DV SSL/TLS Certificate for otagorotarytrusttramps.org.nz

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the otagorotarytrusttramps.org.nz DV SSL/TLS Certificate

This certificate with serial number 05:03:9c:12:9c:db:e9:59:c0:96:b8:18:1f:c9:fc:f0:3c:eb for otagorotarytrusttramps.org.nz was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for otagorotarytrusttramps.org.nz provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:03:9c:12:9c:db:e9:59:c0:96:b8:18:1f:c9:fc:f0:3c:eb
Serial Number (int): 436789732969729033398025365666746149649643
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 9a:40:73:0d:4d:ea:fa:8b:0d:74:f7:ca:d5:e6:7e:bc:b7:2c:a0:40
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): be:3b:63:54:5d:ed:4f:66:7d:27:60:e1:44:c1:73:c1:e0:47:3d:4f
Fingerprint (SHA-256): 93:5d:81:20:5c:90:59:e6:82:73:7b:6f:ab:91:59:a5:64:4f:6e:0b:80:69:b3:11:97:b1:3b:4e:4d:ec:2f:4f

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/108.crl

Check the revocation status for certificate otagorotarytrusttramps.org.nz
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for otagorotarytrusttramps.org.nz

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for otagorotarytrusttramps.org.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISBQOcEpzb6VnAlrgYH8n88DzrMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTI3MDAzNDU3WhcNMjUwODI1MDAzNDU2WjAoMSYwJAYDVQQD
Ex1vdGFnb3JvdGFyeXRydXN0dHJhbXBzLm9yZy5uejCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAMCNpFY+T21arO0VHN5yNzl4gScbLSXvsSkfK5lxhYHt
cU3KenYt5f7WrEnH83AiyZhwJofWYYCSItH3LIFKtu3iolaJQ23ZgfFJg67W1nrJ
cCL/9CzmCtyEizfNRa4Yk+0p97rCtqbnHnNUtnFC0Svnr/K85rym6AmXAW1961oP
3D8reEdw6yMvnPDfB21QAFWg2kZXfpGW74nSKitjn7J+DBDaGKwDMjHpvOBO2apS
wjd1J6pS6K625yxUYXoOMGzDl70S+bOfIgSUs8ZQhSCg9R1LvzmSK+IZtnqtk700
yJ7nd7MwRAqf2YuKQz03A/3tCjIN9FX1Ge5YvKiB2PMCAwEAAaOCAlEwggJNMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUmkBzDU3q+osNdPfK1eZ+vLcsoEAwHwYDVR0j
BBgwFoAUu7zDR6XkvKnGw6RyDBCNojXhyOgwMwYIKwYBBQUHAQEEJzAlMCMGCCsG
AQUFBzAChhdodHRwOi8vcjEwLmkubGVuY3Iub3JnLzBLBgNVHREERDBCgh1vdGFn
b3JvdGFyeXRydXN0dHJhbXBzLm9yZy5ueoIhd3d3Lm90YWdvcm90YXJ5dHJ1c3R0
cmFtcHMub3JnLm56MBMGA1UdIAQMMAowCAYGZ4EMAQIBMC8GA1UdHwQoMCYwJKAi
oCCGHmh0dHA6Ly9yMTAuYy5sZW5jci5vcmcvMTA4LmNybDCCAQQGCisGAQQB1nkC
BAIEgfUEgfIA8AB2AO08S9boBsKkogBX28sk4jgB31Ev7cSGxXAPIN23Pj/gAAAB
lw9fhmwAAAQDAEcwRQIgEXPi9MPQu2l40Gzr+rOMX4Vc4/971DqNq+nxJS3LI8YC
IQCmMVqe42xt6/PKoerQYMY12mBHEm13e6pb5Kmud0BXkAB2AN3cyjSV1+EWBeeV
MvrHn/g9HFDf2wA6FBJ2Ciysu8gqAAABlw9fllwAAAQDAEcwRQIgalPsC8v2nmaE
lvrZ1eXfOLLMSDh0no+CvI3bBA69qzECIQDUgp4ryv/PWN0+0DgHaVdh8vYnz8GC
/DPpOXf0mWifPjANBgkqhkiG9w0BAQsFAAOCAQEAnN4cIvNnEO11iz8hVSJEaXls
CWi/FdE04AGBBcvP6wizYkj4KjSHQd0XBZppsKFfCvzfHPTkSjFOKFouOg/j724D
7ebHfTbrHWbD4kn9uaQ7B6EVgSq7xog4PUEeDv/Ulvp5UBrT8cnLOVatqz/WMdQR
lRJXFOPPfkomJ3u+VxPV3pFyWWaZMvjLhEF79oaPSpPuY6tt/MeRg67gTBKvcgl+
