www.thermatica.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:4f:f6:e7:a4:1b:1e:45:dc:24:95:46:83:2e:1e:9e:f7:cf was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.thermatica.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:4f:f6:e7:a4:1b:1e:45:dc:24:95:46:83:2e:1e:9e:f7:cfSerial Number (int): 288547357618035993795925565427008002783183
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 21:db:26:89:39:f9:da:1b:08:1c:51:44:05:0b:11:be:0c:0e:db:2a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 87:36:d0:e5:12:56:3f:a1:3b:73:36:87:94:7d:5b:59:d8:6e:e0:e5
Fingerprint (sha256): 39:e9:9a:d4:8b:46:0b:a7:f5:a3:a2:81:e1:5a:e6:99:81:d0:93:60:bf:80:4a:03:be:b1:8e:31:78:f9:53:13
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.thermatica.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.thermatica.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.thermatica.com
Other certificates including the domain name thermatica.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.thermatica.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXDCCBUSgAwIBAgISA0/256QbHkXcJJVGgy4envfPMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMTIxMDU0MzFaFw0y MDAxMTAxMDU0MzFaMB0xGzAZBgNVBAMTEnd3dy50aGVybWF0aWNhLmNvbTCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJmVEP6+DWhaOLHHm4MZ43AOGyIq zv3IOdaKLcR1x2xWXEj+qI7tgT2aDwP8490GcR0WsurgRsRdYcMYjDUgX7GWepRh gM8IUjb1fdpqktRaq5Ext9IRIQskcU/k7qqRvQB0rGT4SxFJPz8b2zhtuPajbF8A jXk1pduagogb7IDpVTSEYcKRZ8fdj5DoT4CxyoLxhW6UMIPmrR69740LvhwVp438 US6P94xH+ueP5G53PzEWR0APH/9m/B/LMc3ZZHOhS6cTeqsZeAzYu7a2IpPQi6bn v2glERZuJeTSJePTuhEd1CZy/p0//Ra0/sVX/klieepYxjd4UoISiknB/7d6SdxX tBJrgsNT6Ed0jqMicn82eu2wmqEopTlRB2Fg4R+XaJPF/ELg+G21tNpELbjQFRjN ziHYnBP1Pcj9WubUitTszK+oLZ4+Dhhrcuc3GSMOVLt5ZhDbFfX4B3RbTiNUIAII GQS7bFXf436KB4TnBj8IAY/6c9HxM483vCRIYKPi4LFaT6AXUvqfDPhgnxRVt+6A niZHE2zglOnuSusGARY1Fr+qkeq0F0NdZX8+Xby2v73gj4teDEJfC8XHG/rO9EVo wP07ZZKIv4omgGUXR5M0G1bk8gCw4whLjlyzPJE0kZUHnlPYmWvZeAQVm4gvLXwy 1oQExom0NfylnspDAgMBAAGjggJnMIICYzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FCHbJok5+dobCBxRRAULEb4MDtsqMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISd3d3LnRoZXJtYXRp Y2EuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHcAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgA AAFtv9H1IQAABAMASDBGAiEAjdTcRq1MBeMqSBUy6f33faWQulUnj+UOxd8GjVhQ uO4CIQDkeyHtbJ1AvLeCBo9uOgDf2rXnIPsMoiJgI2VXJaMCGgB1AG9Tdqwx8DEZ 2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABbb/R9VIAAAQDAEYwRAIgVEETdoj0 ztFNTJtZKEsCnrWPS8zLpFfE6jEyZ+4LkRMCICEHr8y7kFSE4xUeJsJJfdFSEpV/ 5cXccgbZEq8TTYppMA0GCSqGSIb3DQEBCwUAA4IBAQBL4Um7sL2Kgc+16xdu5HJJ jrjERMILyaCkX8g9bk7AJWN9RLPrVS8nrfTghotg4m3IAXNSx26baijdCFLEespX ntCp+40d8Xb9ex5XD2DkFKEJLZwrR6xx2Rr3ECCjoUUIU/seCpqk2qw5ZGpS6aek NgVDcbXt5O3NuOfv/A6Ts8ZIxlm9GBMrRy+Nyml/i7cfo5O5FLMIWJFj0bzH0afR r0kk4fpw6WBHMkEvtlXqOlgm0Vo9NR0gn2SrJz5o9buIf7GLgqRM9reqoTVJxkLZ gYEbjvq8JhYqUpfN8PsQ+4NgQa2xHVuAUKykSpdZt7Jb+zRFi+lYD/0snJM9wakD -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmZUQ/r4NaFo4scebgxnj cA4bIirO/cg51ootxHXHbFZcSP6oju2BPZoPA/zj3QZxHRay6uBGxF1hwxiMNSBf sZZ6lGGAzwhSNvV92mqS1FqrkTG30hEhCyRxT+TuqpG9AHSsZPhLEUk/PxvbOG24 9qNsXwCNeTWl25qCiBvsgOlVNIRhwpFnx92PkOhPgLHKgvGFbpQwg+atHr3vjQu+ HBWnjfxRLo/3jEf654/kbnc/MRZHQA8f/2b8H8sxzdlkc6FLpxN6qxl4DNi7trYi k9CLpue/aCURFm4l5NIl49O6ER3UJnL+nT/9FrT+xVf+SWJ56ljGN3hSghKKScH/ t3pJ3Fe0EmuCw1PoR3SOoyJyfzZ67bCaoSilOVEHYWDhH5dok8X8QuD4bbW02kQt uNAVGM3OIdicE/U9yP1a5tSK1OzMr6gtnj4OGGty5zcZIw5Uu3lmENsV9fgHdFtO I1QgAggZBLtsVd/jfooHhOcGPwgBj/pz0fEzjze8JEhgo+LgsVpPoBdS+p8M+GCf FFW37oCeJkcTbOCU6e5K6wYBFjUWv6qR6rQXQ11lfz5dvLa/veCPi14MQl8Lxccb +s70RWjA/Ttlkoi/iiaAZRdHkzQbVuTyALDjCEuOXLM8kTSRlQeeU9iZa9l4BBWb iC8tfDLWhATGibQ1/KWeykMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 288547357618035993795925565427008002783183 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-12 10:54:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-10 10:54:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.thermatica.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 626561080695017941523912676336353198766908968505325799842248402677707690650318811155747404570915030788978033874323514740683412468537891592518814041078651810484888557705624082365419819461040400953142818116416793685361425377367835663862148150605204150197933797177157211732446340246315031872686682939897277627112749639516996661195790363301981957314892746446651089171964510748749186206835566580315154379573773328949430080909667176534263506888185844127062854656797554082279712312688868076741221653036183134366950980487264600262847903608129889123046674291495821981891766118832881054860483816811041852199097144170619837047671887354118951217158515635883020953024523192433829707986545656816313435986177431850205703466428814286109193146291643012000630379419572997400944227522933477995048254021089674192187260843167633761402785368106069937663706319766137007793957069167345979089220044370028603405473518597498134146193981308185059487288693074847027766808745406805435517423443054838497136870104093562659438900841201770586231107854120621181609917157404497583058861314788849633655502742608183151182264025612393431895820581896099049009500133991855895479617953523029423720441406705747388202814204927218362893605014572000806959300288597145138214390339 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 21db268939f9da1b081c5144050b11be0c0edb2a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thermatica.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016dbfd1f52100000403004830460221008dd4dc46ad4c05e32a481532e9fdf77da590ba55278fe50ec5df068d5850b8ee022100e47b21ed6c9d40bcb782068f6e3a00dfdab5e720fb0ca2226023655725a3021a0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016dbfd1f552000004030046304402205441137688f4ced14d4c9b59284b029eb58f4bcccba457c4ea313267ee0b911302202107afccbb905484e3151e26c2497dd15212957fe5c5dc7206d912af134d8a69 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004be149bbb0bd8a81cfb5eb176ee472498eb8c444c20bc9a0a45fc83d6e4ec025637d44b3eb552f27adf4e0868b60e26dc8017352c76e9b6a28dd0852c47aca579ed0a9fb8d1df176fd7b1e570f60e414a1092d9c2b47ac71d91af71020a3a1450853fb1e0a9aa4daac39646a52e9a7a436054371b5ede4edcdb8e7effc0e93b3c648c659bd18132b472f8dca697f8bb71fa393b914b308589163d1bcc7d1a7d1af4924e1fa70e9604732412fb655ea3a5826d15a3d351d209f64ab273e68f5bb887fb18b82a44cf6b7aaa13549c642d981811b8efabc26162a5297cdf0fb10fb836041adb11d5b8050aca44a9759b7b25bfb34458be9580ffd2c9c933dc1a903