www.thermspa.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:da:19:fe:77:8d:9f:e7:6e:d3:53:be:a7:b7:cf:e1:d9:e0 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.thermspa.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:da:19:fe:77:8d:9f:e7:6e:d3:53:be:a7:b7:cf:e1:d9:e0Serial Number (int): 335552965752169417368772192306149604841952
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0a:95:49:c4:43:03:0f:09:2a:74:2a:26:ec:f5:58:fe:f7:02:49:9b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 7c:a3:34:91:fd:3f:87:4a:6f:46:3e:94:6b:2b:dd:c1:f2:6a:8a:35
Fingerprint (sha256): c1:25:45:47:e1:20:01:88:f4:05:fd:8a:11:74:29:f3:c9:ad:6d:a2:7d:5f:de:57:4c:57:84:60:92:93:61:5b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.thermspa.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.thermspa.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.thermspa.com
Other certificates including the domain name thermspa.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.thermspa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWTCCBUGgAwIBAgISA9oZ/neNn+du01O+p7fP4dngMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMTMwMzI2MDFaFw0y MDAxMTEwMzI2MDFaMBsxGTAXBgNVBAMTEHd3dy50aGVybXNwYS5jb20wggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC8gOMpuF8A+Cglw2pKA1VkVHyGz1c9 mq0gFERhrXrXw/9hVOd56EBwT7ihgpch5PK2VvQNMarYvIgzXI4AQZN8oM84EagL ojU8COrSWq8U8u/tI4MKp3KuyoLmOFu8KLaN/q3T95dPOgSh8dly0RQf/G5wcWfU b4Sc5WEP97PQF4gj17CowDW7Nvf0Uu6dPo9+dJKYfGhv6wP5AIXw0FsUpUuhoeUt NHnv5iHhmBErCYN7foQU+XdEvU2g+H31De0GJDmN3Ptp52jzCpRdA/M0P2TBZkWB XxA4YjR/BQNsHVya6ncJ3e+kEvqLTnhpetCLeMlMVQIlOb6TjJiVDozJdI+OUbQ6 nCiOdO3Kvh0NZ9XbpamJxiBppH88BSVcNaUIwL7HrPwf6l7lQBK6M7xm+C1oAzvY n3EzJkV/SDBRm1fuFTNTy6bpewfHXIRcE0sHtR0783LPrXtvllXKxyoTsMWBduek q1GV05iwgyTQfuU5VkG11AC7K1QG8MzUFWRZ/5gNeJT+0doz9InzDLTrvd7qcDp2 89DH1/onf93spV8Tb17IfXr4g9nfRn7ZzNUdM4CBZUGVqIOeBFaVORfMupQDTIOH +K3Fx7dWtuJA9xd+eD+bhFcuAorJ68JfZWIhO61gbUAwP9OmXOBv2VQASkUICLiP rMoxsnwSW8Pp7QIDAQABo4ICZjCCAmIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQK lUnEQwMPCSp0Kibs9Vj+9wJJmzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmlu dC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0Lmlu dC14My5sZXRzZW5jcnlwdC5vcmcvMBsGA1UdEQQUMBKCEHd3dy50aGVybXNwYS5j b20wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEF BQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQC BIH2BIHzAPEAdgApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAW3D XbbkAAAEAwBHMEUCIQCRQRJNAYmSyEVrbIUlYrS+d7aa7CvjFx5vaI/iZQhx6gIg RsEh01WlbH4ajnV7ONvDHjxgMeKLIf3agBgPY2zg4HkAdwBep3P531bA57U2SH3Q SeAyepGaDIShEhKEGHWWgXFFWAAAAW3DXbbzAAAEAwBIMEYCIQCZve2+30eAA1/B VpMHt9jjcVWqj7Yp3GTpYpu58kYEggIhAIRcaYy2staMEcDSD7AvZNhn+q/Kz1mi X8IbTDaEf4L4MA0GCSqGSIb3DQEBCwUAA4IBAQBD+6lAIeqKmI3GLabYEMkyTA7I KhdrYultw12qElqWJEaze3/zGjsHshzdkoyaMUWm0nbKi6dyEpiS8Og64nEqkr7o wak/rlDBYrmZ21g3pqhWfWrGVLShaDj/EsvY+vrpibr3D9hxe++K7PCO5wQUzAaZ kTbqxIemdUQzC+GtBFP3sUD00CFJPb8F5WNrvS0cBDXU/ajjZQvjtG6YIb186fJ9 K0vMj1It4mKjU3hAImgbBQ109F6O5RwAX7F9oWRjz3s+kphueaMVexQxRuN5WbrP geDKm8FuM3NnntUt80nF+ZsERcss8CRR2ay8KP3qGtlj7i4YGYH2a10fVqGH -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvIDjKbhfAPgoJcNqSgNV ZFR8hs9XPZqtIBREYa1618P/YVTneehAcE+4oYKXIeTytlb0DTGq2LyIM1yOAEGT fKDPOBGoC6I1PAjq0lqvFPLv7SODCqdyrsqC5jhbvCi2jf6t0/eXTzoEofHZctEU