ISRG Root X1
E556220
ISRG Root X1 is the primary root certificate operated by the Internet Security Research Group that underpins the trust for most Let’s Encrypt-issued TLS/SSL certificates used across the web.
All labels observed (1)
| Label | Occurrences |
|---|---|
| ISRG Root X1 canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T5919747 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: ISRG Root X1 Context triple: [Let’s Encrypt, hasRootCertificate, ISRG Root X1]
-
A.
Let’s Encrypt
Let’s Encrypt is a free, automated, and open certificate authority that provides TLS/SSL certificates to enable secure HTTPS connections for websites worldwide.
-
B.
DNSSEC root key signing ceremony
The DNSSEC root key signing ceremony is a highly controlled, regularly scheduled cryptographic event where trusted personnel generate and manage the root cryptographic keys that secure the global Domain Name System.
-
C.
Comodo Dragon
Comodo Dragon is a Chromium-based web browser developed by Comodo that emphasizes enhanced security and privacy features compared to standard browsers.
-
D.
VeriSign
VeriSign is an American technology company best known for operating key internet infrastructure, including managing the .com and .net top-level domains and providing critical DNS and security services.
-
E.
X.509 certificates
X.509 certificates are digital documents that bind a public key to an entity’s identity using a trusted certificate authority, forming the basis of public key infrastructure for secure communications.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: ISRG Root X1 Target entity description: ISRG Root X1 is the primary root certificate operated by the Internet Security Research Group that underpins the trust for most Let’s Encrypt-issued TLS/SSL certificates used across the web.
-
A.
Let’s Encrypt
Let’s Encrypt is a free, automated, and open certificate authority that provides TLS/SSL certificates to enable secure HTTPS connections for websites worldwide.
-
B.
DNSSEC root key signing ceremony
The DNSSEC root key signing ceremony is a highly controlled, regularly scheduled cryptographic event where trusted personnel generate and manage the root cryptographic keys that secure the global Domain Name System.
-
C.
Comodo Dragon
Comodo Dragon is a Chromium-based web browser developed by Comodo that emphasizes enhanced security and privacy features compared to standard browsers.
-
D.
VeriSign
VeriSign is an American technology company best known for operating key internet infrastructure, including managing the .com and .net top-level domains and providing critical DNS and security services.
-
E.
X.509 certificates
X.509 certificates are digital documents that bind a public key to an entity’s identity using a trusted certificate authority, forming the basis of public key infrastructure for secure communications.
- F. None of above. chosen
Statements (50)
| Predicate | Object |
|---|---|
| instanceOf |
X.509 certificate
ⓘ
root certificate ⓘ |
| authorityKeyIdentifier | C4A7B1A47B2C71F0A3E1D9D6D1E5B1B8 ⓘ |
| basicConstraints | CA:TRUE ⓘ |
| certificatePolicies | CA/Browser Forum Baseline Requirements NERFINISHED ⓘ |
| country |
United States of America
ⓘ
surface form:
United States
|
| crlDistributionPoint | http://x1.i.lencr.org/ ⓘ |
| ecosystemImpact | enables free HTTPS for a large portion of the web ⓘ |
| extendedKeyUsage |
client authentication (via issued intermediates)
ⓘ
server authentication (via issued intermediates) ⓘ |
| governingCP | ISRG Certificate Policy ⓘ |
| governingCPS | Let’s Encrypt Certification Practice Statement NERFINISHED ⓘ |
| issuerCommonName | ISRG Root X1 NERFINISHED ⓘ |
| keySize | 4096-bit ⓘ |
| keyType | RSA ⓘ |
| keyUsage |
CRL Sign
ⓘ
Certificate Sign ⓘ |
| notAfter | 2035-06-04T11:04:38Z ⓘ |
| notBefore | 2015-06-04T11:04:38Z ⓘ |
| ocspResponder | http://x1.i.lencr.org/ ⓘ |
| operator | Internet Security Research Group NERFINISHED ⓘ |
| organization | Internet Security Research Group NERFINISHED ⓘ |
| ownedBy | Internet Security Research Group NERFINISHED ⓘ |
| policyOID | 2.23.140.1.2.1 ⓘ |
| publicKeyAlgorithm | rsaEncryption ⓘ |
| purpose |
TLS/SSL certificate trust anchor
ⓘ
web PKI trust ⓘ |
| relatedIntermediate |
Let’s Encrypt E1
NERFINISHED
ⓘ
Let’s Encrypt R3 NERFINISHED ⓘ |
| relatedRoot | ISRG Root X2 NERFINISHED ⓘ |
| roleInEcosystem | primary trust anchor for most Let’s Encrypt certificates ⓘ |
| selfSigned | true ⓘ |
| serialNumber | 0x4001772137D4E942B8EE76AA3C640AB7 ⓘ |
| signatureAlgorithm | sha256WithRSAEncryption ⓘ |
| subjectCommonName | ISRG Root X1 NERFINISHED ⓘ |
| subjectCountry | US NERFINISHED ⓘ |
| subjectKeyIdentifier | C4A7B1A47B2C71F0A3E1D9D6D1E5B1B8 ⓘ |
| subjectLocality | Los Angeles NERFINISHED ⓘ |
| subjectOrganization | Internet Security Research Group NERFINISHED ⓘ |
| subjectOrganizationalUnit | ISRG Root X1 NERFINISHED ⓘ |
| subjectState | California NERFINISHED ⓘ |
| supportsPathBuildingFor |
Let’s Encrypt E1 intermediate
NERFINISHED
ⓘ
Let’s Encrypt R3 intermediate NERFINISHED ⓘ |
| trustStoreInclusion |
Android Root Store
NERFINISHED
ⓘ
Apple Root Certificate Program NERFINISHED ⓘ Microsoft Trusted Root Program NERFINISHED ⓘ Mozilla Root Store NERFINISHED ⓘ Oracle Java Root Store NERFINISHED ⓘ |
| usedBy | Let’s Encrypt NERFINISHED ⓘ |
| validityPeriodYears | 20 ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: ISRG Root X1 Description of subject: ISRG Root X1 is the primary root certificate operated by the Internet Security Research Group that underpins the trust for most Let’s Encrypt-issued TLS/SSL certificates used across the web.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.