www.craftmd.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:a4:d2:ad:4b:35:89:06:39:5b:da:70:08:57:4b:04:fe:b0 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.craftmd.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a4:d2:ad:4b:35:89:06:39:5b:da:70:08:57:4b:04:fe:b0Serial Number (int): 317423203642208226664255686359769839632048
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e7:ba:75:b9:46:f7:10:ac:61:37:2a:75:83:b9:a4:e4:09:7f:5f:98
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): f4:16:10:4b:9e:ed:92:a7:bb:17:d5:93:58:a3:d2:ce:1e:37:de:21
Fingerprint (sha256): cc:39:41:09:d6:c5:aa:42:43:16:11:5e:08:96:54:26:3d:a7:0d:1a:a3:15:58:7a:85:3a:9f:7c:bd:8f:7c:2c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.craftmd.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.craftmd.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.craftmd.com
Other certificates including the domain name craftmd.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.craftmd.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVDCCBTygAwIBAgISA6TSrUs1iQY5W9pwCFdLBP6wMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMTcwMTI1MDlaFw0y MDA1MTcwMTI1MDlaMBoxGDAWBgNVBAMTD3d3dy5jcmFmdG1kLmNvbTCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKDOfPsH2UvRi3BjcGh4hOIJ/xyjV5om 5Nlz4mMQtdYhjfRe9aOa05cvC+rzaxR9ucv5JJhrV1tAv1+HO3Umi+fKOb0xu0+K Ix7jjFvOQzJRyzIthLD/MU4W9vCXzRhnFtV/fgahjQ3yWy257Y6RvdT3dX6HpxNb Ug20gXODQw4xxZnTQ5eGGKNOtm7kQcRRitS6pzVETOa1RSv7Qz6dywZk6d9w5W4b fNkT83H16pwHDEBj5c0J4zPalOlR3zAoKOuMpJbDM5w3j3qxtXDsZt4HxlRYuqcy XyPQLW1qFaAIAhOxm6zsn/43GI6AFigTPaL6pjOMF7fw0d7i2lIWUjUbqIYTUqyl n30Pm6V8oaBxa6ITv8876iByKbwEJNJCWrlrDtyvlS0L3KM1a8VVwPUCA7F/rhyg OQsBDjLygBxRgV0+fDDQCw6/7oH9KBYCQa7lcjg5BJY3ntZAFJAwjlcAqBzn9Cdi V6QDQR9ZmMvKqRWY7iAehAME3QuUlVAE3swKtNAR3rxoYjXjPxAH0oyqwVKkQWoc DlstiIB44vl/Nr4QVNc0P4oMARTkxM0cRwOhMW1nuda5/P+t0IoVSzW5rAW5S7LA 7yR3fK5IxF2M6aqxglMWpI9jx/zRpLN2ifmwx4g8eSdWOKTmRLmeDzflhmFCxVOK m0b+1WIponXrAgMBAAGjggJiMIICXjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOe6 dblG9xCsYTcqdYO5pOQJf1+YMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3LmNyYWZ0bWQuY29t MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAgYKKwYBBAHWeQIEAgSB 8wSB8ADuAHUAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFwUPaz tQAABAMARjBEAiBqpSvathiuqp7bnW3BpxtLL5NfxzMd/JRPaNyGn0N0EQIgDMbs Yz2lpaDhXG2u63GjVdTqPd7Ac8zAeGO73wqGVc4AdQAHt1wb5X1o//Gwxh0jFce6 5ld8V5S3au68YToaadOiHAAAAXBQ9rO4AAAEAwBGMEQCIGzDoh2Za64NTR9pPwcd +DL8quYebLjlN2jHeWPwcwFaAiBJ8PfnJBoTik58Ndr/3O3Mp0A46mHfhWx5qvA1 nFal8zANBgkqhkiG9w0BAQsFAAOCAQEAUMosMSvQzWSJ0l7YGB1cBUW41/kjZgLl jxkKNVcbX/pY4k0GcxfVSu/qLqaHh8/27YOdicwTSHZOSsLce1vMcxxofPY4pvUr mIl/QtU78DSZrdrdj0Z2xVceImKoxr+XQs0wYU+ebOuYNeyx4RBrFPLzjaViQm7K Bl5Zj/WGXhWAYOWu9/eJ/u27e5L3DdPUTIDBHvdr0kIPKN8+XzpZk/a4helYxqfQ uomeb9D8P0RZOZZRwSglgeYUmNTlZvF8X7/WCihlLFo1A7/9ldHJgsbNPCHw6jIR HWkl9jYvulZ3dY8fb1gB+F2QQGcSLqx3RddK9OqC3c2DiAxdyH05QA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoM58+wfZS9GLcGNwaHiE 4gn/HKNXmibk2XPiYxC11iGN9F71o5rTly8L6vNrFH25y/kkmGtXW0C/X4c7dSaL 58o5vTG7T4ojHuOMW85DMlHLMi2EsP8xThb28JfNGGcW1X9+BqGNDfJbLbntjpG9 1Pd1foenE1tSDbSBc4NDDjHFmdNDl4YYo062buRBxFGK1LqnNURM5rVFK/tDPp3L