usbank.ac
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:2c:6e:83:c3:f8:ec:8b:95:09:44:33:d5:53:a8:d2:29:77 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=usbank.ac
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:2c:6e:83:c3:f8:ec:8b:95:09:44:33:d5:53:a8:d2:29:77Serial Number (int): 363568467116778752009746430421779854010743
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 21:0a:08:b5:d6:bb:99:27:ea:45:09:ea:16:d7:f2:35:b2:d6:92:13
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 93:1d:d2:52:e6:24:7a:51:a3:7d:97:30:bb:ca:f2:7a:de:31:b2:a9
Fingerprint (sha256): 1f:a3:5e:19:5f:a9:cf:94:b4:aa:c6:27:5b:0f:fa:22:db:ee:a8:d6:94:8f:96:ec:89:fc:b9:80:13:7d:74:c3
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate usbank.ac
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for usbank.ac
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
usbank.ac
Other certificates including the domain name usbank.ac
(limited to 100 certificates)
Certificate
The complete raw certificate details for usbank.ac in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGSzCCBTOgAwIBAgISBCxug8P47IuVCUQz1VOo0il3MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDIxMjU1MjJaFw0y MDA1MDIxMjU1MjJaMBQxEjAQBgNVBAMTCXVzYmFuay5hYzCCAiIwDQYJKoZIhvcN AQEBBQADggIPADCCAgoCggIBAJX+Q+gpvMrAK05U/AJAOu5oJZH67WFuYqHuNgR2 c586u5zP68QwUK0yONPisiaT1A02MUlf4L/9K826eaRvBj4NWf9Edo6blueVkifK 7FWZncikIRrk9bfW7DqL6oakZD1j7ZefpNPvvYcKl329i7fJaszOb9WSQivoFItZ 0N9lG5AU+OM8297zh1v0zuTiNJnivuBItaKPY0mvoo1OyAv350+yVmU/JO0pIGdx 8vosrfpInVYHU23cWw763W65GZF7MWKNw+8RxSzD3K9Oavj8GCYTolMhbyPFTc3C q6S+T99bksWQq7xh6p/W1eaN2MpsyT0qUssVXbFCGHsPUXvhnqD3YdhPYtNNWuGj qIB2UPjywLENvSLTWbNyplKeKr6oJouxvWdsHHZemebEWc8Zy1kWSSIWtpuQdbex hUSQjpW+0e5xTkYfFYylOoVSzNpQFrOK/szQmAXpYmUGnvlvtjaBeOKlcwflRhlD mFu2UvViPDaRHsKIz/XDUZulZ6T/A8GyG6PL0YM0GYnaMdvXzReBrpWobURVI3OF u53ZQwBbUOSu2lk08V88basgNGxWD/+cwnicdE8PO9eVOVr3e3ZHOxNgffSwrokz s/FMggmlN4/1wf5V/AuegphPoKKsKWJtL/9+qD9gksE3XXGY5bZQLs5PLnDcmC4a CQ8rAgMBAAGjggJfMIICWzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFCEKCLXWu5kn 6kUJ6hbX8jWy1pITMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8G CCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZy8wFAYDVR0RBA0wC4IJdXNiYW5rLmFjMEwGA1UdIARFMEMw CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j cHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAXqdz +d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFwBi82nAAABAMARzBFAiBM Jinf8B4HrP3U6RtnFKiKQTkgcMNs2BbRhoRwsSiXSwIhAOeX/mznMJxT/+2kAZ8J 67UZ2F98tHqsJE5kLHVWg3naAHcAB7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6 GmnTohwAAAFwBi82wAAABAMASDBGAiEAxVpL+uoPrck1eczR4jwqRgY9EPh+dwFB 54V0asmzeDoCIQDl2d8H3Bvf/3nDWRKvllQ6//u5x0fA4OIVX1d+gt+kQjANBgkq hkiG9w0BAQsFAAOCAQEAQFW0oMvu5N/NNnWBwOrqj5aHdHVwDqw3F4UHGjqGYZEj eY2D0hsZYqOWFOsSbZI6HpcJDJQu3UPwRn4nPHlVw+zdYRlt/XN15w4EQ+YwS+OC +Iz2ne9nOOI46mY7+ZjvvQpRnc/qNI00s2Xff72DYXW9IjDm95k5wVD8IUnpJTcW jew+NKtmy/KvYblrpTnd/vIXSuE3CVX/XSqoD5rv3dJuMd8jO8GOaQv/qw2lnUgB I7aLSTV8wjYHHRdWQSIiK0eixINEf5E+flZPxbir4/IbkMxLab4KIxrIruxZA2r/ lvnNXu3wIM+CJsNu2cDzUAa2usrmyuUgr8uvphqB0A== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlf5D6Cm8ysArTlT8AkA6 7mglkfrtYW5ioe42BHZznzq7nM/rxDBQrTI40+KyJpPUDTYxSV/gv/0rzbp5pG8G Pg1Z/0R2jpuW55WSJ8rsVZmdyKQhGuT1t9bsOovqhqRkPWPtl5+k0++9hwqXfb2L