my.jefferson.edu

Issued by R3

About this certificate

This digital certificate with serial number 04:d6:03:c8:d6:fe:1e:ff:d9:93:04:80:b5:7e:99:e4:f5:cd was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=my.jefferson.edu

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:d6:03:c8:d6:fe:1e:ff:d9:93:04:80:b5:7e:99:e4:f5:cd
Serial Number (int): 421274600752050081794726958697225801496013
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 6d:b2:04:3c:54:93:79:f6:17:59:a4:4e:68:c8:8f:10:27:97:93:4e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 27:0d:4b:f0:a1:47:3d:29:96:e1:84:f3:c6:9f:0b:d4:a5:2b:ae:a2
Fingerprint (sha256): 20:fe:9c:92:90:dd:36:51:90:86:c3:51:0e:6a:ee:aa:6d:04:71:22:54:d2:cf:08:c8:10:28:a6:02:80:07:bb

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate my.jefferson.edu

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for my.jefferson.edu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

my.jefferson.edu

Other certificates including the domain name jefferson.edu

(limited to 100 certificates)
xvm13.jefferson.edu
jeffcal.jefferson.edu
www.spanish4all.tk
*.jefferson.edu
live.collegeserve.org
pollina.jefferson.edu
author-stage.jefferson.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
offcampushousing.fau.edu
*.jefferson.edu
nexus.jefferson.edu
n002.offcampuspartners.com
author-stage.jefferson.edu
offcampushousing.fau.edu
brindmarcustore.jefferson.edu
offcampushousing.fau.edu
attend.jefferson.edu
ewebapp02pa.jefferson.edu
brindmarcustore.jefferson.edu
sfunder10cert.net
sfunder10cert.net
jdc.jefferson.edu
*.jefferson.edu
n002.offcampuspartners.com
n002.offcampuspartners.com
cme.jefferson.edu
giftmap.jefferson.edu
jdc.jefferson.edu
cloud.hocusfocus.no
n002.offcampuspartners.com
www.eastfalls.jefferson.edu
*.jefferson.edu
offcampushousing.fau.edu
cme.jefferson.edu
jefferson-payments.jefferson.edu
brindmarcusstore.jefferson.edu
pvs01-a.jefferson.edu
offcampushousing.fau.edu
one.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
jefferson-payments.jefferson.edu
heathrobotics.com
leeds.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
jdc.jefferson.edu
brindmarcusstore.jefferson.edu
jefferson-payments.jefferson.edu
offcampushousing.fau.edu
qlicktest02.tju-res.jefferson.edu
jefferson-payments.jefferson.edu
*.jefferson.edu
*.jefferson.edu
creative.jefferson.edu
offcampushousing.fau.edu
leadership.jefferson.edu
brindmarcustore.jefferson.edu
n002.offcampuspartners.com
bootspruefung.de
jefferson-payments.jefferson.edu
brindmarcustore.jefferson.edu
online.jefferson.edu
connectvpn.jefferson.edu
n002.offcampuspartners.com
degreeworks.jefferson.edu
eastfalls.jefferson.edu
offcampushousing.fau.edu
n002.offcampuspartners.com
brindmarcustore.jefferson.edu
n002.offcampuspartners.com
jdc.jefferson.edu
online.jefferson.edu
n002.offcampuspartners.com
my.jefferson.edu
*.jefferson.edu
*.jefferson.edu
n002.offcampuspartners.com
banadmin02pb.jefferson.edu
jdc.jefferson.edu
sfunder10cert.net
cme.jefferson.edu
banxeadmc07.jefferson.edu
n002.offcampuspartners.com
offcampushousing.fau.edu
apps.jeffersonhospital.org
brindmarcusstore.jefferson.edu
cm.jefferson.edu
leadership.jefferson.edu
www.enchird.com
offcampushousing.fau.edu
Directpnrprod.jefferson.edu
fairwarning.jefferson.edu
www.eastfalls.jefferson.edu
offcampushousing.fau.edu
brindmarcusstore.jefferson.edu
canvas.jefferson.edu
giftmap.jefferson.edu
offcampushousing.fau.edu

