library.stanford.edu

Issued by R3

About this certificate

This digital certificate with serial number 03:a8:78:eb:20:b5:65:d6:85:65:57:06:ab:68:14:11:9c:c4 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=library.stanford.edu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:a8:78:eb:20:b5:65:d6:85:65:57:06:ab:68:14:11:9c:c4
Serial Number (int): 318665023650663269448956580384436279942340
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: c6:19:38:fd:37:da:a8:64:ef:26:0b:90:ad:91:51:b2:79:42:60:70
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 14:3b:7f:30:93:4c:95:48:ab:ad:c8:20:2d:9a:52:17:c8:17:b7:ae
Fingerprint (sha256): 00:98:48:b2:d1:d4:7c:2b:e2:50:7b:aa:d0:38:6d:98:22:ef:da:48:db:78:86:92:5a:76:77:23:9f:73:18:24

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate library.stanford.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for library.stanford.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

library.stanford.edu

Other certificates including the domain name stanford.edu

(limited to 100 certificates)
ipython.stanford.edu
5692462144159744-fe3.pantheonsite.io
migrate-gsb.stanford.edu
bpp.stanford.edu
gsc.stanford.edu
polisci451.stanford.edu
smtp-auth.slac.stanford.edu
cs242.stanford.edu
cardinalrecovery.stanford.edu
proline.stanford.edu
bio-dap15.stanford.edu
5768310863953920-fe2.pantheonsite.io
shib-dr1.stanford.edu
sr-prime.stanford.edu
sul-bookdata-prod.stanford.edu
cegelski.stanford.edu
carpepm.almonds.com
stguwfaprd01.stanford.edu
firebaseapp.com
irt-dev.stanford.edu
us.prod.campusgroups.com
gsbphoto-dev.stanford.edu
research.esrg.stanford.edu
dinglab.stanford.edu
5686812383117312-fe3.pantheonsite.io
aegis.stanford.edu
www-prd.gsb.stanford.edu
fork-h08-31.stanford.edu
cs269q.stanford.edu
animaltraxuat.stanford.edu
mededmastery.stanford.edu
events.slac.stanford.edu
sul-hydra-etd-prod.stanford.edu
ccadmin.stanford.edu
5736754531270656-fe4.pantheonsite.io
5threunioncampaign.stanford.edu
cluster3.technolutions.net
ssi-server1.stanford.edu
firebaseapp.com
5702351037923328-fe2.pantheonsite.io
crypto.stanford.edu
ucdc.edu
cluster3.technolutions.net
aagsa.stanford.edu
stanford.edu
library.stanford.edu
roboticsclub.stanford.edu
helix.stanford.edu
eventviewer-test2.stanford.edu
www.straightlab.stanford.edu
us.prod.campusgroups.com
library-status.stanford.edu
aikido.stanford.edu
stanfordwho.stanford.edu
aplac.stanford.edu
facultybillets-dev.med.stanford.edu
www-group.slac.stanford.edu
pswebkdc.slac.stanford.edu
nartc.fcm.arizona.edu
www.dschool.stanford.edu
ci.med.stanford.edu
calendar.sdzsafaripark.org
www.launchpad.stanford.edu
lbre-authdev.stanford.edu
allencenter.stanford.edu
globalhealth.stanford.edu
*.stanford.edu
yuba.stanford.edu
migrate-gsb.stanford.edu
stanfordwho-test-stretch.stanford.edu
5652720409116672-fe3.pantheonsite.io
sul-dev-mdm.stanford.edu
vault.stanford.edu
suegenciadev.stanford.edu
epgy.stanford.edu
r8-web-prod.stanford.edu
www.dhometeam.stanford.edu
pascl.stanford.edu
gfxcourses.stanford.edu
apimetadata.stanford.edu
woodstock.stanford.edu
pacs.fairnorthdigital.com
shield.stanford.edu
suave.stanford.edu
fsi-backup1.stanford.edu
5731346630574080-fe3.pantheonsite.io
jimb.stanford.edu
jq01b160n4jace02a.stanford.edu
www-cdn.stanford.edu
banking-business-review.com
glast.slac.stanford.edu
swshumsci-prod.stanford.edu
5686683802533888-fe2.pantheonsite.io
reportmart3ye.stanford.edu
5768310863953920-fe2.pantheonsite.io
biochemistry.stanford.edu
cdn-test.battlefields.org
test.eis.uw.edu
modthought.stanford.edu
itarch.stanford.edu

