2008 R2 SP1 Can't start Active Directory Certificate Services - Object was not found 0x80090011 (-2146893807)

Can't start Active Directory Certificate Services - Object was not found 0x80090011 (-2146893807)

This is the resulte of the certutil -verifystore my

my
================ Certificate 0 ================
Archived!
Serial Number: 11eceb0a000000000038
Issuer: CN=jeff-CA, DC=domain, DC=org
NotBefore: 12/16/2010 11:36 AM
NotAfter: 12/16/2011 11:36 AM
Subject: EMPTY (Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org)
Non-root Certificate
Template: DirectoryEmailReplication, Directory Email Replication
Cert Hash(sha1): fa 48 69 cd 2b 5f eb 9a 33 e1 9d 76 28 1e e0 19 bb 62 d8 12
Key Container = 582efefc6db52d25800954d23fe993ae_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DirectoryEmailReplication-c9dbc64c-f713-4737-bf36-c19ec6af7685
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
ChainContext.dwErrorStatus = CERT_TRUST_IS_REVOKED (0x4)
ChainContext.dwRevocationFreshnessTime: 712 Days, 5 Hours, 59 Minutes, 39 Seconds

SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_REVOKED (0x4)
SimpleChain.dwRevocationFreshnessTime: 712 Days, 5 Hours, 59 Minutes, 39 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=5
Issuer: CN=jeff-CA, DC=domain, DC=org
NotBefore: 12/16/2010 11:36 AM
NotAfter: 12/16/2011 11:36 AM
Subject:
Serial: 11eceb0a000000000038
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: Directory Email Replication
fa 48 69 cd 2b 5f eb 9a 33 e1 9d 76 28 1e e0 19 bb 62 d8 12
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
Element.dwErrorStatus = CERT_TRUST_IS_REVOKED (0x4)
    CRL 0195:
    Issuer: CN=jeff-CA, DC=domain, DC=org
    72 42 f8 d6 6f 31 31 5d 14 1c 28 bd 8e 30 7d 15 c0 ce f5 b4
    Delta CRL 0196:
    Issuer: CN=jeff-CA, DC=domain, DC=org
    f1 24 f0 c7 bc 20 e1 e2 d0 88 6a 86 30 73 41 70 9b b0 17 01
Application[0] = 1.3.6.1.4.1.311.21.19 Directory Service Email Replication

CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
Issuer: CN=jeff-CA, DC=domain, DC=org
NotBefore: 1/25/2010 2:10 PM
NotAfter: 1/25/2015 2:20 PM
Subject: CN=jeff-CA, DC=domain, DC=org
Serial: 45a0f8729e8e16a34d0bda8f40d92c75
Template: CA
9c b1 10 1a 3f cf 33 c0 88 b2 3d e8 46 82 1b 2f 7e 79 67 7c
Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)

Exclude leaf cert:
9a a9 30 91 ee 8d cf c7 4d c8 83 aa 7d 97 c3 89 2c 54 0a f0
Full chain:
1d e3 3c 77 49 c1 7f 0a e3 28 74 b9 b3 2c fe fe 5a ac b1 5b
Issuer: CN=jeff-CA, DC=domain, DC=org
NotBefore: 12/16/2010 11:36 AM
NotAfter: 12/16/2011 11:36 AM
Subject:
Serial: 11eceb0a000000000038
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: Directory Email Replication
fa 48 69 cd 2b 5f eb 9a 33 e1 9d 76 28 1e e0 19 bb 62 d8 12
The certificate is revoked. 0x80092010 (-2146885616)
------------------------------------
Certificate is REVOKED

================ Certificate 1 ================
Serial Number: 42396d083ccb02a74ca62e977471bdf8
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 1/25/2011 3:45 PM
NotAfter: 1/25/2021 3:55 PM
Subject: CN=cl-CA-DC01, DC=domain, DC=org
Certificate Template Name (Certificate Type): CA
CA Version: V0.0
Signature matches Public Key
Root Certificate: Subject matches Issuer
Template: CA, Root Certification Authority
Cert Hash(sha1): f3 57 01 75 60 7e 67 e2 35 e9 08 86 81 1d f1 54 b0 cb c5 e0
No key provider information
Encryption test FAILED
Verified Issuance Policies: All
Verified Application Policies: All
Certificate is valid

