Edit this page

System Changes and Notifications

This page lists the changes to certification authorities and supporting systems operating within the Federal PKI community.

The communication of changes, and planned or unplanned system outages, is required by the certificate policies and the incident management process. Strong communication allows for planning and response and benefits the Federal PKI community as a whole. Planned changes of the these types require notifications two (2) weeks in advance:

  • Changes to Certificate Revocation List Distribution Points
  • Changes to Online Certificate Status Protocol (OCSP) endpoints
  • Introducing new URIs or retiring old URIs referenced in the Certificates profiles in use
  • Signing or revoking a Certificate Authority (CA) certificate

System outages - either through a planned maintenance activity or unplanned event - may also be posted on this page, and may trigger the Incident Management process.

To report a change or system outage not listed below, please email fpki@gsa.gov.

Notifications


  • Notice date: May 9, 2019
  • System: SAFE-BioPharma
  • Type: Intent to Decommission CA
  • Start Date and Time:
  • Change Description: Synchronoss has informed SAFE-BioPharma that it will decommission the Zentry Certificate Authority that is currently cross-certified with the SAFE-BioPharma Bridge CA on July 1, 2019. Synchronoss will perform the following actions on this date - 1) Revoke all unexpired certificates issued from this CA, 2) Issue a long-term CRL, and 3) Destroy the CA signing keys. Synchronoss confirms that a long-term data archive is being implemented in accordance with SAFE-BioPharma archive requirements.
  • Contact: dsimonetti at safe-biopharma dot org
  • Certificate Issuer: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate Subject: CN = Trans Sped SAFE CA III, OU = Individual Subscriber CA, O = Trans Sped SRL, C = RO
  • Certificate SHA1 HASH: 833D2A24326C8EA10B60FD0FEB4AA0811B1747DD
  • Certificate Revocation List: http://sbca2.safe-biopharma.org/sbca/SBCA02.crl
  • Certificate Bundle (AIA): http://sbca2.safe-biopharma.org/sbca/issuedtoSBCA02.p7c

  • Notice date: May 6, 2019
  • System: US Treasury Root CA
  • Type: CA Certificate Issuance
  • Start Date and Time: May 4, 2019
  • Change Description: Treasury re-keyed the NASA Operational Certification Authority.
  • Contact: pki dot pmo at fiscal dot treasury dot gov.
  • Certificate Issuer: OU = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate Subject: OU = NASA Operational CA, OU = Certification Authorities, OU = NASA, O = U.S. Government, C = US
  • Certificate SHA1 HASH: f504012b1fe57b4381e3bf5ba9f491144ed76ee1
  • Certificate Revocation List: http://pki.treasury.gov/US_Treasury_Root_CA1.crl
  • Certificate Bundle (AIA): http://pki.treasury.gov/noca_aia.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/noca_sia.p7c

  • Notice date: April 29, 2019
  • System: FPKI Trust Infrastructure
  • Type: Infrastructure Change
  • Start Date and Time: April 29, 2019
  • Change Description: The Federal Public Key Infrastructure Management Authority has completed its implementation of a Content Delivery Network for HyperText Transfer Protocol (HTTP) artifacts of the Federal Bridge CA 2016, Federal Common Policy CA, and SHA1 Federal Root CA. See https://fpki.idmanagement.gov/announcements/fpki-repository-migration/ for more information.
  • Contact: fpki dash help at gsa dot gov

  • Notice date: April 26, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: April 21, 2019
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA–G2 to Lockheed Martin Root Certification Authority 2.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Lockheed Martin Root Certification Authority 2, OU = Certification Authorities, O = Lockheed Martin Corporation, L = Denver, S = Colorado, C = US
  • Certificate SHA1 HASH: 90c55c1fa32a82c6e8f44e3e4ad8e4c08ade150f
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: April 26, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: April 21, 2019
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA–G2 to Federal Bridge CA 2016.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate SHA1 HASH: fce64c867d1af8e1c1ff5b07a869af5f3e6f823f
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c

  • Notice date: April 26, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: April 21, 2019
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA–G2 to Boeing PCA G3.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Boeing PCA G3, OU = certservers, O = Boeing, C = US
  • Certificate SHA1 HASH: de7b8e78b8866caac3af1fb871be49369cdd6c5c
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: April 26, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: April 21, 2019
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA to Boeing PCA G2.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Boeing PCA G2, OU = certservers, O = Boeing, C = US
  • Certificate SHA1 HASH: e88050f8628bc42cae691fd96c3bb676411e2c24
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathLLCCertiPathBridgeCA.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeRootCA.p7c

  • Notice date: April 26, 2019
  • System: Verizon Non-Federal Issuer (NFI)
  • Type: Intent to Decommission Multiple CAs
  • Start Date and Time:
  • Change Description: Verizon is planning to decommission several CAs. Any valid end entity certificates will be revoked; the CAs will be decommissioned and archived; and then the CA certificate issued to CT-CSSP-CA-A1 from the Federal Bridge CA will be revoked.
  • Contact: abdul dot nur at verizon dot com
  • Certificate Issuer: CT-CSSP-CA-A1 (issuer of Trans Sped Mobile QCA and VZ-SMC-CA-B2) and Federal Bridge CA 2016 (issuer of CT-CSSP-CA-A1)
  • Certificate Subject: Comma-separated list of CA Subject Names planned for revocation/decommissioning - CN=Trans Sped Mobile QCA,OU=Individual Subscriber CA,O=Trans Sped SRL,C=RO, CN=VZ-SMC-CA-B2,OU=PKI,OU=Services,O=Cybertrust,C=US, and CN=CT-CSSP-CA-A1,OU=PKI,OU=Services,O=Cybertrust,C=US
  • Certificate SHA1 HASH: Comma-separated list of CA hashes planned for revocation/decommissioning - 687066BCE56B6E20AEA0C605B9B6679342269F21, 8EF17043FAD28004F407BABECE21A7C42BE4F275, and A4108B1D93D4F8837584FAEA8496847914606C29