6yzXhbMmUUIV+kDDfRpuTqlMNzUXDzh9swEutMq1VM2cqqbBhFYMtbEqTFE5rKsC
TJ34Z1ufDjXE8hfTK+9TJMSZ/TqkAP8UAl5tgV5TQRnEblkHJ1gHOuQBtzEKaw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI2kVj5PbVqs7RUc3nI3
OXiBJxstJe+xKR8rmXGFge1xTcp6di3l/tasScfzcCLJmHAmh9ZhgJIi0fcsgUq2
7eKiVolDbdmB8UmDrtbWeslwIv/0LOYK3ISLN81FrhiT7Sn3usK2pucec1S2cULR
K+ev8rzmvKboCZcBbX3rWg/cPyt4R3DrIy+c8N8HbVAAVaDaRld+kZbvidIqK2Of
sn4MENoYrAMyMem84E7ZqlLCN3UnqlLorrbnLFRheg4wbMOXvRL5s58iBJSzxlCF
IKD1HUu/OZIr4hm2eq2TvTTInud3szBECp/Zi4pDPTcD/e0KMg30VfUZ7li8qIHY
8wIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 436789732969729033398025365666746149649643
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-27 00:34:57 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-25 00:34:56 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'otagorotarytrusttramps.org.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24307600797780658558563527478393672386336158802267918334151287313514701856465921704628816132695414192919032566691327362398117641378599935613901561812735924334269901202644711316009294257673695983506362354895336552415572445146112301550024614863488198911748210811613305144796231718602287760759648753074453331724674272720029796431829632130853005928246715024010599351043100644236325768484440518517293863842887081179852623337872500450711862685343868670549476031446594726167081126454531669097544225295818894766424610650228670203764401881885885691495351303558977495383005178183920734311457457025634686194126582229852536035571
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9a40730d4deafa8b0d74f7cad5e67ebcb72ca040
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'otagorotarytrusttramps.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.otagorotarytrusttramps.org.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/108.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe0000001970f5f866c000004030047304502201173e2f4c3d0bb6978d06cebfab38c5f855ce3ff7bd43a8dabe9f1252dcb23c6022100a6315a9ee36c6debf3caa1ead060c635da6047126d777baa5be4a9ae77405790007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a000001970f5f965c000004030047304502206a53ec0bcbf69e668496fad9d5e5df38b2cc4838749e8f82bc8ddb040ebdab31022100d4829e2bcaffcf58dd3ed03807695761f2f627cfc182fc33e93977f499689f3e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009cde1c22f36710ed758b3f2155224469796c0968bf15d134e0018105cbcfeb08b36248f82a348741dd17059a69b0a15f0afcdf1cf4e44a314e285a2e3a0fe3ef6e03ede6c77d36eb1d66c3e249fdb9a43b07a115812abbc688383d411e0effd496fa79501ad3f1c9cb3956adab3fd631d41195125714e3cf7e4a26277bbe5713d5de917259669932f8cb84417bf6868f4a93ee63ab6dfcc79183aee04c12af72097eeb2cd785b326514215fa40c37d1a6e4ea94c3735170f387db3012eb4cab554cd9caaa6c184560cb5b12a4c5139acab024c9df8675b9f0e35c4f217d32bef5324c499fd3aa400ff14025e6d815e534119c46e59072758073ae401b7310a6b