www.crystalscapes.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:09:7d:d4:39:2b:d4:8b:66:44:ac:cf:99:25:3b:aa:64:83 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.crystalscapes.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:09:7d:d4:39:2b:d4:8b:66:44:ac:cf:99:25:3b:aa:64:83Serial Number (int): 264566654523546247720590138781377346823299
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 16:d7:1b:aa:11:4d:97:df:c0:1f:88:6b:45:e6:84:d4:db:47:16:69
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 7c:32:68:61:99:cf:63:85:e9:df:4e:64:b3:c3:cf:03:8a:30:13:a0
Fingerprint (sha256): d4:49:a4:15:50:13:0f:fa:9b:6e:3e:2f:02:40:3f:22:f8:0b:81:a7:cc:10:a4:93:15:6e:5f:a4:a6:ee:f1:13
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.crystalscapes.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.crystalscapes.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.crystalscapes.com
Other certificates including the domain name crystalscapes.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.crystalscapes.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYTCCBUmgAwIBAgISAwl91Dkr1ItmRKzPmSU7qmSDMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMjAwNzE3MTlaFw0y MDAxMTgwNzE3MTlaMCAxHjAcBgNVBAMTFXd3dy5jcnlzdGFsc2NhcGVzLmNvbTCC AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAN6JENhbxW57VXUYFiULh9eq q8XvvI6fUZ+K5bdvey3bDHwZkLaPFAkXe8sbAZ3IrMR8ejy4xMD3g7Bz7rCM1k49 EmxT1rQfQs2fWq6JJYDrNtMQVjkHq2qN9yW5juWq5k4IzVju7G4PmzUpbilmreCL m9PBzNbK4Tofi08/GpDNAHb8ADpyrvT601aKIKrCiAg/QeYLHECT4KNokFCKFPgt 1VNuUZ6BrBBgVioYSjnhSE5fXFR1zMnOReoILuLa/pOoGaNzsuFOnqXOJYC5md5E wXFOpBXZPBfEgMyRCk1oMkv2/7ElXsA3LIB9QRZEZwP7eCAwVbRRrteBzeF4kmtU bDpc8aPrRnEAnL/MkdhNOJKFeesajVHOjxfUnefUaZmos2tEgAFFOi0SK9ct0hK0 kAYzK1NFUfM0ENaTc1OtuM+26vy5ZJPoEN3Fr+dy/8jLjKnR3hCG7+PIsrAJfADI q1A6YlIX1cBHgHhAWm0zzur1KTE6g27Ux0adMEW3cEb479+EnDhpEm7QeJ7cMtTX 21NiW0OK77aX97q3CWEi4ddSLO5zpVf4grleba9TetTjw31wMkSBHOQKjihe8EoD PXpIxY/B7fcawzRkB65t4df7J9etNeNwf94eQVj8BnPJyreDb2jgmbhbH9DO14h2 PoqSfLnmYNxWqI1uLFd1AgMBAAGjggJpMIICZTAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O BBYEFBbXG6oRTZffwB+Ia0XmhNTbRxZpMB8GA1UdIwQYMBaAFKhKamMEfd265tE5 t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29j c3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2Nl cnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIAYDVR0RBBkwF4IVd3d3LmNyeXN0 YWxzY2FwZXMuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEB MCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYK KwYBBAHWeQIEAgSB9ASB8QDvAHUA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKaw qKqOsnMAAAFt6D38vgAABAMARjBEAiAHl0TAka9WVrYTE2Ejz91PZPGMkfd4LIlO wcWORaHmfAIgMRzdY9u1HxOqEEGG7bgX/1R2PBf/uM9G+6Tonjh6yqEAdgApPFGW VMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAW3oPfyGAAAEAwBHMEUCIQCq TGyFv3AuMqLv6RGVqdB09rdUWi60Iv4FyXZ6LjXtrwIgJRVzyhLj7efxmwhhUqCw YbuHT/xJUe3ztrsqsTsoiO8wDQYJKoZIhvcNAQELBQADggEBACYduZVt9kOxcA81 tRAPqH1ytx8FhC+ufqDZ/9LEup1uC5YdkfJCLRNYUEJmQYvxhhKALftpLljV2q8x FLEkxpNVle1XJVPNZb9TGfPU+DfJjiCkw4yyXTaKRXhzC8rgYKTmpwWSrm5t5y+0 GmV2vRUjXf+PtXV0KVH3hlGi1/gAk+cw6UvYsOznZzF6S4iP4v8hFfTaGyWlqpHF dtlxYUZnpm6BkIzIvsofi0g8J9pMeWtIzl5Hve0sw1m5Y+tpu7ClEPHu5ZopudNP o1i8IxYkXJY9MKp0e0IjouDBcH52shcNx6AHAibmxHdGi8WBmclUzy3Nbnj8iNAP tuQmIVg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3okQ2FvFbntVdRgWJQuH 16qrxe+8jp9Rn4rlt297LdsMfBmQto8UCRd7yxsBncisxHx6PLjEwPeDsHPusIzW