www.pastamadero.co.nz

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:99:4c:ac:e0:f8:f6:61:74:47:85:14:e9:54:44:3e:09:31 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.pastamadero.co.nz

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:99:4c:ac:e0:f8:f6:61:74:47:85:14:e9:54:44:3e:09:31
Serial Number (int): 400614264831668479741930814110627480340785
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: dc:98:28:00:2d:e0:c9:70:df:6d:81:cf:53:d3:d5:06:c9:8f:89:9f
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 03:4d:11:cf:76:e7:5e:52:1f:51:56:1e:06:80:dc:14:67:e4:45:b4
Fingerprint (sha256): 4f:04:8c:db:47:0f:e6:73:28:54:c3:ff:10:a4:6a:bf:fb:ae:b7:15:f0:f4:04:79:b9:74:47:43:cb:99:76:ec

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.pastamadero.co.nz

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.pastamadero.co.nz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

pastamadero.co.nz
www.pastamadero.co.nz

Other certificates including the domain name pastamadero.co.nz

(limited to 100 certificates)
pastamadero.co.nz
www.pastamadero.co.nz
www.pastamadero.co.nz
www.pastamadero.co.nz
www.pastamadero.co.nz
www.pastamadero.co.nz
www.pastamadero.co.nz
www.pastamadero.co.nz
www.pastamadero.co.nz
www.pastamadero.co.nz