================ Certificate 2 ================
Archived!
Serial Number: 61f386d3000000000023
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 1/20/2012 2:39 PM
NotAfter: 1/19/2013 2:39 PM
Subject: EMPTY (Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org)
Non-root Certificate
Template: DirectoryEmailReplication, Directory Email Replication
Cert Hash(sha1): f2 a8 48 b5 d3 d9 82 95 64 82 5a 48 ae b0 10 67 ce bf cb cb
Key Container = 7c97e60393c1438f879c3990055aab81_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DirectoryEmailReplication-6e8ebc15-64cb-4760-9e1b-0d896a8f749e
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 47 Seconds

SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
SimpleChain.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
SimpleChain.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 47 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000041
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 1/20/2012 2:39 PM
NotAfter: 1/19/2013 2:39 PM
Subject:
Serial: 61f386d3000000000023
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: Directory Email Replication
f2 a8 48 b5 d3 d9 82 95 64 82 5a 48 ae b0 10 67 ce bf cb cb
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.4.1.311.21.19 Directory Service Email Replication

CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 1/25/2011 3:45 PM
NotAfter: 1/25/2021 3:55 PM
Subject: CN=cl-CA-DC01, DC=domain, DC=org
Serial: 42396d083ccb02a74ca62e977471bdf8
Template: CA
f3 57 01 75 60 7e 67 e2 35 e9 08 86 81 1d f1 54 b0 cb c5 e0
Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)

Exclude leaf cert:
4a 68 40 62 ef 88 f5 50 66 a6 e9 70 2b 62 8b 07 c9 b6 a5 53
Full chain:
f9 96 15 c7 45 87 76 83 8b d4 37 38 87 d2 28 f6 c4 3e 1e 22
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 1/20/2012 2:39 PM
NotAfter: 1/19/2013 2:39 PM
Subject:
Serial: 61f386d3000000000023
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: Directory Email Replication
f2 a8 48 b5 d3 d9 82 95 64 82 5a 48 ae b0 10 67 ce bf cb cb
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495)
------------------------------------
Expired certificate

================ Certificate 3 ================
Serial Number: 7fc04b63000000000053
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2013 6:25 PM
Subject: EMPTY (DNS Name=DC01.domain.org)
Non-root Certificate
Template: DomainControllerAuthentication, Domain Controller Authentication
Cert Hash(sha1): ee 89 89 a7 ef 7a 2f 38 99 8e 09 f4 6e 71 73 db f6 3f 77 f0
Key Container = d81f8da446941354b7343a6fc3c7b41c_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DomainControllerAuthentication-f3915c15-1c6a-4075-af79-bbbccb2cc764
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
SimpleChain.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2013 6:25 PM
Subject:
Serial: 7fc04b63000000000053
SubjectAltName: DNS Name=DC01.domain.org
Template: Domain Controller Authentication
ee 89 89 a7 ef 7a 2f 38 99 8e 09 f4 6e 71 73 db f6 3f 77 f0
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
Application[1] = 1.3.6.1.5.5.7.3.1 Server Authentication
Application[2] = 1.3.6.1.4.1.311.20.2.2 Smart Card Logon

Exclude leaf cert:
36 90 20 77 1d e6 a0 61 1f 05 8f e6 3c 75 89 32 a2 91 34 e7
Full chain:
41 93 f5 5f d9 79 98 1d ad 49 2b ec 52 9d 79 5c 14 91 b9 a6
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2013 6:25 PM
Subject:
Serial: 7fc04b63000000000053
SubjectAltName: DNS Name=DC01.domain.org
Template: Domain Controller Authentication
ee 89 89 a7 ef 7a 2f 38 99 8e 09 f4 6e 71 73 db f6 3f 77 f0
The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)
------------------------------------
Revocation check skipped -- server offline
Certificate is valid

