www.crystalscapes.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:f7:ff:09:9d:2e:33:7a:d7:b8:97:54:2b:69:7d:cf:d3:ab was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.crystalscapes.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f7:ff:09:9d:2e:33:7a:d7:b8:97:54:2b:69:7d:cf:d3:abSerial Number (int): 345725605482348156268497550905235068670891
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 59:ce:a1:2a:59:b5:e6:2f:0e:21:d3:53:d6:e8:c1:d3:bb:50:83:9f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): a0:15:7c:28:df:c3:f3:96:bc:e5:4e:61:cd:f7:3a:be:ce:7b:51:9a
Fingerprint (sha256): 0e:7b:37:52:4e:0e:22:b4:d8:f7:28:77:26:12:b0:40:af:3f:16:88:e3:52:55:47:1d:90:bf:71:59:a3:f7:37
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.crystalscapes.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.crystalscapes.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.crystalscapes.com
Other certificates including the domain name crystalscapes.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.crystalscapes.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYTCCBUmgAwIBAgISA/f/CZ0uM3rXuJdUK2l9z9OrMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMjEyMTA5NDFaFw0y MDA1MjEyMTA5NDFaMCAxHjAcBgNVBAMTFXd3dy5jcnlzdGFsc2NhcGVzLmNvbTCC AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOGR9fq6O+/2r6z8X66EbZRq r4bPG2vzF1rJjROarRwROpH79QdfFYiZh4sYlskOraQ1rj+YhK0Q61cRQBiDxVMM ZxAexmcsrtAsGOpAaJo5Q60zvOTHrINAwyyr7tM/THuorJoDQFJkGKZZ52D44+Id XfF6QhU/IvRIt14IXDTLSCpz2J3jgy3NKHX66kmfZrCCMpNIanNg17ZBd14oNmBS nfljX/qe0qQUcLzLQNVUT6yllGsXPirwHDd7fM9kk2RYZMAQ8mAGUfdmzhflzOA+ bFrdtoPgnJFA3tBsqcM9qY601njn8rhkMSYxH84fcLYVamxfI+aXXCsnIGue3qWT G5IJbEuHeYRWkOV5aKUt1Fs7Qw2oZzXHrxR00AAUg0OvtV6xFXXbQ/bgHC2+k2K4 KarXBzos2uTkODC41pr/7mguB1qYLSL7nf7ssQO+KY5S7fd4CrwpyLu4j4hTSOmZ LblAbd3ptqq6Q2zPJ+6/WqLxbjRRomoQCgX6sH9IQD6qfRrA/qt8MPHGPMO+aPIX FBLFMOC1LOpsihPI+vhR7AFCy06p7G8Ob0ibgOswgTk+iTJvRtmL5uBYE7av4Ro8 ftXctC0n0MUBqVv9eqSylR17/oCrFuV9FHHzSrZyUxcZIGHxo+mgCIlAqIJgXCR2 s7Ef7F0zp556BLwHTAC9AgMBAAGjggJpMIICZTAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFFnOoSpZteYvDiHTU9bowdO7UIOfMB8GA1UdIwQYMBaAFKhKamMEfd265tE5 t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29j c3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2Nl cnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIAYDVR0RBBkwF4IVd3d3LmNyeXN0 YWxzY2FwZXMuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYK KwYBBAHWeQIEAgSB9ASB8QDvAHYA5xLysDd+GmL7jskMYYTx6ns3y1YdESZb8+Dz S/JBVG4AAAFwacyb6QAABAMARzBFAiEAwhrEKJ9KOYCO/LmemBFVmZ0gAuNQJOLx KBXI27brMMcCIB1SP6lNCngPSv4OMoltE4jqE2KKkSwB2V0wfj8U6oEXAHUAsh4F zIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFwacyb4AAABAMARjBEAiA7 TwpjDqhFA0rOgGQJmXQ/ZuKXuU+kCw/a7gVw+fETxgIgP6r3QuYe9Yzx+FXxHbih 74uAsty3n6+X0Y4eRZlfSZQwDQYJKoZIhvcNAQELBQADggEBAF3+R1kLYJmKjPm7 ySnRV0jU9cS0DiqkLL0gnfVlUN/rVo5/YML1UdBqvGFGdyI3ZvmUiKSMcRiJZ0Bg wW5zgQine/8DxMORfH6X5+sdwkOddgWgbH+tGTzYsVkrRJ2TFI+v2tPZBjwL/w1m sXZFcExQJSL9sfaAJlPD49OdSC8cEx55J0PHr6F/34iPJegx/cL97LjDW/j+E0rZ GVnS5IAQHlgZyUrnmBexXyxzfFTKdmqVsUXcTBAD81JKM6c4IejyBOWJrDsoqx7I Cfa0nr5xvPx7euQgYfLiMwkxSHKfPVpvbFlGtk6hseJoki3pLsh0KIoujCTymyQt UkFZf2w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4ZH1+ro77/avrPxfroRt lGqvhs8ba/MXWsmNE5qtHBE6kfv1B18ViJmHixiWyQ6tpDWuP5iErRDrVxFAGIPF UwxnEB7GZyyu0CwY6kBomjlDrTO85Mesg0DDLKvu0z9Me6ismgNAUmQYplnnYPjj 