Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Pardon our Dust.

Welcome to the new site for Federal Identity, Credential, and Access Management (FICAM) Playbooks! We are consolidating all existing FICAM and Federal Public Key Infrastructure (FPKI) playbooks to this new page to help you find answers and content faster. Please bookmark this URL for future reference.

Federal PKI Activity Report

Updated: April 11, 2021

This report provides a technical and policy compliance status for each Federal Public Key Infrastructure (FPKI) Affiliate.

Resolve issues by contacting one of the teams:

Federal Agency and Affiliate PKI Status Summary

The operational status for each Federal Agency or affiliate connected to the Federal Common Policy CA (FCPCA) or the Federal Bridge CA (FBCA) is summarized below. The overall operational status identifies issues that affect technical interoperability and non-compliance with applicable Certificate Policies (CP). The status is not used for any other purpose such as ranking or rating.

Federal Agency or Affiliate PKI FPKIMA CA Status
CertiPath Bridge FBCA No Issues
Department of Defense FBCA No Issues
DigiCert/Symantec NFI FBCA No Issues
Entrust Managed Services NFI FBCA No Issues
Exostar NFI FBCA No Issues
Government Printing Office FBCA No Issues
IdenTrust NFI FBCA No Issues
WidePoint/ORC NFI FBCA No Issues
SAFE BioPharma Bridge FBCA No Issues
STRAC Bridge FBCA No Issues
TSCP Bridge FBCA No Issues
US Patent and Trademark Office (PTO) FBCA No Issues
Department of State FCPCA No Issues
DigiCert/Symantec/Verisign SSP FCPCA No Issues
Entrust Managed Services SSP FCPCA No Issues
WidePoint/ORC SSP FCPCA No Issues
Department of the Treasury FCPCA No Issues
Verizon Business SSP FCPCA No Issues

Federal Agency or Affiliate PKI Status Legend

Status Description
Significant Technical and/or policy issues that will adversely affect interoperability
Moderate Technical and/or policy issues that may or may not adversely affect interoperability
No Impact Technical and/or policy issues that will not adversely affect interoperability
No Issues No technical or policy issues were found in the last thirty days

FPKIMA Certificate Activity

The activity listed in this section is limited to the certificates issued BY or TO the Federal Bridge or Federal Common Policy CA.

The following certificates were issued or published to the FPKI Trust Infrastructure in the last 30 days.

Affiliate Subject CA Issuing CA Serial # & SHA-1 Hash Issued Date
N/A - - - -

The following certificates were removed from the FPKI Trust Infrastructure in the last 30 days.

Affiliate Subject CA Issuing CA Serial # & SHA-1 Hash Expiration Date Action
FPKIMA SAFE Bridge CA 02 Federal Bridge CA G4 Serial: 18a4dd0c2b5068bf964e3f333e76821f1594042b Hash: 600319e6c322229f88e0f434ba96fb0dfd00252e 6/7/21 Revoked
FPKIMA CertiPath Bridge CA - G2 Federal Bridge CA G4 Serial: 154d6e5eb1df740a2588ca6e27d3b557829a0dfc Hash: 3bfc4df881682f8846bff486d422025aee7494d8 12/12/22 Revoked

The following certificates are planned for a certificate action in the near future, dates to be determined based on availability.

