www.stuff.co.nz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:47:a6:4b:4b:00:1c:ce:36:c9:bd:80:20:0c:2f:e0:62:43 was issued on by Let's Encrypt.
With 53 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.stuff.co.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:47:a6:4b:4b:00:1c:ce:36:c9:bd:80:20:0c:2f:e0:62:43Serial Number (int): 285717948637421692144343828049146251600451
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 28:5d:22:d5:f3:53:ce:42:40:50:9a:f6:84:45:af:66:ba:ac:12:be
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b7:e5:e9:7b:d6:b9:8c:10:4f:60:f9:e6:08:a3:6e:db:9e:22:7a:f6
Fingerprint (sha256): 38:17:6a:83:ef:6e:e0:d3:13:66:4b:83:98:88:b0:e9:65:d5:0c:54:19:d6:98:fa:ba:56:71:f7:7a:4c:f9:b9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.stuff.co.nz
53
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.stuff.co.nz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
99.fairfaxmedia.co.nz
advertise.fairfaxmedia.co.nz
alpha.stuff.co.nz
api-preprod.stuff.co.nz
api.indexed.co.nz
api.stuff.co.nz
assets.stuff.co.nz
beta.stuff.co.nz
canary-alpha.stuff.co.nz
canary-beta.stuff.co.nz
canary-preprod.stuff.co.nz
canary.stuff.co.nz
cdn-my.stuff.co.nz
file2.stuff.co.nz
i-preprod.stuff.co.nz
i.preprod.stuff.co.nz
i.stuff.co.nz
interactives.stuff.co.nz
media.stuff.co.nz
np.fairfaxmedia.co.nz
nzcms.fairfaxmedia.co.nz
nznp.fairfaxmedia.co.nz
popshop-api.stuff.co.nz
popshop2-staging.stuff.co.nz
popshop2.stuff.co.nz
production-ugc-api.fairfaxmedia.co.nz
production-ugc.fairfaxmedia.co.nz
resources-preprod.stuff.co.nz
resources.stuff.co.nz
staging-api.indexed.co.nz
staging-nzcms.fairfaxmedia.co.nz
staging-popshop-api.stuff.co.nz
staging-popshop.stuff.co.nz
staging-ugc-api.fairfaxmedia.co.nz
staging-ugc.fairfaxmedia.co.nz
staging.indexed.co.nz
static.fairfaxmedia.co.nz
static.stuff.co.nz
static2.stuff.co.nz
technology.fairfaxmedia.co.nz
uat-ugc-api.fairfaxmedia.co.nz
uat-ugc.fairfaxmedia.co.nz
ugc-api.stuff.co.nz
ugc.stuff.co.nz
widgets.stuff.co.nz
www-preprod-alpha.stuff.co.nz
www-preprod-beta.stuff.co.nz
www-preprod.stuff.co.nz
www.bestonthebox.co.nz
www.fairfaxmagazines.co.nz
www.preprod.stuff.co.nz
www.stuff.co.nz
www2.indexed.co.nz
advertise.fairfaxmedia.co.nz
alpha.stuff.co.nz
api-preprod.stuff.co.nz
api.indexed.co.nz
api.stuff.co.nz
assets.stuff.co.nz
beta.stuff.co.nz
canary-alpha.stuff.co.nz
canary-beta.stuff.co.nz
canary-preprod.stuff.co.nz
canary.stuff.co.nz
cdn-my.stuff.co.nz
file2.stuff.co.nz
i-preprod.stuff.co.nz
i.preprod.stuff.co.nz
i.stuff.co.nz
interactives.stuff.co.nz
media.stuff.co.nz
np.fairfaxmedia.co.nz
nzcms.fairfaxmedia.co.nz
nznp.fairfaxmedia.co.nz
popshop-api.stuff.co.nz
popshop2-staging.stuff.co.nz
popshop2.stuff.co.nz
production-ugc-api.fairfaxmedia.co.nz
production-ugc.fairfaxmedia.co.nz
resources-preprod.stuff.co.nz
resources.stuff.co.nz
staging-api.indexed.co.nz
staging-nzcms.fairfaxmedia.co.nz
staging-popshop-api.stuff.co.nz
staging-popshop.stuff.co.nz
staging-ugc-api.fairfaxmedia.co.nz
staging-ugc.fairfaxmedia.co.nz
staging.indexed.co.nz
static.fairfaxmedia.co.nz
static.stuff.co.nz
static2.stuff.co.nz
technology.fairfaxmedia.co.nz
uat-ugc-api.fairfaxmedia.co.nz
uat-ugc.fairfaxmedia.co.nz
ugc-api.stuff.co.nz
ugc.stuff.co.nz
