www.withgrace.co.nz

Issued by GlobalSign Domain Validation CA - SHA256 - G3

About this certificate


This digital certificate with serial number 12:bb:70:ac:75:95:5e:dc:d3:5a:25:fc was issued on by GlobalSign nv-sa .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com.

www.withgrace.co.nz

Organization unit: Domain Control Validated

GlobalSign nv-sa

Organization: GlobalSign nv-sa

Time untill certificate expires

This certificate will expire on

Certificate Details

Serial Number (hex): 12:bb:70:ac:75:95:5e:dc:d3:5a:25:fc
Serial Number (int): 5797331391410991547522098684
Serial Number lenght: 93 bits, 12 octets

SubjectKeyId: 81:51:da:46:77:58:7c:d8:65:e7:70:6a:a3:db:63:c2:96:1c:b7:3b
AuthorityKeyId: 3d:80:82:79:c5:48:82:a3:c3:12:ee:df:99:0f:57:35:48:9e:d0:cb

Fingerprint (sha1): dd:45:34:7c:c0:0e:ad:10:b6:39:b5:dd:ad:de:5f:dd:95:3e:3d:88
Fingerprint (sha256): 1c:e8:4a:da:24:2b:3c:8d:c7:58:69:43:84:aa:6d:9e:e4:7f:91:b5:21:13:13:79:55:2c:2c:89:c4:82:a1:27

Issuing Certificate URL: http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt

Revocation information

OCSP Server: http://ocsp2.globalsign.com/gsdomainvalsha2g3
CRL Distribution Point: http://crl.globalsign.com/gsdomainvalsha2g3.crl

Check the revocation status for the current certificate on www.withgrace.co.nz
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.withgrace.co.nz
withgrace.co.nz

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIE+jCCA+KgAwIBAgIMErtwrHWVXtzTWiX8MA0GCSqGSIb3DQEBCwUAMGAxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwHhcN MTUxMjA4MDYyMDQwWhcNMTYxMjA4MDYyMDQwWjBBMSEwHwYDVQQLExhEb21haW4g Q29udHJvbCBWYWxpZGF0ZWQxHDAaBgNVBAMTE3d3dy53aXRoZ3JhY2UuY28ubnow ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu0v4IvuXxblgLBjcgPYdP 0l1+g8GL0SrnzSECChOyrhV/g+Yi+U13rSzs3FVKSAWYa4zLRzxmfERicaFzJ3C5 JTejFOeElDPGGGG7GdZc9Du+mwQ0r/ryRzK6/h8dRLyzo+0FedzRKo1U0oo8DnIg eQuX3+GimkcScE4JKv4rXgjwG8IbUBhRjdl61EceWaSx2/WcTqxnAQWvmI5t+Y60 CW/6EUTX09RqdlgYmNhgrq34XBt4tUPr0BvZRk4OJN568c3HTJYarZued/JuzURI kswqpPn8er9uVDzUVAMhUfPydP6NXXm63U/86d+pQkjBkEFrzUM0BukirGit18LD AgMBAAGjggHRMIIBzTAOBgNVHQ8BAf8EBAMCBaAwgZIGCCsGAQUFBwEBBIGFMIGC MEUGCCsGAQUFBzAChjlodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2Vy dC9nc2RvbWFpbnZhbHNoYTJnMy5jcnQwOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3Nw Mi5nbG9iYWxzaWduLmNvbS9nc2RvbWFpbnZhbHNoYTJnMzBJBgNVHSAEQjBAMD4G BmeBDAECATA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv bS9yZXBvc2l0b3J5LzAJBgNVHRMEAjAAMEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6 Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzMuY3JsMC8GA1Ud EQQoMCaCE3d3dy53aXRoZ3JhY2UuY28ubnqCD3dpdGhncmFjZS5jby5uejAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFIFR2kZ3WHzYZedw aqPbY8KWHLc7MB8GA1UdIwQYMBaAFD2AgnnFSIKjwxLu35kPVzVIntDLMA0GCSqG SIb3DQEBCwUAA4IBAQBWTzeqUAGMPoYSqSSTHGg+yaFMFst1gqRkL0vVFFB20epO YEwXRYHN5HPm9BPT0X4pCsNl+b9/Kc84y8jPx+Gxhoi8PLAqrxGcAGuiqORRjhXs ZA0qf7/Lx8+tjqIS3/5UVRCH7/AX3wmSr4CwyaF4DYE9ozt2UqCBK8How+MMhr0h sWmpG4vFlQW+9pgeHSG+d9ja8amsmZhXa3vnTL5obBVXSHlKNnl41c996aQ/NcVk 3xvCFjsm4JYyfvahIovrMurNBOkGAirfxth1/s41Te3K/nd+82qK3i+/ugiaSaQf eZC4Sg7grx49DiOhoTPG1ynX2l7GwyV0H9eWuvZU -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtL+CL7l8W5YCwY3ID2H T9JdfoPBi9Eq580hAgoTsq4Vf4PmIvlNd60s7NxVSkgFmGuMy0c8ZnxEYnGhcydw uSU3oxTnhJQzxhhhuxnWXPQ7vpsENK/68kcyuv4fHUS8s6PtBXnc0SqNVNKKPA5y IHkLl9/hoppHEnBOCSr+K14I8BvCG1AYUY3ZetRHHlmksdv1nE6sZwEFr5iObfmO tAlv+hFE19PUanZYGJjYYK6t+FwbeLVD69Ab2UZODiTeevHNx0yWGq2bnnfybs1E SJLMKqT5/Hq/blQ81FQDIVHz8nT+jV15ut1P/OnfqUJIwZBBa81DNAbpIqxordfC wwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5797331391410991547522098684 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Domain Validation CA - SHA256 - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-08 06:20:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-08 06:20:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.withgrace.co.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22069509255334132505692224672030590713004379250321099256243028248635394435490174770948835749944733245452734724015085489735081295767260378910083512235582518395116314762062647500833520791857045332834175170045413925182658358986561994850328260444782234489331759684177877220089118153410877972933550604304824602710465119372279028166467369587821213855642692402274867820362667673862192145764025630706775465337265715237868476503367203551772191174704410107765005056489736377147874491503677123425959899415649930136464969876836879951492890465411825293663090250022511996277869582350354732711625034021416688157563205701312892617411 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsdomainvalsha2g3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsdomainvalsha2g3' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gsdomainvalsha2g3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.withgrace.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'withgrace.co.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8151da4677587cd865e7706aa3db63c2961cb73b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3d808279c54882a3c312eedf990f5735489ed0cb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00564f37aa50018c3e8612a924931c683ec9a14c16cb7582a4642f4bd5145076d1ea4e604c174581cde473e6f413d3d17e290ac365f9bf7f29cf38cbc8cfc7e1b18688bc3cb02aaf119c006ba2a8e4518e15ec640d2a7fbfcbc7cfad8ea212dffe54551087eff017df0992af80b0c9a1780d813da33b7652a0812bc1e8c3e30c86bd21b169a91b8bc59505bef6981e1d21be77d8daf1a9ac9998576b7be74cbe686c155748794a367978d5cf7de9a43f35c564df1bc2163b26e096327ef6a1228beb32eacd04e906022adfc6d875fece354dedcafe777ef36a8ade2fbfba089a49a41f7990b84a0ee0af1e3d0e23a1a133c6d729d7da5ec6c325741fd796baf654