DST Root CA X3
E556221
DST Root CA X3 is a widely trusted root certificate authority operated by IdenTrust that historically provided the cross-signed trust anchor enabling broad browser compatibility for Let’s Encrypt certificates.
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
X.509 public key certificate
ⓘ
root certificate authority ⓘ |
| associatedWith | IdenTrust Commercial Root CA 1 NERFINISHED ⓘ |
| basicConstraints | CA:TRUE ⓘ |
| belongsToPKI | public Web PKI ⓘ |
| commonName | DST Root CA X3 NERFINISHED ⓘ |
| country | US NERFINISHED ⓘ |
| enabledBroadBrowserCompatibilityFor | Let’s Encrypt certificates ⓘ |
| fingerprintSHA1 | DAC9024F54D8F6DF94935FB1732638CA6AD77C13 ⓘ |
| fingerprintSHA256 | 0687260331A72403D909F105E69BCF0D32E1BD2493FFC6D9206D11B6C61F81C5 ⓘ |
| historicalSignificance | enabled early wide deployment of free HTTPS via Let’s Encrypt ⓘ |
| includedIn |
Android root store
NERFINISHED
ⓘ
Apple root store NERFINISHED ⓘ Microsoft root store NERFINISHED ⓘ Mozilla root store NERFINISHED ⓘ |
| isExpired | true ⓘ |
| issuer | Digital Signature Trust Co. NERFINISHED ⓘ |
| isTrustAnchorFor |
Let’s Encrypt Authority X1 (via cross-signing chain)
NERFINISHED
ⓘ
Let’s Encrypt Authority X3 NERFINISHED ⓘ |
| keyIdentifier | C4A7B1A47B2C71F0 ⓘ |
| keySize | 2048-bit ⓘ |
| keyUsage |
CRL Sign
ⓘ
Certificate Sign ⓘ |
| notAfter | 2021-09-30T14:01:15Z ⓘ |
| notBefore | 2000-09-30T21:12:19Z ⓘ |
| operator | IdenTrust NERFINISHED ⓘ |
| organization | Digital Signature Trust Co. NERFINISHED ⓘ |
| pathLenConstraint | none ⓘ |
| providedCrossSignedTrustFor | Let’s Encrypt certificates NERFINISHED ⓘ |
| publicKeyAlgorithm | RSA ⓘ |
| replacedBy | ISRG Root X1 (for Let’s Encrypt trust) NERFINISHED ⓘ |
| role | legacy trust anchor for Let’s Encrypt ⓘ |
| selfSigned | true ⓘ |
| serialNumber | 44AFB080D6A327BA893039862EF8406B ⓘ |
| signatureAlgorithm | sha1WithRSAEncryption ⓘ |
| standard | X.509 NERFINISHED ⓘ |
| statusAfterExpiry | no longer recommended as active trust anchor ⓘ |
| subjectName | CN=DST Root CA X3, O=Digital Signature Trust Co. NERFINISHED ⓘ |
| trustedBy |
major operating systems
ⓘ
major web browsers ⓘ mobile device platforms ⓘ |
| usedFor |
S/MIME trust chain
ⓘ
TLS server authentication trust chain ⓘ code signing trust chain ⓘ |
| validityPeriodEnd | 2021-09-30 ⓘ |
| version | V3 ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.