otagorotarytrusttramps.org.nz

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:11:99:24:08:c3:25:11:cc:e5:5f:d7:be:06:72:78:8e:e7 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=otagorotarytrusttramps.org.nz

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:11:99:24:08:c3:25:11:cc:e5:5f:d7:be:06:72:78:8e:e7
Serial Number (int): 267325217016698934185289181946362264588007
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 86:12:d0:be:02:a9:b5:45:91:0c:2d:2a:9f:30:01:57:cc:1f:d9:53
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 1c:74:d4:21:58:1a:0b:4c:3b:b7:dd:a4:1a:25:dc:09:32:5b:c9:37
Fingerprint (sha256): 00:23:a7:75:96:6d:46:5b:81:07:14:b4:99:73:fa:4b:a7:d0:19:9c:cb:69:0e:a3:c6:f3:be:0c:79:98:27:72

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org/

Check the revocation status for certificate otagorotarytrusttramps.org.nz

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for otagorotarytrusttramps.org.nz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

otagorotarytrusttramps.org.nz
www.otagorotarytrusttramps.org.nz

Other certificates including the domain name otagorotarytrusttramps.org.nz

(limited to 100 certificates)
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz
otagorotarytrusttramps.org.nz

Certificate

The complete raw certificate details for otagorotarytrusttramps.org.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAxGZJAjDJRHM5V/XvgZyeI7nMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA5MjExMTAzMDBaFw0x
NjEyMjAxMTAzMDBaMCgxJjAkBgNVBAMTHW90YWdvcm90YXJ5dHJ1c3R0cmFtcHMu
b3JnLm56MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH1CdVWWu+CR
ndLFv18vSpB5VNhet/e5eDPGTgPvG7zIGd4joiIjDcSOiYHGaGVVu7RQBA11jqHn
gKVxn3C5Y/eudp0J4FdqE1YhdBIh8EycUyiKZuUIPQUycNx8sTButV2uL6UOu7Yi
yYGWMaC+uTaF8r+falyHVnNliWuDdnkrm24O6Gt7wuE9mePhlNrjB5hs6Hb2BCsD
wXAhU1kxjK0bYDjB6Rr/EcERD/tr2/Kp5xB1jd+ZCgEYiRFcx/b1kKjRHmD0JnK/
hw5CzC8GD7UK2oOa4/FEPY+cz8DQSgNViSlizE+6KAG1gYAsyeoblZWemd0Rx7BW
T1HaHC0TywIDAQABo4ICQTCCAj0wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSGEtC+
Aqm1RZEMLSqfMAFXzB/ZUzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js
oTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmludC14
My5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQt
eDMubGV0c2VuY3J5cHQub3JnLzBLBgNVHREERDBCgh1vdGFnb3JvdGFyeXRydXN0
dHJhbXBzLm9yZy5ueoIhd3d3Lm90YWdvcm90YXJ5dHJ1c3R0cmFtcHMub3JnLm56
MIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggr
BgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwIC
MIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBi
eSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRo
ZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlw
dC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAAJl/Y4RtCHoQUG9
RyMZcLJKxxW9Qy7f7ft7EMoaeNjlSi2FDmfmyVIZ+Tc2xV9SxH4ldhyYc9Rvug2R
C+56+ezYpbwhJ0vRgsIk9+r1R//pZkCHY81iUd2OvQPG+3UYWHmjd9R1BttCLoB2
KAqL/7FZXMSa+Sx27ONMS45SeNoxq7IvmY+VVe16L12WEdGmNzahlDlJqLvswWCe
Qfv1Mj60dnLSL2oAfCFesD3OUZguBmDUWnFC4ikSIon+XL+oaPsSs6AgivaDTO7V
QCeZvwt2A3Xekat5HD5uUqhBb0z7nCGw80V9shSAyAZ3efqcIJ2r6reg8Ca+PSTA
OMwzJDE=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH1CdVWWu+CRndLFv18v
SpB5VNhet/e5eDPGTgPvG7zIGd4joiIjDcSOiYHGaGVVu7RQBA11jqHngKVxn3C5
Y/eudp0J4FdqE1YhdBIh8EycUyiKZuUIPQUycNx8sTButV2uL6UOu7YiyYGWMaC+
uTaF8r+falyHVnNliWuDdnkrm24O6Gt7wuE9mePhlNrjB5hs6Hb2BCsDwXAhU1kx
jK0bYDjB6Rr/EcERD/tr2/Kp5xB1jd+ZCgEYiRFcx/b1kKjRHmD0JnK/hw5CzC8G
D7UK2oOa4/FEPY+cz8DQSgNViSlizE+6KAG1gYAsyeoblZWemd0Rx7BWT1HaHC0T
ywIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 267325217016698934185289181946362264588007
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-21 11:03:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-20 11:03:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'otagorotarytrusttramps.org.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21269803046595774025045164178686928517145517529193467519043470856350933643320958137646019564316101970199024819304581402372010846889297857716400856242120477748756966316580847091400785321722107608187954117677674063075221624393798453782183501434246408886005798351228706131023458454874119608897755975019750048461584282398634911882279096910625891170005534580131863844030308436293557895352221598011881978869390790941256476396719025799324945310660831119713043466186380344614363945860021810414598767535031511669469227104996448509133855986741886352349523412647596951399317008467549375030162250889371299273471575521920629412811
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String '�E�-*�0W��S'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'otagorotarytrusttramps.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.otagorotarytrusttramps.org.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000265fd8e11b421e84141bd47231970b24ac715bd432edfedfb7b10ca1a78d8e54a2d850e67e6c95219f93736c55f52c47e25761c9873d46fba0d910bee7af9ecd8a5bc21274bd182c224f7eaf547ffe966408763cd6251dd8ebd03c6fb75185879a377d47506db422e8076280a8bffb1595cc49af92c76ece34c4b8e5278da31abb22f998f9555ed7a2f5d9611d1a63736a1943949a8bbecc1609e41fbf5323eb47672d22f6a007c215eb03dce51982e0660d45a7142e229122289fe5cbfa868fb12b3a0208af6834ceed5402799bf0b760375de91ab791c3e6e52a8416f4cfb9c21b0f3457db21480c8067779fa9c209dabeab7a0f026be3d24c038cc332431