crystaldot.com
Issued by R3
About this certificate
This digital certificate with serial number 03:6c:d9:44:a6:0f:a3:28:16:a1:9d:4b:7d:70:5d:b4:a9:dd was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=crystaldot.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:6c:d9:44:a6:0f:a3:28:16:a1:9d:4b:7d:70:5d:b4:a9:ddSerial Number (int): 298376152342132712271013264296384377694685
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b3:bf:bb:39:64:a6:a8:df:bd:ce:f1:6b:4e:a6:1b:42:3e:2a:ab:fc
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f2:61:52:7e:de:ec:c1:19:49:ed:c8:56:f5:9d:fe:92:6a:80:f2:1b
Fingerprint (sha256): aa:95:64:fe:00:7a:6b:1e:bc:f6:93:71:e1:14:28:df:c6:f7:4c:d6:e0:1c:4e:9e:c5:29:fa:53:f1:4e:8a:b0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate crystaldot.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for crystaldot.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
crystaldot.com
Other certificates including the domain name crystaldot.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for crystaldot.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgISA2zZRKYPoygWoZ1LfXBdtKndMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA4MTIwOTI2MDdaFw0yMzExMTAwOTI2MDZaMBkxFzAVBgNVBAMT DmNyeXN0YWxkb3QuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA rPr5n/W9QmpGZyml8mpOwdjIoa/h8rn4yr0orZu3lrctZCpWrHtR9ofo5smIeMb6 MErX+o2aBmigapAeqYn5MRWA7ZajHU95I3Drnqz5u6m7YGkLeEMTfK2ubZCH0Nl7 BgIfulkR7nGTouwSy567HhfNoqLAWBzIO2pDDM1OICZ+ienVDh9L80M6xQo1oQw4 aR2ue/rP7vKYJARVQ+cnFYcKxs5IV0hXJLRUo0Y4tuBn9TVAgTdlPwfRm0vZ5nMr TgJADtAf6u3HR81Dj1jH7h2BIk0Ry4NKifWZwsdRP5VUuRUoIoH6Pe4aarl2xkcV bVAVQC/7iOVpM70krQZ+lMWANubjKeHYvKV+NT0eCU3xs3GVOoq6Ge+W4q3VQKD3 1CU8ZzLVtGczZvl72Fxb5wWFfuMNLVYuPPQ2yqmaatEUtOsX0n8LcQSG1aAisYdh sOh889lUPkoLaDaH/1zWNW+gge3qy4thkgdpFfFC8wUCNT/S1RWBbQ5Z/S80WErJ CzcidwMYIwlKpK3qdjtiRARGFj9TVeDoO0PbG3UKXZt/nrJYbhIP2JpWoKYSmvHh 2ehQYOtgewGWNew1uA7AuhR9gHmDnqvMXxygJd2z3FxSX1oFWs/kU79lMuQVECYl J8mwD23ytkUdcz9zVDDkl+RkGvKT1ia5N4tWVpO39KcCAwEAAaOCAhEwggINMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUs7+7OWSmqN+9zvFrTqYbQj4qq/wwHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wGQYDVR0RBBIwEIIOY3J5c3RhbGRvdC5jb20wEwYD VR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgB6MoxU 2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYnpSCmUAAAEAwBHMEUCIQC+ zthlWbRPC/F+8xKFm6AzBvDizvlv2ieL0I/UyBzzJAIgQnjGV6oQJ/hqhultZ0j9 ZlRstAQt3tEVK9uQRe2Dc1gAdwCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY0 69yCigAAAYnpSCm6AAAEAwBIMEYCIQCggvYPbiVWO6kf0gQd3oAXLycLx4PZftv4 yp9oT6L5VgIhAJqVOIBRb0P/rgz15w+5ElH9EgYgiFLHQ0f9k1wVOe2VMA0GCSqG SIb3DQEBCwUAA4IBAQC4mkQQEyVzeIBrbdWh/VETNE1TtKd4aIbi/eIUdJSNbfJR lcP1KKEoio6eMXJjklJ4dydpEhIwTlpK5EZB2/e+ceUVIkMv4KFPUi0IG28mgOcT KITAleK3M3kCoHNHEq1YdaGemEtsiONG9tswMBB35/CFililmU4OT48oCM98QI+4 YZCoHQvPjbkfOsKMNhzTVOymAA2nWQJxKXJDVc3/EFtFftfZdhMPXRLhDuFfpGeZ gGWpUhx2hPmf+0WBMBzXm8IgpIGhNNiArpc8QSMVuhT/DBxrKCGrdIwcTxJUzs5V hoM3vdsSuHESQpsUd2ok+V5io9C8R7/fLmM7zLMt -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArPr5n/W9QmpGZyml8mpO wdjIoa/h8rn4yr0orZu3lrctZCpWrHtR9ofo5smIeMb6MErX+o2aBmigapAeqYn5 MRWA7ZajHU95I3Drnqz5u6m7YGkLeEMTfK2ubZCH0Nl7BgIfulkR7nGTouwSy567 HhfNoqLAWBzIO2pDDM1OICZ+ienVDh9L80M6xQo1oQw4aR2ue/rP7vKYJARVQ+cn