biglab.ca
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:11:35:d2:a8:ec:53:13:37:ce:28:05:b5:a7:fe:ea:05:3b was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=biglab.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:11:35:d2:a8:ec:53:13:37:ce:28:05:b5:a7:fe:ea:05:3bSerial Number (int): 267193200925221956929600788974119301023035
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: c1:04:14:d4:6c:bc:61:a9:53:51:af:31:08:7e:3a:62:43:7c:86:51
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 73:84:cf:f3:30:d3:7a:df:00:9d:12:1b:86:fd:f7:29:af:23:d7:02
Fingerprint (sha256): f8:1a:08:40:f1:df:bf:73:c3:48:2b:29:0b:14:da:5d:c3:95:11:24:31:d6:90:b3:10:3d:b9:ed:3b:f5:3d:cc
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate biglab.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for biglab.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
biglab.ca
graphics.usask.ca
graphics.usask.ca
Other certificates including the domain name biglab.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for biglab.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFXjCCBEagAwIBAgISAxE10qjsUxM3zigFtaf+6gU7MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMTYxMjUzMTJaFw0y MDA1MTYxMjUzMTJaMBQxEjAQBgNVBAMTCWJpZ2xhYi5jYTCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAOQc8S3Ubb9uiPDyZIG/WAtFcGiee6Fxqe517EkH YGkQr7O6Oi1dWL7cswALQWkeAhjIPLFetPSzpf6elNO/2UdUyVyGR17bEpGfjbmw qnoxQzwlSnW4kT0NW9Wnp4RD7dDtrWa7tY8Nz0L96Ru3toQ1s9hfx3KrH+8wD0JO VgBwM2WBvD6w2Efn3KjwOj0kjiJt9IlOwBEq9xR64Kbsa36nwRZ1juUYmXr8UQMu wqiu75poTqzAF4ir67vD8vNXlUZKUTGl1jq4fjFcQ/0osSEL74hOLH9wKkFkAFTs x5DTtE9+KnvNri5Jhtc//LLS0nSNGwDzaqBrNCcgSllY6d0CAwEAAaOCAnIwggJu MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUwQQU1Gy8YalTUa8xCH46YkN8hlEwHwYD VR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4G CCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8G CCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAn BgNVHREEIDAeggliaWdsYWIuY2GCEWdyYXBoaWNzLnVzYXNrLmNhMEwGA1UdIARF MEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6 Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA B7dcG+V9aP/xsMYdIxXHuuZXfFeUt2ruvGE6GmnTohwAAAFwTkZCNAAABAMASDBG AiEAiBLMuapkF6PYfrrHtRWL8qhZPG+37WuuyWhPCmqFp6kCIQDp/i1fEcSeh85c zEYMYDhKDeuUmZosUeX56D0/WAgS6AB2AOcS8rA3fhpi+47JDGGE8ep7N8tWHREm W/Pg80vyQVRuAAABcE5GQnsAAAQDAEcwRQIhAJHQ05E24tNQkRupecRk9nhv87Xx GNN8HQjDsXS7SH+MAiA7qD5KzE6qculSUSEdDKcV7YJr5uPmZYgh1HjcKcFGRTAN BgkqhkiG9w0BAQsFAAOCAQEAHuOgwIE158aiz8je7Dzl99mKAlHG3GxZKMKWljr5 a/g7SShCGewV/nt0K3cK4aKNs7J1HZz1PVPeB2won3haruBZnwQJXL5L35hBHkFe IUtLKyFOR9ECu6Zd+Z+J9b2Hj8iqGhqYuwe6y7QuQL0wDNcn84QtkE94i78xPlQR 2tdLBKS3MVt31QuGrIr18N8qDacDIhogv7k9PLM4Y0qQsl45NWcXoHkeHvT8FHGx 7aqP8WtQRWM/GOWPvJC4gkLPNqCoWjAURkPvtRYkOWP8D3swmNT8Y/IVZsUdReCz YJZkVdTnfsnLrSeRnDOFuyY3Nuno4+UnlbgeoBnmyQnYZg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BzxLdRtv26I8PJkgb9Y C0VwaJ57oXGp7nXsSQdgaRCvs7o6LV1YvtyzAAtBaR4CGMg8sV609LOl/p6U07/Z R1TJXIZHXtsSkZ+NubCqejFDPCVKdbiRPQ1b1aenhEPt0O2tZru1jw3PQv3pG7e2 hDWz2F/Hcqsf7zAPQk5WAHAzZYG8PrDYR+fcqPA6PSSOIm30iU7AESr3FHrgpuxr fqfBFnWO5RiZevxRAy7CqK7vmmhOrMAXiKvru8Py81eVRkpRMaXWOrh+MVxD/Six IQvviE4sf3AqQWQAVOzHkNO0T34qe82uLkmG1z/8stLSdI0bAPNqoGs0JyBKWVjp 3QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 267193200925221956929600788974119301023035 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-16 12:53:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-16 12:53:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'biglab.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28796605416432050929634477061408315197648714137413082876880559057880059745028923960678031264374659376356692762883767226959035149418818382236248505174266744783512228512058273930584827354683267066416988224117064095686501146042228539182647863164059644923959308134174199617791576901573711408788359836263769160829450860139500753287138380453815847048603583526092914288046443472701944925327903522506442078971644368855312052001317251143767632982354126730868756760246878284852426889301805290107125283128687129466225945866748674418672356773673777781162784024975970160609305912526448792730115363635365740364986481441885860194781 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c10414d46cbc61a95351af31087e3a62437c8651 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'biglab.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'graphics.usask.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c000001704e46423400000403004830460221008812ccb9aa6417a3d87ebac7b5158bf2a8593c6fb7ed6baec9684f0a6a85a7a9022100e9fe2d5f11c49e87ce5ccc460c60384a0deb94999a2c51e5f9e83d3f580812e8007600e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001704e46427b000004030047304502210091d0d39136e2d350911ba979c464f6786ff3b5f118d37c1d08c3b174bb487f8c02203ba83e4acc4eaa72e95251211d0ca715ed826be6e3e6658821d478dc29c14645 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001ee3a0c08135e7c6a2cfc8deec3ce5f7d98a0251c6dc6c5928c296963af96bf83b49284219ec15fe7b742b770ae1a28db3b2751d9cf53d53de076c289f785aaee0599f04095cbe4bdf98411e415e214b4b2b214e47d102bba65df99f89f5bd878fc8aa1a1a98bb07bacbb42e40bd300cd727f3842d904f788bbf313e5411dad74b04a4b7315b77d50b86ac8af5f0df2a0da703221a20bfb93d3cb338634a90b25e39356717a0791e1ef4fc1471b1edaa8ff16b5045633f18e58fbc90b88242cf36a0a85a30144643efb516243963fc0f7b3098d4fc63f21566c51d45e0b360966455d4e77ec9cbad27919c3385bb263736e9e8e3e52795b81ea019e6c909d866