keirunga.org.nz
Issued by USERTrust RSA Domain Validation Secure Server CA
About this certificate
This digital certificate with serial number e6:fe:0b:34:dd:0c:dc:f2:79:56:71:9c:a6:e6:63:c8 was issued on by The USERTRUST Network.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=keirunga.org.nz
The USERTRUST Network
Organization:
The USERTRUST Network
State / Province:
New Jersey
Locality: Jersey City
Country: US
Locality: Jersey City
Country: US
This certificate will expire on
Certificate Details
Serial Number (hex): e6:fe:0b:34:dd:0c:dc:f2:79:56:71:9c:a6:e6:63:c8Serial Number (int): 307041509727380325569476821758297662408
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 5e:87:0c:74:21:b8:74:fe:ff:aa:0b:b4:26:26:85:cf:6f:c7:13:b1
AuthorityKeyId: a6:c1:e7:e1:f4:f6:47:63:d7:2f:7d:8d:90:f8:ba:23:4f:60:ac:9e
Fingerprint (sha1): bf:c5:7d:af:cb:46:a9:3a:b2:74:33:c8:69:46:93:ef:46:eb:1b:df
Fingerprint (sha256): 30:9c:8c:c9:04:84:fe:79:c4:a9:04:41:57:b4:d8:26:8b:d9:a5:f9:02:e6:c5:03:16:f8:69:19:4e:0a:b7:fa
Issuing Certificate URL: http://crt.usertrust.com/USERTrustRSADomainValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.usertrust.comCRL Distribution Point: http://crl.usertrust.com/USERTrustRSADomainValidationSecureServerCA.crl
Check the revocation status for certificate keirunga.org.nz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for keirunga.org.nz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
keirunga.org.nz
www.keirunga.org.nz
www.keirunga.org.nz
Other certificates including the domain name keirunga.org.nz
(limited to 100 certificates)
oratiaunited.co.nz
sporty.co.nz
waibopfootball.co.nz
sporty.co.nz
www.katikatifc.co.nz
keirunga.org.nz
pcbasketballclub.co.nz
pcbasketballclub.co.nz
www.pkjsports.co.nz
keirunga.org.nz
karakasportspark.co.nz
www.waitakerecityfc.org.nz
hockeymanawatu.org.nz
maristinvercargill.co.nz
hockeymanawatu.org.nz
keirunga.org.nz
www.aucklandsoftball.org.nz
sporty.co.nz
www.brooklyncroquetclub.org
www.thesalmonrun.nz
www.schoolground.nz
maristinvercargill.co.nz
whangareirowingclub.org.nz
keirunga.org.nz
www.unimountafc.org.nz
www.greenhithefootball.org
sportsground.co.nz
www.bowlswestcoast.org.nz
sporty.co.nz
waibopfootball.co.nz
sporty.co.nz
www.katikatifc.co.nz
keirunga.org.nz
pcbasketballclub.co.nz
pcbasketballclub.co.nz
www.pkjsports.co.nz
keirunga.org.nz
karakasportspark.co.nz
www.waitakerecityfc.org.nz
hockeymanawatu.org.nz
maristinvercargill.co.nz
hockeymanawatu.org.nz
keirunga.org.nz
www.aucklandsoftball.org.nz
sporty.co.nz
www.brooklyncroquetclub.org
www.thesalmonrun.nz
www.schoolground.nz
maristinvercargill.co.nz
whangareirowingclub.org.nz
keirunga.org.nz
www.unimountafc.org.nz
www.greenhithefootball.org
sportsground.co.nz
www.bowlswestcoast.org.nz
Certificate
The complete raw certificate details for keirunga.org.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGpTCCBY2gAwIBAgIRAOb+CzTdDNzyeVZxnKbmY8gwDQYJKoZIhvcNAQELBQAw gZMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMTkwNwYD VQQDEzBVU0VSVHJ1c3QgUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2 ZXIgQ0EwHhcNMjMxMDIxMDAwMDAwWhcNMjQxMDI3MjM1OTU5WjAaMRgwFgYDVQQD Ew9rZWlydW5nYS5vcmcubnowggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0SiqMCK9BBjiWsXL3pmpqOvTD/jiEw4OVfzRyRDpViyN+kzLU83cWthYMsK7k KllKb02gbu20bK+15hR+p8oZA0oQjqMnQCL5+8fY48nJj5dZukqoOi7eh07E/K2A 0vdO34S3Mx5D4aR2v87/oCOQ8cbYt90E4ktS6LjxQTRfiaOLj29sC13fKnKRXN2Y SybgsEgidIP2aLxJcdm9FYGM/kuKNA5yZKdekiknteMfaaW1JjSfYBej8tc/t1/6 PpdZ5n2SUBrWJEDqEMs1KePqA2S89zhBFblJGx0sFc28pQn0Hi5UEUY3ZS01OiCo dGO9WJagpQUeH/bGdEbMNV1DAgMBAAGjggNqMIIDZjAfBgNVHSMEGDAWgBSmwefh 9PZHY9cvfY2Q+LojT2CsnjAdBgNVHQ4EFgQUXocMdCG4dP7/qgu0JiaFz2/HE7Ew DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMEwGA1UdIARFMEMwNwYMKwYBBAGyMQECAQMEMCcwJQYIKwYB BQUHAgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYGZ4EMAQIBMFgGA1Ud HwRRME8wTaBLoEmGR2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS U0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcB AQR+MHwwUwYIKwYBBQUHMAKGR2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS VHJ1c3RSU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCUGCCsG AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMC8GA1UdEQQoMCaCD2tl aXJ1bmdhLm9yZy5ueoITd3d3LmtlaXJ1bmdhLm9yZy5uejCCAX8GCisGAQQB1nkC BAIEggFvBIIBawFpAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQA AAGLUSZg0QAABAMARzBFAiEAxlR0BOy53j2SOncbiRabuD84rbOBWg7Ztu4O+1Vu JuMCIApAkZy3sBM6ot7LOrjuPZk9A2HKHjM7YdwVFkCb/Q8lAHcA2ra/az+1tiKf m8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGLUSZhQQAABAMASDBGAiEA4WMaJbZv IJkVtWHcVz9Tu+4QHxF08HGnnezS8MAjq38CIQCaBlzhospbZFjJKhKE52vjilfP OwkPDFq/mV3+xlTUWQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7Wb AAABi1EmYTkAAAQDAEcwRQIgJRcrEM4/LdMGXAlHzX8fcyRV8tZ/gnTduReU1xnp ptECIQDWnCEDgbkd6qmx93md/+U049C7jSIBpLVgqVhEAUXQlTANBgkqhkiG9w0B AQsFAAOCAQEABMEJQgFh1ZmfnUiYX09WUU2TtXvZOe4Fp8hiFd5Ix+U1PFGtm5NH 5DUkZvsO2wiseF71gXiuorStZLc7atCqjg6ttv2lKeNcp00wr9yOv8VNC1Yei2v1 PzKrUg90NsF9Ae+dQaACNlU+Eh3M0IRyQQfxOEJlBKrz/oLMTDltCKjSHY1YaeGH NnjmdZO/fGCROPtLPQMOZ+yDh8M7EOMV/e6WH1lybjFI1qGSUpP5fHhLzPkfbMGo qgLiN6pAaL6eOh3ASBRiWoGouceg/3B6BSnK2ixBChz0BI45ZeZxGNcfav3oiwU7 IUGq/XEMWW6fnrcKVwoMSWbZx7oALGEkjw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEoqjAivQQY4lrFy96Zq ajr0w/44hMODlX80ckQ6VYsjfpMy1PN3FrYWDLCu5CpZSm9NoG7ttGyvteYUfqfK GQNKEI6jJ0Ai+fvH2OPJyY+XWbpKqDou3odOxPytgNL3Tt+EtzMeQ+Gkdr/O/6Aj kPHG2LfdBOJLUui48UE0X4mji49vbAtd3ypykVzdmEsm4LBIInSD9mi8SXHZvRWB jP5LijQOcmSnXpIpJ7XjH2mltSY0n2AXo/LXP7df+j6XWeZ9klAa1iRA6hDLNSnj 6gNkvPc4QRW5SRsdLBXNvKUJ9B4uVBFGN2UtNTogqHRjvViWoKUFHh/2xnRGzDVd QwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 307041509727380325569476821758297662408 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New Jersey' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Jersey City' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The USERTRUST Network' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'USERTrust RSA Domain Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-21 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'keirunga.org.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22759467609823584936597391865614138203909210685119360537181831704753654356408000933982246023615877133953469113265564714194827402981969668697896757223763109042679179314156721599124049147240354042499129836664946638996119345462882598054260607913000644390063902140749550569447443811419854056072172127814474936224229905198980442113038783424073240051947016235262399216385038083072984285929263466263394147155583931033809340211800387282570801890042175552024713192746653673498897832858951249368530891468791757991163979096681670482986207285707652528628025333892054718919248330764311511146077640580758931809516517292511551905091 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a6c1e7e1f4f64763d72f7d8d90f8ba234f60ac9e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5e870c7421b874feffaa0bb4262685cf6fc713b1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (81 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/USERTrustRSADomainValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/USERTrustRSADomainValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'keirunga.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.keirunga.org.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b512660d10000040300473045022100c6547404ecb9de3d923a771b89169bb83f38adb3815a0ed9b6ee0efb556e26e302200a40919cb7b0133aa2decb3ab8ee3d993d0361ca1e333b61dc1516409bfd0f25007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b512661410000040300483046022100e1631a25b66f209915b561dc573f53bbee101f1174f071a79decd2f0c023ab7f0221009a065ce1a2ca5b6458c92a1284e76be38a57cf3b090f0c5abf995dfec654d459007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b512661390000040300473045022025172b10ce3f2dd3065c0947cd7f1f732455f2d67f8274ddb91794d719e9a6d1022100d69c210381b91deaa9b1f7799dffe534e3d0bb8d2201a4b560a958440145d095 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0004c109420161d5999f9d48985f4f56514d93b57bd939ee05a7c86215de48c7e5353c51ad9b9347e4352466fb0edb08ac785ef58178aea2b4ad64b73b6ad0aa8e0eadb6fda529e35ca74d30afdc8ebfc54d0b561e8b6bf53f32ab520f7436c17d01ef9d41a00236553e121dccd084724107f138426504aaf3fe82cc4c396d08a8d21d8d5869e1873678e67593bf7c609138fb4b3d030e67ec8387c33b10e315fdee961f59726e3148d6a1925293f97c784bccf91f6cc1a8aa02e237aa4068be9e3a1dc04814625a81a8b9c7a0ff707a0529cada2c410a1cf4048e3965e67118d71f6afde88b053b2141aafd710c596e9f9eb70a570a0c4966d9c7ba002c61248f