www.usbank.ac
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:56:43:78:8c:09:a6:87:46:78:1c:fc:c4:34:37:18:20:f3 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.usbank.ac
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:56:43:78:8c:09:a6:87:46:78:1c:fc:c4:34:37:18:20:f3Serial Number (int): 290690825542123997363781474976408362557683
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 5b:3e:b9:82:b6:81:1d:7e:f2:0c:08:ed:9d:a8:a0:75:07:ee:98:66
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 1f:e6:6a:b0:d3:00:9e:b3:46:5d:1d:c6:39:c9:f8:6d:c7:2d:66:fd
Fingerprint (sha256): 80:92:c3:a1:ed:36:f8:a5:e6:0c:f5:0a:80:65:37:de:24:91:0c:97:78:39:06:0f:f1:c4:a0:81:37:73:66:cb
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.usbank.ac
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.usbank.ac
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.usbank.ac
Other certificates including the domain name usbank.ac
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.usbank.ac in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUjCCBTqgAwIBAgISA1ZDeIwJpodGeBz8xDQ3GCDzMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDQwODAwMDBaFw0y MDA1MDQwODAwMDBaMBgxFjAUBgNVBAMTDXd3dy51c2JhbmsuYWMwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDUlV7On0LArjZEG8nlx77Y4PVeMoljLRIM PhzN+r/DKSqvlPWeh/Oz9HWM5NNKfnBfJI0BeWJJ2ZXG3FkAsFK+fcPZAVwCuBos X11EA5odtDbRPcamGnIvAKqhsbZA/6szf/EsMFeqJlLQvjYBOy9eKTdwsNeK+QYY PhgwrIJ++N1PV9YgGRPnCelNrnlkSogGCOnL8KIQgWiV9ifAqHsCYMM21LWgmqQL imayy19GyzZ2eKfbRLm65B1ICyH66bldxzQ9UZWmSSQuG19nAFLOf1iA7Xgx/h05 RrQ7yhnity1zD74jeP513Lch+Of/DboAH9Yqy5AVwUyZamyIOoODkCGOKmCs2fBX nCyf+ku/RWy+KHdLoYt0kzv0oQjUYp+2pIJPLzbC9v3Vn37Y1yjZyqaDX4rWWCyu meI/3FzTv6FGTi6UZtJE3bQQ/F6AK2Bny8GtAx8YXhQaUJGgodpn8HufrWRxVi/r 4S9nmMXP8JTpgeh2tLrRJOpjxjSAyXc+9PAVtCUs8gjwT/TovPlsiHzu5XMox52M q+FaCXiYMocT48qfKX5wXpF21JJRr3wtKY/ntzAJ74iIwJZ9jL2K9yG+6lnfN1j5 26Hwak6ZPPjDuBxz2takmF1zzWMNuQ0IJ/77esPDZGd5dv/F+kCepJBBqP+PMuzN k0isVDpfBQIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRbPrmC toEdfvIMCO2dqKB1B+6YZjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy51c2JhbmsuYWMwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy APAAdQDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAXAPbYQDAAAE AwBGMEQCIBGTM5WV6sz0wEkmL8N5bwG2SCzywCPZdR8c4FIgDYfEAiBs6TT9wsLH D165mTOktizjF2uPSL+jHK5q3mJr45uRFAB3ALIeBcyLos2KIE6HZvkruYolIGdr 2vpw57JJUy3vi5BeAAABcA9tg/8AAAQDAEgwRgIhALqwakb8b8pqs8vfp/IyfDHa jers4rP0Z4aEN3QbLygsAiEAysZeCzeLBjTvRF1zPACLM4iac6bNQCwGKn1mkOpQ GUgwDQYJKoZIhvcNAQELBQADggEBAJU0TcY0mXKnyLRbk6teySUIhR5aRByuGQUo c0gK3Pgs++QoUmv1GMMX1BdkFnS0GQflGiIfCKlp5zz7col6wkr2MvMmwKLrn7eI WMngvNsNKi+DTvxX5JEV4xSgYM1Ednl3ZssPdtb5wdDCXXxV/jgYE6NjY3c6HhmZ q18e/LCkHLO5QtlNTxorS4m5L2IbtCwtF3bJ4uv5u93tScb/FVYFbFUJoKKVwH8G B1+mQfY9fzVCaHrJiMy8/xsjIel1VlyhkjMfhcMAXBzSXTQSB7JvtTXQHztAq2xV I2uEG6Ts/Y3TIkYyPYwcvEmz4b620hRBTaKUQy/ArnGLnKe8xHs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1JVezp9CwK42RBvJ5ce+ 2OD1XjKJYy0SDD4czfq/wykqr5T1nofzs/R1jOTTSn5wXySNAXliSdmVxtxZALBS vn3D2QFcArgaLF9dRAOaHbQ20T3GphpyLwCqobG2QP+rM3/xLDBXqiZS0L42ATsv Xik3cLDXivkGGD4YMKyCfvjdT1fWIBkT5wnpTa55ZEqIBgjpy/CiEIFolfYnwKh7 AmDDNtS1oJqkC4pmsstfRss2dnin20S5uuQdSAsh+um5Xcc0PVGVpkkkLhtfZwBS