security.tennessee.edu

Issued by R3

About this certificate

This digital certificate with serial number 03:00:59:bb:e4:0b:73:d2:e3:4b:75:f7:2b:0d:b8:c1:64:5d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=security.tennessee.edu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:00:59:bb:e4:0b:73:d2:e3:4b:75:f7:2b:0d:b8:c1:64:5d
Serial Number (int): 261456134671714888609485208394406115239005
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 05:3c:b4:8f:47:08:eb:ea:72:43:31:99:a8:7d:4b:6b:06:22:e3:df
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): ac:39:ad:34:3a:e3:2c:8c:71:a5:dc:b0:ba:eb:c6:6c:31:e4:a4:ff
Fingerprint (sha256): 07:d5:a8:15:b9:d6:7d:89:93:d7:d8:9b:06:35:1d:9d:51:ec:0b:91:3a:29:96:f5:57:3d:d8:2a:0a:1a:a7:56

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate security.tennessee.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for security.tennessee.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

security.tennessee.edu

Other certificates including the domain name tennessee.edu

(limited to 100 certificates)
acctspayable.finance.tennessee.edu
hr.tennessee.edu
finance.tennessee.edu
vetmed.tennessee.edu
agrability.tennessee.edu
security.tennessee.edu
UNIVERSITY OF TENNESSEE
security.tennessee.edu
iris.tennessee.edu
counsel.tennessee.edu
dev-2.tennessee.edu
communications.tennessee.edu
www.utrf.tennessee.edu
mtas.tennessee.edu
govrelations.tennessee.edu
utpromise.tennessee.edu
equity.tennessee.edu
finance.tennessee.edu
controller.tennessee.edu
utgardens.tennessee.edu
utiaits.tennessee.edu
*.tennessee.edu
tennessee.edu
UNIVERSITY OF TENNESSEE
licensing.finance.tennessee.edu
licensing.tennessee.edu
extensionsupport.tennessee.edu
aspire.tennessee.edu
super.tennessee.edu
insurance.tennessee.edu
research.tennessee.edu
auction.utk.tennessee.edu
itservices.tennessee.edu
bwd.tennessee.edu
conduct.tennessee.edu
everywhere.tennessee.edu
utapq.tennessee.edu
blogs.tennessee.edu
trace.tennessee.edu
www.utrf.tennessee.edu
ips.tennessee.edu
plantsciences.tennessee.edu
utextension.tennessee.edu
procurement.finance.tennessee.edu
treasurer.tennessee.edu
transfersummit.tennessee.edu
security.tennessee.edu
utia.tennessee.edu
academicaffairs.tennessee.edu
wp.oit.utk.edu
ds.uthsc.edu
everywhere.tennessee.edu
controller.finance.tennessee.edu
procurement.finance.tennessee.edu
google.tennessee.edu
security.tennessee.edu
haywood.tennessee.edu
titleix.tennessee.edu
tennessee.edu
acctspayable.tennessee.edu
dev.intranet.ips.tennessee.edu
licensing.tennessee.edu
treasurer.tennessee.edu
bi.tennessee.edu
procurement.finance.tennessee.edu
blogs.tennessee.edu
news.tennessee.edu
tennessee.edu
varietytrials.tennessee.edu
counsel.tennessee.edu
epp.tennessee.edu
extol.tennessee.edu
blogs.tennessee.edu
research.tennessee.edu
blogs.tennessee.edu
www.tennessee.edu
www.tennessee.edu
alumnus.tennessee.edu
advocacy.tennessee.edu
blogs.tennessee.edu
risk.finance.tennessee.edu
aspire.tennessee.edu
trustees.tennessee.edu
alumni.tennessee.edu
policy.tennessee.edu
treasurer.finance.tennessee.edu
www.utrf.tennessee.edu
treasurer.tennessee.edu
procurement.finance.tennessee.edu
controller.tennessee.edu
minerva.winsg.utk.edu
acctspayable.finance.tennessee.edu
extol.tennessee.edu
security.tennessee.edu
solarfarm.tennessee.edu
titleix.tennessee.edu
risk.finance.tennessee.edu
itservices.tennessee.edu
policy.tennessee.edu
ocsp.utk.tennessee.edu