  • Notice date: April 20, 2019
  • System: Department of Homeland Security Certification Authority (DHSCA)
  • Type: Intent to Perform CA Certificate Issuance
  • Start Date and Time: June 29, 2019
  • Change Description: DHS intends to re-key the DHSCA on 6/29/2019. Certificates will be available following the key update at https://pki.treasury.gov/crl_certs.htm.
  • Contact: gladys dot garcia at hq dot dhs dot gov

  • Notice date: April 12, 2019
  • System: Federal PKI Trust Infrastructure
  • Type: Infrastructure Change
  • Start Date and Time: On or around April 22, 2019
  • Change Description: The Federal Public Key Infrastructure Management Authority is implementing a Content Delivery Network for HyperText Transfer Protocol (HTTP) artifacts of the Federal Bridge CA 2016, Federal Common Policy CA, SHA1 Federal Root CA, and the soon to be commissioned TLS Root CA. The HTTP artifacts include certificate revocation lists, certificates, and certificate bundles (P7C files). No URLs will change with this migration. See https://fpki.idmanagement.gov/announcements/fpki-repository-migration/ for more information.
  • Contact: fpki dash help at gsa dot gov

  • Notice date: April 7, 2019
  • System: US Treasury Root CA
  • Type: CA Certificate Issuance
  • Start Date and Time: April 7, 2019
  • Change Description: Treasury re-keyed the Social Security Administration Certification Authority. Treasury communicated the intent to re-key this CA on February 26, 2019.
  • Contact: pki dot pmo at fiscal dot treasury dot gov.
  • Certificate Issuer: OU = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate Subject: OU = Social Security Administration Certification Authority, OU = SSA, O = U.S. Government, C = US
  • Certificate SHA1 HASH: 897A79FD488D426D6C50D0BA026F698BCA3334F4
  • Certificate Revocation List: http://pki.treasury.gov/US_Treasury_Root_CA1.crl
  • Certificate Bundle (AIA): http://pki.treasury.gov/ssaca_aia.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/ssaca_sia.p7c

  • Notice date: April 2, 2019
  • System: Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Start Date and Time: April 2, 2019
  • Change Description: CA certificate issuance from Federal Common Policy CA to Treasury Root CA
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: Federal Common Policy CA
  • Certificate Subject: Treasury Root CA
  • Certificate SHA1 HASH: fa392ea2972eb4edd1929932602a1909ac9558bc
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/root_sia.p7c

  • Notice date: April 2, 2019
  • System: Federal Common Policy CA
  • Type: CA Certificate Revocation
  • Start Date and Time: April 2, 2019
  • Change Description: The Verizon SSP CA A2 was issued a new CA certificate on December 5, 2018. This notification communicates the revocation of the prior certificate.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: Federal Common Policy
  • Certificate Subject: Verizon SSP CA A2
  • Certificate SHA1 HASH: a9d3a8ac016dba9fa12685bf59dcc39f5dcaf781

  • Notice date: March 25, 2019
  • System: Symantec Class 3 SSP Intermediate CA - G3 (DigiCert)
  • Type: Intent to Decommission Multiple CAs
  • Start Date and Time:
  • Change Description: DigiCert is planning to decommission several CAs chaining to Symantec Class 3 SSP Intermediate CA - G3. Any remaining active certificates issued from the CAs listed below will be revoked before CA decommissioning.
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: Symantec Class 3 SSP Intermediate CA - G3
  • Certificate Subject: Multiple CA certificates will be revoked before decommissioning. Comma-separated list of CA Subject Names planned for revocation/decommissioning - CSC CA - 2, CSRA FBCA C4 Device CA, CSRA FBCA C4 CA, CSRA FBCA C3 Device CA, CSRA FBCA C3 CA, SureID Inc. CA2, SureID Inc. Device CA1, Eid Passport LRA Content Signer CA 3, and Eid Passport LRA Device 2 CA
  • Certificate SHA1 HASH: Multiple CA certificates will be revoked before decommissioning. Comma-separated list of CA hashes planned for revocation/decommissioning - 2938CC1B586C8B1A76832973389AB25C53F3658F, 3DFB1CB09BE5D1430DF9CE8E04F501ADB86CA176, 1EC98449B18472D6C2F516A4D0976350D5DD829A, CF9229CB50BF5DC25C156C4F825A67E2964236C8, FAED5B3AA85BFEA0BA8BA884689706044DFC0EC9, D4C786468511920E538C24384B3132D07DBACAF0, D514632CE34BF94C816A565DBB8FBB6BAD5FF335, 82E6536172F69E30786C9670840DB37077B5C08C, and F8912B3C9F3EB30F8A8D5A14E8038BD9BC6B771D
  • Certificate Revocation List: http://ssp-crl.symauth.com/STNSSP/Class3SSPCAG3.crl
  • Certificate Bundle (AIA): http://ssp-aia.symauth.com/STNSSP/Certs_issued_to_Class3SSPCA-G3.p7c
  • Certificate Bundle (SIA): http://ssp-sia.symauth.com/STNSSP/Certs_Issued_by_Class3SSPCA-G3.p7c
  • OCSP: http://ssp-ocsp.symauth.com

  • Notice date: March 13, 2019
  • System: US Treasury
  • Type: Intent to Perform CA Certificate Issuance
  • Start Date and Time: June 29, 2019
  • Change Description: Treasury intends to re-key the Treasury OCIO CA (TOCA) on 6/29/2019. Certificates will be available following the key update at https://pki.treasury.gov.
  • Contact: pki dot pmo at fiscal dot treasury dot gov

  • Notice date: March 6, 2019
  • System: DigiCert Federal SSP Intermediate CA - G5
  • Type: CA Certificate Issuance
  • Start Date and Time: March 4, 2019
  • Change Description: DigiCert Federal SSP Intermediate CA - G5 issued a certificate to U.S. Department of Transportation Agency CA G5.
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate Subject: CN = U.S. Department of Transportation Agency CA G5, OU = U.S. Department of Transportation, O = U.S. Government, C = US
  • Certificate SHA1 HASH: b1d05e5b9e025ea4b3b3e30dc3f45a19f9ec51f6
  • Certificate Revocation List: http://ssp-crl.digicert.com/SSP/SSPG5.crl
  • Certificate Bundle (AIA): http://ssp-aia.digicert.com/SSP/Certs_issued_to_SSPCAG5.p7c
  • OCSP: http://ssp-ocsp.digicert.com