================ Certificate 4 ================
Archived!
Serial Number: 3f84b029000000000018
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 5/13/2011 3:15 PM
NotAfter: 5/12/2012 3:15 PM
Subject: EMPTY (DNS Name=DC01.domain.org)
Non-root Certificate
Template: DomainControllerAuthentication, Domain Controller Authentication
Cert Hash(sha1): d8 ea 81 38 03 91 c7 da 53 14 bb f7 80 f1 ba e7 74 8f 5c 8a
Key Container = 91441ec2d06c576b230106aa52356347_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DomainControllerAuthentication-a41a41cf-f42b-41f7-8989-fca338c7d28d
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
SimpleChain.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
SimpleChain.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000041
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 5/13/2011 3:15 PM
NotAfter: 5/12/2012 3:15 PM
Subject:
Serial: 3f84b029000000000018
SubjectAltName: DNS Name=DC01.domain.org
Template: Domain Controller Authentication
d8 ea 81 38 03 91 c7 da 53 14 bb f7 80 f1 ba e7 74 8f 5c 8a
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
Application[1] = 1.3.6.1.5.5.7.3.1 Server Authentication
Application[2] = 1.3.6.1.4.1.311.20.2.2 Smart Card Logon

Exclude leaf cert:
55 25 a6 b9 ae 4f 89 aa ae 65 da 86 0e 85 23 d0 dc 0e 46 99
Full chain:
77 08 50 d7 8f ea 0e 50 da 6b f9 ae 9b 9c cc e6 7d 66 a3 f1
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 5/13/2011 3:15 PM
NotAfter: 5/12/2012 3:15 PM
Subject:
Serial: 3f84b029000000000018
SubjectAltName: DNS Name=DC01.domain.org
Template: Domain Controller Authentication
d8 ea 81 38 03 91 c7 da 53 14 bb f7 80 f1 ba e7 74 8f 5c 8a
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495)
------------------------------------
Expired certificate

<--- Other certificates --->

================ Certificate 7 ================
Archived!
Serial Number: 5150eb4b00000000002b
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/31/2012 10:43 PM
NotAfter: 3/31/2013 10:43 PM
Subject: EMPTY (DNS Name=DC01.domain.org)
Non-root Certificate
Template: DomainControllerAuthentication, Domain Controller Authentication
Cert Hash(sha1): 58 4d 31 3a b3 94 c5 48 4c 47 bc 73 09 a9 ed 7b 0a 22 16 da
Key Container = 0038cb424a44045bd707121c29de417c_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DomainControllerAuthentication-bff11c68-cbd5-4da8-bb6d-33bde51a9366
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/31/2012 10:43 PM
NotAfter: 3/31/2013 10:43 PM
Subject:
Serial: 5150eb4b00000000002b
SubjectAltName: DNS Name=DC01.domain.org
Template: Domain Controller Authentication
58 4d 31 3a b3 94 c5 48 4c 47 bc 73 09 a9 ed 7b 0a 22 16 da
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
Application[1] = 1.3.6.1.5.5.7.3.1 Server Authentication
Application[2] = 1.3.6.1.4.1.311.20.2.2 Smart Card Logon

Exclude leaf cert:
68 b8 5c c0 6d 0b b6 e4 83 d5 09 d7 cd 8b 8e ef e3 cf 52 3c
Full chain:
21 5f 91 7e 1e d6 65 e6 36 ce 54 b4 b7 1e e3 45 5c ba 18 87
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/31/2012 10:43 PM
NotAfter: 3/31/2013 10:43 PM
Subject:
Serial: 5150eb4b00000000002b
SubjectAltName: DNS Name=DC01.domain.org
Template: Domain Controller Authentication
58 4d 31 3a b3 94 c5 48 4c 47 bc 73 09 a9 ed 7b 0a 22 16 da
The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)
------------------------------------
Revocation check skipped -- server offline
Certificate is valid