FYcKxs5IV0hXJLRUo0Y4tuBn9TVAgTdlPwfRm0vZ5nMrTgJADtAf6u3HR81Dj1jH 7h2BIk0Ry4NKifWZwsdRP5VUuRUoIoH6Pe4aarl2xkcVbVAVQC/7iOVpM70krQZ+ lMWANubjKeHYvKV+NT0eCU3xs3GVOoq6Ge+W4q3VQKD31CU8ZzLVtGczZvl72Fxb 5wWFfuMNLVYuPPQ2yqmaatEUtOsX0n8LcQSG1aAisYdhsOh889lUPkoLaDaH/1zW NW+gge3qy4thkgdpFfFC8wUCNT/S1RWBbQ5Z/S80WErJCzcidwMYIwlKpK3qdjti RARGFj9TVeDoO0PbG3UKXZt/nrJYbhIP2JpWoKYSmvHh2ehQYOtgewGWNew1uA7A uhR9gHmDnqvMXxygJd2z3FxSX1oFWs/kU79lMuQVECYlJ8mwD23ytkUdcz9zVDDk l+RkGvKT1ia5N4tWVpO39KcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 298376152342132712271013264296384377694685 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-12 09:26:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-10 09:26:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'crystaldot.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 705698346363051842100440915052506503957041669368894459121009741004334113160348959848262725748670499914553645621210875453613791162244258550567410180099936942319260068578718578927008701693102850679223573489773009948419877814848902710978923821536685861108550286649645403473407914851145005214286361209521424650051930848039699194238514357678629569530337250484164136964305430257807848521281619608355064601059581610967523417764066783846259392467369532201833004400070421668297191409940660935017006939590161604142117073243787997453726461585126671739951149688520807835209821734260084585160235639697062306012703922306112445329217890736819133849707589257396084487635197902733552430060473403121366909834412768757414641221965561728859257549218035850436433756540124346932112445836895224731103182802157580950087567713022571741980792961004894671279883251751559285951670825181601625668553114811638001334222307001485238096884271774747514297640028349544963356047756986568018716471613672922531127521047436408791947205377082575194111092014977752831915467793944265385198924466183222015120787398448348498530224074043190352468415404137450164945459085657190372094806377992841248504515183383690076275788438706960606590188904737014495762037007781022298652800167 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b3bfbb3964a6a8dfbdcef16b4ea61b423e2aabfc . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crystaldot.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000189e94829940000040300473045022100beced86559b44f0bf17ef312859ba03306f0e2cef96fda278bd08fd4c81cf32402204278c657aa1027f86a86e96d6748fd66546cb4042dded1152bdb9045ed837358007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000189e94829ba0000040300483046022100a082f60f6e25563ba91fd2041dde80172f270bc783d97edbf8ca9f684fa2f9560221009a953880516f43ffae0cf5e70fb91251fd1206208852c74347fd935c1539ed95 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b89a441013257378806b6dd5a1fd5113344d53b4a7786886e2fde21474948d6df25195c3f528a1288a8e9e3172639252787727691212304e5a4ae44641dbf7be71e51522432fe0a14f522d081b6f2680e7132884c095e2b7337902a0734712ad5875a19e984b6c88e346f6db30301077e7f0858a58a5994e0e4f8f2808cf7c408fb86190a81d0bcf8db91f3ac28c361cd354eca6000da759027129724355cdff105b457ed7d976130f5d12e10ee15fa467998065a9521c7684f99ffb4581301cd79bc220a481a134d880ae973c412315ba14ff0c1c6b2821ab748c1c4f1254cece55868337bddb12b87112429b14776a24f95e62a3d0bc47bfdf2e633bccb32d