Affiliate Subject CA Issuing CA Serial # & SHA-1 Hash Expiration Date Action
FPKIMA Federal Bridge CA G4 Federal Common Policy CA Serial: 7994 Hash: e836f3016bfb6e8df274f27fd8a4a5054517b0f1 12/12/21 Revocation – 4/22/20
FPKIMA Federal Common Policy CA Federal Bridge CA G4 Serial: 198ef944a16068e7c0b85cd2f5b2cfb5de8b2174 Hash: fb3f5e09cac4fe4066f6c48cce31feca02fea677 6/30/21 Revocation – 4/22/20
FPKIMA U.S. Department of State AD Root CA Federal Common Policy CA Serial: 79f9 Hash: ce11590010562a39ad8b1455acf76c03737aebf6 12/18/22 Revocation – 4/22/20
FPKIMA ORC SSP 4 Federal Common Policy CA Serial: 2ef9 Hash: 3a70323069a4c41bc95663152e9ccc7111bb0623 1/21/24 Revocation – 4/22/20
FPKIMA Symantec SSP Intermediate CA - G4 Federal Common Policy CA Serial: 258e Hash: 6a382438fd21037018daf3f422a2132bea2be817 11/12/24 Revocation – 4/22/20
FPKIMA DigiCert Federal SSP Intermediate CA - G5 Federal Common Policy CA Serial: 66c0 Hash: 98b58247ac8a2bc6f348f03e8d22884d8345fc0f 12/13/28 Revocation – 4/22/20
FPKIMA Verizon SSP CA A2 Federal Common Policy CA Serial: 65f8 Hash: 477bf4017d25cde276cdddf756d40ca591d76f6d 12/6/26 Revocation – 4/22/20
FPKIMA US Treasury Root CA Federal Common Policy CA Serial: 6405 Hash: 5a87922b5eaf1d63198a951b2ab6f59b2f16c131 8/29/21 Revocation 6/10
FPKIMA US Treasury Root CA Federal Common Policy CA Serial: 734b Hash: 48ce02a99ae2cc4f790f2989aa153ed565b7e4d2 8/14/22 Revocation 6/10
FPKIMA Entrust Managed Services Root CA Federal Common Policy CA Serial: 2e26 Hash: 39c1d3b64e756a3267bfe5fecb103da892ca0611 7/30/25 Revocation 6/17
FPKIMA Entrust Managed Services Root CA Federal Common Policy CA Serial: 734a Hash: a09655170c87d0fbfe0328b99a7baf4a1cf0b5d9 8/14/29 Revocation 6/17
FPKIMA IdenTrust Global Common Root CA 1 Federal Bridge CA G4 Serial: 1659bceb348e6bbd33832c8284c35d7975c8d3c6 Hash: 2800ea6ecdeb8efc1cf4c042d712e8622e0cbb1a 8/21/21 Renew

Repository Availability

Repository availability is an uptime metric for Certificate Revocation List availability, based on monitoring by the FPKIMA. The table only contains Certification Authorities directly signed by the Federal Common Policy Root CA, Federal Common Policy Root G2 or Federal Bridge CA G4. A metric of “99” in the table below means the Certificate Revocation List was available for 99% of the given month, in other words, the file was not available for 1% of the month. The last column is the 12-month average.

Federal Agency or Affiliate CA FPKIMA CA Last 30 days Average
CertiPath Bridge CA - G2 FBCA 100 99.997
CertiPath Bridge CA - G3 FBCA 100 99.98
DigiCert Federated ID L3 CA FBCA 100 99.995
DoD Interoperability Root CA 2 FBCA 100 99.99
Entrust Managed Services NFI Root CA FBCA 100 100
Exostar Federated Identity Service Root CA FBCA 100 99.987
Federal Bridge CA 2016 FBCA 100 100
Federal Bridge CA G4 FBCA 100 100
GPO PCA FBCA 100 99.838
IdenTrust Global Common Root CA 1 FBCA 100 99.967
SAFE Bridge CA 02 FBCA 100 99.942
STRAC Bridge Root Certification Authority FBCA 100 99.95
Symantec Class 3 SSP Intermediate CA - G3 FBCA 100 99.991
TSCP SHA256 Bridge CA FBCA 100 99.992
USPTO_INTR_CA1 FBCA 100 99.719
WidePoint NFI Root 2 FBCA 100 99.987
DigiCert SSP CA - G5 FCPCA 100 99.998
Entrust Managed Services Root CA FCPCA 100 99.998
Federal Common Policy CA FCPCA 100 100
ORC SSP 4 FCPCA 100 99.987
Symantec SSP Intermediate CA - G4 FCPCA 100 100
U.S. Department of State AD Root CA FCPCA 100 100
US Treasury Root CA FCPCA 100 100
Verizon SSP CA A2 FCPCA 100 99.987