Certificate

The complete raw certificate details for my.jefferson.edu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgISBNYDyNb+Hv/ZkwSAtX6Z5PXNMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzA5MjMwNTA0MjlaFw0yMzEyMjIwNTA0MjhaMBsxGTAXBgNVBAMT
EG15LmplZmZlcnNvbi5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCudp4yp0745QstCMTSIrzA9WziIXQ+GiqQEQDXyV8Y6Eyk+U/G4XOADeTXH9H9
WCdDC2ELZXm3ij19szrZAXtZhdC5C5CyRLJn2PukiRjyjGqIrFtj260ElE3SbmOu
V8DZBOxTzp1mfhjKmIq6W49qCIqzguLAKSTPhwk24TlleVsXwRRwUc/dUmaPiIEi
qj24azyUrLGtqrVsvC4Pgpx4v9wQ8CMAuecT3QzyuTBKFEB4UuoLJQuaCBX6GaGV
fwU2GUtTl5MgoR+MIcOmkwrhRUHlG9EHVjnaR4R4qidyWazvWo5VC9OYjqQzRMe1
U/JzhCrakLx9Fi9m9HWkyDebAgMBAAGjggIRMIICDTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFG2yBDxUk3n2F1mkTmjIjxAnl5NOMB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMBsGA1UdEQQUMBKCEG15LmplZmZlcnNvbi5lZHUwEwYDVR0gBAwwCjAIBgZn
gQwBAgEwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdgB6MoxU2LcttiDqOOBSHumE
FnAyE4VNO9IrwTpXo1LrUgAAAYrAo7fCAAAEAwBHMEUCIC450zfVFVS3Vz/I1KXv
uSD9uvX+14pJhbRkY8+FYJOVAiEAxQhanhH+DJAjr+zi3XeO/j7hNNDQ9lYv+ryj
6a7BojEAdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYrAo7e2
AAAEAwBGMEQCIHWFK8u9enhcXrp8ycmTungnQ12FCv6aiVI/ydS+Wj4WAiBP4teR
nPqajrHmKjH52395gGbmj6+DofqyLZPbCEBgFjANBgkqhkiG9w0BAQsFAAOCAQEA
UQ25TFqyAcfa0SeEPcNkLKIYnRU4ZoGzlRtEP9Yq3LciRblkmRiSH/ok6eMKKBrj
OQbz2c8WYpBzsfz12YC5Z55MhjnruZKjUbkPQqLsONu+hjHBsobgzBcltuAtWmID
fkVLvXHs5b1lGk16etmk7G4p2pE71D6GQqM3eFfVJJcQUdidMo9TyBPFahQ3rwzJ
BxDuw/pFUdL2dO3JXudTGhf1MoHlNHQ2w38b9B2V0BnKSS6PF3xdvHcFfZqjgxge
o8vD9Ji6/kPckK3LjI+/PjZqt1UnnDMFceeWvsLkNaIS869sAA8fEA50mQPlEX6+
Yb/can7ycxvapFQxzuUdow==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnaeMqdO+OULLQjE0iK8
wPVs4iF0PhoqkBEA18lfGOhMpPlPxuFzgA3k1x/R/VgnQwthC2V5t4o9fbM62QF7
WYXQuQuQskSyZ9j7pIkY8oxqiKxbY9utBJRN0m5jrlfA2QTsU86dZn4YypiKuluP
agiKs4LiwCkkz4cJNuE5ZXlbF8EUcFHP3VJmj4iBIqo9uGs8lKyxraq1bLwuD4Kc
eL/cEPAjALnnE90M8rkwShRAeFLqCyULmggV+hmhlX8FNhlLU5eTIKEfjCHDppMK
4UVB5RvRB1Y52keEeKonclms71qOVQvTmI6kM0THtVPyc4Qq2pC8fRYvZvR1pMg3
mwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 421274600752050081794726958697225801496013
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-23 05:04:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-22 05:04:28 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'my.jefferson.edu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22023957760425913914947251807593403172501005358457049685763484480145280475463937463728905114535898745144547047662171595280527706827567218100782675253723615602471026129392070469298204688067309148351279894068030972843184641103074691068782836144741743013519983410238722864217836457775007418836506186394841807496883502674752721506862947499854387418626668435446606185076980325597632924251897882478431343541968552716753153433610579350974066404595668477959367046439027616073488596647118370642313469704749628563712997307522723877177087004614990385273965476074003070739390284134417325749239106858690142865161790617292190005147
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							6db2043c549379f61759a44e68c88f102797934e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.jefferson.edu'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ac0a3b7c2000004030047304502202e39d337d51554b7573fc8d4a5efb920fdbaf5fed78a4985b46463cf85609395022100c5085a9e11fe0c9023afece2dd778efe3ee134d0d0f6562ffabca3e9aec1a231007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb4990000018ac0a3b7b60000040300463044022075852bcbbd7a785c5eba7cc9c993ba7827435d850afe9a89523fc9d4be5a3e1602204fe2d7919cfa9a8eb1e62a31f9db7f798066e68faf83a1fab22d93db08406016
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00510db94c5ab201c7dad127843dc3642ca2189d15386681b3951b443fd62adcb72245b9649918921ffa24e9e30a281ae33906f3d9cf16629073b1fcf5d980b9679e4c8639ebb992a351b90f42a2ec38dbbe8631c1b286e0cc1725b6e02d5a62037e454bbd71ece5bd651a4d7a7ad9a4ec6e29da913bd43e8642a3377857d524971051d89d328f53c813c56a1437af0cc90710eec3fa4551d2f674edc95ee7531a17f53281e5347436c37f1bf41d95d019ca492e8f177c5dbc77057d9aa383181ea3cbc3f498bafe43dc90adcb8c8fbf3e366ab755279c330571e796bec2e435a212f3af6c000f1f100e749903e5117ebe61bfdc6a7ef2731bdaa45431cee51da3