DV SSL/TLS Certificate for www.thepaperengineer.nz

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the www.thepaperengineer.nz DV SSL/TLS Certificate

This certificate with serial number 06:e9:ae:d1:5c:48:65:aa:e6:57:ff:15:b0:91:b4:16:b6:bc for www.thepaperengineer.nz was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.thepaperengineer.nz provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:e9:ae:d1:5c:48:65:aa:e6:57:ff:15:b0:91:b4:16:b6:bc
Serial Number (int): 602191879816167726835698846083827889518268
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: f8:e2:5b:90:34:77:ad:a3:0b:e5:f7:48:e0:04:7a:6e:af:cc:8c:b1
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 4e:f3:b7:3e:f4:48:71:05:8b:80:bd:fe:87:3d:1d:af:2c:a4:e4:0c
Fingerprint (SHA-256): d4:89:46:32:d3:9d:71:b6:b6:c3:84:10:ad:69:8e:66:40:e7:23:86:88:34:00:10:19:6f:d4:ff:a6:a4:f2:8e

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

OCSP Server: http://r11.o.lencr.org
CRL Distribution Point: http://r11.c.lencr.org/61.crl

Check the revocation status for certificate www.thepaperengineer.nz
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.thepaperengineer.nz

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.thepaperengineer.nz

X.509 Certificate

The complete raw X.509 certificate details for www.thepaperengineer.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISBumu0VxIZarmV/8VsJG0Fra8MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNDMwMTgxNjExWhcNMjUwNzI5MTgxNjEwWjAiMSAwHgYDVQQD
Exd3d3cudGhlcGFwZXJlbmdpbmVlci5uejCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANoP8jOTC3o9YB0nEdlmA1yN3zFCIxlqN1hVsjUH3FjPJboE/c3O
1pjfsuu312d+E9JurlD3Kq3I2aQKjw1fwMO9mu12ERxjaWlahnVLEmgQJqGpjTee
p/iiB6vHU+kQ8QpKvb9gCv3MwaHyimG9jaVqg5Ta6VRUaoUb0G0bHbcrMyVZFYGf
hM2EKALd0f6pn8QLZCZSt4H0HZFBAcm5tvNy/wRdsQuG/LVmg48nqG2egAr6bY6z
bNxkyQvglvcBAALXryJEkWqVBvbho1x/AD01WYi1+8yyDhksfX8tUo1wO2sLSEzH
DW3MHkfw0kCSYUPDv1TRWNc51yYf5RY/qLMCAwEAAaOCAkswggJHMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU+OJbkDR3raML5fdI4AR6bq/MjLEwHwYDVR0jBBgwFoAU
xc9GpOr0w8B6bJXELbBeki8m47kwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzAB
hhZodHRwOi8vcjExLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjEx
LmkubGVuY3Iub3JnLzAiBgNVHREEGzAZghd3d3cudGhlcGFwZXJlbmdpbmVlci5u
ejATBgNVHSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8v
cjExLmMubGVuY3Iub3JnLzYxLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2
AMz7D2qFcQll/pWbU87psnwi6YVcDZeNtql+VMD+TA2wAAABlogfaaoAAAQDAEcw
RQIgHk0dQdbE0oBYNHMFhuGCaWS61LIn5V4ntEN+ZjkvORcCIQCPE2fYCnhKKw8K
RqSEC41QXUthfiGYWxr9byMziY6jcgB2ABLxTjS9U3JMhAYZw48/ehP457Vih4ic
bTAFhOvlhiY6AAABlogfcVUAAAQDAEcwRQIhAJCFye5bCsUf50YqX+e1ESzwnhiL
QYiNLUhCfZtzMe1rAiAN+DO2O/ygj5507+JYxGV2DrgXmhqFvp5CVahBxf3gpjAN
BgkqhkiG9w0BAQsFAAOCAQEAS1agrECjfB/YacqUC9/bLMpvmzO5fD4TxocL1hYZ
PKN2tTywvZOoXON+vzhMHcXiPxN2Mni8H92jyykPy7KUGsltvT/XBZ+nYqWA+wkt
A4jCrfwCl62SRgQ2GLR0JU/zGyDR6zzDN57XymTM5Sla1Vm6GkTgzNS8H2H1YH7s
EM1rzR1coTPUFOYP1KHcZyjCw1RM1uR/srUqe/8oAZpS0/aAyLoHN2IgqFga+fsQ
BcrzdcIiZn9HZsVvvpMF0Gcrbao/+SLljMJcm+fJ4ZYmyBUvkQsn1p5N3XlI1MsN
OJS77L888DJRbhmmuCYdP88hL75W8bJrwOxa3BgY6UpuAg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g/yM5MLej1gHScR2WYD
XI3fMUIjGWo3WFWyNQfcWM8lugT9zc7WmN+y67fXZ34T0m6uUPcqrcjZpAqPDV/A
w72a7XYRHGNpaVqGdUsSaBAmoamNN56n+KIHq8dT6RDxCkq9v2AK/czBofKKYb2N
pWqDlNrpVFRqhRvQbRsdtyszJVkVgZ+EzYQoAt3R/qmfxAtkJlK3gfQdkUEBybm2
83L/BF2xC4b8tWaDjyeobZ6ACvptjrNs3GTJC+CW9wEAAtevIkSRapUG9uGjXH8A
PTVZiLX7zLIOGSx9fy1SjXA7awtITMcNbcweR/DSQJJhQ8O/VNFY1znXJh/lFj+o
swIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 602191879816167726835698846083827889518268
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-30 18:16:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-29 18:16:10 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.thepaperengineer.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27527813797315637884885997292059132779703968880098963006628577702562023858620716987803491533196257600927830078969661366226070659013500504673536149800360138750243914510338537872229920519436993274279632568583452511228321961213604285936255133020173319928638432386455510881931411013108819192894735449019982188542322592761659466505271431686855630427637681388775951693662110971063282722398515156340644615987709663584994638298641092682459600229310819570747771580383637239721743490056562956352269587196934701582444376772383716527250795803748616461725609754842691219659358885177260711887983377481400034994264385364325388232883
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f8e25b903477ada30be5f748e0047a6eafcc8cb1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thepaperengineer.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/61.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000196881f69aa000004030047304502201e4d1d41d6c4d2805834730586e1826964bad4b227e55e27b4437e66392f39170221008f1367d80a784a2b0f0a46a4840b8d505d4b617e21985b1afd6f2333898ea37200760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000196881f715500000403004730450221009085c9ee5b0ac51fe7462a5fe7b5112cf09e188b41888d2d48427d9b7331ed6b02200df833b63bfca08f9e74efe258c465760eb8179a1a85be9e4255a841c5fde0a6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004b56a0ac40a37c1fd869ca940bdfdb2cca6f9b33b97c3e13c6870bd616193ca376b53cb0bd93a85ce37ebf384c1dc5e23f13763278bc1fdda3cb290fcbb2941ac96dbd3fd7059fa762a580fb092d0388c2adfc0297ad9246043618b474254ff31b20d1eb3cc3379ed7ca64cce5295ad559ba1a44e0ccd4bc1f61f5607eec10cd6bcd1d5ca133d414e60fd4a1dc6728c2c3544cd6e47fb2b52a7bff28019a52d3f680c8ba07376220a8581af9fb1005caf375c222667f4766c56fbe9305d0672b6daa3ff922e58cc25c9be7c9e19626c8152f910b27d69e4ddd7948d4cb0d3894bbecbf3cf032516e19a6b8261d3fcf212fbe56f1b26bc0ec5adc1818e94a6e02