b dd c6 1e d8 c4 3a d0 95 fc 94 62 17 be 45 bd d3 47 c1

  • Notice Date: March 5, 2019
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Revocation
  • Change Description: Revocation performed on the certificate issued from the Federal Common Policy CA to the Verizon Betrusted Production SSP CA A1
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: Betrusted Production SSP CA A1
  • Certificate SHA1 Hash: 06 01 bb da d5 a2 82 31 bc 94 36 75 0b 4f 3a 48 4b ab 06 c3

  • Notice Date: March 5, 2019
  • System: FPKI Trust Infrastructure - Federal Bridga CA
  • Type: CA Certificate Issuance
  • Change Description: New cross-certificate issued from Federal Bridge CA 2016 to DigiCert Federated ID L3 CA
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: cn=Federal Bridge CA 2016,ou=FPKI,o=U.S. Government,c=US
  • Certificate Subject: cn=DigiCert Federated ID L3 CA,ou=www.digicert.com,o=DigiCert Inc,c=US
  • Certificate SHA1 Hash: 11E615170E4862535762EC128565377F1A813B51
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c

  • Notice Date: February 28, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to Northrop Grumman Corporate Root CA-G2
  • Contact: judith dot spencer at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Northrop Grumman Corporate Root CA-G2, OU = Northrop Grumman Information Technology, O = Northrop Grumman Corporation, C = US
  • Certificate SHA1 Hash: 6F14FDA78D34B603ABE060D9FD16331DAC646878
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: February 28, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to NextgenIDRootCA1
  • Contact: judith dot spencer at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = NextgenIDRootCA1, OU = Certification Authorities, O = NextgenID, C = US
  • Certificate SHA1 Hash: C8EC9DAB6354FA4E2BF292B0A542F37436965723
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: February 28, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to Carillon Federal Services PIV-I CA1
  • Contact: judith dot spencer at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Carillon Federal Services PIV-I CA1, OU = Certification Authorities, O = Carillon Federal Services Inc., C = US
  • Certificate SHA1 Hash: FA75A4149838AFE4DEF18BAD39B5EFD6187D1A8B
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: February 28, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to CISRCA1
  • Contact: judith dot spencer at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = CISRCA1, OU = Certification Authorities, O = Carillon Information Security Inc., C = CA
  • Certificate SHA1 Hash: EB23C015A0B4037738D54A088A653498D394F050
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: February 26, 2019
  • System: US Treasury
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: Treasury intends to re-key the Social Security Administration CA on 4/7/2019. Certificates will be available following the key update at https://pki.treasury.gov.
  • Contact: pki dot pmo at fiscal dot treasury dot gov

  • Notice Date: February 21, 2019
  • System: STRAC Bridge Root Certification Authority
  • Type: CA Certificate Issuance
  • Change Description: New cross-certificate issued from STRAC Bridge Root Certification Authority to Federal Bridge 2016
  • Contact: pki at strac dot org
  • Certificate Issuer: C=US, O=STRAC, OU=STRAC PKI Trust Infrastructure, CN=STRAC Bridge Root Certification Authority
  • Certificate Subject: C=US, O=STRAC, OU=STRAC PKI Trust Infrastructure, CN=STRAC Bridge Root Certification Authority
  • Certificate SHA1 Hash: EE02BDB684AB4714C5F25300C41C5B8F328B0CD9
  • Certificate Revocation List: http://pki.strac.org/bridge/crl/STRACBridgeRootCA.crl
  • Certificate Bundle (AIA): http://pki.strac.org/bridge/certificates/STRACBridgeRootCA.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c
  • OCSP: http://certstatus.strac.org

  • Notice Date: February 15, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: CA Certificate Issuance
  • Change Description: New cross-certificate issued from Federal Bridge CA 2016 to STRAC Bridge Root Certification Authority
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = STRAC Bridge Root Certification Authority, OU = STRAC PKI Trust Infrastructure, O = STRAC, C = US
  • Certificate SHA1 Hash: 1f92eb3654f60a9092811f7948afff45c09a6ca9
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://pki.strac.org/bridge/certificates/STRACBridgeRootCA.p7c