================ Certificate 8 ================
Serial Number: 6750773400000000005a
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 12/8/2012 5:35 PM
NotAfter: 12/8/2013 5:35 PM
Subject: EMPTY (Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org)
Non-root Certificate
Template: DirectoryEmailReplication, Directory Email Replication
Cert Hash(sha1): 3f 62 1f 71 08 42 9c 37 77 74 4f 0e c8 dc 66 93 a7 a7 55 a0
Key Container = b80d7dbae75b7ec94fea2a5aafe2a645_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DirectoryEmailReplication-d6220204-fa56-40e4-998d-7d463fac09af
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 12/8/2012 5:35 PM
NotAfter: 12/8/2013 5:35 PM
Subject:
Serial: 6750773400000000005a
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: Directory Email Replication
3f 62 1f 71 08 42 9c 37 77 74 4f 0e c8 dc 66 93 a7 a7 55 a0
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.4.1.311.21.19 Directory Service Email Replication

Exclude leaf cert:
d5 6a ca 9b 8d 27 dd a0 9f c8 bc f3 c9 e8 ec ac 82 04 0a 28
Full chain:
ec d1 2b 56 b5 1b ff fb 5f 94 ee 76 b6 32 5d 50 f8 4e 34 a0
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 12/8/2012 5:35 PM
NotAfter: 12/8/2013 5:35 PM
Subject:
Serial: 6750773400000000005a
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: Directory Email Replication
3f 62 1f 71 08 42 9c 37 77 74 4f 0e c8 dc 66 93 a7 a7 55 a0
The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)
------------------------------------
Revocation check skipped -- server offline
Certificate is valid

================ Certificate 9 ================
Serial Number: 7fc04d46000000000054
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2014 6:35 PM
Subject: EMPTY (Other Name:Principal Name=DC01$@domain.org, DNS Name=DC01.domain.org, DNS Name=domain.org, DNS Name=domain)
Non-root Certificate
Template: LDAPS
Cert Hash(sha1): 37 95 7c 81 c6 9a 54 b8 1a 11 7d 27 e6 51 89 84 c2 ce 24 56
Key Container = 40b9e6004a396d69586963293e8b656d_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-LDAPS-74b0e4ca-79a7-4731-9ebf-e98f0ba61df1
Provider = Microsoft RSA SChannel Cryptographic Provider
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2014 6:35 PM
Subject:
Serial: 7fc04d46000000000054
SubjectAltName: Other Name:Principal Name=DC01$@domain.org, DNS Name=DC01.domain.org, DNS Name=domain.org, DNS Name=domain
Template: LDAPS
37 95 7c 81 c6 9a 54 b8 1a 11 7d 27 e6 51 89 84 c2 ce 24 56
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.5.2.3.5 KDC Authentication
Application[1] = 1.3.6.1.4.1.311.20.2.2 Smart Card Logon
Application[2] = 1.3.6.1.5.5.7.3.1 Server Authentication
Application[3] = 1.3.6.1.5.5.7.3.2 Client Authentication

Exclude leaf cert:
aa d4 e9 f3 26 54 40 34 19 9d d2 1a 41 a7 7f cb 45 e3 12 74
Full chain:
38 16 44 3f a9 32 f5 de a9 8e a4 ab 91 34 54 4f 05 bc cf 76
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2014 6:35 PM
Subject:
Serial: 7fc04d46000000000054
SubjectAltName: Other Name:Principal Name=DC01$@domain.org, DNS Name=DC01.domain.org, DNS Name=domain.org, DNS Name=domain
Template: LDAPS
37 95 7c 81 c6 9a 54 b8 1a 11 7d 27 e6 51 89 84 c2 ce 24 56
The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)
------------------------------------
Revocation check skipped -- server offline
Certificate is valid

