www.soothinghug.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:8f:5e:e4:83:bc:47:e8:00:5a:11:23:cb:fb:ad:b0:9c:1c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.soothinghug.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:8f:5e:e4:83:bc:47:e8:00:5a:11:23:cb:fb:ad:b0:9c:1cSerial Number (int): 310123370212175274787085959307332928183324
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 96:92:c7:7e:b5:6a:d4:8f:05:19:92:59:82:3c:b5:cf:a8:ac:d0:35
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 8f:f9:ed:f3:a3:d0:ec:20:fd:3b:38:70:a0:bf:94:37:f9:37:a0:44
Fingerprint (sha256): 5a:83:d6:48:76:cd:57:ea:2d:af:1e:0f:c3:95:4b:c0:5a:5b:4f:f5:7f:61:bf:97:44:92:bf:8e:63:49:62:f9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.soothinghug.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.soothinghug.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
soothinghug.com
www.soothinghug.com
www.soothinghug.com
Other certificates including the domain name soothinghug.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.soothinghug.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGGjCCBQKgAwIBAgISA49e5IO8R+gAWhEjy/utsJwcMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEyMDMwNTE4MTNaFw0x ODAzMDMwNTE4MTNaMB4xHDAaBgNVBAMTE3d3dy5zb290aGluZ2h1Zy5jb20wggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDTB3hP388QbqCZ235p1I4MQiqV NeMZPI6ilHfiBgpg3Lkfim4sDl8gPq4QiFl80cLKKNes0O61jxQ+ziOx/hodq2Yk 2U11cPDxjNf9OuAzHEktyFSTJLORARznuW5luyXyWNI/rmL9XRoZmeOamlLUaxnQ bLSetVRo6NGL0vl+0Wh5xuQhA7ZgSkeGBDauuc/YZ085jozrXYIwic0lHXCw6/J/ a+slyqqjmhxiJPEQ41PhlPtvarJNrk3iRRxKsXCRHViY2iDecHzjyL318gL1BULA FVO7uIgIVqDPuOzcWozPKrcsSmKhxklnaFoML17oZw982oUoKB00eF5be5XceZp/ siYzsIQvYk9NdSLOvzL60p94QmwK1c3p2K+0Wmn/56vx3uE/q8Ow4/mYFmE+OTL+ xU8ER+0+12Kq/X1Pxe44/2CWi/ZFTAerElHOfsGicdWQooYIBoU0Nt6veyhYAVqR x/ImLmvpOjV4Pt1MML1HoCJExnNzfs8iV0u4cx3tB6ylumpCsP1/R4K06bZPewFD vAUZfPQV5psA3z1PsDvSC6N9f6QGWvH39kBm8Yjq3HiX2y2LaSGKupnkIDUpZDnp /R65+qECaE0ZnsX4OMcZ6/SAb94nOFQS0a7tPeYGtQZHMnLTJOtH7VoetsC8dB59 RsNkzn6O6mHckJc7NwIDAQABo4ICJDCCAiAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBSWksd+tWrUjwUZklmCPLXPqKzQNTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMC8GA1UdEQQoMCaCD3Nvb3RoaW5naHVn LmNvbYITd3d3LnNvb3RoaW5naHVnLmNvbTCB/gYDVR0gBIH2MIHzMAgGBmeBDAEC ATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0 c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUg bWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBv bmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZv dW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqG SIb3DQEBCwUAA4IBAQAkkQQ7B/VTRzfly3fsdR/ek8QLb0wfLPB9NXHB8x01eXE2 V4pDnvuHFHveKQ3Ed8p33CJSB1P6N4REqWKEowehbe7o75CGCsyxyb8faBnLptWn /WDdVbk4kVYoNI8UOw8hBC7vrtMaqhz+3bKuOaOqDp5wZi/rzitrp+yrJAQOgcMV Tv/UJ4HY4ffEs9UBN/y5fdjQPlkbkir2EB+gnEmiU9DXJepBwWiZAMO2v/GDpD0o +3IJdbbLi8O46x0UhnB9L7vgaYyqBznVSAT1/qBA2auEqbiq6TtGmo74M1tSMprF YksXXjhLRrsqWSCzhqZEKGwuxo4dFMcVkFpSZCnm -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0wd4T9/PEG6gmdt+adSO