Certificate

The complete raw certificate details for library.stanford.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgISA6h46yC1ZdaFZVcGq2gUEZzEMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMTkwOTAwMTVaFw0yNDAxMTcwOTAwMTRaMB8xHTAbBgNVBAMT
FGxpYnJhcnkuc3RhbmZvcmQuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8NzQdqL8jz4gob5MZxqdGfwloBSuCZ8dgaFkmDsbfSyrGS2w04ZQJFB
Ide974tKs6qg9yvdAldok1/G2ulFJ+THNXhEtZtPnfFysJirtOZJK4Y65RBYL3kQ
2Ko1tlwjA4Il97ovcUZDlFVP9BGOdhOLC7GBsfF/OYenCNJyy2RzRptaqfJI/Lut
kfTbXe9D64SnigZx5qsnq4d86PE+yLhGH3+jSs6IiM0EwOgcd1a66fjNGgaDpL/L
X519ZNmXlVOqdNCi6tvuXV5fDhgFLNguUAGpi9lrt6pELQqmpzyz67E0TXdx0bIw
P0x+PW68POACgE+LPgZsRsQU2URkswIDAQABo4ICFjCCAhIwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBTGGTj9N9qoZO8mC5CtkVGyeUJgcDAfBgNVHSMEGDAWgBQULrMX
t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0
dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu
Y3Iub3JnLzAfBgNVHREEGDAWghRsaWJyYXJ5LnN0YW5mb3JkLmVkdTATBgNVHSAE
DDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ANq2v2s/tbYi
n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABi0dg6u0AAAQDAEcwRQIhANRIM05x
MIJ0gTQhlGYfjWcWWvlAxAYA7s08Ok+HjskdAiA+qO9OGA5KX7v8Qu0aHQM2sp4n
z/ve53LysOJyduW2qQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7Wb
AAABi0dg63YAAAQDAEcwRQIgJJ1HxN089lRoZGT6+KfP8zwDlT7l1Fwq/o92J+/7
61sCIQCeQdNTFYnfzd35ukeVPeG2Jp189EvgK1b9kfJh+aNzkTANBgkqhkiG9w0B
AQsFAAOCAQEAshynmOgtZQGC3ivZQoOuFkQ21V8etDIQXOf4m+xoPk38dn7+0v3u
vFuAURoV6DaXaX87+YJC0KkBHFcbefjGoRz+Qb7Cdgi9ht+w2HH417IYLm7Y6gtT
q2bGSd2Gaa58XPWHXBraZxk2TCL++f3BpOnJMDZHD88F3p5nt+puvL0iUCDGBdn6
+vgIDWRyXrQB+tEQxcZvbgHzBxYXoS2rHsO6Hs304BCudzHxuxC5vQlv6CCGpX1c
VNdYqpI9/I5ZfJM24qrcVptmWmBdYMftfBcY2LMDgujnKkPdDEumFVYDjb0r5Icc
uG3vViPv0k7iOjz65P1iaEKkXvkP6IKiaQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8NzQdqL8jz4gob5MZxq
dGfwloBSuCZ8dgaFkmDsbfSyrGS2w04ZQJFBIde974tKs6qg9yvdAldok1/G2ulF
J+THNXhEtZtPnfFysJirtOZJK4Y65RBYL3kQ2Ko1tlwjA4Il97ovcUZDlFVP9BGO
dhOLC7GBsfF/OYenCNJyy2RzRptaqfJI/LutkfTbXe9D64SnigZx5qsnq4d86PE+
yLhGH3+jSs6IiM0EwOgcd1a66fjNGgaDpL/LX519ZNmXlVOqdNCi6tvuXV5fDhgF
LNguUAGpi9lrt6pELQqmpzyz67E0TXdx0bIwP0x+PW68POACgE+LPgZsRsQU2URk
swIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 318665023650663269448956580384436279942340
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-19 09:00:15 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-17 09:00:14 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'library.stanford.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24207896345908638090047623304303288226221824005267412971217219034524411313444143750542104627932100336090879549336854965881300801178855166596506232843975622719447197498522254328443092645334559791954664361936944111744317000672570087663280689408933288414719596184906631559582804289776807253873694647413413600164717276602065610754085209532877673733921436504999744102154009718968218928877678003273118992828651904622496065105812346201847630206148417086393697821430055378913491675369758153403682448892416631559549703629115943661960670722231568841113470640888780611924742765638181103973591874532766573995362800667087419499699
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c61938fd37daa864ef260b90ad9151b279426070
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'library.stanford.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b4760eaed0000040300473045022100d448334e7130827481342194661f8d67165af940c40600eecd3c3a4f878ec91d02203ea8ef4e180e4a5fbbfc42ed1a1d0336b29e27cffbdee772f2b0e27276e5b6a9007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b4760eb7600000403004730450220249d47c4dd3cf654686464faf8a7cff33c03953ee5d45c2afe8f7627effbeb5b0221009e41d3531589dfcdddf9ba47953de1b6269d7cf44be02b56fd91f261f9a37391
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b21ca798e82d650182de2bd94283ae164436d55f1eb432105ce7f89bec683e4dfc767efed2fdeebc5b80511a15e83697697f3bf98242d0a9011c571b79f8c6a11cfe41bec27608bd86dfb0d871f8d7b2182e6ed8ea0b53ab66c649dd8669ae7c5cf5875c1ada6719364c22fef9fdc1a4e9c93036470fcf05de9e67b7ea6ebcbd225020c605d9fafaf8080d64725eb401fad110c5c66f6e01f3071617a12dab1ec3ba1ecdf4e010ae7731f1bb10b9bd096fe82086a57d5c54d758aa923dfc8e597c9336e2aadc569b665a605d60c7ed7c1718d8b30382e8e72a43dd0c4ba61556038dbd2be4871cb86def5623efd24ee23a3cfae4fd626842a45ef90fe882a269