www.usbank.ac
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:90:5e:05:01:14:5d:71:ed:92:7e:40:be:6c:af:b8:38:4f was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.usbank.ac
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:90:5e:05:01:14:5d:71:ed:92:7e:40:be:6c:af:b8:38:4fSerial Number (int): 397574777978640092781783779272248358615119
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: d4:d2:f8:84:67:83:0f:03:09:c6:0e:83:6b:2d:b7:83:14:0b:b0:c2
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 22:ca:aa:dd:12:ce:4b:a8:72:70:ba:8e:f3:eb:37:6f:af:bf:83:8e
Fingerprint (sha256): f6:5d:6d:d0:a6:cb:d7:48:e1:4a:51:2f:1e:4b:57:ec:7d:61:e4:53:e4:93:a4:3e:6a:ca:78:e9:e2:33:7a:6f
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.usbank.ac
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.usbank.ac
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.usbank.ac
Other certificates including the domain name usbank.ac
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.usbank.ac in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUzCCBTugAwIBAgISBJBeBQEUXXHtkn5AvmyvuDhPMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMDMxNjIxNTFaFw0y MDAzMDIxNjIxNTFaMBgxFjAUBgNVBAMTDXd3dy51c2JhbmsuYWMwggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQDUhL3tUE5OtHpLaaUnuRnbqv98eHnu6pJi u5fKrZS7qdc6UkSivEyq7e/d/39tweeF7FdMfKH8na7R/JHtz3OsOViHnRJCswHP luMlMvzKv3IIvkBj49uxx6tbaVbbEb8lBUUnZ434dpInUXwpnFhYECdj6j2QbyCA GsYmTz7Z6MFKf+k7fAOYm0o++Tq+vsSFLv97IRbfyCWNH9i1qwQeJ27k+XtvNI11 jHA316lMhWgudD1HUABq8c4i2P48PpWWCm45yr4KG+HWGnf37PBq6yn5tn11ryBw BqK0lYk1RmYqnahnAN0+xpTNRyc/iGpBqfyLNFeWVYQ7j/ZS19rcyPgEbePO/l5f cKFTwk0FqSyZ0lEI4KXGc6tGhSB6yyvv6p/n7eN0/t55CwOYceixcBCnMYdRJN9i 42edBxdvUYL5NAucJ+WJhZV2XbNZGgg2utLUPhynrPIYLhg/oTQjtuLP9vkBJKzq QY5AqDFHNMvzPSbb/ixg4+KsrXh0Z8svgpMMiYR3BSJUMBDeWVxvG6pBgMquLQkE Qq55S1j5TcNw3qw3FYBJSd/K9v4hu36rxM42fQlFxTUJJ0erzbG+urrGxUqX9IpT RltQAO0fFVKD2VANNiDGwmi3fLAeQWW3QMZ1fuHghcFW/ve3miPwTT7sK4tgZKoG nN5voBtZ6wIDAQABo4ICYzCCAl8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTU0viE Z4MPAwnGDoNrLbeDFAuwwjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy51c2JhbmsuYWMwTAYD VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHz APEAdwCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAW7MyFQhAAAE AwBIMEYCIQCPJUa7DZD6DyDPr3Ora7EqGo12pK3pVIKt+ZtImZeEJAIhAN/cCTSg 6ngpQUvyg8lyHhNpba5js5l/e+/FjJBAEym8AHYAb1N2rDHwMRnYmQCkURX/dxUc EdkCwQApBo2yCJo32RMAAAFuzMhUSwAABAMARzBFAiEAs56N3yeHo1noty0u0RZg JYOuwlvlbsLdC8TOYelkhLMCIDkXceVU97troDfSO3+/i2oisDCsaCdb7WUUGQog LydOMA0GCSqGSIb3DQEBCwUAA4IBAQBdzUMcIhKcyvfYoh6sI/7LTTJbNu4xJhSi ZMlQA1gd5htgQzxfWbpeBluJSWYOYnhiTQEAPRHfCeIanxo6fXZaJ5zSPuHU6pIA Nx2kNqTnrymeO7tvHAnp5lHaO/6xL1yidHdBnpkw4YhbIiL80HW6+C1UUpwTVuzd OulAnsTNBtPcqPD3VCPILBQM/9rSbyZp6tXuf5r/ESCX+G5IOEJ8YTcYWkHPgf7r HtScP20cXIrJWyCjRVc+oIFTSnFX03Sw8d8CTE6Gr/pSERQJxipOz3FFNFA66kPB 44tHNbONcJH7Mbzp0QWX/0HU2Ln03QNyaCkCIfyVzwt4+zdP/ypj -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1IS97VBOTrR6S2mlJ7kZ 26r/fHh57uqSYruXyq2Uu6nXOlJEorxMqu3v3f9/bcHnhexXTHyh/J2u0fyR7c9z rDlYh50SQrMBz5bjJTL8yr9yCL5AY+PbscerW2lW2xG/JQVFJ2eN+HaSJ1F8KZxY WBAnY+o9kG8ggBrGJk8+2ejBSn/pO3wDmJtKPvk6vr7EhS7/eyEW38gljR/YtasE