widgets.stuff.co.nz
www-preprod-alpha.stuff.co.nz
www-preprod-beta.stuff.co.nz
www-preprod.stuff.co.nz
www.bestonthebox.co.nz
www.fairfaxmagazines.co.nz
www.preprod.stuff.co.nz
www.stuff.co.nz
www2.indexed.co.nz
Other certificates including the domain name stuff.co.nz
(limited to 100 certificates)
*.stuff.co.nz
deaths.stuff.co.nz
composer.contentstaging.shift21.ffx.nz
popshop.stuff.co.nz
t.comms.stuff.co.nz
coupons.stuff.co.nz
*.stuff.co.nz
*.stuff.co.nz
www.communications.stuff.co.nz
www.stuff.co.nz
coupons.stuff.co.nz
www.stuff.co.nz
social.stuff.co.nz
shop.stuff.co.nz
*.stuff.co.nz
*.stuff.co.nz
events.stuff.co.nz
www.stuff.co.nz
coupons.stuff.co.nz
stuff.co.nz
*.preprod.stuff.co.nz
stuff.co.nz
www.stuff.co.nz
www.stuff.co.nz
*.stuff.co.nz
playwidget.stuff.co.nz
somniture.stuff.co.nz
somniture.stuff.co.nz
devices.play.stuff.co.nz
my.preprod.stuff.co.nz
prospective2.shared.global.fastly.net
*.stuff.co.nz
www.stuff.co.nz
subscribers.theage.com.au
*.stuff.co.nz
prospective2.shared.global.fastly.net
*.fairfaxmedia.com.au
prospective2.shared.global.fastly.net
*.stuff.co.nz
stuff.co.nz
*.preprod.stuff.co.nz
prospective2.shared.global.fastly.net
test.communications.stuff.co.nz
ssl470690.cloudflaressl.com
pressphotocomp.stuff.co.nz
www.stuff.co.nz
*.stuff.co.nz
www.stuff.co.nz
prospective2.shared.global.fastly.net
www.stuff.co.nz
*.stuff.co.nz
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
analytics.stuff.co.nz
prospective2.shared.global.fastly.net
somniture.stuff.co.nz
*.preprod.stuff.co.nz
shop.stuff.co.nz
*.preprod.stuff.co.nz
prospective2.shared.global.fastly.net
deaths.stuff.co.nz
www.communications.stuff.co.nz
www.stuff.co.nz
*.stuff.co.nz
prospective2.shared.global.fastly.net
*.idm.stuff.co.nz
stuff.co.nz
www.stuff.co.nz
www.stuff.co.nz
pressfanzone.stuff.co.nz
www.stuff.co.nz
*.preprod.stuff.co.nz
shop.stuff.co.nz
*.stuff.co.nz
events.stuff.co.nz
*.stuff.co.nz
stuff.co.nz
shop.stuff.co.nz
www.stuff.co.nz
www.stuff.co.nz
ssl470689.cloudflaressl.com
www.communications.stuff.co.nz
somniture.stuff.co.nz
stuff.co.nz
*.stuff.co.nz
deaths.stuff.co.nz
stuff.co.nz
knowthecrew.stuff.co.nz
prospective2.shared.global.fastly.net
play.stuff.co.nz
popshop.stuff.co.nz
www.stuff.co.nz
shop.stuff.co.nz
*.preprod.stuff.co.nz
stuff.co.nz
www.stuff.co.nz
www.stuff.co.nz
playwidget.stuff.co.nz
prospective2.shared.global.fastly.net
*.stuff.co.nz
deaths.stuff.co.nz
composer.contentstaging.shift21.ffx.nz
popshop.stuff.co.nz
t.comms.stuff.co.nz
coupons.stuff.co.nz
*.stuff.co.nz
*.stuff.co.nz
www.communications.stuff.co.nz
www.stuff.co.nz
coupons.stuff.co.nz
www.stuff.co.nz
social.stuff.co.nz
shop.stuff.co.nz
*.stuff.co.nz
*.stuff.co.nz
events.stuff.co.nz
www.stuff.co.nz
coupons.stuff.co.nz
stuff.co.nz
*.preprod.stuff.co.nz
stuff.co.nz
www.stuff.co.nz
www.stuff.co.nz
*.stuff.co.nz
playwidget.stuff.co.nz
somniture.stuff.co.nz
somniture.stuff.co.nz
devices.play.stuff.co.nz
my.preprod.stuff.co.nz
prospective2.shared.global.fastly.net
*.stuff.co.nz
www.stuff.co.nz
subscribers.theage.com.au
*.stuff.co.nz
prospective2.shared.global.fastly.net
*.fairfaxmedia.com.au
prospective2.shared.global.fastly.net
*.stuff.co.nz
stuff.co.nz
*.preprod.stuff.co.nz
prospective2.shared.global.fastly.net