  • Notice date: March 6, 2019
  • System: DigiCert Federal SSP Intermediate CA - G5
  • Type: CA Certificate Issuance
  • Start Date and Time: March 4, 2019
  • Change Description: DigiCert Federal SSP Intermediate CA - G5 issued a certificate to U.S. Department of Transportation Device CA G5.
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate Subject: CN = U.S. Department of Transportation Device CA G5, OU = U.S. Department of Transportation, O = U.S. Government, C = US
  • Certificate SHA1 HASH: 263a035b50fc26368dd9a38894764b3f3592fb17
  • Certificate Revocation List: http://ssp-crl.digicert.com/SSP/SSPG5.crl
  • Certificate Bundle (AIA): http://ssp-aia.digicert.com/SSP/Certs_issued_to_SSPCAG5.p7c
  • OCSP: http://ssp-ocsp.digicert.com

  • Notice date: March 5, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: CA Certificate Revocation
  • Start Date and Time: March 4, 2019
  • Change Description: Revocation performed on the certificate issued from the Federal Bridge CA 2016 to DigiCert Federated ID CA-1
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: DigiCert Federated ID CA-1
  • Certificate SHA1 HASH: e8 0b dd c6 1e d8 c4 3a d0 95 fc 94 62 17 be 45 bd d3 47 c1

  • Notice date: March 5, 2019
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Revocation
  • Start Date and Time: March 4, 2019
  • Change Description: Revocation performed on the certificate issued from the Federal Common Policy CA to the Verizon Betrusted Production SSP CA A1
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: Federal Common Policy CA
  • Certificate Subject: Betrusted Production SSP CA A1
  • Certificate SHA1 HASH: 06 01 bb da d5 a2 82 31 bc 94 36 75 0b 4f 3a 48 4b ab 06 c3

  • Notice date: March 5, 2019
  • System: FPKI Trust Infrastructure - Federal Bridga CA
  • Type: CA Certificate Issuance
  • Start Date and Time: February 28, 2019
  • Change Description: New cross-certificate issued from Federal Bridge CA 2016 to DigiCert Federated ID L3 CA
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: cn=Federal Bridge CA 2016,ou=FPKI,o=U.S. Government,c=US
  • Certificate Subject: cn=DigiCert Federated ID L3 CA,ou=www.digicert.com,o=DigiCert Inc,c=US
  • Certificate SHA1 HASH: 11E615170E4862535762EC128565377F1A813B51
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c

  • Notice date: February 28, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: February 25, 2019
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to Northrop Grumman Corporate Root CA-G2
  • Contact: judith dot spencer at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Northrop Grumman Corporate Root CA-G2, OU = Northrop Grumman Information Technology, O = Northrop Grumman Corporation, C = US
  • Certificate SHA1 HASH: 6F14FDA78D34B603ABE060D9FD16331DAC646878
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: February 28, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: February 25, 2019
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to NextgenIDRootCA1
  • Contact: judith dot spencer at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = NextgenIDRootCA1, OU = Certification Authorities, O = NextgenID, C = US
  • Certificate SHA1 HASH: C8EC9DAB6354FA4E2BF292B0A542F37436965723
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: February 28, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: February 25, 2019
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to Carillon Federal Services PIV-I CA1
  • Contact: judith dot spencer at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Carillon Federal Services PIV-I CA1, OU = Certification Authorities, O = Carillon Federal Services Inc., C = US
  • Certificate SHA1 HASH: FA75A4149838AFE4DEF18BAD39B5EFD6187D1A8B
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: February 28, 2019
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: February 25, 2019
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to CISRCA1
  • Contact: judith dot spencer at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = CISRCA1, OU = Certification Authorities, O = Carillon Information Security Inc., C = CA
  • Certificate SHA1 HASH: EB23C015A0B4037738D54A088A653498D394F050
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: February 26, 2019
  • System: US Treasury
  • Type: Intent to Perform CA Certificate Issuance
  • Start Date and Time: April 7, 2019
  • Change Description: Treasury intends to re-key the Social Security Administration CA on 4/7/2019. Certificates will be available following the key update at https://pki.treasury.gov.
  • Contact: pki dot pmo at fiscal dot treasury dot gov

  • Notice date: February 21, 2019
  • System: STRAC Bridge Root Certification Authority
  • Type: CA Certificate Issuance
  • Start Date and Time: February 20, 2019
  • Change Description: New cross-certificate issued from STRAC Bridge Root Certification Authority to Federal Bridge 2016
  • Contact: pki at strac dot org
  • Certificate Issuer: C=US, O=STRAC, OU=STRAC PKI Trust Infrastructure, CN=STRAC Bridge Root Certification Authority
  • Certificate Subject: C=US, O=STRAC, OU=STRAC PKI Trust Infrastructure, CN=STRAC Bridge Root Certification Authority
  • Certificate SHA1 HASH: EE02BDB684AB4714C5F25300C41C5B8F328B0CD9
  • Certificate Revocation List: http://pki.strac.org/bridge/crl/STRACBridgeRootCA.crl
  • Certificate Bundle (AIA): http://pki.strac.org/bridge/certificates/STRACBridgeRootCA.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c
  • OCSP: http://certstatus.strac.org

  • Notice date: February 15, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: CA Certificate Issuance
  • Start Date and Time: February 14, 2019
  • Change Description: New cross-certificate issued from Federal Bridge CA 2016 to STRAC Bridge Root Certification Authority
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = STRAC Bridge Root Certification Authority, OU = STRAC PKI Trust Infrastructure, O = STRAC, C = US
  • Certificate SHA1 HASH: 1f92eb3654f60a9092811f7948afff45c09a6ca9
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://pki.strac.org/bridge/certificates/STRACBridgeRootCA.p7c