BmTp33Dlbht82RPzcfXqnAcMQGPlzQnjM9qU6VHfMCgo64yklsMznDePerG1cOxm 3gfGVFi6pzJfI9AtbWoVoAgCE7GbrOyf/jcYjoAWKBM9ovqmM4wXt/DR3uLaUhZS NRuohhNSrKWffQ+bpXyhoHFrohO/zzvqIHIpvAQk0kJauWsO3K+VLQvcozVrxVXA 9QIDsX+uHKA5CwEOMvKAHFGBXT58MNALDr/ugf0oFgJBruVyODkEljee1kAUkDCO VwCoHOf0J2JXpANBH1mYy8qpFZjuIB6EAwTdC5SVUATezAq00BHevGhiNeM/EAfS jKrBUqRBahwOWy2IgHji+X82vhBU1zQ/igwBFOTEzRxHA6ExbWe51rn8/63QihVL NbmsBblLssDvJHd8rkjEXYzpqrGCUxakj2PH/NGks3aJ+bDHiDx5J1Y4pOZEuZ4P N+WGYULFU4qbRv7VYimidesCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 317423203642208226664255686359769839632048 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-17 01:25:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-17 01:25:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.craftmd.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 656033669564367406965245480012472508441640176385937661264340124332700349183771191861401445047854830132574884658625868765251418592087242393382415306904919517147884770032358849180971723715399713420362724321283377220547328272610312635291154532315085550499000571877535027779325497243664087592687454750565163731894457653950663329800122325143112447602564984407318779116993187046606380036371845557097000370804001306182169830832239781388205183068681687179461880472684263647511723639240364123173959303501549391044337365232062625324026898443686465591745115859644190338757078017668724771353378243462606157655978807001766398433403763145250927300885557102199780504159204764625714016587049289653449308397430663740942247904186714127351482417954605489650527883105418460981483697522270946731279313604786350427054012215208768773561891073144468338578092749917114063537886005543792055494750718408614977710144542584263104053954445454315549821520736383747334264185150190730293081350391554546043665343149874382766591881129046695873940277570396411780547401676064735717560815831389621793866814913668850944746510719801611260738598288267299841293900936641514306191803034569197087340305395062622464993524049510615101147613669560771730071692217120806604678264299 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e7ba75b946f710ac61372a7583b9a4e4097f5f98 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.craftmd.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000017050f6b3b5000004030046304402206aa52bdab618aeaa9edb9d6dc1a71b4b2f935fc7331dfc944f68dc869f43741102200cc6ec633da5a5a0e15c6daeeb71a355d4ea3ddec073ccc07863bbdf0a8655ce00750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000017050f6b3b8000004030046304402206cc3a21d996bae0d4d1f693f071df832fcaae61e6cb8e53768c77963f073015a022049f0f7e7241a138a4e7c35daffdcedcca74038ea61df856c79aaf0359c56a5f3 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0050ca2c312bd0cd6489d25ed8181d5c0545b8d7f9236602e58f190a35571b5ffa58e24d067317d54aefea2ea68787cff6ed839d89cc1348764e4ac2dc7b5bcc731c687cf638a6f52b98897f42d53bf03499addadd8f4676c5571e2262a8c6bf9742cd30614f9e6ceb9835ecb1e1106b14f2f38da562426eca065e598ff5865e158060e5aef7f789feedbb7b92f70dd3d44c80c11ef76bd2420f28df3e5f3a5993f6b885e958c6a7d0ba899e6fd0fc3f4459399651c1282581e61498d4e566f17c5fbfd60a28652c5a3503bffd95d1c982c6cd3c21f0ea32111d6925f6362fba5677758f1f6f5801f85d904067122eac7745d74af4ea82ddcd83880c5dc87d3940