test.communications.stuff.co.nz
ssl470690.cloudflaressl.com
pressphotocomp.stuff.co.nz
www.stuff.co.nz
*.stuff.co.nz
www.stuff.co.nz
prospective2.shared.global.fastly.net
www.stuff.co.nz
*.stuff.co.nz
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
analytics.stuff.co.nz
prospective2.shared.global.fastly.net
somniture.stuff.co.nz
*.preprod.stuff.co.nz
shop.stuff.co.nz
*.preprod.stuff.co.nz
prospective2.shared.global.fastly.net
deaths.stuff.co.nz
www.communications.stuff.co.nz
www.stuff.co.nz
*.stuff.co.nz
prospective2.shared.global.fastly.net
*.idm.stuff.co.nz
stuff.co.nz
www.stuff.co.nz
www.stuff.co.nz
pressfanzone.stuff.co.nz
www.stuff.co.nz
*.preprod.stuff.co.nz
shop.stuff.co.nz
*.stuff.co.nz
events.stuff.co.nz
*.stuff.co.nz
stuff.co.nz
shop.stuff.co.nz
www.stuff.co.nz
www.stuff.co.nz
ssl470689.cloudflaressl.com
www.communications.stuff.co.nz
somniture.stuff.co.nz
stuff.co.nz
*.stuff.co.nz
deaths.stuff.co.nz
stuff.co.nz
knowthecrew.stuff.co.nz
prospective2.shared.global.fastly.net
play.stuff.co.nz
popshop.stuff.co.nz
www.stuff.co.nz
shop.stuff.co.nz
*.preprod.stuff.co.nz
stuff.co.nz
www.stuff.co.nz
www.stuff.co.nz
playwidget.stuff.co.nz
prospective2.shared.global.fastly.net
*.stuff.co.nz
Certificate
The complete raw certificate details for www.stuff.co.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKJDCCCQygAwIBAgISA0emS0sAHM42yb2AIAwv4GJDMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA2MTYwMjUwMDBaFw0x NzA5MTQwMjUwMDBaMBoxGDAWBgNVBAMTD3d3dy5zdHVmZi5jby5uejCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBALlZTL1sSfIBuhI/uVD2SXyz1BFGnQ9d SrjnilzpW4Od1OsUACqFVLtCaGp6mcOAl5hVYZBxQXLyGyi5bMr6u9BcH5TKfRTZ AjEjDOhUaJjar+p5UXyEtrJDQ+RSPjpEUb2BWMJVC7beMN49p5m5VQ8+SbWXdzWB OIrXKBbizU8bcSTXOKAXroJDBbi173zppH6ZU/quAz8VxkxDPDVZC4mtzFLW6FNj JBvgE2EYWIjzA8LpIOa/GJoZe812J/Ze1l2rHhXutej4bTE7Twg3O+zZKtEvOfuF DYoXC9zJaQBc8heKnS5UdIjs1k8oe7Kn1s76nBtRggi46NvP6vS3Vc8CAwEAAaOC BzIwggcuMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUKF0i1fNTzkJAUJr2hEWvZrqs Er4wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu b3JnLzCCBTsGA1UdEQSCBTIwggUughU5OS5mYWlyZmF4bWVkaWEuY28ubnqCHGFk dmVydGlzZS5mYWlyZmF4bWVkaWEuY28ubnqCEWFscGhhLnN0dWZmLmNvLm56ghdh cGktcHJlcHJvZC5zdHVmZi5jby5ueoIRYXBpLmluZGV4ZWQuY28ubnqCD2FwaS5z dHVmZi5jby5ueoISYXNzZXRzLnN0dWZmLmNvLm56ghBiZXRhLnN0dWZmLmNvLm56 ghhjYW5hcnktYWxwaGEuc3R1ZmYuY28ubnqCF2NhbmFyeS1iZXRhLnN0dWZmLmNv Lm56ghpjYW5hcnktcHJlcHJvZC5zdHVmZi5jby5ueoISY2FuYXJ5LnN0dWZmLmNv Lm56ghJjZG4tbXkuc3R1ZmYuY28ubnqCEWZpbGUyLnN0dWZmLmNvLm56ghVpLXBy ZXByb2Quc3R1ZmYuY28ubnqCFWkucHJlcHJvZC5zdHVmZi5jby5ueoINaS5zdHVm Zi5jby5ueoIYaW50ZXJhY3RpdmVzLnN0dWZmLmNvLm56ghFtZWRpYS5zdHVmZi5j by5ueoIVbnAuZmFpcmZheG1lZGlhLmNvLm56ghhuemNtcy5mYWlyZmF4bWVkaWEu Y28ubnqCF256bnAuZmFpcmZheG1lZGlhLmNvLm56ghdwb3BzaG9wLWFwaS5zdHVm Zi5jby5ueoIccG9wc2hvcDItc3RhZ2luZy5zdHVmZi5jby5ueoIUcG9wc2hvcDIu c3R1ZmYuY28ubnqCJXByb2R1Y3Rpb24tdWdjLWFwaS5mYWlyZmF4bWVkaWEuY28u bnqCIXByb2R1Y3Rpb24tdWdjLmZhaXJmYXhtZWRpYS5jby5ueoIdcmVzb3VyY2Vz LXByZXByb2Quc3R1ZmYuY28ubnqCFXJlc291cmNlcy5zdHVmZi5jby5ueoIZc3Rh Z2luZy1hcGkuaW5kZXhlZC5jby5ueoIgc3RhZ2luZy1uemNtcy5mYWlyZmF4bWVk aWEuY28ubnqCH3N0YWdpbmctcG9wc2hvcC1hcGkuc3R1ZmYuY28ubnqCG3N0YWdp bmctcG9wc2hvcC5zdHVmZi5jby5ueoIic3RhZ2luZy11Z2MtYXBpLmZhaXJmYXht