  • Notice date: February 13, 2019
  • System: DigiCert Federal SSP Intermediate CA - G5
  • Type: CA Certificate Issuance
  • Start Date and Time: December 18, 2018
  • Change Description: Certificate issuance to NRC SSP Device CA G4
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate Subject: CN = NRC SSP Device CA G4, OU = U.S. Nuclear Regulatory Commission, O = U.S. Government, C = US
  • Certificate SHA1 HASH: 81f4fdb9f5dca2940416d483f011111984116ba9
  • Certificate Revocation List: http://ssp-crl.digicert.com/SSP/SSPG5.crl
  • Certificate Bundle (AIA): http://ssp-aia.digicert.com/SSP/Certs_issued_to_SSPCAG5.p7c
  • OCSP: http://ssp-ocsp.digicert.com

  • Notice date: February 13, 2019
  • System: DigiCert Federal SSP Intermediate CA - G5
  • Type: CA Certificate Issuance
  • Start Date and Time: December 18, 2018
  • Change Description: Certificate issuance to NRC SSP Agency CA G4
  • Contact: steve dot medin at digicert dot com
  • Certificate Issuer: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate Subject: CN = NRC SSP Agency CA G4, OU = U.S. Nuclear Regulatory Commission, O = U.S. Government, C = US
  • Certificate SHA1 HASH: 1a03581dcf159d206accd7bdd176c788a0862353
  • Certificate Revocation List: http://ssp-crl.digicert.com/SSP/SSPG5.crl
  • Certificate Bundle (AIA): http://ssp-aia.digicert.com/SSP/Certs_issued_to_SSPCAG5.p7c
  • OCSP: http://ssp-ocsp.digicert.com

  • Notice date: February 12, 2019
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: Intent to Perform CA Certificate Revocation
  • Start Date and Time:
  • Change Description: Revocation planned for the certificate issued from the Federal Common Policy CA to the Verizon Betrusted Production SSP CA A1
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: Federal Common Policy CA
  • Certificate Subject: Betrusted Production SSP CA A1
  • Certificate SHA1 HASH: 06 01 bb da d5 a2 82 31 bc 94 36 75 0b 4f 3a 48 4b ab 06 c3

  • Notice date: February 11, 2019
  • System: Symantec Managed PKI
  • Type: URI Change (IP addresses)
  • Start Date and Time: April 6, 2019
  • Change Description: DigiCert will be moving the federal PKI shared service provider CAs (government) and other managed PKI to new data centers. The address ranges in the new data centers will be as follows - 216.168.245.0/24, 216.168.246.0/24, 216.168.248.0/24, and 216.168.249.0/24. Be prepared to update network configurations as necessary. This activity is planned to take place between 15:30 UTC, April 6, 2019 and 3:30 UTC, April 7, 2019. See https://knowledge.digicert.com/generalinformation/digicert-symantec-managed-pki-data-center-migration-information-.html for more information.
  • Contact: steve dot medin at digicert dot com

  • Notice date: February 11, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: Intent to Perform CA Certificate Issuance
  • Start Date and Time:
  • Change Description: New cross-certificate planned for issuance from Federal Bridge CA 2016 to DigiCert Federated ID L3 CA
  • Contact: fpki at gsa dot gov

  • Notice date: February 11, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: Intent to Perform CA Certificate Revocation
  • Start Date and Time:
  • Change Description: Revocation planned for the certificate issued from the Federal Bridge CA 2016 to DigiCert Federated ID CA-1
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: DigiCert Federated ID CA-1
  • Certificate SHA1 HASH: e8 0b dd c6 1e d8 c4 3a d0 95 fc 94 62 17 be 45 bd d3 47 c1

  • Notice date: February 11, 2019
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: Intent to Perform CA Certificate Issuance
  • Start Date and Time:
  • Change Description: New cross-certificate planned for issuance from Federal Bridge CA 2016 to STRAC Bridge Root Certification Authority
  • Contact: fpki at gsa dot gov

  • Notice date: February 4, 2019
  • System: TSCP SHA256 Bridge CA
  • Type: CA Certificate Issuance
  • Start Date and Time: January 23, 2019
  • Change Description: Issuance of a cross-certificate to Alexion Pharmaceuticals, Inc
  • Contact: steve.race at tscp dot org
  • Certificate Issuer: CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US
  • Certificate Subject: CN = Alexion Pharmaceuticals Issue 2 CA, OU = CAs, O = Alexion Pharmaceuticals, C = US
  • Certificate SHA1 HASH: 692a53fa725e5581a5b1db1c3d7b27e6feb9cae8
  • Certificate Revocation List: http://pki-crl.symauth.com/ca_1e66febad947306a6a338bb6f7971bca/LatestCRL.crl
  • Certificate Bundle (AIA): http://cacer.symauth.com/mpki/AlexionIssuingCA2.p7c

  • Notice date: January 3, 2019
  • System: Fortior Solutions Intermediate CA 2018
  • Type: CA Certificate Issuance
  • Start Date and Time: February 11, 2019
  • Change Description: Issuance of a cross-certificate to TSCP Bridge
  • Contact: steve.race at tscp dot org
  • Certificate Issuer: CN = Fortior Solutions Intermediate CA 2018, OU = Certificate Authorities, O = Fortior Solutions, C = US
  • Certificate Subject: CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US
  • Certificate SHA1 HASH: dc4b77d79b815187f5e0e73d13f6fe41cab86fab
  • Certificate Revocation List: http://pki-crl.symauth.com/FortiorSolutions/FortiorSolutionsICA2018.crl
  • Certificate Bundle (AIA): http://cacer.symauth.com/mpki/FortiorSolutionsICA2018.p7c

  • Notice date: January 3, 2019
  • System: TSCP SHA256 Bridge CA
  • Type: CA Certificate Issuance
  • Start Date and Time: February 11, 2019
  • Change Description: Issuance of a cross-certificate to Fortior Solutions, Inc.
  • Contact: steve.race at tscp dot org
  • Certificate Issuer: CN = TSCP SHA256 Bridge CA, OU = CAs, O = TSCP Inc., C = US
  • Certificate Subject: CN = Fortior Solutions Intermediate CA 2018, OU = Certificate Authorities, O = Fortior Solutions, C = US
  • Certificate SHA1 HASH: aebdf407b44afd431d8364012e096aea2a32a55d
  • Certificate Revocation List: http://tscp-crl.symauth.com/tscpbcasha256.crl
  • Certificate Bundle (AIA): http://tscp-aia.symauth.com/IssuedTo-tscpbcasha256.p7c