  • Notice Date: February 13, 2019
  • System: DigiCert Federal SSP Intermediate CA - G5
  • Type: CA Certificate Issuance
  • Change Description: Certificate issuance to NRC SSP Device CA G4
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate Subject: CN = NRC SSP Device CA G4, OU = U.S. Nuclear Regulatory Commission, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 81f4fdb9f5dca2940416d483f011111984116ba9
  • Certificate Revocation List: http://ssp-crl.digicert.com/SSP/SSPG5.crl
  • Certificate Bundle (AIA): http://ssp-aia.digicert.com/SSP/Certs_issued_to_SSPCAG5.p7c
  • OCSP: http://ssp-ocsp.digicert.com

  • Notice Date: February 13, 2019
  • System: DigiCert Federal SSP Intermediate CA - G5
  • Type: CA Certificate Issuance
  • Change Description: Certificate issuance to NRC SSP Agency CA G4
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate Subject: CN = NRC SSP Agency CA G4, OU = U.S. Nuclear Regulatory Commission, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 1a03581dcf159d206accd7bdd176c788a0862353
  • Certificate Revocation List: http://ssp-crl.digicert.com/SSP/SSPG5.crl
  • Certificate Bundle (AIA): http://ssp-aia.digicert.com/SSP/Certs_issued_to_SSPCAG5.p7c
  • OCSP: http://ssp-ocsp.digicert.com

  • Notice Date: February 12, 2019
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: Intent to Perform CA Certificate Revocation
  • Change Description: Revocation planned for the certificate issued from the Federal Common Policy CA to the Verizon Betrusted Production SSP CA A1
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: Betrusted Production SSP CA A1
  • Certificate SHA1 Hash: 06 01 bb da d5 a2 82 31 bc 94 36 75 0b 4f 3a 48 4b ab 06 c3

  • Notice Date: February 11, 2019
  • System: Symantec Managed PKI
  • Type: URI Change (IP addresses)
  • Change Description: DigiCert will be moving the federal PKI shared service provider CAs (government) and other managed PKI to new data centers. The address ranges in the new data centers will be as follows - 216.168.245.0/24, 216.168.246.0/24, 216.168.248.0/24, and 216.168.249.0/24. Be prepared to update network configurations as necessary. This activity is planned to take place between 15:30 UTC, April 6, 2019 and 3:30 UTC, April 7, 2019. See https://knowledge.digicert.com/generalinformation/digicert-symantec-managed-pki-data-center-migration-information-.html for more information.
  • Contact: steve dot medin at digicert dot com

  • Notice Date: February 11, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: New cross-certificate planned for issuance from Federal Bridge CA 2016 to DigiCert Federated ID L3 CA
  • Contact: fpki at gsa dot gov

  • Notice Date: February 11, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: Intent to Perform CA Certificate Revocation
  • Change Description: Revocation planned for the certificate issued from the Federal Bridge CA 2016 to DigiCert Federated ID CA-1
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: DigiCert Federated ID CA-1
  • Certificate SHA1 Hash: e8 0b dd c6 1e d8 c4 3a d0 95 fc 94 62 17 be 45 bd d3 47 c1

  • Notice Date: February 11, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: Intent to Perform CA Certificate Issuance
  • Change Description: New cross-certificate planned for issuance from Federal Bridge CA 2016 to STRAC Bridge Root Certification Authority
  • Contact: fpki at gsa dot gov

  • Notice Date: February 4, 2019
  • System: TSCP SHA256 Bridge CA
  • Type: CA Certificate Issuance
  • Change Description: Issuance of a cross-certificate to Alexion Pharmaceuticals, Inc
  • Contact: steve.race at tscp dot org
  • Certificate Issuer: CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US
  • Certificate Subject: CN = Alexion Pharmaceuticals Issue 2 CA, OU = CAs, O = Alexion Pharmaceuticals, C = US
  • Certificate SHA1 Hash: 692a53fa725e5581a5b1db1c3d7b27e6feb9cae8
  • Certificate Revocation List: http://pki-crl.symauth.com/ca_1e66febad947306a6a338bb6f7971bca/LatestCRL.crl
  • Certificate Bundle (AIA): http://cacer.symauth.com/mpki/AlexionIssuingCA2.p7c