================ Certificate 10 ================
Archived!
Serial Number: 3e8d3ff500000000000e
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/3/2011 9:01 AM
NotAfter: 3/2/2012 9:01 AM
Subject: EMPTY (Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org)
Non-root Certificate
Template: DirectoryEmailReplication, Directory Email Replication
Cert Hash(sha1): 2c 80 24 87 cf f6 36 0f 78 93 b2 b6 03 14 f1 46 b8 a4 91 ef
Key Container = da81309766bd5d3da8fd2bcc32cc651e_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DirectoryEmailReplication-08ecad77-ef8c-4ec6-b42b-dafa6fa5ad04
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
SimpleChain.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
SimpleChain.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000041
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/3/2011 9:01 AM
NotAfter: 3/2/2012 9:01 AM
Subject:
Serial: 3e8d3ff500000000000e
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: Directory Email Replication
2c 80 24 87 cf f6 36 0f 78 93 b2 b6 03 14 f1 46 b8 a4 91 ef
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.4.1.311.21.19 Directory Service Email Replication

Exclude leaf cert:
15 85 ea a8 d3 4a d6 57 da 20 2b 77 c2 57 23 69 b9 d3 e0 02
Full chain:
54 46 cf 50 9c b0 3b cd c6 ac 79 09 d4 de c7 45 90 e2 ff 20
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/3/2011 9:01 AM
NotAfter: 3/2/2012 9:01 AM
Subject:
Serial: 3e8d3ff500000000000e
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: Directory Email Replication
2c 80 24 87 cf f6 36 0f 78 93 b2 b6 03 14 f1 46 b8 a4 91 ef
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495)
------------------------------------
Expired certificate

================ Certificate 11 ================
Serial Number: 1adfba76000000000008
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 2/24/2011 10:44 AM
NotAfter: 2/23/2013 10:44 AM
Subject: CN=DC01.domain.org
Certificate Template Name (Certificate Type): WebServer
Non-root Certificate
Template: WebServer, Web Server
Cert Hash(sha1): 2a d9 ca 40 3f 21 35 be b0 57 6e 6c 4d 91 33 f5 70 99 d7 7b
Key Container = 62bbdaf573b7ead83ad4f48848ce56bf_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: CertReq-WebServer-840b2631-1100-4962-a935-c96d8b329ef1
Provider = Microsoft RSA SChannel Cryptographic Provider
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
ChainContext.dwErrorStatus = CERT_TRUST_IS_REVOKED (0x4)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=5
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 2/24/2011 10:44 AM
NotAfter: 2/23/2013 10:44 AM
Subject: CN=DC01.domain.org
Serial: 1adfba76000000000008
SubjectAltName: DNS Name=d2l1.domain.edu, DNS Name=dc01, DNS Name=dc01.domain.org
Template: WebServer
2a d9 ca 40 3f 21 35 be b0 57 6e 6c 4d 91 33 f5 70 99 d7 7b
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
Element.dwErrorStatus = CERT_TRUST_IS_REVOKED (0x4)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.5.5.7.3.1 Server Authentication

Exclude leaf cert:
40 cc 2f 31 5f 53 b1 cf c5 01 57 a1 85 73 14 a4 c0 dc 32 76
Full chain:
1e 4c 25 96 c0 a5 0f 94 b9 6e 69 75 1c 2b a2 32 f8 12 18 39
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 2/24/2011 10:44 AM
NotAfter: 2/23/2013 10:44 AM
Subject: CN=DC01.domain.org
Serial: 1adfba76000000000008
SubjectAltName: DNS Name=d2l1.domain.edu, DNS Name=dc01, DNS Name=dc01.domain.org
Template: WebServer
2a d9 ca 40 3f 21 35 be b0 57 6e 6c 4d 91 33 f5 70 99 d7 7b
The certificate is revoked. 0x80092010 (-2146885616)
------------------------------------
Certificate is REVOKED