  • Notice date: December 19, 2018
  • System: SAFE-BioPharma Bridge CA
  • Type: CA Certificate Issuance
  • Start Date and Time: December 19, 2018
  • Change Description: Issuance of a new cross-certificate from the SAFE BioPharma Bridge CA to IdenTrust SAFE-BioPharma CA 1
  • Contact: dsimonetti at safe-biopharma dot org
  • Certificate Issuer: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate Subject: CN = IdenTrust SAFE-BioPharma CA 1, OU = IdenTrust Global Common, O = IdenTrust, C = US
  • Certificate SHA1 HASH: 245f753f8a315a83bd0be8cf70833503f99fd2d2
  • Certificate Revocation List: http://sbca2.safe-biopharma.org/sbca/SBCA02.crl
  • Certificate Bundle (AIA): http://sbca2.safe-biopharma.org/sbca/issuedtoSBCA02.p7c

  • Notice date: December 11, 2018
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Start Date and Time: December 13, 2018
  • Change Description: Issuance of a new CA certificate from the Federal Common Policy CA to Digicert Federal SSP Intermediate CA - G5. This CA certificate is new but intended as a rekey for the Symantec SSP Intermediate CA – G4 CA certificate.
  • Contact: fpki dash help at GSA dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = DigiCert Federal SSP Intermediate CA - G5, O = DigiCert, Inc., C = US
  • Certificate SHA1 HASH: 98 b5 82 47 ac 8a 2b c6 f3 48 f0 3e 8d 22 88 4d 83 45 fc 0f
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://ssp-sia.digicert.com/SSP/Certs_issued_by_SSPCAG5.p7c

  • Notice date: December 12, 2018
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Start Date and Time: December 5, 2018
  • Change Description: Certificate issuance from the Federal Common Policy CA to the Verizon SSP CA A2 to add the Derived PIV OID
  • Contact: fpki dash help at GSA dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = Verizon SSP CA A2, OU = SSP, O = Verizon, C = US
  • Certificate SHA1 HASH: 47 7b f4 01 7d 25 cd e2 76 cd dd f7 56 d4 0c a5 91 d7 6f 6d
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://sia1.ssp-strong-id.net/CA/VZ-SSP-CA-A2-SIA.p7c

  • Notice date: November 9, 2018
  • System: Entrust PKI Shared Service Provider, Entrust NFI Shared Services
  • Type: URI Change
  • Start Date and Time: November 16, 2018
  • Change Description: A new IP address will be added to the IP range for the OCSP services. Federal agencies should review firewall rules and internet gateway whitelists and adjust any rules to encompass the new IP address. Users may experience sporadic PIV authentication errors to the federal networks if firewall rules or whitelists are blocking this new IP address. There are no changes to the URIs in the end entity certificates. Please email the contact to request the new IP address as needed.
  • Contact: fpki at gsa dot gov
  • OCSP: ocsp.managed.entrust.com, ocspproofs.managed.entrust.com, nfiocsp.managed.entrust.com, doesspocsp.managed.entrust.com, hhspkiocsp.managed.entrust.com, feddcsocsp.managed.entrust.com

  • Notice date: September 7, 2018
  • System: FPKI Trust Infrastructure - Federal Common Policy CA
  • Type: CA Certificate Issuance
  • Start Date and Time: August 29, 2018
  • Change Description: Issuance of a cross-certificate from the Federal Common Policy CA to the US Treasury Root CA.
  • Contact: fpki dash help at GSA dot gov
  • Certificate Issuer: CN = Federal Common Policy CA, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = US Treasury Root CA, OU = Certification Authorities, OU = Department of the Treasury, O = U.S. Government, C = US
  • Certificate SHA1 HASH: 5a 87 92 2b 5e af 1d 63 19 8a 95 1b 2a b6 f5 9b 2f 16 c1 31
  • Certificate Revocation List: http://http.fpki.gov/fcpca/fcpca.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/fcpca/caCertsIssuedTofcpca.p7c
  • Certificate Bundle (SIA): http://pki.treasury.gov/root_sia.p7c

  • Notice date: August 23, 2018
  • System: SAFE Biopharma Bridge CA
  • Type: CA Certificate Issuance
  • Start Date and Time: August 30, 2018
  • Change Description: A new cross-certificate was issued from the SAFE Biopharma Bridge CA to the Federal Bridge 2016 CA
  • Contact:
  • Certificate Issuer: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate Subject: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate SHA1 HASH: 54 0c 2a c5 9f 8b 5b ab 1b 6a df 42 1a 7c 50 f0 90 1e 3d 54
  • Certificate Revocation List: http://sbca2.safe-biopharma.org/sbca/SBCA02.crl
  • Certificate Bundle (AIA): http://sbca2.safe-biopharma.org/sbca/issuedtoSBCA02.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c

  • Notice date: August 23, 2018
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: CA Certificate Issuance
  • Start Date and Time: August 21, 2018
  • Change Description: A new cross-certificate was issued from the Federal Bridge 2016 to the IdenTrust ACES CA 2
  • Contact: FPKI dash help at GSA dot Gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = IdenTrust ACES CA 2, OU = IdenTrust Public Sector, O = IdenTrust, C = US
  • Certificate SHA1 HASH: ab 97 3a 75 fa 59 4f 5a 97 c5 3e 3c 50 24 4a e0 6c a6 10 a8
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://validation.identrust.com/certs/issuedbyacesca2.p7c

  • Notice date: August 23, 2018
  • System: FPKI Trust Infrastructure - Federal Bridge 2016
  • Type: CA Certificate Issuance
  • Start Date and Time: August 21, 2018
  • Change Description: A new cross-certificate was issued from the Federal Bridge 2016 to the IdenTrust IGC Root CA 1
  • Contact: FPKI dash help at GSA dot Gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = IdenTrust Global Common Root CA 1, O = IdenTrust, C = US
  • Certificate SHA1 HASH: 05 24 54 75 3d 53 ff 23 76 73 7f a7 79 8e c7 2f ab 82 83 3c
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://validation.identrust.com/roots/IssuedbyIGCRootCA1.p7c