4h1d8XpCFT8i9Ei3XghcNMtIKnPYneODLc0odfrqSZ9msIIyk0hqc2DXtkF3Xig2 YFKd+WNf+p7SpBRwvMtA1VRPrKWUaxc+KvAcN3t8z2STZFhkwBDyYAZR92bOF+XM 4D5sWt22g+CckUDe0Gypwz2pjrTWeOfyuGQxJjEfzh9wthVqbF8j5pdcKycga57e pZMbkglsS4d5hFaQ5XlopS3UWztDDahnNcevFHTQABSDQ6+1XrEVddtD9uAcLb6T YrgpqtcHOiza5OQ4MLjWmv/uaC4HWpgtIvud/uyxA74pjlLt93gKvCnIu7iPiFNI 6ZktuUBt3em2qrpDbM8n7r9aovFuNFGiahAKBfqwf0hAPqp9GsD+q3ww8cY8w75o 8hcUEsUw4LUs6myKE8j6+FHsAULLTqnsbw5vSJuA6zCBOT6JMm9G2Yvm4FgTtq/h Gjx+1dy0LSfQxQGpW/16pLKVHXv+gKsW5X0UcfNKtnJTFxkgYfGj6aAIiUCogmBc JHazsR/sXTOnnnoEvAdMAL0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 345725605482348156268497550905235068670891 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-21 21:09:41 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-21 21:09:41 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.crystalscapes.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 920245963525691543250531246921564888166878257418261299077655665402923830303022223667638928948277025414789018539936791226901312467032787776836724189776936671566322745934550155290173126533926644564765262384853736534249022280885131093705743589184899932240844118347520266435463341954460711539223961570968500965892271712654659705364141740966584429584225227736074983984980210565129383914777399427379377699598499257746842785558122519916340278339247340959526938354492368580022484987381821631420872166753879251587663197761507097328881929672336395760696216710408845244454921136172593313999566974539775697814141242297707878705203157738865938694867227100373231166306156509147364674884942931434320487027311379486546805361691732824650717876753517183622293285810567866864344849526765166052729702376592280098303070116859735676628259194486388950384375243811547510860798560106883420644404558483840730011274485260444754297290428600183278093577603720304007135709951338430995747663946916483373761219046423030624410413470691034753771877669039446567418510677773758236593004676586353504930092015697729506495216206000715525746481299244760563605625389437213874589101600655665036738725082186404438477030120357797733096617470862896136048574498249117731612524733 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 59cea12a59b5e62f0e21d353d6e8c1d3bb50839f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.crystalscapes.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e0000017069cc9be90000040300473045022100c21ac4289f4a39808efcb99e981155999d2002e35024e2f12815c8dbb6eb30c702201d523fa94d0a780f4afe0e32896d1388ea13628a912c01d95d307e3f14ea8117007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000017069cc9be0000004030046304402203b4f0a630ea845034ace80640999743f66e297b94fa40b0fdaee0570f9f113c602203faaf742e61ef58cf1f855f11db8a1ef8b80b2dcb79faf97d18e1e45995f4994 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005dfe47590b60998a8cf9bbc929d15748d4f5c4b40e2aa42cbd209df56550dfeb568e7f60c2f551d06abc614677223766f99488a48c711889674060c16e738108a77bff03c4c3917c7e97e7eb1dc2439d7605a06c7fad193cd8b1592b449d93148fafdad3d9063c0bff0d66b17645704c502522fdb1f6802653c3e3d39d482f1c131e792743c7afa17fdf888f25e831fdc2fdecb8c35bf8fe134ad91959d2e480101e5819c94ae79817b15f2c737c54ca766a95b145dc4c1003f3524a33a73821e8f204e589ac3b28ab1ec809f6b49ebe71bcfc7b7ae42061f2e233093148729f3d5a6f6c5946b64ea1b1e268922de92ec874288a2e8c24f29b242d5241597f6c