H/xucHFn1G+EnOVhD/ez0BeII9ewqMA1uzb39FLunT6PfnSSmHxob+sD+QCF8NBb FKVLoaHlLTR57+Yh4ZgRKwmDe36EFPl3RL1NoPh99Q3tBiQ5jdz7aedo8wqUXQPz ND9kwWZFgV8QOGI0fwUDbB1cmup3Cd3vpBL6i054aXrQi3jJTFUCJTm+k4yYlQ6M yXSPjlG0OpwojnTtyr4dDWfV26WpicYgaaR/PAUlXDWlCMC+x6z8H+pe5UASujO8 ZvgtaAM72J9xMyZFf0gwUZtX7hUzU8um6XsHx1yEXBNLB7UdO/Nyz617b5ZVyscq E7DFgXbnpKtRldOYsIMk0H7lOVZBtdQAuytUBvDM1BVkWf+YDXiU/tHaM/SJ8wy0 673e6nA6dvPQx9f6J3/d7KVfE29eyH16+IPZ30Z+2czVHTOAgWVBlaiDngRWlTkX zLqUA0yDh/itxce3VrbiQPcXfng/m4RXLgKKyevCX2ViITutYG1AMD/Tplzgb9lU AEpFCAi4j6zKMbJ8ElvD6e0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 335552965752169417368772192306149604841952 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-13 03:26:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-11 03:26:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.thermspa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 769027047813937433936789601446476983112173554813386664232197082877864188808176914418209730428263816275540952186394519152508149313470929310944858732878933059237034650021047443547201358492024829088758817603612496545884642760083699836393343034721470622656234785641868845865741135750125038417092083132586028982634136468151568265818590130086194806512924734911154991253491999003915185325091635222144849004914797651037465691147868013960931042731500292491605217350217442955333013278219326424241111199926783169706797519749278208052265864029906004668632066060155808049211734809783476142864604016045075987408807694335634443898113142424997195143557131391710809992798310386879811402411221622698740241760226624966153944893808926537159225742405560740943364513294936997205396762648513643980911938546430502794349164215849202817953224732417547560070216507099279883512450277371767624803514282263610264468302710044168855649980939785559000838522098517161604034813313305905042775172546378279973175608825929273449703856135963315898804789984343481359774614093426052410371373015467867773600365684969984074497504870355886292621884170337041313489567310589663788855689255064785662923732887250393066992255710061943479135829272176689355543046319549004101437352429 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0a9549c443030f092a742a26ecf558fef702499b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thermspa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016dc35db6e400000403004730450221009141124d018992c8456b6c852562b4be77b69aec2be3171e6f688fe2650871ea022046c121d355a56c7e1a8e757b38dbc31e3c6031e28b21fdda80180f636ce0e0790077005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016dc35db6f3000004030048304602210099bdedbedf4780035fc1569307b7d8e37155aa8fb629dc64e9629bb9f2460482022100845c698cb6b2d68c11c0d20fb02f64d867faafcacf59a25fc21b4c36847f82f8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0043fba94021ea8a988dc62da6d810c9324c0ec82a176b62e96dc35daa125a962446b37b7ff31a3b07b21cdd928c9a3145a6d276ca8ba772129892f0e83ae2712a92bee8c1a93fae50c162b999db5837a6a8567d6ac654b4a16838ff12cbd8fafae989baf70fd8717bef8aecf08ee70414cc06999136eac487a67544330be1ad0453f7b140f4d021493dbf05e5636bbd2d1c0435d4fda8e3650be3b46e9821bd7ce9f27d2b4bcc8f522de262a353784022681b050d74f45e8ee51c005fb17da16463cf7b3e92986e79a3157b143146e37959bacf81e0ca9bc16e3373679ed52df349c5f99b0445cb2cf02451d9acbc28fdea1ad963ee2e181981f66b5d1f56a187