  • Notice Date: January 3, 2019
  • System: Fortior Solutions Intermediate CA 2018
  • Type: CA Certificate Issuance
  • Change Description: Issuance of a cross-certificate to TSCP Bridge
  • Contact: steve.race at tscp dot org
  • Certificate Issuer: CN = Fortior Solutions Intermediate CA 2018, OU = Certificate Authorities, O = Fortior Solutions, C = US
  • Certificate Subject: CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US
  • Certificate SHA1 Hash: dc4b77d79b815187f5e0e73d13f6fe41cab86fab
  • Certificate Revocation List: http://pki-crl.symauth.com/FortiorSolutions/FortiorSolutionsICA2018.crl
  • Certificate Bundle (AIA): http://cacer.symauth.com/mpki/FortiorSolutionsICA2018.p7c

  • Notice Date: January 3, 2019
  • System: TSCP SHA256 Bridge CA
  • Type: CA Certificate Issuance
  • Change Description: Issuance of a cross-certificate to Fortior Solutions, Inc.
  • Contact: steve.race at tscp dot org
  • Certificate Issuer: CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US
  • Certificate Subject: CN = Fortior Solutions Intermediate CA 2018, OU = Certificate Authorities, O = Fortior Solutions, C = US
  • Certificate SHA1 Hash: aebdf407b44afd431d8364012e096aea2a32a55d
  • Certificate Revocation List: http://tscp-crl.symauth.com/tscpbcasha256.crl
  • Certificate Bundle (AIA): http://tscp-aia.symauth.com/IssuedTo-tscpbcasha256.p7c

  • Notice Date: December 19, 2018
  • System: SAFE-BioPharma Bridge CA
  • Type: CA Certificate Issuance
  • Change Description: Issuance of a new cross-certificate from the SAFE BioPharma Bridge CA to IdenTrust SAFE-BioPharma CA 1
  • Contact: dsimonetti at safe-biopharma dot org
  • Certificate Issuer: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate Subject: CN = IdenTrust SAFE-BioPharma CA 1, OU = IdenTrust Global Common, O = IdenTrust, C = US
  • Certificate SHA1 Hash: 245f753f8a315a83bd0be8cf70833503f99fd2d2
  • Certificate Revocation List: http://sbca2.safe-biopharma.org/sbca/SBCA02.crl
  • Certificate Bundle (AIA): http://sbca2.safe-biopharma.org/sbca/issuedtoSBCA02.p7c

  • Notice Date: December 11, 2018
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Change Description: Issuance of a new CA certificate from the Federal Common Policy CA to Digicert Federal SSP Intermediate CA - G5. This CA certificate is new but intended as a rekey for the Symantec SSP Intermediate CA – G4 CA certificate.
  • Contact: fpki dash help at GSA dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate SHA1 Hash: 98 b5 82 47 ac 8a 2b c6 f3 48 f0 3e 8d 22 88 4d 83 45 fc 0f
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://ssp-sia.digicert.com/SSP/Certs_issued_by_SSPCAG5.p7c

  • Notice Date: December 12, 2018
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Change Description: Certificate issuance from the Federal Common Policy CA to the Verizon SSP CA A2 to add the Derived PIV OID
  • Contact: fpki dash help at GSA dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = Verizon SSP CA A2, OU = SSP, O = Verizon, C = US
  • Certificate SHA1 Hash: 47 7b f4 01 7d 25 cd e2 76 cd dd f7 56 d4 0c a5 91 d7 6f 6d
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://sia1.ssp-strong-id.net/CA/VZ-SSP-CA-A2-SIA.p7c

  • Notice Date: November 9, 2018
  • System: Entrust PKI Shared Service Provider, Entrust NFI Shared Services
  • Type: URI Change
  • Change Description: A new IP address will be added to the IP range for the OCSP services. Federal agencies should review firewall rules and internet gateway whitelists and adjust any rules to encompass the new IP address. Users may experience sporadic PIV authentication errors to the federal networks if firewall rules or whitelists are blocking this new IP address. There are no changes to the URIs in the end entity certificates. Please email the contact to request the new IP address as needed.
  • Contact: fpki at gsa dot gov
  • OCSP: ocsp.managed.entrust.com, ocspproofs.managed.entrust.com, nfiocsp.managed.entrust.com, doesspocsp.managed.entrust.com, hhspkiocsp.managed.entrust.com, feddcsocsp.managed.entrust.com