Hidu5Pl7bzSNdYxwN9epTIVoLnQ9R1AAavHOItj+PD6VlgpuOcq+Chvh1hp39+zw ausp+bZ9da8gcAaitJWJNUZmKp2oZwDdPsaUzUcnP4hqQan8izRXllWEO4/2Utfa 3Mj4BG3jzv5eX3ChU8JNBaksmdJRCOClxnOrRoUgessr7+qf5+3jdP7eeQsDmHHo sXAQpzGHUSTfYuNnnQcXb1GC+TQLnCfliYWVdl2zWRoINrrS1D4cp6zyGC4YP6E0 I7biz/b5ASSs6kGOQKgxRzTL8z0m2/4sYOPirK14dGfLL4KTDImEdwUiVDAQ3llc bxuqQYDKri0JBEKueUtY+U3DcN6sNxWASUnfyvb+Ibt+q8TONn0JRcU1CSdHq82x vrq6xsVKl/SKU0ZbUADtHxVSg9lQDTYgxsJot3ywHkFlt0DGdX7h4IXBVv73t5oj 8E0+7CuLYGSqBpzeb6AbWesCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 397574777978640092781783779272248358615119 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-03 16:21:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-02 16:21:51 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.usbank.ac' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 866999931930344628511203339517430477963915631700617154790383459059969426521769360785333401492002144380161860246739782428950172328633362353938700421757785440546570260023706198333524830181199578964163419426795539222271502236100730541732105295539393678345342009437943055321626674202778788926131433055239605269433661352395464829038844448998672050794006190944123518792320075423407998808888523641560084697197242822355972032179840210969188237755075418903493287011077662635327249855168032598432014515362279069480322922969594310527359585684460958183191962177392596984547615285260653518998906889937715677528178283753973272497276464470118437272107035590018402838563793646379750084400894862859502793840006383089753409397335780856822775958275391545416242336868352996074450678784747691370947029768871015124702284763737354597061242001639425795413143854345837242309598155254295414578002720270696242538096617564454240395783932512871689689266577679083389164398262706978415481569693410469200053580912535839875384665268384692255466985049842477114667374120466260530311290365209978841647155952901007784828710676679261172850811053094073488142731753267911613315573347683684482185879584554820124516108796142914239080812025608467008157949809215858234294491627 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d4d2f88467830f0309c60e836b2db783140bb0c2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.usbank.ac' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016eccc8542100000403004830460221008f2546bb0d90fa0f20cfaf73ab6bb12a1a8d76a4ade95482adf99b4899978424022100dfdc0934a0ea7829414bf283c9721e13696dae63b3997f7befc58c90401329bc0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016eccc8544b0000040300473045022100b39e8ddf2787a359e8b72d2ed116602583aec25be56ec2dd0bc4ce61e96484b30220391771e554f7bb6ba037d23b7fbf8b6a22b030ac68275bed6514190a202f274e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005dcd431c22129ccaf7d8a21eac23fecb4d325b36ee312614a264c95003581de61b60433c5f59ba5e065b8949660e6278624d01003d11df09e21a9f1a3a7d765a279cd23ee1d4ea9200371da436a4e7af299e3bbb6f1c09e9e651da3bfeb12f5ca27477419e9930e1885b2222fcd075baf82d54529c1356ecdd3ae9409ec4cd06d3dca8f0f75423c82c140cffdad26f2669ead5ee7f9aff112097f86e4838427c6137185a41cf81feeb1ed49c3f6d1c5c8ac95b20a345573ea081534a7157d374b0f1df024c4e86affa52111409c62a4ecf714534503aea43c1e38b4735b38d7091fb31bce9d10597ff41d4d8b9f4dd037268290221fc95cf0b78fb374fff2a63