  • Notice date: July 19, 2018
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: July 17, 2018
  • Change Description: A new cross-certificate was issued from the Federal Bridge CA 2016 to the ORC NFI CA 3
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = ORC NFI CA 3, O = ORC PKI, C = US
  • Certificate SHA1 HASH: b6 25 da 07 30 20 16 d2 83 70 23 ba b9 4b 6e 0d 76 fc 2e 45
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCNFI3_SIA.p7c

  • Notice date: July 5, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: July 17, 2018
  • Change Description: A cross-certificate was issued from Certipath Bridge CA-G2 to Air Canada Enterprise Root CA1
  • Contact: support at certipath dot com
  • Certificate Issuer: C=US, O=CertiPath LLC, OU=Certification Authorities, CN=CertiPath Bridge CA - G2
  • Certificate Subject: C=CA, O=Air Canada, OU=Certification Authorities, CN=Air Canada Enterprise Root CA1
  • Certificate SHA1 HASH:
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: June 13, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance Intent
  • Start Date and Time:
  • Change Description: CerithPath Bridge intends to renew the cross certificates from the CertiPath Bridge G1 and G2 to Raytheon prior to the end of this month. No changes are being made to certificate policies or policy mappings.
  • Contact: support at certipath dot com

  • Notice date: June 7, 2018
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: June 7, 2018
  • Change Description: A new cross-certificate was issued from the Federal Bridge CA 2016 to the SAFE BioPharma Bridge CA 02
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: CN = SAFE Bridge CA 02, OU = Certification Authorities, O = SAFE-Biopharma, C = US
  • Certificate SHA1 HASH: 5c 65 42 19 97 2b ac 88 7b ea 9f 13 09 eb 9e 05 2f b7 75 7e
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://sbca2.safe-biopharma.org/sbca/issuedbySBCA02.p7c

  • Notice date: June 6, 2018
  • System: Federal PKI Trust Infrastructure
  • Type: CA Decommission
  • Start Date and Time: N/A
  • Change Description: The Federal Bridge CA 2013 was decommissioned.
  • Contact: fpki dash help at gsa dot gov
  • Certificate Issuer: cn= Federal Bridge 2013, ou= FPKI, o=U.S. Government, c=US
  • Certificate Subject: cn= Federal Bridge 2013, ou= FPKI, o=U.S. Government, c=US
  • Certificate SHA1 HASH: 80 39 c3 23 4c 27 2c 80 c6 de 3b 13 0f 72 cc 4f be e1 38 18
  • Certificate Revocation List: http://http.fpki.gov/fbca2013.crl
  • Certificate Bundle (AIA): N/A
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2013.p7c

  • Notice date: May 16, 2018
  • System: Digicert / Verisign / Symantec federal shared service provider
  • Type: CA Decommission
  • Start Date and Time: May 18, 2018
  • Change Description: The Railroad Retirement Board CA was decommissioned and a long-term CRL issued on May 18, 2018
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: CN=VeriSign SSP Intermediate CA - G3,O=VeriSign,Inc.,C=US
  • Certificate Subject: CN=RRB Device CA,OU=U.S. Railroad Retirement Board,OU=U.S. Railroad Retirement Board,O=U.S. Government,C=US
  • Certificate SHA1 HASH:

  • Notice date: April 25, 2018
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: April 23, 2018
  • Change Description: Issuance of cross-certificate from Federal Bridge 2016 to US Patent and Trademark CA due to PTO Re-Key
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016 OU = FPKI O = U.S. Government C = US
  • Certificate Subject: CN = USPTO_INTR_CA1 CN = AIA CN = Public Key Services CN = Services CN = Configuration DC = uspto DC = gov
  • Certificate SHA1 HASH: 07 04 ea 96 33 a4 5a 9a 39 12 3b ac 28 be 01 07 8c 6b fd 3a
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://ipki.uspto.gov/IPKI/Certs/IPKICACerts.p7c

  • Notice date: April 4, 2018
  • System: SAFE Biopharma Bridge Opera tional Authority
  • Type: CA Certificate Revocation
  • Start Date and Time: March 26, 2018 12:15 PM
  • Change Description: The cross-certificate from SAFE Biopharma Bridge CA [SBCA 02] to FBCA 2013 has been revoked. The CRL was published shortly thereafter.
  • Contact: Matthew dot Williams at exostar dot com

  • Notice date: February 6th, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: February 25, 2018 7:00:00 PM
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to CISRCA1
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = CISRCA1, OU = Certification Authorities, O = Carillon Information Security Inc., C = CA
  • Certificate SHA1 HASH: c466cb26e2c9a1a483a6f81701f208b5ff522ec4
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: February 6th, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: February 19, 2018 7:00:00 PM
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to Northrop Grumman Corporation Root CA
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Northrop Grumman Corporate Root CA-G2, OU = Northrop Grumman Information Technology, O = Northrop Grumman Corporation, C = US
  • Certificate SHA1 HASH: 9bb7b4bfd188b99e10431bf5ac56a493dfd66978
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c
  • Certificate Bundle (SIA): http://certdata.northropgrumman.com/certdata/p7c/IssuedByNorthropGrummanCorporateRootCA-G2.p7c

  • Notice date: February 6th, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: February 19, 2018 7:00:00 PM
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA - G2 to Carillon Federal Services PIV-I CA1
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Carillon Federal Services PIV-I CA1, OU = Certification Authorities, O = Carillon Federal Services Inc., C = US
  • Certificate SHA1 HASH: 198271eee4689be1ff746e1a03cf205f4b2d518e
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c

  • Notice date: February 6th, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: February 19, 2018 7:00:00 PM
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA to Northrop Grumman Corporate Root CA
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = Northrop Grumman Corporation Root CA, O = Northrop Grumman Corporation, C = US
  • Certificate SHA1 HASH: 8f98b196e6b9aed7a31522efae5bf5954da744c0
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathLLCCertiPathBridgeCA.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeRootCA.p7c