Certificate

The complete raw certificate details for www.pastamadero.co.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgISBJlMrOD49mF0R4UU6VREPgkxMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA3MjkyMzU1NDlaFw0x
ODEwMjcyMzU1NDlaMCAxHjAcBgNVBAMTFXd3dy5wYXN0YW1hZGVyby5jby5uejCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ/cEOQWJweoSKD1lAVHCWlk
KEqzK1ijd0J5KvulPctgd38hpI6g8YA/Ea3p3uFMwe1lUeAgpFrdRdsyZZUZvKHF
IoXlz++eQun3fABEshJU+CSPvjGCa1cwMWDBiFLktqc5+/zoZQQrOCNmHmYQag0Z
JGQR7Q/mflaGpBzfAoNIdk8NckDSkTB65+L+v+SgNSCjEhW5Z65wIm+Omi6B3Kst
LKurzqKvY9b9xg7EU8qeSuMYyKPgVx2+FSmgePioY1HzFU8/16Q0LHUvRaiOzGzP
kV3YOaOUcsaMxVSXq3kBtAyFy5bdNqTH+D+T4fsE4kC6NQbG6D3VGtvysXwuno8C
AwEAAaOCAy4wggMqMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU3JgoAC3gyXDfbYHP
U9PVBsmPiZ8wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYB
BQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2Vu
Y3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2Vu
Y3J5cHQub3JnLzAzBgNVHREELDAqghFwYXN0YW1hZGVyby5jby5ueoIVd3d3LnBh
c3RhbWFkZXJvLmNvLm56MIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEE
AYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5v
cmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBi
ZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNj
b3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0
cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wggECBgorBgEEAdZ5AgQC
BIHzBIHwAO4AdQDBFkrgp3LS1DktyArBB3DU8MSb3pkaSEDB+gdRZPYzYAAAAWTo
ryT5AAAEAwBGMEQCICiLCOeV2cViIX+u8T9E25a+hOflVRXdkSsPMQIFTab9AiAi
KdpIf5UDvYIhWL1SlrRfkceyQtr7AChzLS1hVOGzzwB1ACk8UZZUyDlluqpQ/FgH
1Ldvv1h6KXLcpMMM9OVFR/R4AAABZOivJO8AAAQDAEYwRAIgYfQ6WF8Ib8GQRv12
/3JhO8ZXsnKkFT+S/xEcPHTtYk4CIBdaXp0+6GXz6Q7DtxgS4iRsFfvqL6uCPVRR
NEDnnfDzMA0GCSqGSIb3DQEBCwUAA4IBAQCMeAuVbNJkdQ5Oalbl2jzUSgkUQzsU
OZT+otdxpJVz5ZMhTkQvWJDf56XrXgP7MgqJJWtjV1WtVHDltY0Jik7KoySNmqzJ
6tpmXRpbcUnQ1fGkKY6aZLAHeg7DYYJB1AIOAiN5NNFYOkdoXyKbZOL+fiW/UhzQ
wtzPGxm88aJ59YYn+hX7tkQRZ3ueycZnoWbQQ976NRCXi0V1qPifEmiCEuKoD0ov
UkArNjWJV2eMuulJBC9IS8fzunkgIxkXuzv6GKaglYtvfhDXSueoi3rlkwoO5CPl
eWmyWmWwE4m7/taUxsQ7c5AhJ8I1iac2QqkFJjWfn0OwWJanJgrwHT4r
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9wQ5BYnB6hIoPWUBUcJ
aWQoSrMrWKN3Qnkq+6U9y2B3fyGkjqDxgD8Rrene4UzB7WVR4CCkWt1F2zJllRm8
ocUiheXP755C6fd8AESyElT4JI++MYJrVzAxYMGIUuS2pzn7/OhlBCs4I2YeZhBq
DRkkZBHtD+Z+VoakHN8Cg0h2Tw1yQNKRMHrn4v6/5KA1IKMSFblnrnAib46aLoHc
qy0sq6vOoq9j1v3GDsRTyp5K4xjIo+BXHb4VKaB4+KhjUfMVTz/XpDQsdS9FqI7M
bM+RXdg5o5RyxozFVJereQG0DIXLlt02pMf4P5Ph+wTiQLo1BsboPdUa2/KxfC6e
jwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 400614264831668479741930814110627480340785
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-29 23:55:49 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-27 23:55:49 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.pastamadero.co.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20180409069044075272126483011997218034178736507396470026787051573619106921762862416355667055916766535990044536408605597174942417881390159349754163799730303242916047001708554524325556260431747467389433593005861330386299784404467002884794607615838325772139178977060415391244102427961041812238026734822351166249880591638998616631878057527209408144649029011995375194289338382841088507697492989993822926900604236103859924094467803414729280378995769043878511650659283275690374636809948678225912850432408930937063718549937674954941133273040175237278608524014412804398602568705218675523914990070908635456570417791790511726223
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dc9828002de0c970df6d81cf53d3d506c98f899f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pastamadero.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pastamadero.co.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500c1164ae0a772d2d4392dc80ac10770d4f0c49bde991a4840c1fa075164f6336000000164e8af24f900000403004630440220288b08e795d9c562217faef13f44db96be84e7e55515dd912b0f3102054da6fd02202229da487f9503bd822158bd5296b45f91c7b242dafb0028732d2d6154e1b3cf007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000164e8af24ef0000040300463044022061f43a585f086fc19046fd76ff72613bc657b272a4153f92ff111c3c74ed624e0220175a5e9d3ee865f3e90ec3b71812e2246c15fbea2fab823d54513440e79df0f3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008c780b956cd264750e4e6a56e5da3cd44a0914433b143994fea2d771a49573e593214e442f5890dfe7a5eb5e03fb320a89256b635755ad5470e5b58d098a4ecaa3248d9aacc9eada665d1a5b7149d0d5f1a4298e9a64b0077a0ec3618241d4020e02237934d1583a47685f229b64e2fe7e25bf521cd0c2dccf1b19bcf1a279f58627fa15fbb64411677b9ec9c667a166d043defa3510978b4575a8f89f12688212e2a80f4a2f52402b36358957678cbae949042f484bc7f3ba7920231917bb3bfa18a6a0958b6f7e10d74ae7a88b7ae5930a0ee423e57969b25a65b01389bbfed694c6c43b73902127c23589a73642a90526359f9f43b05896a7260af01d3e2b