Certificate

The complete raw certificate details for security.tennessee.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE+jCCA+KgAwIBAgISAwBZu+QLc9LjS3X3Kw24wWRdMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMDQwNTI4MzVaFw0yNDAzMDMwNTI4MzRaMCExHzAdBgNVBAMT
FnNlY3VyaXR5LnRlbm5lc3NlZS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC2cUEQykfwyTDWFL5HIuOv25CfJNSkhS6xXp52a3nkcB51+99Qs0N5
8o6BkWSssHHcKuhgMLGw3IGQ3ispn9ZpLR4O9DsGSz+iHC2WEiPt6+ABOX0GgVeN
+TKuzYVTrfDAEn+CLQklYSkqLCxwcW7eaRcyWtY/nSickrmQg4d/ic1oq32x4fHs
HY/qSpDX90bU1n8puLZTv5EEPsTqpV1KEso3XtV0qi4B3cWrdRVjKxeINMFfLXnn
i9JkQhI7T+lweHUmq4q/0NweO0a5PGuz4YvyERlXRTHVJzyc9VawPqjVDANX4XLw
5ijb+7iwSWDB8qY7PXbTtPRgGjMClCqXAgMBAAGjggIZMIICFTAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwHQYDVR0OBBYEFAU8tI9HCOvqckMxmah9S2sGIuPfMB8GA1UdIwQYMBaAFBQu
sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV
aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s
ZW5jci5vcmcvMCEGA1UdEQQaMBiCFnNlY3VyaXR5LnRlbm5lc3NlZS5lZHUwEwYD
VR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgBIsONr
2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYwzg6nRAAAEAwBHMEUCIQCC
ia88qvXXMD1N+hG1vLlLcY7qM3KjX2RALg05wj65GgIgDZvCDgq+xCAizf1K2u2L
b0bc0iVHFxaK7WqDT7tO56MAdwCi4r/WHt4vLweg1k5tN6fcZUOwxrUuotq3ivia
bfUX2AAAAYwzg6njAAAEAwBIMEYCIQDu26EzS3ATh16YRJ0kES5yrdRK3DPvWNRh
j9eRd+p5VQIhANt2PfMDWN4Izbn/6DBwHQAml9g9L5f0l0EZ64OvyqUKMA0GCSqG
SIb3DQEBCwUAA4IBAQB8QfT0fqnGJG3wkbN8cYwVDjHFbVtkIOCXZunsypmvJHs6
+RY5kaYZIqVIS1jjMoRO2ZfrtuKwF9B6IQZayjWIebrr14QqLzg9Xp5X4B8V7doM
LrRT6fc89IuTf0qNwCTHA5YclfOLA/c/jWYHuWJY/cowTMa2/yylwffvTjQ0H2OL
UgfmK1qlBGRWGnqv/CtnA0F2qQbeorNjzOQluDc98daEZWWf+7FcLYY5R+Hpox8n
8b+9lkWTojMrA+TyKI6XGAXrGG2cBk0DNHLLu8a8A325Q6eDd0duuji0yowHTQvN
RZb825zyHfuESkH7Zb7jeaUBm1JyACsIQ5Pgut8v
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnFBEMpH8Mkw1hS+RyLj
r9uQnyTUpIUusV6edmt55HAedfvfULNDefKOgZFkrLBx3CroYDCxsNyBkN4rKZ/W
aS0eDvQ7Bks/ohwtlhIj7evgATl9BoFXjfkyrs2FU63wwBJ/gi0JJWEpKiwscHFu
3mkXMlrWP50onJK5kIOHf4nNaKt9seHx7B2P6kqQ1/dG1NZ/Kbi2U7+RBD7E6qVd
ShLKN17VdKouAd3Fq3UVYysXiDTBXy1554vSZEISO0/pcHh1JquKv9DcHjtGuTxr
s+GL8hEZV0Ux1Sc8nPVWsD6o1QwDV+Fy8OYo2/u4sElgwfKmOz1207T0YBozApQq
lwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 261456134671714888609485208394406115239005
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-04 05:28:35 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-03 05:28:34 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'security.tennessee.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23031219212798156429694520829235349665714386748018818605059138945443315239921408727454380639436084060141432618590113208069136463279787145787467753641765871871302177333461430315782828486854246200281727827110295390430164825368980533377952747687106270291275954849519361811221430396510242178902660328902666301743951492790917375513163472982949120464145894834427485249331822850352236515822241793962995783465773837503637362878958692803472367239561379395375352177816227546695118678028499727103558641543775092020004478057748902704017360525808841494050602027430297720949305217954960326237089099465932119018951540141992644455063
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							053cb48f4708ebea72433199a87d4b6b0622e3df
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'security.tennessee.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c3383a9d100000403004730450221008289af3caaf5d7303d4dfa11b5bcb94b718eea3372a35f64402e0d39c23eb91a02200d9bc20e0abec42022cdfd4adaed8b6f46dcd2254717168aed6a834fbb4ee7a3007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018c3383a9e30000040300483046022100eedba1334b7013875e98449d24112e72add44adc33ef58d4618fd79177ea7955022100db763df30358de08cdb9ffe830701d002697d83d2f97f4974119eb83afcaa50a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007c41f4f47ea9c6246df091b37c718c150e31c56d5b6420e09766e9ecca99af247b3af9163991a61922a5484b58e332844ed997ebb6e2b017d07a21065aca358879baebd7842a2f383d5e9e57e01f15edda0c2eb453e9f73cf48b937f4a8dc024c703961c95f38b03f73f8d6607b96258fdca304cc6b6ff2ca5c1f7ef4e34341f638b5207e62b5aa50464561a7aaffc2b67034176a906dea2b363cce425b8373df1d68465659ffbb15c2d863947e1e9a31f27f1bfbd964593a2332b03e4f2288e971805eb186d9c064d033472cbbbc6bc037db943a78377476eba38b4ca8c074d0bcd4596fcdb9cf21dfb844a41fb65bee379a5019b5272002b084393e0badf2f