The Certificate Repository contains the system that holds certificates and information about all unexpired certificates including revocation information. Each item below has a specific function and a breif explanation is given as to the purpose of that function.

Certificate Directory

Search for and download the public certificates or ORC ACES Subscribers.


ORC Root and ACES Intermediate CA Certificates

Certificate Downloads

ORC Root 2 Certificate – This certificate is self-signed, meaning that it is at the top of a trust hierarchy. All subordinate certificates inherit their trust from the Root Signing Certificate of that particular PKI, in this case, the ORC Root 2 Certificate.
Download the ORC Root 2 Certificate

ORC ACES 4 Intermediate CA Certificate – A certificate is the binding of an entity’s identity to a public/private key pair, usually by a trusted third party. The CA signing certificate is used to digitally sign subordinate certificates for end-entities (like people and web sites).
Download the ORC ACES ACES 4 Intermediate CA Certificate

FBCA signed ORC ACES 4 Intermediate CA Certificate – This CA signing certificate is signed by the Federal Bridge Certificate Authority. The purpose of this certificate is to allow applications to chain the ACES certificate authority up to the Federal Common Policy Root certificate. The Federal Common Policy and Federal Bridge CA exist to promote PKI interoperability between different Federal Government agencies. However, the cross-signed certificate trust chain can be more difficult to use. An application will only use one trust chain or the other so this should be considered an ‘either-or-proposition’; either use the trust chain made up of the ORC Root 2 and ORC ACES 4 Intermediate CA certificates above – OR – use the certificate indicated in this link.

Download the ORC ACES ACES 4 cross-signed Intermediate CA Certificate

Certificate Information Display
Display the ORC ACES SHA-256 Root Certificate information
Display the ORC ACES 4 SHA-256 Intermediate CA Certificate information

Certificate Revocation Lists (CRLs)

Used to view a list of certificates that have been revoked but have not yet expired. The CRL is digitally signed by the CA to ensure its validity to relying parties.

WidePoint ACES Audit Letter 26 April