www.crystaltreeroad.com

Issued by GlobalSign Domain Validation CA - SHA256 - G3

About this certificate


This digital certificate with serial number 01:69:f8:59:f1:6f:30:01:e0:e5:c8:d6 was issued on by GlobalSign nv-sa .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

www.crystaltreeroad.com

Organization unit: Domain Control Validated

GlobalSign nv-sa

Organization: GlobalSign nv-sa

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 01:69:f8:59:f1:6f:30:01:e0:e5:c8:d6
Serial Number (int): 437595026926032034413791446
Serial Number lenght: 89 bits, 12 octets

SubjectKeyId: c7:8b:ae:ec:51:e7:7c:5f:d4:ed:1a:f4:d0:86:c0:ba:f5:c4:d1:4f
AuthorityKeyId: 3d:80:82:79:c5:48:82:a3:c3:12:ee:df:99:0f:57:35:48:9e:d0:cb

Fingerprint (sha1): e8:d8:c8:cf:d4:26:3a:ff:e8:e2:98:b4:3a:fb:ad:e5:80:01:d4:07
Fingerprint (sha256): 5b:25:79:3c:f6:85:ea:2e:76:5e:0a:ce:8f:62:8e:3f:45:7a:01:0a:c0:24:8b:92:c3:65:6e:be:80:ec:91:e7

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g3
CRL Distribution Point: http://crl.globalsign.com/gsdomainvalsha2g3.crl

Check the revocation status for the current certificate on www.crystaltreeroad.com
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.crystaltreeroad.com
crystaltreeroad.com

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIMAWn4WfFvMAHg5cjWMA0GCSqGSIb3DQEBCwUAMGAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwHhcN MTUxMjA4MDQ1MDAzWhcNMTYxMjA4MDQ1MDAzWjBFMSEwHwYDVQQLExhEb21haW4g Q29udHJvbCBWYWxpZGF0ZWQxIDAeBgNVBAMTF3d3dy5jcnlzdGFsdHJlZXJvYWQu Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur75Fd4fdtF6cAHj 8cGMGU/nwH5Qej/kZdkjYZ77a/p5aMuM69YMvPx/PSi9MpqPCWwSIzPgqu4n9JIl XcoS4t3G3bEguzzEsAZI9Dt+BlVlnNhzZLqC40qpJJ5W7JxIJHBhTUyxMqEjWCgF O9FGqBXrtbISZMJwN7bxo/sDwXsriQ3WYGBnLZRBEMMgoOIzZz0pNOwKwwoQjLWr mWUmNw1/TE9bAVTI2DgQNSvefhUd8R8btuXGdDHj4dxxYjQBHbuBFl9ld6ThwhMY G9sNFyLx6oFo6fP8DV35ip4OdjnVYj3MoXiqCfNYe4Y8OIKOshsSNiSSrqy7veFh O4Y7GQIDAQABo4IB2TCCAdUwDgYDVR0PAQH/BAQDAgWgMIGSBggrBgEFBQcBAQSB hTCBgjBFBggrBgEFBQcwAoY5aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9j YWNlcnQvZ3Nkb21haW52YWxzaGEyZzMuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8v b2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzMwSQYDVR0gBEIw QDA+BgZngQwBAgEwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2ln bi5jb20vcmVwb3NpdG9yeS8wCQYDVR0TBAIwADBABgNVHR8EOTA3MDWgM6Axhi9o dHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmczLmNybDA3 BgNVHREEMDAughd3d3cuY3J5c3RhbHRyZWVyb2FkLmNvbYITY3J5c3RhbHRyZWVy b2FkLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE FMeLruxR53xf1O0a9NCGwLr1xNFPMB8GA1UdIwQYMBaAFD2AgnnFSIKjwxLu35kP VzVIntDLMA0GCSqGSIb3DQEBCwUAA4IBAQAEZUSzoE6cuNtWVxOFWaUZDskIzGo3 /bak2TooBg/ahLYHFEe0RY1PFaCVtfJznr63kevkYrcX5qn1D7utX2lGISjx+atY 9+SdiapIkzor3hppNTNH78rsi0lDNazhD5j6HEWf2jGeqxRsnAOrRdnuQlSfpjb2 9G725LhVVQRFgPClAFmaNTmn3NJyRVQFUf+Xi9Sd08NHVkJtMSWoDkA8jeMj1avx k/GvL7te2JvO8ztPqOgfu8cOyd+nQc8RXGaI0Hz5zPJazDmfCf1Qs5JOWx8rHdoc NhHDfMgF84x+e1mRQJ5BeP59pGWEt2kBrrAFzWttouxQxTYlJUPBoTzc -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur75Fd4fdtF6cAHj8cGM GU/nwH5Qej/kZdkjYZ77a/p5aMuM69YMvPx/PSi9MpqPCWwSIzPgqu4n9JIlXcoS 4t3G3bEguzzEsAZI9Dt+BlVlnNhzZLqC40qpJJ5W7JxIJHBhTUyxMqEjWCgFO9FG qBXrtbISZMJwN7bxo/sDwXsriQ3WYGBnLZRBEMMgoOIzZz0pNOwKwwoQjLWrmWUm Nw1/TE9bAVTI2DgQNSvefhUd8R8btuXGdDHj4dxxYjQBHbuBFl9ld6ThwhMYG9sN FyLx6oFo6fP8DV35ip4OdjnVYj3MoXiqCfNYe4Y8OIKOshsSNiSSrqy7veFhO4Y7 GQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 437595026926032034413791446 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-08 04:50:03 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-08 04:50:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.crystaltreeroad.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23574497014867849126400973156819539582600191950578701098725675264309828956966148477760414144855246279127292270554227599447457932028164421212881696087839852777360587511147653356365254811155673103449399908415624331171125537961236801151815289934836283108008825754225130245714349468726209661290327346279981890282711044981660439817919203713175461399599265316057367628465793519485634385631731139959224246642562352375253948980614238852923845820579666905505637451442235812732570862149606990758338888546037705742797368527534068330798715544695758225447102750406173417619286117096691509784361398131777311274416766491698204654361 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g3' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsdomainvalsha2g3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.crystaltreeroad.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crystaltreeroad.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c78baeec51e77c5fd4ed1af4d086c0baf5c4d14f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3d808279c54882a3c312eedf990f5735489ed0cb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00046544b3a04e9cb8db5657138559a5190ec908cc6a37fdb6a4d93a28060fda84b6071447b4458d4f15a095b5f2739ebeb791ebe462b717e6a9f50fbbad5f69462128f1f9ab58f7e49d89aa48933a2bde1a69353347efcaec8b494335ace10f98fa1c459fda319eab146c9c03ab45d9ee42549fa636f6f46ef6e4b85555044580f0a500599a3539a7dcd27245540551ff978bd49dd3c34756426d3125a80e403c8de323d5abf193f1af2fbb5ed89bcef33b4fa8e81fbbc70ec9dfa741cf115c6688d07cf9ccf25acc399f09fd50b3924e5b1f2b1dda1c3611c37cc805f38c7e7b5991409e4178fe7da46584b76901aeb005cd6b6da2ec50c536252543c1a13cdc