zn9YgO14Mf4dOUa0O8oZ4rctcw++I3j+ddy3Ifjn/w26AB/WKsuQFcFMmWpsiDqD g5AhjipgrNnwV5wsn/pLv0Vsvih3S6GLdJM79KEI1GKftqSCTy82wvb91Z9+2Nco 2cqmg1+K1lgsrpniP9xc07+hRk4ulGbSRN20EPxegCtgZ8vBrQMfGF4UGlCRoKHa Z/B7n61kcVYv6+EvZ5jFz/CU6YHodrS60STqY8Y0gMl3PvTwFbQlLPII8E/06Lz5 bIh87uVzKMedjKvhWgl4mDKHE+PKnyl+cF6RdtSSUa98LSmP57cwCe+IiMCWfYy9 ivchvupZ3zdY+duh8GpOmTz4w7gcc9rWpJhdc81jDbkNCCf++3rDw2RneXb/xfpA nqSQQaj/jzLszZNIrFQ6XwUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 290690825542123997363781474976408362557683 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-04 08:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-04 08:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.usbank.ac' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 867264924540408363341550802571342599067885040069909597071245125888606106491677713679707120056062154230454930433589701257591675192508830292488405871286805077600133590985086528217434758274554771692877245225219307582569572383704002197796858836157910872157519104428350829730674726053864893058278133619143473540886824809784183757533795280745725942671748664278699801416943321757184057680556995760731611382324879571420834788827790684725180292349173184694641481670172060766751092073334734040353788717565471223723163725405295553915974812639944674108968953409107474339638721416296641764028682083516395316304211316405282972075320425323638733432215993895995112318222290839306472077759092208460121693606920115655403659455838399667192644747314109738524553280513235429065993373124319345153461455283225159687200218087253972191797858881857202300150066500184757155803583409780963988217213862161655489750556268346096432568596937717064574542906574556613906830210764854715746729763621788962178921933110464138451806842696564499519385066508626433852721031214358664234990298650433761977092030476846782258946094812334307762001642861337487761946131115546862670581611284947943337272813535319371516369249799579294945349149132672804967879717499887047083367751429 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5b3eb982b6811d7ef20c08ed9da8a07507ee9866 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.usbank.ac' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb273000001700f6d8403000004030046304402201193339595eaccf4c049262fc3796f01b6482cf2c023d9751f1ce052200d87c402206ce934fdc2c2c70f5eb99933a4b62ce3176b8f48bfa31cae6ade626be39b9114007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001700f6d83ff0000040300483046022100bab06a46fc6fca6ab3cbdfa7f2327c31da8deaece2b3f467868437741b2f282c022100cac65e0b378b0634ef445d733c008b33889a73a6cd402c062a7d6690ea501948 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0095344dc6349972a7c8b45b93ab5ec92508851e5a441cae19052873480adcf82cfbe428526bf518c317d417641674b41907e51a221f08a969e73cfb72897ac24af632f326c0a2eb9fb78858c9e0bcdb0d2a2f834efc57e49115e314a060cd4476797766cb0f76d6f9c1d0c25d7c55fe381813a36363773a1e1999ab5f1efcb0a41cb3b942d94d4f1a2b4b89b92f621bb42c2d1776c9e2ebf9bbdded49c6ff1556056c5509a0a295c07f06075fa641f63d7f3542687ac988ccbcff1b2321e975565ca192331f85c3005c1cd25d341207b26fb535d01f3b40ab6c55236b841ba4ecfd8dd32246323d8c1cbc49b3e1beb6d214414da294432fc0ae718b9ca7bcc47b