ZWRpYS5jby5ueoIec3RhZ2luZy11Z2MuZmFpcmZheG1lZGlhLmNvLm56ghVzdGFn aW5nLmluZGV4ZWQuY28ubnqCGXN0YXRpYy5mYWlyZmF4bWVkaWEuY28ubnqCEnN0 YXRpYy5zdHVmZi5jby5ueoITc3RhdGljMi5zdHVmZi5jby5ueoIddGVjaG5vbG9n eS5mYWlyZmF4bWVkaWEuY28ubnqCHnVhdC11Z2MtYXBpLmZhaXJmYXhtZWRpYS5j by5ueoIadWF0LXVnYy5mYWlyZmF4bWVkaWEuY28ubnqCE3VnYy1hcGkuc3R1ZmYu Y28ubnqCD3VnYy5zdHVmZi5jby5ueoITd2lkZ2V0cy5zdHVmZi5jby5ueoIdd3d3 LXByZXByb2QtYWxwaGEuc3R1ZmYuY28ubnqCHHd3dy1wcmVwcm9kLWJldGEuc3R1 ZmYuY28ubnqCF3d3dy1wcmVwcm9kLnN0dWZmLmNvLm56ghZ3d3cuYmVzdG9udGhl Ym94LmNvLm56ghp3d3cuZmFpcmZheG1hZ2F6aW5lcy5jby5ueoIXd3d3LnByZXBy b2Quc3R1ZmYuY28ubnqCD3d3dy5zdHVmZi5jby5ueoISd3d3Mi5pbmRleGVkLmNv Lm56MIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAm BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUF BwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBv biBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRo IHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5j cnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBACbCqR9wMo4k jtOy1W+k5w/qnmjtLLlBsAYgoondHV6mhydAuC7Kr53NV0dx4a6coSDedagyEwaA Bp7p8Rxc83cQ8McCz8hhARd9+S66V+wkhS99FgSPkeio28p0sFfm+fMpttUkLTXZ q0oBREphJK2R009bzmnUVBgfkCJCFK702xmxXBobwfeprXoUh9S2eUw7meOdo+xu 4GtGK304ARGhAw/sCtnma8DuGHLaqrByCdTBp+ujmnZ73TojGmSluxEwz/rimTUh TPpPTw6b/2tI+iLgmPMb/0czSfY7QEUs6hEfMFeA+ZZbiPBGX4jsppBYoIxVIqDj rxCSBTNl5fs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVlMvWxJ8gG6Ej+5UPZJ fLPUEUadD11KuOeKXOlbg53U6xQAKoVUu0JoanqZw4CXmFVhkHFBcvIbKLlsyvq7 0FwflMp9FNkCMSMM6FRomNqv6nlRfIS2skND5FI+OkRRvYFYwlULtt4w3j2nmblV Dz5JtZd3NYE4itcoFuLNTxtxJNc4oBeugkMFuLXvfOmkfplT+q4DPxXGTEM8NVkL ia3MUtboU2MkG+ATYRhYiPMDwukg5r8Ymhl7zXYn9l7WXaseFe616PhtMTtPCDc7 7Nkq0S85+4UNihcL3MlpAFzyF4qdLlR0iOzWTyh7sqfWzvqcG1GCCLjo28/q9LdV zwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 285717948637421692144343828049146251600451 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-16 02:50:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-14 02:50:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.stuff.co.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23398121774242823847248225920107062614076647432876189467259259396370863679356813563688817343392081720468859085243217223746454565841943410375779489267961048049578095371136867753002030078516910796931715109938204062409826608513808407565034713629542012955486652281231755193824471976656447537079759523119338586847760341360792326248698939895216855370302145538713807058408025399812095055738678630331696867726396957330297627660368824584622270303767393428084984301153490405756563365529014132546183801587108585558215840295837123734387911202399303849367340609840638496387075943062837539640212852835944700771281832754542991070671 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 285d22d5f353ce4240509af68445af66baac12be . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1330 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '99.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advertise.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alpha.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-preprod.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.indexed.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beta.