Tj0SbFPWtB9CzZ9aroklgOs20xBWOQerao33JbmO5armTgjNWO7sbg+bNSluKWat 4Iub08HM1srhOh+LTz8akM0AdvwAOnKu9PrTVoogqsKICD9B5gscQJPgo2iQUIoU +C3VU25RnoGsEGBWKhhKOeFITl9cVHXMyc5F6ggu4tr+k6gZo3Oy4U6epc4lgLmZ 3kTBcU6kFdk8F8SAzJEKTWgyS/b/sSVewDcsgH1BFkRnA/t4IDBVtFGu14HN4XiS a1RsOlzxo+tGcQCcv8yR2E04koV56xqNUc6PF9Sd59Rpmaiza0SAAUU6LRIr1y3S ErSQBjMrU0VR8zQQ1pNzU624z7bq/Llkk+gQ3cWv53L/yMuMqdHeEIbv48iysAl8 AMirUDpiUhfVwEeAeEBabTPO6vUpMTqDbtTHRp0wRbdwRvjv34ScOGkSbtB4ntwy 1NfbU2JbQ4rvtpf3urcJYSLh11Is7nOlV/iCuV5tr1N61OPDfXAyRIEc5AqOKF7w SgM9ekjFj8Ht9xrDNGQHrm3h1/sn160143B/3h5BWPwGc8nKt4NvaOCZuFsf0M7X iHY+ipJ8ueZg3FaojW4sV3UCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 264566654523546247720590138781377346823299 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-20 07:17:19 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-18 07:17:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.crystalscapes.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 907865278739066367101549163596611844110797732899352508033856379957994053766961555206996419228555324729710827088477705837902022259827584893820680513781508203479131025062361158001874085496264687294100470112760343004631906448627497085570672027441725141687563148864334335966356924671772284844521756325960881883159625913661781559077852878718854460245424500235932709056016332517198722630213666327670897759544421092513238635254528226212782561111073961331483403151032828866555149198095118905955437553532698769257914470281558959803041496391597157343258753209450899176241203857175731131282648427075970084084831151099212486640249714287100288701454211194922761734102620582379429555438873981607353512064343557642018498564901179836163913945361609640641300602236234968172719928173423403442484242171500111274050994244865932644562561526218581310736797596139866079487384597268512627290776017560138106205749593454524411194053430532585168888906489201423852964626209250006496283232852156690298875615228907554804803658417337770040967745672890059989312150122894677473933534036670729237431883278917271922682502610747361768088956482614823608373648163100173402695687249150813731750481198304683456565188634668598250867773307244253547245137389759320960122247029 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 16d71baa114d97dfc01f886b45e684d4db471669 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.crystalscapes.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016de83dfcbe00000403004630440220079744c091af5656b613136123cfdd4f64f18c91f7782c894ec1c58e45a1e67c0220311cdd63dbb51f13aa104186edb817ff54763c17ffb8cf46fba4e89e387acaa1007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016de83dfc860000040300473045022100aa4c6c85bf702e32a2efe91195a9d074f6b7545a2eb422fe05c9767a2e35edaf0220251573ca12e3ede7f19b086152a0b061bb874ffc4951edf3b6bb2ab13b2888ef . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00261db9956df643b1700f35b5100fa87d72b71f05842fae7ea0d9ffd2c4ba9d6e0b961d91f2422d1358504266418bf18612802dfb692e58d5daaf3114b124c6935595ed572553cd65bf5319f3d4f837c98e20a4c38cb25d368a4578730bcae060a4e6a70592ae6e6de72fb41a6576bd15235dff8fb575742951f78651a2d7f80093e730e94bd8b0ece767317a4b888fe2ff2115f4da1b25a5aa91c576d971614667a66e81908cc8beca1f8b483c27da4c796b48ce5e47bded2cc359b963eb69bbb0a510f1eee59a29b9d34fa358bc2316245c963d30aa747b4223a2e0c1707e76b2170dc7a0070226e6c477468bc58199c954cf2dcd6e78fc88d00fb6e4262158