  • Notice Date: September 7, 2018
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Change Description: Issuance of a cross-certificate from the Federal Common Policy CA to the US Treasury Root CA.
  • Contact: fpki dash help at GSA dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 5a 87 92 2b 5e af 1d 63 19 8a 95 1b 2a b6 f5 9b 2f 16 c1 31
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/root_sia.p7c

  • Notice Date: August 23, 2018
  • System: SAFE Biopharma Bridge CA
  • Type: CA Certificate Issuance
  • Change Description: A new cross-certificate was issued from the SAFE Biopharma Bridge CA to the Federal Bridge 2016 CA
  • Contact:
  • Certificate Issuer: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate Subject: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate SHA1 Hash: 54 0c 2a c5 9f 8b 5b ab 1b 6a df 42 1a 7c 50 f0 90 1e 3d 54
  • Certificate Revocation List: http://sbca2.safe-biopharma.org/sbca/SBCA02.crl
  • Certificate Bundle (AIA): http://sbca2.safe-biopharma.org/sbca/issuedtoSBCA02.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c

  • Notice Date: August 23, 2018
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: CA Certificate Issuance
  • Change Description: A new cross-certificate was issued from the Federal Bridge 2016 to the IdenTrust ACES CA 2
  • Contact: FPKI dash help at GSA dot Gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = IdenTrust ACES CA 2, OU = IdenTrust Public Sector, O = IdenTrust, C = US
  • Certificate SHA1 Hash: ab 97 3a 75 fa 59 4f 5a 97 c5 3e 3c 50 24 4a e0 6c a6 10 a8
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://validation.identrust.com/certs/issuedbyacesca2.p7c

  • Notice Date: August 23, 2018
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: CA Certificate Issuance
  • Change Description: A new cross-certificate was issued from the Federal Bridge 2016 to the IdenTrust IGC Root CA 1
  • Contact: FPKI dash help at GSA dot Gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = IdenTrust Global Common Root CA 1, O = IdenTrust, C = US
  • Certificate SHA1 Hash: 05 24 54 75 3d 53 ff 23 76 73 7f a7 79 8e c7 2f ab 82 83 3c
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://validation.identrust.com/roots/IssuedbyIGCRootCA1.p7c

  • Notice Date: July 19, 2018
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: A new cross-certificate was issued from the Federal Bridge CA 2016 to the ORC NFI CA 3
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = ORC NFI CA 3, O = ORC PKI, C = US
  • Certificate SHA1 Hash: b6 25 da 07 30 20 16 d2 83 70 23 ba b9 4b 6e 0d 76 fc 2e 45
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCNFI3_SIA.p7c

  • Notice Date: July 5, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: A cross-certificate was issued from Certipath Bridge CA-G2 to Air Canada Enterprise Root CA1
  • Contact: support at certipath dot com
  • Certificate Issuer: C=US, O=CertiPath LLC, OU=Certification Authorities, CN=CertiPath Bridge CA - G2
  • Certificate Subject: C=CA, O=Air Canada, OU=Certification Authorities, CN=Air Canada Enterprise Root CA1
  • Certificate SHA1 Hash:
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: June 13, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance Intent
  • Change Description: CerithPath Bridge intends to renew the cross certificates from the CertiPath Bridge G1 and G2 to Raytheon prior to the end of this month. No changes are being made to certificate policies or policy mappings.
  • Contact: support at certipath dot com

  • Notice Date: June 7, 2018
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: A new cross-certificate was issued from the Federal Bridge CA 2016 to the SAFE BioPharma Bridge CA 02
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate SHA1 Hash: 5c 65 42 19 97 2b ac 88 7b ea 9f 13 09 eb 9e 05 2f b7 75 7e
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://sbca2.safe-biopharma.org/sbca/issuedbySBCA02.p7c

  • Notice Date: June 6, 2018
  • System: Federal PKI Trust Infrastructure
  • Type: CA Decommission
  • Change Description: The Federal Bridge CA 2013 was decommissioned.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: cn= Federal Bridge 2013, ou= FPKI, o=U.S. Government, c=US
  • Certificate Subject: cn= Federal Bridge 2013, ou= FPKI, o=U.S. Government, c=US
  • Certificate SHA1 Hash: 80 39 c3 23 4c 27 2c 80 c6 de 3b 13 0f 72 cc 4f be e1 38 18
  • Certificate Revocation List: http://http.fpki.gov/fbca2013.crl
  • Certificate Bundle (AIA): N/A
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2013.p7c

