www.caa.govt.nz

Issued by Entrust Certification Authority - L1C

About this certificate


This digital certificate with serial number 4c:1a:d9:77 was issued on by Entrust, Inc. .

While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present
  • ERROR: stateOrProvinceName is required if organizationName is set

Civil Aviation Authority of New Zealand

Organization: Civil Aviation Authority of New Zealand
Organization unit: IT
Locality: Wellington
Country: NZ

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Locality: Wellington
Country: NZ

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 4c:1a:d9:77
Serial Number (int): 1276828023
Serial Number lenght: 31 bits, 4 octets

SubjectKeyId: ae:62:73:56:ef:82:61:e6:be:49:67:29:39:7e:37:bc:9c:d1:bf:27
AuthorityKeyId: 1e:f1:ab:89:06:f8:49:0f:01:33:77:ee:14:7a:ee:19:7c:93:28:4d

Fingerprint (sha1): c6:83:25:bb:6b:03:26:30:6d:14:7b:a4:b4:b2:00:51:17:8d:93:c9
Fingerprint (sha256): a0:95:08:19:fa:70:48:be:6f:dd:c1:d7:e5:ac:f6:d6:04:b6:fe:21:fa:54:01:e4:4f:34:a1:ad:7b:a1:37:05

Issuing Certificate URL: http://aia.entrust.net/l1c-chain.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1c.crl

Check the revocation status for the current certificate on www.caa.govt.nz
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any other subject alternative names besides the common name of the subject: www.caa.govt.nz

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgIETBrZdzANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0 Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eSAtIEwxQzAeFw0xMTA3MjgyMTI2NTNaFw0xNDA3Mjkw NTE2MzNaMHsxCzAJBgNVBAYTAk5aMRMwEQYDVQQHEwpXZWxsaW5ndG9uMTAwLgYD VQQKEydDaXZpbCBBdmlhdGlvbiBBdXRob3JpdHkgb2YgTmV3IFplYWxhbmQxCzAJ BgNVBAsTAklUMRgwFgYDVQQDEw93d3cuY2FhLmdvdnQubnowggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCPXMl8ycJMuWXKhBGf40IL1BekH7i7DZrvpCpY 3LbcAzaJUd1Hv74rURaDSkOCFls0V0a0ySgs7t38+4zWnxOkJibPybi7PnA5dvPd 7BEy7zA9NE3u2ZxielaHtxmNwEjVa+g5wM44e4Ulkl2GjmVFuDXmJHEmG+13e50Y P52Np1RHeVQUU84KLdZ3BGgjvINAI6IRIwf4Gd2n60aFYAqDykehWYXcBVpNHKYb C3JwtiIeGMfP73a9fUBSrswatF5y4fIu5yEqB2ZZFAIgsovz8xiN04pTeVyWAIop vyNpyi5kCB6DstHQAH6iBSAogJQCM4h8XVR4A0mm/ueituotAgMBAAGjggF1MIIB cTALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDMG A1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxYy5j cmwwZQYIKwYBBQUHAQEEWTBXMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRy dXN0Lm5ldDAwBggrBgEFBQcwAoYkaHR0cDovL2FpYS5lbnRydXN0Lm5ldC9sMWMt Y2hhaW4uY2VyMEAGA1UdIAQ5MDcwNQYJKoZIhvZ9B0sCMCgwJgYIKwYBBQUHAgEW Gmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMBoGA1UdEQQTMBGCD3d3dy5jYWEu Z292dC5uejAfBgNVHSMEGDAWgBQe8auJBvhJDwEzd+4Ueu4ZfJMoTTAdBgNVHQ4E FgQUrmJzVu+CYea+SWcpOX43vJzRvycwCQYDVR0TBAIwADANBgkqhkiG9w0BAQUF AAOCAQEAaYJW6LCWR3HnjgH5zT43S5LxQQXgEE53PI//SLcprUKGXWrjAzFVCxDr wyqlALpHOEuJmaH7gHL0vC3otHjGOwCNbKhuulT6aQ7UoW1OvAHuUOEHFYglddqF 8/3mciMs2aKbS4LY0NvEAisOxFIcc2BI7x3sPaslykFYZfltMGWuf+dEqm32lODu BU+Vtr84KnBkEPjfCe45+ik4vEyYdElb05y7Mk8zLp/bXat877NyOWAIGxwM0Kwh pbZUIA3t2SSoSVoGlVghwROPhX5Jiv+5N28Ukbp++wVePx2hMEa7Lq+TWKGBH+HP gE8twqGcP0bF8JUAsqIv9MPUtULClA== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1zJfMnCTLllyoQRn+NC C9QXpB+4uw2a76QqWNy23AM2iVHdR7++K1EWg0pDghZbNFdGtMkoLO7d/PuM1p8T pCYmz8m4uz5wOXbz3ewRMu8wPTRN7tmcYnpWh7cZjcBI1WvoOcDOOHuFJZJdho5l Rbg15iRxJhvtd3udGD+djadUR3lUFFPOCi3WdwRoI7yDQCOiESMH+Bndp+tGhWAK g8pHoVmF3AVaTRymGwtycLYiHhjHz+92vX1AUq7MGrRecuHyLuchKgdmWRQCILKL 8/MYjdOKU3lclgCKKb8jacouZAgeg7LR0AB+ogUgKICUAjOIfF1UeANJpv7norbq LQIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1276828023 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrust.net/rpa is incorporated by reference' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2009 Entrust, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1C' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-07-28 21:26:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-07-29 05:16:33 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wellington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Civil Aviation Authority of New Zealand' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.caa.govt.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18097832614925050008485137425153896673582532162911920277844129784446271429008973332402682878038145775713753231813471687029692435161385415885229416294843948836663659836138373658388906022150814549794746973203749934560543397707195142959833424303895848941388173955988739109178077918377886299717861637329312786920820757827848438060901429004181490427849620177865393655682918698502546221536334653779591464607995095304272999665549769739497628227092941695867016716933324198372256322035992608657992411829494243044921855946954593545606380761066098979948523578562535482132457020679246872241483861283547388015899135249655216400941 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1c.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1c-chain.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113533.7.75.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.entrust.net/rpa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.caa.govt.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1ef1ab8906f8490f013377ee147aee197c93284d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ae627356ef8261e6be496729397e37bc9cd1bf27 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00698256e8b0964771e78e01f9cd3e374b92f14105e0104e773c8fff48b729ad42865d6ae30331550b10ebc32aa500ba47384b8999a1fb8072f4bc2de8b478c63b008d6ca86eba54fa690ed4a16d4ebc01ee50e10715882575da85f3fde672232cd9a29b4b82d8d0dbc4022b0ec4521c736048ef1dec3dab25ca415865f96d3065ae7fe744aa6df694e0ee054f95b6bf382a706410f8df09ee39fa2938bc4c9874495bd39cbb324f332e9fdb5dab7cefb3723960081b1c0cd0ac21a5b654200dedd924a8495a06955821c1138f857e498affb9376f1491ba7efb055e3f1da13046bb2eaf9358a1811fe1cf804f2dc2a19c3f46c5f09500b2a22ff4c3d4b542c294