t8lqzM5v1ZJCK+gUi1nQ32UbkBT44zzb3vOHW/TO5OI0meK+4Ei1oo9jSa+ijU7I C/fnT7JWZT8k7SkgZ3Hy+iyt+kidVgdTbdxbDvrdbrkZkXsxYo3D7xHFLMPcr05q +PwYJhOiUyFvI8VNzcKrpL5P31uSxZCrvGHqn9bV5o3YymzJPSpSyxVdsUIYew9R e+GeoPdh2E9i001a4aOogHZQ+PLAsQ29ItNZs3KmUp4qvqgmi7G9Z2wcdl6Z5sRZ zxnLWRZJIha2m5B1t7GFRJCOlb7R7nFORh8VjKU6hVLM2lAWs4r+zNCYBeliZQae +W+2NoF44qVzB+VGGUOYW7ZS9WI8NpEewojP9cNRm6VnpP8DwbIbo8vRgzQZidox 29fNF4GulahtRFUjc4W7ndlDAFtQ5K7aWTTxXzxtqyA0bFYP/5zCeJx0Tw8715U5 Wvd7dkc7E2B99LCuiTOz8UyCCaU3j/XB/lX8C56CmE+goqwpYm0v/36oP2CSwTdd cZjltlAuzk8ucNyYLhoJDysCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 363568467116778752009746430421779854010743 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-02 12:55:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-02 12:55:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'usbank.ac' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 611918965216528308831833601296722443711438957885285031520447055983729935635015650721686677345265752232569164041456513436370579179135142895155832654514093722115351275114601628834567882588356926161089558427301903503263808161817356452951386111287345556827064941735298649004965144515411466918358390788982067261474600658194677271888823767170557558901973008924569442065802802818639993492154549041242478611969715516341426375803815449151464327202863477340471317272129564912858064139631686679106905891662577051917824068713214062075352858767900702259531880592054790377103469106453261532353424585839660415297542362186734513431715086404844035035334072892294952304026493708899333218750987285672039958978746261405640488216303613858956691837873239765588182885962211900471617396293193406334971775022479237426028815845337644534998445350582374966199695067143808403652087588420327676080711870926233226202108489995765789298279452652864575688543042760395598519944888451017921173436850980122020675546602936617228727925457998429689769400647172690300765079865779168417656071812088309898898824778764370145749940123898350468770442862408858369393304990097465243739802118976630736267287659589713469354452835058359384543872943432616413086512959641656158652534571 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 210a08b5d6bb9927ea4509ea16d7f235b2d69213 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (13 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usbank.ac' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000170062f369c000004030047304502204c2629dff01e07acfdd4e91b6714a88a41392070c36cd816d1868470b128974b022100e797fe6ce7309c53ffeda4019f09ebb519d85f7cb47aac244e642c75568379da00770007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c00000170062f36c00000040300483046022100c55a4bfaea0fadc93579ccd1e23c2a46063d10f87e770141e785746ac9b3783a022100e5d9df07dc1bdfff79c35912af96543afffbb9c747c0e0e2155f577e82dfa442 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004055b4a0cbeee4dfcd367581c0eaea8f96877475700eac371785071a3a86619123798d83d21b1962a39614eb126d923a1e97090c942edd43f0467e273c7955c3ecdd61196dfd7375e70e0443e6304be382f88cf69def6738e238ea663bf998efbd0a519dcfea348d34b365df7fbd836175bd2230e6f79939c150fc2149e92537168dec3e34ab66cbf2af61b96ba539ddfef2174ae1370955ff5d2aa80f9aefddd26e31df233bc18e690bffab0da59d480123b68b49357cc236071d17564122222b47a2c483447f913e7e564fc5b8abe3f21b90cc4b69be0a231ac8aeec59036aff96f9cd5eedf020cf8226c36ed9c0f35006b6bacae6cae520afcbafa61a81d0