  • Notice Date: May 16, 2018
  • System: Digicert / Verisign / Symantec federal shared service provider
  • Type: CA Decommission
  • Change Description: The Railroad Retirement Board CA was decommissioned and a long-term CRL issued on May 18, 2018
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: CN=VeriSign SSP Intermediate CA - G3,O=VeriSign,Inc.,C=US
  • Certificate Subject: CN=RRB Device CA,OU=U.S. Railroad Retirement Board,OU=U.S. Railroad Retirement Board,O=U.S. Government,C=US
  • Certificate SHA1 Hash:

  • Notice Date: April 25, 2018
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge 2016 to US Patent and Trademark CA due to PTO Re-Key
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016 OU = FPKI O = U.S. Government C = US
  • Certificate Subject: CN = USPTO_INTR_CA1 CN = AIA CN = Public Key Services CN = Services CN = Configuration DC = uspto DC = gov
  • Certificate SHA1 Hash: 07 04 ea 96 33 a4 5a 9a 39 12 3b ac 28 be 01 07 8c 6b fd 3a
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://ipki.uspto.gov/IPKI/Certs/IPKICACerts.p7c

  • Notice Date: April 4, 2018
  • System: SAFE Biopharma Bridge Opera tional Authority
  • Type: CA Certificate Revocation
  • Change Description: The cross-certificate from SAFE Biopharma Bridge CA [SBCA 02] to FBCA 2013 has been revoked. The CRL was published shortly thereafter.
  • Contact: Matthew dot Williams at exostar dot com

  • Notice Date: February 6th, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to CISRCA1
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = CISRCA1, OU = Certification Authorities, O = Carillon Information Security Inc., C = CA
  • Certificate SHA1 Hash: c466cb26e2c9a1a483a6f81701f208b5ff522ec4
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: February 6th, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to Northrop Grumman Corporation Root CA
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Northrop Grumman Corporate Root CA-G2, OU = Northrop Grumman Information Technology, O = Northrop Grumman Corporation, C = US
  • Certificate SHA1 Hash: 9bb7b4bfd188b99e10431bf5ac56a493dfd66978
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c
  • Certificate Bundle (SIA): http://certdata.northropgrumman.com/certdata/p7c/IssuedByNorthropGrummanCorporateRootCA-G2.p7c

  • Notice Date: February 6th, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to Carillon Federal Services PIV-I CA1
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Carillon Federal Services PIV-I CA1, OU = Certification Authorities, O = Carillon Federal Services Inc., C = US
  • Certificate SHA1 Hash: 198271eee4689be1ff746e1a03cf205f4b2d518e
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice Date: February 6th, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA to Northrop Grumman Corporate Root CA
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Northrop Grumman Corporation Root CA, O = Northrop Grumman Corporation, C = US
  • Certificate SHA1 Hash: 8f98b196e6b9aed7a31522efae5bf5954da744c0
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathLLCCertiPathBridgeCA.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeRootCA.p7c

  • Notice Date: January 25, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA–G2 to NextgenID Root CA1.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = NextgenIDRootCA1, OU = Certification Authorities, O = NextgenID, C = US
  • Certificate SHA1 Hash: 50a2bf7afe08edf3877854f6d0a6e59127f68a94
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c
  • Certificate Bundle (SIA): http://www.nextgenidtrust.com/PKI/certs/IssuedByNextgenIDRootCA1.p7c
  • OCSP: N/A

  • Notice Date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge 2016 to Entrust Non-Federal Root CA
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: OU = Entrust Managed Services NFI Root CA, OU = Certification Authorities, O = Entrust, C = US
  • Certificate SHA1 Hash: 22 05 08 b0 ab 72 e2 ee 3a ca a6 a9 ef 50 01 c8 7c 52 3e a4
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://nfirootweb.managed.entrust.com/SIA/CAcertsIssuedByNFIRootCA.p7c
  • OCSP: N/A