DEIqlTXjGTyOopR34gYKYNy5H4puLA5fID6uEIhZfNHCyijXrNDutY8UPs4jsf4a HatmJNlNdXDw8YzX/TrgMxxJLchUkySzkQEc57luZbsl8ljSP65i/V0aGZnjmppS 1GsZ0Gy0nrVUaOjRi9L5ftFoecbkIQO2YEpHhgQ2rrnP2GdPOY6M612CMInNJR1w sOvyf2vrJcqqo5ocYiTxEONT4ZT7b2qyTa5N4kUcSrFwkR1YmNog3nB848i99fIC 9QVCwBVTu7iICFagz7js3FqMzyq3LEpiocZJZ2haDC9e6GcPfNqFKCgdNHheW3uV 3Hmaf7ImM7CEL2JPTXUizr8y+tKfeEJsCtXN6divtFpp/+er8d7hP6vDsOP5mBZh Pjky/sVPBEftPtdiqv19T8XuOP9glov2RUwHqxJRzn7BonHVkKKGCAaFNDber3so WAFakcfyJi5r6To1eD7dTDC9R6AiRMZzc37PIldLuHMd7QespbpqQrD9f0eCtOm2 T3sBQ7wFGXz0FeabAN89T7A70gujfX+kBlrx9/ZAZvGI6tx4l9sti2khirqZ5CA1 KWQ56f0eufqhAmhNGZ7F+DjHGev0gG/eJzhUEtGu7T3mBrUGRzJy0yTrR+1aHrbA vHQefUbDZM5+juph3JCXOzcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 310123370212175274787085959307332928183324 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-03 05:18:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-03 05:18:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.soothinghug.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 860923940593807347453931635990957867612657287593052700464604423401894401519690967512344224430901977918508571280989811150782970517546909222608676200130120970875687073436830571119101107417742967442265214216079290589986717600302619893676971952720936606408737689279354763926085772018857225593773620228274401606271282048061445694778499298742812746455213164686986444133097185500183429241727978828056048168143984240468807781871122483946232752459478993074027232437491320015178783693639875310679795334468462975230582893339166930090396384958745055787995167795711017955478135151493525460331026693711811899234555499821918116399779671726141140540529569601061654540628846462203152075911161144160687712186453115626293981802883226321289823187273827098644204614545468213192638542502455482301289944377429881697757055650785091638304000367365494572547083759222693396303561781659168231563586661300301116326708387488092979704577033915852785432776400732680342634647541613299513864427328021767041415001377490319291989681824079005295683882579011513971071610369439410036970461783540220459216729585238941736515151012991305460152177668888970477555156106051010224038720939519955277708121016783824682203264335403845677329519176474069079826336705627076478335662903 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9692c77eb56ad48f05199259823cb5cfa8acd035 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'soothinghug.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.soothinghug.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002491043b07f5534737e5cb77ec751fde93c40b6f4c1f2cf07d3571c1f31d35797136578a439efb87147bde290dc477ca77dc22520753fa378444a96284a307a16deee8ef90860accb1c9bf1f6819cba6d5a7fd60dd55b938915628348f143b0f21042eefaed31aaa1cfeddb2ae39a3aa0e9e70662febce2b6ba7ecab24040e81c3154effd42781d8e1f7c4b3d50137fcb97dd8d03e591b922af6101fa09c49a253d0d725ea41c1689900c3b6bff183a43d28fb720975b6cb8bc3b8eb1d1486707d2fbbe0698caa0739d54804f5fea040d9ab84a9b8aae93b469a8ef8335b52329ac5624b175e384b46bb2a5920b386a644286c2ec68e1d14c715905a526429e6