  • Notice date: January 25, 2018
  • System: CertiPath Bridge
  • Type: CA Certificate Issuance
  • Start Date and Time: January 22, 2018 7:00:00 PM
  • Change Description: Issuance of cross-certificate from CertiPath Bridge CA–G2 to NextgenID Root CA1.
  • Contact: support at certipath dot com
  • Certificate Issuer: CN = CertiPath Bridge CA - G2, OU = Certification Authorities, O = CertiPath LLC, C = US
  • Certificate Subject: CN = NextgenIDRootCA1, OU = Certification Authorities, O = NextgenID, C = US
  • Certificate SHA1 HASH: 50a2bf7afe08edf3877854f6d0a6e59127f68a94
  • Certificate Revocation List: http://certipath-crl.symauth.com/CertiPathBridgeCA-G2.crl
  • Certificate Bundle (AIA): http://certipath-aia.symauth.com/CertiPathBridgeCA-G2.p7c
  • Certificate Bundle (SIA): http://www.nextgenidtrust.com/PKI/certs/IssuedByNextgenIDRootCA1.p7c
  • OCSP: N/A

  • Notice date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: November 16, 2017
  • Change Description: Issuance of cross-certificate from Federal Bridge 2016 to Entrust Non-Federal Root CA
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: CN = Federal Bridge CA 2016, OU = FPKI, O = U.S. Government, C = US
  • Certificate Subject: OU = Entrust Managed Services NFI Root CA, OU = Certification Authorities, O = Entrust, C = US
  • Certificate SHA1 HASH: 22 05 08 b0 ab 72 e2 ee 3a ca a6 a9 ef 50 01 c8 7c 52 3e a4
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://nfirootweb.managed.entrust.com/SIA/CAcertsIssuedByNFIRootCA.p7c
  • OCSP: N/A

  • Notice date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: October 25, 2017
  • Change Description: Issuance of cross-certificate from Federal Bridge to Symantec
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: CN=Symantec Class 3 SSP Intermediate CA - G3
  • Certificate SHA1 HASH: 91 45 31 f5 a6 10 91 40 05 42 2e 56 d6 71 12 18 13 3b 10 48
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://ssp-sia.symauth.com/STNSSP/Certs_Issued_by_Class3SSPCA-G3.p7c
  • OCSP: N/A

  • Notice date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: October 4, 2017
  • Change Description: Issuance of cross-certificate from Federal Bridge to Verizon Non-Federal Issuer CA
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: CT-CSSP-CA-A1
  • Certificate SHA1 HASH: 68 70 66 bc e5 6b 6e 20 ae a0 c6 05 b9 b6 67 93 42 26 9f 21
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://sia1.com-strong-id.net/CA/CT-CSSP-CA-A1-SIA.p7c
  • OCSP: N/A

  • Notice date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: October 4, 2017
  • Change Description: Issuance of cross-certificate from Federal Bridge to ORC (Widepoint) Non-Federal Issuer CA
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: CN=ORC NFI CA 2, O=ORC PKI, C=US
  • Certificate SHA1 HASH: b0 55 c6 ee 10 4e 01 eb 68 8c 8f b4 f8 7c f7 7c a3 76 af db
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCNFI2_SIA.p7c
  • OCSP: N/A

  • Notice date: November 16, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: August 21, 2017
  • Change Description: Issuance of cross-certificate from Federal Bridge to ORC (Widepoint) ACES
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: CN=ORC ACES 4, O=ORC PKI, C=US
  • Certificate SHA1 HASH: 55 73 fc c5 e6 ff ff 2b 71 01 81 ac ca a2 ef da db 8f 0f 4e
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCACES4_SIA.p7c
  • OCSP: N/A

  • Notice date: October 20, 2017
  • System: TSCP SHA256 Bridge CA
  • Type: CA Certificate Issuance
  • Start Date and Time: November 3, 2017
  • Change Description: Issuance of a cross-certificate to Alexion Pharmaceuticals, Inc
  • Contact: shauna.russell@tscp.org, fpki at gsa dot gov

  • Notice date: September 30, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: September 28, 2017
  • Change Description: Issuance of cross-certificate from Federal Bridge to DigiCert
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: DigiCert Federated ID CA-1
  • Certificate SHA1 HASH: e8 0b dd c6 1e d8 c4 3a d0 95 fc 94 62 17 be 45 bd d3 47 c1
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://cacerts.digicert.com/siaDigiCertFederatedIDCA-1.p7c
  • OCSP: N/A

  • Notice date: September 14, 2017
  • System: DigiCert Federated ID CA-1
  • Type: CA Certificate Issuance
  • Start Date and Time: August 24, 2017
  • Change Description: A new CA certificate was issued for a subordinate CA under Digicert Federated Trust CA-1. The CA certificate is for Trinity Health Direct CA.
  • Contact: ben.wilson at digicert dot com
  • Certificate Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Federated Trust CA-1
  • Certificate Subject: C=US, O=Trinity Health, CN=Trinity Health Direct CA
  • Certificate SHA1 HASH: 91:C3:74:48:0A:BA:3B:B9:B4:6C:8A:87:0F:95:E0:CA:98:CF:0C:70
  • Certificate Revocation List: http://crl4.digicert.com/DigiCertFederatedTrustCA-1.crl, http://crl3.digicert.com/DigiCertFederatedTrustCA-1.crl
  • Certificate Bundle (AIA): http://cacerts.digicert.com/aiaTrinityHealthDirectCA.p7c
  • OCSP: http://ocsp.digicert.com

  • Notice date: September 14, 2017
  • System: DigiCert Federated ID CA-1
  • Type: CA Certificate Issuance
  • Start Date and Time: August 24, 2017
  • Change Description: A new CA certificate was issued for a subordinate CA under Digicert Federated ID CA-1. The CA certificate is for DigiCert Federated Trust CA-1.
  • Contact: ben.wilson at digicert dot com
  • Certificate Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Federated ID CA-1
  • Certificate Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Federated Trust CA-1
  • Certificate SHA1 HASH: E2:9C:44:38:7F:7B:AA:9F:49:EF:CC:AE:A6:54:BC:E2:0C:FF:5F:D3
  • Certificate Revocation List: http://crl3.digicert.com/DigiCertFederatedIDCA-1.crl, http://crl4.digicert.com/DigiCertFederatedIDCA-1.crl
  • Certificate Bundle (AIA): http://cacerts.digicert.com/aiaDigiCertFederatedTrustCA-1.p7c
  • OCSP: http://ocsp.digicert.com