  • Notice Date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to Symantec
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: CN=Symantec Class 3 SSP Intermediate CA - G3
  • Certificate SHA1 Hash: 91 45 31 f5 a6 10 91 40 05 42 2e 56 d6 71 12 18 13 3b 10 48
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://ssp-sia.symauth.com/STNSSP/Certs_Issued_by_Class3SSPCA-G3.p7c
  • OCSP: N/A

  • Notice Date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to Verizon Non-Federal Issuer CA
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: CT-CSSP-CA-A1
  • Certificate SHA1 Hash: 68 70 66 bc e5 6b 6e 20 ae a0 c6 05 b9 b6 67 93 42 26 9f 21
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://sia1.com-strong-id.net/CA/CT-CSSP-CA-A1-SIA.p7c
  • OCSP: N/A

  • Notice Date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to ORC (Widepoint) Non-Federal Issuer CA
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: CN=ORC NFI CA 2, O=ORC PKI, C=US
  • Certificate SHA1 Hash: b0 55 c6 ee 10 4e 01 eb 68 8c 8f b4 f8 7c f7 7c a3 76 af db
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCNFI2_SIA.p7c
  • OCSP: N/A

  • Notice Date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to ORC (Widepoint) ACES
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: CN=ORC ACES 4, O=ORC PKI, C=US
  • Certificate SHA1 Hash: 55 73 fc c5 e6 ff ff 2b 71 01 81 ac ca a2 ef da db 8f 0f 4e
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCACES4_SIA.p7c
  • OCSP: N/A

  • Notice Date: October 20, 2017
  • System: TSCP SHA256 Bridge CA
  • Type: CA Certificate Issuance
  • Change Description: Issuance of a cross-certificate to Alexion Pharmaceuticals, Inc
  • Contact: shauna.russell@tscp.org, fpki at gsa dot gov

  • Notice Date: September 30, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to DigiCert
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: DigiCert Federated ID CA-1
  • Certificate SHA1 Hash: e8 0b dd c6 1e d8 c4 3a d0 95 fc 94 62 17 be 45 bd d3 47 c1
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://cacerts.digicert.com/siaDigiCertFederatedIDCA-1.p7c
  • OCSP: N/A

  • Notice Date: September 14, 2017
  • System: DigiCert Federated ID CA-1
  • Type: CA Certificate Issuance
  • Change Description: A new CA certificate was issued for a subordinate CA under Digicert Federated Trust CA-1. The CA certificate is for Trinity Health Direct CA.
  • Contact: ben.wilson at digicert dot com
  • Certificate Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Federated Trust CA-1
  • Certificate Subject: C=US, O=Trinity Health, CN=Trinity Health Direct CA
  • Certificate SHA1 Hash: 91:C3:74:48:0A:BA:3B:B9:B4:6C:8A:87:0F:95:E0:CA:98:CF:0C:70
  • Certificate Revocation List: http://crl4.digicert.com/DigiCertFederatedTrustCA-1.crl, http://crl3.digicert.com/DigiCertFederatedTrustCA-1.crl
  • Certificate Bundle (AIA): http://cacerts.digicert.com/aiaTrinityHealthDirectCA.p7c
  • OCSP: http://ocsp.digicert.com

  • Notice Date: September 14, 2017
  • System: DigiCert Federated ID CA-1
  • Type: CA Certificate Issuance
  • Change Description: A new CA certificate was issued for a subordinate CA under Digicert Federated ID CA-1. The CA certificate is for DigiCert Federated Trust CA-1.
  • Contact: ben.wilson at digicert dot com
  • Certificate Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Federated ID CA-1
  • Certificate Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Federated Trust CA-1
  • Certificate SHA1 Hash: E2:9C:44:38:7F:7B:AA:9F:49:EF:CC:AE:A6:54:BC:E2:0C:FF:5F:D3
  • Certificate Revocation List: http://crl3.digicert.com/DigiCertFederatedIDCA-1.crl, http://crl4.digicert.com/DigiCertFederatedIDCA-1.crl
  • Certificate Bundle (AIA): http://cacerts.digicert.com/aiaDigiCertFederatedTrustCA-1.p7c
  • OCSP: http://ocsp.digicert.com