================ Certificate 12 ================
Serial Number: 66b9efef000000000033
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 6/18/2012 4:05 PM
NotAfter: 6/18/2014 4:15 PM
Subject: EMPTY (Other Name:Principal Name=DC01$@domain.org, DNS Name=DC01.domain.org, DNS Name=domain.org, DNS Name=domain)
Non-root Certificate
Template: LDAPS
Cert Hash(sha1): 27 5c 7b a9 4d 97 bc 54 3c 63 a8 e9 6c a8 83 ca e9 ee d5 c0
Key Container = c3ac6c908609fbda91d6e8f3de6034aa_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-LDAPS-bab068c1-840a-404d-8e90-b1a56ebeac2a
Provider = Microsoft RSA SChannel Cryptographic Provider
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 6/18/2012 4:05 PM
NotAfter: 6/18/2014 4:15 PM
Subject:
Serial: 66b9efef000000000033
SubjectAltName: Other Name:Principal Name=DC01$@domain.org, DNS Name=DC01.domain.org, DNS Name=domain.org, DNS Name=domain
Template: LDAPS
27 5c 7b a9 4d 97 bc 54 3c 63 a8 e9 6c a8 83 ca e9 ee d5 c0
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.5.2.3.5 KDC Authentication
Application[1] = 1.3.6.1.4.1.311.20.2.2 Smart Card Logon
Application[2] = 1.3.6.1.5.5.7.3.1 Server Authentication
Application[3] = 1.3.6.1.5.5.7.3.2 Client Authentication

Exclude leaf cert:
ef d7 72 93 f0 64 3c ba 28 5e 75 5a c8 6b 05 b5 45 b5 80 9f
Full chain:
f0 58 f9 f2 71 8d e2 6c 63 78 45 e0 05 49 6f 89 d9 67 d2 37
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 6/18/2012 4:05 PM
NotAfter: 6/18/2014 4:15 PM
Subject:
Serial: 66b9efef000000000033
SubjectAltName: Other Name:Principal Name=DC01$@domain.org, DNS Name=DC01.domain.org, DNS Name=domain.org, DNS Name=domain
Template: LDAPS
27 5c 7b a9 4d 97 bc 54 3c 63 a8 e9 6c a8 83 ca e9 ee d5 c0
The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)
------------------------------------
Revocation check skipped -- server offline
Certificate is valid

================ Certificate 13 ================
Archived!
Serial Number: 3e8da95200000000000f
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/3/2011 9:01 AM
NotAfter: 3/2/2012 9:01 AM
Subject: EMPTY (DNS Name=DC01.domain.org)
Non-root Certificate
Template: DomainControllerAuthentication, Domain Controller Authentication
Cert Hash(sha1): 25 5d de 56 65 5c bd ea 23 e0 50 4e 01 3f c8 97 68 d5 a6 49
Key Container = b52311bc71bd3f4c6dbbcd9599beface_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DomainControllerAuthentication-18ce05ac-ed6e-4385-bf8d-0ca0ac95e03a
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
SimpleChain.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
SimpleChain.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
SimpleChain.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000041
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/3/2011 9:01 AM
NotAfter: 3/2/2012 9:01 AM
Subject:
Serial: 3e8da95200000000000f
SubjectAltName: DNS Name=DC01.domain.org
Template: Domain Controller Authentication
25 5d de 56 65 5c bd ea 23 e0 50 4e 01 3f c8 97 68 d5 a6 49
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_IS_NOT_TIME_VALID (0x1)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
Application[1] = 1.3.6.1.5.5.7.3.1 Server Authentication
Application[2] = 1.3.6.1.4.1.311.20.2.2 Smart Card Logon

Exclude leaf cert:
d4 31 d3 df c9 26 3d 7a 03 f6 27 a2 09 d6 d8 4c 09 5c f1 0b
Full chain:
9c a4 50 46 b8 db c4 1b cb 82 6c 10 19 bb 45 6a a5 b3 37 cf
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 3/3/2011 9:01 AM
NotAfter: 3/2/2012 9:01 AM
Subject:
Serial: 3e8da95200000000000f
SubjectAltName: DNS Name=DC01.domain.org
Template: Domain Controller Authentication
25 5d de 56 65 5c bd ea 23 e0 50 4e 01 3f c8 97 68 d5 a6 49
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495)
------------------------------------
Expired certificate