  • Notice date: August 22, 2017
  • System: Verizon Federal PKI Shared Service Provider
  • Type: CA Certificate Revocation
  • Start Date and Time: August 25, 2017
  • Change Description: The CA certificate for the issuing CA named Executive Office of the President CA-B8 will be revoked on August 25th and a long term CRL will be published. This CA is no longer active.
  • Contact: vziamssp at verizon dot com, fpki at gsa dot gov
  • Certificate Issuer: CN=Betrusted Production SSP CA A1,OU=Betrusted Production SSP CA A1,OU=SSP,O=Betrusted US Inc,C=US
  • Certificate Subject: CN=Executive Office of the President CA-B8,OU=PKI,OU=Services,DC=ssp,DC=eop,DC=gov
  • Certificate SHA1 HASH:

  • Notice date: August 4, 2017
  • System: US Government Publishing Office CAs
  • Type: CA Certificate Issuance
  • Start Date and Time: August 4, 2017 3:28:27 PM
  • Change Description: Issuance of cross-certificate from US Government Publishing Office to Federal Bridge
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: GPO PCA
  • Certificate Subject: Federal Bridge CA 2016
  • Certificate SHA1 HASH: b5 d4 0b e9 4f 2e 01 4f 51 0b 29 64 36 6f 10 13 f4 1a f3 0e
  • Certificate Revocation List: http://www.gpo-fbca-crls.ois.gpo.gov/GPO-PCA-CRLa4.crl
  • Certificate Bundle (AIA): http://www.gpo-fbca-crls.ois.gpo.gov/GPO-PCA-CACertificates.p7c
  • Certificate Bundle (SIA): http://http.fpki.gov/bridge/caCertsIssuedByfbca2016.p7c
  • OCSP: http://www.ocsp.gpo.gov

  • Notice date: August 3, 2017
  • System: N/A
  • Type: CA Certificate Issuance
  • Start Date and Time: August 3, 2017 1:33:41 PM
  • Change Description: Issuance of cross-certificate from Federal Bridge to US Government Publishing Office
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: GPO PCA
  • Certificate SHA1 HASH: b8 ea bb 18 ed 54 4c 9f cf b2 99 bd 5d 32 21 27 e6 f4 8d 90
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://www.gpo-fbca-crls.ois.gpo.gov/caCertsIssuedByGPO.p7c
  • OCSP: N/A

  • Notice date: July 25, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: July 25, 2017 12:57:21 PM
  • Change Description: Issuance of cross-certificate from Federal Bridge to Symantec
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: VeriSign Class 3 SSP Intermediate CA - G2
  • Certificate SHA1 HASH: 63 3b 29 78 0d 72 f9 b6 e6 52 f8 58 6b 13 87 02 19 5a 2c cd
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://ssp-sia.symauth.com/VTNSSP/Certs_issued_by_Class3SSPCA-G2.p7c
  • OCSP: N/A

  • Notice date: July 12, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: July 12, 2017 10:59:26 AM
  • Change Description: Issuance of cross-certificate from Federal Bridge to Widepoint
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: ORC NFI CA 3
  • Certificate SHA1 HASH: 8a 0a 15 2e f9 36 74 72 c8 83 28 e7 b8 18 a5 7a ed ea 33 ef
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://crl-server.orc.com/caCerts/ORCNFI3_SIA.p7c
  • OCSP: N/A

  • Notice date: June 20, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: June 20, 2017 12:56:58 PM
  • Change Description: Issuance of cross-certificate from Federal Bridge to Identrust
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: IdenTrust Global Common Root CA 1
  • Certificate SHA1 HASH: 8f 0c 18 76 9e 9e 6d 48 c5 8e 41 8e 9b d5 79 84 a7 ae 49 f4
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://validation.identrust.com/roots/IssuedbyIGCRootCA1.p7c
  • OCSP: N/A

  • Notice date: June 20, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: June 20, 2017 12:26:12 PM
  • Change Description: Issuance of cross-certificate from Federal Bridge to Identrust
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: IdenTrust ACES CA 2
  • Certificate SHA1 HASH: f2 82 e5 05 30 11 13 e7 36 8a 26 2e 4e 3d fe 23 ed 39 c9 54
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://validation.identrust.com/certs/issuedbyacesca2.p7c
  • OCSP: N/A

  • Notice date: June 20, 2017
  • System: Federal PKI Trust Infrastructure
  • Type: CA Certificate Issuance
  • Start Date and Time: June 20, 2017 12:15:44 PM
  • Change Description: Issuance of cross-certificate from Federal Bridge to Identrust
  • Contact: fpki at gsa dot gov
  • Certificate Issuer: Federal Bridge CA 2016
  • Certificate Subject: IdenTrust ACES CA 1
  • Certificate SHA1 HASH: 8c 7a 33 76 da 95 e2 be 52 da bc 03 21 56 f4 c4 78 74 e4 c4
  • Certificate Revocation List: http://http.fpki.gov/bridge/fbca2016.crl
  • Certificate Bundle (AIA): http://http.fpki.gov/bridge/caCertsIssuedTofbca2016.p7c
  • Certificate Bundle (SIA): http://apps.identrust.com/roots/publicsectorroot.p7c
  • OCSP: N/A

How to Add a New Notification

System notifications can be submitted via either GitHub or email.

Submit Notification via GitHub Issue

  • Select Add New Notification

  • This will open a new Issue form with input information for notification information.
  • Enter the information and click ‘Submit new issue’ to submit the notification.

Submit Notification via Email

The notification can also be emailed to fpki@gsa.gov. The email should contain the following information.

Subject: FPKI System Notification - System Name

  • Notice Date
  • Change Type of one of the following: CA Certificate Issuance, CA Certificate Revocation, New CA, URI Change, System Outage
  • Change start date
  • Change end date
  • Change description
  • Contact email
  • If the change is a new or revoked CA certificate, include the CA Certificate hash (sha1 thumbprint), Issuer and Subject DNs
  • If the change is a new URI, include the new CDP, AIA, SIA or OCSP value