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canary-alpha.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canary-beta.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canary-preprod.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canary.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn-my.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'file2.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'i-preprod.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'i.preprod.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'i.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'interactives.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'np.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nzcms.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nznp.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'popshop-api.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'popshop2-staging.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'popshop2.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'production-ugc-api.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'production-ugc.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resources-preprod.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resources.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-api.indexed.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-nzcms.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-popshop-api.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-popshop.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-ugc-api.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging-ugc.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.indexed.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static2.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'technology.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat-ugc-api.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat-ugc.fairfaxmedia.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ugc-api.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ugc.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'widgets.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-preprod-alpha.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-preprod-beta.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-preprod.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bestonthebox.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fairfaxmagazines.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.preprod.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stuff.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.indexed.co.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0026c2a91f70328e248ed3b2d56fa4e70fea9e68ed2cb941b00620a289dd1d5ea6872740b82ecaaf9dcd574771e1ae9ca120de75a832130680069ee9f11c5cf37710f0c702cfc86101177df92eba57ec24852f7d16048f91e8a8dbca74b057e6f9f329b6d5242d35d9ab4a01444a6124ad91d34f5bce69d454181f90224214aef4db19b15c1a1bc1f7a9ad7a1487d4b6794c3b99e39da3ec6ee06b462b7d380111a1030fec0ad9e66bc0ee1872daaab07209d4c1a7eba39a767bdd3a231a64a5bb1130cffae29935214cfa4f4f0e9bff6b48fa22e098f31bff473349f63b40452cea111f305780f9965b88f0465f88eca69058a08c5522a0e3af1092053365e5fb