  • Notice Date: August 22, 2017
  • System: Verizon Federal PKI Shared Service Provider
  • Type: CA Certificate Revocation
  • Change Description: The CA certificate for the issuing CA named Executive Office of the President CA-B8 will be revoked on August 25th and a long term CRL will be published. This CA is no longer active.
  • Contact: vziamssp at verizon dot com, fpki at gsa dot gov
  • Certificate Issuer: CN=Betrusted Production SSP CA A1,OU=Betrusted Production SSP CA A1,OU=SSP,O=Betrusted US Inc,C=US
  • Certificate Subject: CN=Executive Office of the President CA-B8,OU=PKI,OU=Services,DC=ssp,DC=eop,DC=gov
  • Certificate SHA1 Hash:

  • Notice Date: August 4, 2017
  • System: US Government Publishing Office CAs
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from US Government Publishing Office to Federal Bridge
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: GPO PCA
  • Certificate Subject: Federal Bridge CA 2016
  • Certificate SHA1 Hash: b5 d4 0b e9 4f 2e 01 4f 51 0b 29 64 36 6f 10 13 f4 1a f3 0e
  • Certificate Revocation List: http://www.gpo-fbca-crls.ois.gpo.gov/GPO-PCA-CRLa4.crl
  • Certificate Bundle (AIA): http://www.gpo-fbca-crls.ois.gpo.gov/GPO-PCA-CACertificates.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c
  • OCSP: http://www.ocsp.gpo.gov

  • Notice Date: August 3, 2017
  • System: N/A
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to US Government Publishing Office
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: GPO PCA
  • Certificate SHA1 Hash: b8 ea bb 18 ed 54 4c 9f cf b2 99 bd 5d 32 21 27 e6 f4 8d 90
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://www.gpo-fbca-crls.ois.gpo.gov/caCertsIssuedByGPO.p7c
  • OCSP: N/A

  • Notice Date: July 25, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to Symantec
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: VeriSign Class 3 SSP Intermediate CA - G2
  • Certificate SHA1 Hash: 63 3b 29 78 0d 72 f9 b6 e6 52 f8 58 6b 13 87 02 19 5a 2c cd
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://ssp-sia.symauth.com/VTNSSP/Certs_issued_by_Class3SSPCA-G2.p7c
  • OCSP: N/A

  • Notice Date: July 12, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to Widepoint
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: ORC NFI CA 3
  • Certificate SHA1 Hash: 8a 0a 15 2e f9 36 74 72 c8 83 28 e7 b8 18 a5 7a ed ea 33 ef
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCNFI3_SIA.p7c
  • OCSP: N/A

  • Notice Date: June 20, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to Identrust
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: IdenTrust Global Common Root CA 1
  • Certificate SHA1 Hash: 8f 0c 18 76 9e 9e 6d 48 c5 8e 41 8e 9b d5 79 84 a7 ae 49 f4
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://validation.identrust.com/roots/IssuedbyIGCRootCA1.p7c
  • OCSP: N/A

  • Notice Date: June 20, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to Identrust
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: IdenTrust ACES CA 2
  • Certificate SHA1 Hash: f2 82 e5 05 30 11 13 e7 36 8a 26 2e 4e 3d fe 23 ed 39 c9 54
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://validation.identrust.com/certs/issuedbyacesca2.p7c
  • OCSP: N/A

  • Notice Date: June 20, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Change Description: Issuance of cross-certificate from Federal Bridge to Identrust
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: IdenTrust ACES CA 1
  • Certificate SHA1 Hash: 8c 7a 33 76 da 95 e2 be 52 da bc 03 21 56 f4 c4 78 74 e4 c4
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://apps.identrust.com/roots/publicsectorroot.p7c
  • OCSP: N/A

How to Add a New Notification

System notifications can be submitted via either GitHub or email.

Submit Notification via GitHub Issue

  • Select Add New Notification

  • This will open a new Issue form with input information for notification information.
  • Enter the information and click ‘Submit new issue’ to submit the notification.

Submit Notification via Email

The notification can also be emailed to fpki@gsa.gov. The email should contain the following information.

Subject: FPKI System Notification - System Name

  • Notice date
  • Change type of one of the following: CA Certificate Issuance, CA Certificate Revocation, New CA, URI Change, System Outage
  • Change start date
  • Change end date
  • Change description
  • Contact email
  • If the change is a new or revoked CA certificate, include the CA Certificate hash (sha1 thumbprint), Issuer and Subject DNs
  • If the change is a new URI, include the new CDP, AIA, SIA or OCSP value