================ Certificate 14 ================
Archived!
Serial Number: 7fc0497f000000000052
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2013 6:25 PM
Subject: CN=DC01.domain.org
Certificate Template Name (Certificate Type): DomainController
Non-root Certificate
Template: DomainController, Domain Controller
Cert Hash(sha1): 09 c1 69 d2 50 2e d9 da bb ad 3e b4 07 be 99 2e b7 49 db 22
Key Container = 97346be9499c8cbaddfd73241a87a2ac_81d37a94-e924-4d06-b798-9202ec64c882
Simple container name: le-DomainController-8c7111ad-cce0-464c-a824-3782a2362a78
Provider = Microsoft RSA SChannel Cryptographic Provider
Private key is NOT exportable
Encryption test passed
-------- CERT_CHAIN_CONTEXT --------
ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
ChainContext.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
ChainContext.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
ChainContext.dwRevocationFreshnessTime: 19 Days, 4 Hours, 29 Minutes, 48 Seconds

CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=1000040
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2013 6:25 PM
Subject: CN=DC01.domain.org
Serial: 7fc0497f000000000052
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: DomainController
09 c1 69 d2 50 2e d9 da bb ad 3e b4 07 be 99 2e b7 49 db 22
Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
Element.dwErrorStatus = CERT_TRUST_REVOCATION_STATUS_UNKNOWN (0x40)
Element.dwErrorStatus = CERT_TRUST_IS_OFFLINE_REVOCATION (0x1000000)
    CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    c4 2d 28 23 d1 ed 2b 14 cb 4a 0c 9e d3 19 7d de 96 6e b7 e2
    Delta CRL 02ef:
    Issuer: CN=cl-CA-DC01, DC=domain, DC=org
    30 75 5c ca 45 0c 35 28 aa bc da 4f c2 ff e0 27 a2 50 8f 9b
Application[0] = 1.3.6.1.5.5.7.3.2 Client Authentication
Application[1] = 1.3.6.1.5.5.7.3.1 Server Authentication

Exclude leaf cert:
2b d0 ba 40 49 3d 34 58 42 31 13 b6 af 39 cc f1 c1 8b 1b 48
Full chain:
e6 1c 52 00 8f 91 80 40 59 54 66 8d 76 2f aa f5 90 b3 64 6b
Issuer: CN=cl-CA-DC01, DC=domain, DC=org
NotBefore: 10/24/2012 6:25 PM
NotAfter: 10/24/2013 6:25 PM
Subject: CN=DC01.domain.org
Serial: 7fc0497f000000000052
SubjectAltName: Other Name:DS Object Guid=04 10 ac a1 51 b4 97 0e 41 4c bb b5 80 41 d7 e8 dc c4, DNS Name=DC01.domain.org
Template: DomainController
09 c1 69 d2 50 2e d9 da bb ad 3e b4 07 be 99 2e b7 49 db 22
The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)
------------------------------------
Revocation check skipped -- server offline
Certificate is valid
CertUtil: -verifystore command completed successfully.

Can't start Active Directory Certificate Services - O

2008 R2 SP1 Can't start Active Directory Certificate Services - Object was not found 0x80090011 (-2146893807)

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

Ominde Commission Report and Recommendations – Ominde Report of 1964

Bureau of Internal Revenue: Regional Offices (Directory)

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

Mp3 Download: Mdu - Kunjenjenjena

How the kill the job , when DTP request running for long hours.

Microsoft Intune から展開しているアプリのアップデートについて

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

Car crash in Dunton Bassett leaves driver in critical condition

Macky 2, Two Others In Road Accident

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

Detroit mafia: D’Anna Brothers agree to plea deal

Delivery block field greyed out using VA02

Muloraki Au

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出ｗ【リベンジポルノ】＠PornHub

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

FIAT 500 B0111 B0112