roseengineering.co.nz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:f6:7f:d2:3e:fd:62:bf:a4:d1:7d:18:0e:19:a8:5a:3f:93 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=roseengineering.co.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:f6:7f:d2:3e:fd:62:bf:a4:d1:7d:18:0e:19:a8:5a:3f:93Serial Number (int): 345216223673221260338161595415685957828499
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: b9:e0:d5:35:e7:00:b3:ed:11:4c:05:25:0b:52:08:f9:90:1d:e0:a4
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 78:fd:49:0d:cf:79:13:8b:65:d3:af:33:f3:bf:da:d5:2c:41:ff:75
Fingerprint (sha256): 53:47:5c:42:47:09:6b:4d:e4:85:92:60:e0:a2:0b:66:3f:ff:00:5f:9b:19:3f:72:dd:b7:58:c7:b4:7d:0c:b2
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate roseengineering.co.nz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for roseengineering.co.nz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
roseengineering.co.nz
www.roseengineering.co.nz
www.roseengineering.co.nz
Other certificates including the domain name roseengineering.co.nz
(limited to 100 certificates)
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
www.roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
www.roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
www.roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
www.roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
roseengineering.co.nz
Certificate
The complete raw certificate details for roseengineering.co.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgISA/Z/0j79Yr+k0X0YDhmoWj+TMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA0MDkwMTM4MTNaFw0x OTA3MDgwMTM4MTNaMCAxHjAcBgNVBAMTFXJvc2VlbmdpbmVlcmluZy5jby5uejCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKKbLyYbfvSbQkTenlZZcewx xPa5Wrj1X2/hE/SA8dH/Kz+lCWEP0i5fDEp/If5u82UG8UoWjAHT/jjHK0FawC+h lrvKnSruNq6CuoVdwMaIXkBXFFXJpCUytvRR8bgyahbWaY61LT+uPobu5BPvb/Xk tmolq3vr2rvIbjGhgkL0qe48EBDMVveZmBdiFI8X52echtyl82aoYpVD+bHwADfD 5+KwPZGM+wZDU+vN8ER+bpCZinLnB7OI684SmrkNmPv0JkH5sTR1I1limcpGygTW uQQ5gShWTHFhQUWH9Gn+KPYo8Fi8NDKkHnGyjMEN7iMc0O44VutFDXPDQzVlxOMC AwEAAaOCAoYwggKCMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUueDVNecAs+0RTAUl C1II+ZAd4KQwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYB BQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2Vu Y3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2Vu Y3J5cHQub3JnLzA7BgNVHREENDAyghVyb3NlZW5naW5lZXJpbmcuY28ubnqCGXd3 dy5yb3NlZW5naW5lZXJpbmcuY28ubnowTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYL KwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlw dC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdwDiaUuuJujpQAnohhu2O4PU Puf+dIj7pI8okwGd3fHb/gAAAWn/9dD2AAAEAwBIMEYCIQDPJpQNBjc+PHMmuxJu +NFOXVMtoqzldRvmvDPDxXy1zgIhAKrGEy8YB2ISabR3HNhnzbceVethuDwcaiif WjCNKGLTAHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFp//XR bgAABAMARzBFAiEA3XMazGltRao13l+y8uHSY//47Ho4u4PZO72WzFZ23aYCIERw rG3++m299R0mI99PRAdnkeZoyLI3k5OpgYVSiOTKMA0GCSqGSIb3DQEBCwUAA4IB AQAr/JZXahHu0DqsqZBGywO+wuAYMN+J/Igjv4tAC1T68W9oDIELAvyKxu6LLF/C 2dw4aHGQ2GgIPLSFGqG6GMA3OGteRCTjPV3USA88YQ1gihcAUExeqTaDu2sJQBkh VU5muB2ot83IYooFGHfXRHfBvQhP1sZuPAWE497fHy/NAnjGBtqpgwFNZ6YpdZ/t noB5bhRgLzwIWcKUes1vHWUrRMjjKPE9V0Uni8Liva6Hp2ilJyWre+VecB6bxTW7 szn0bwBOK8hqrdxHfgLKVB52JbsF98jTQfZPu2YvxHl43xWV8WfuskmdNv2s/yI5 1QbmUL24rsK9YjWNspg+VYVQ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopsvJht+9JtCRN6eVllx 7DHE9rlauPVfb+ET9IDx0f8rP6UJYQ/SLl8MSn8h/m7zZQbxShaMAdP+OMcrQVrA L6GWu8qdKu42roK6hV3AxoheQFcUVcmkJTK29FHxuDJqFtZpjrUtP64+hu7kE+9v 9eS2aiWre+vau8huMaGCQvSp7jwQEMxW95mYF2IUjxfnZ5yG3KXzZqhilUP5sfAA N8Pn4rA9kYz7BkNT683wRH5ukJmKcucHs4jrzhKauQ2Y+/QmQfmxNHUjWWKZykbK BNa5BDmBKFZMcWFBRYf0af4o9ijwWLw0MqQecbKMwQ3uIxzQ7jhW60UNc8NDNWXE 4wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 345216223673221260338161595415685957828499 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-09 01:38:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-08 01:38:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'roseengineering.co.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20527129573398726511183647502259878800134723372574901625794561391714379765983308196439323724547135497980211439836598792030862328470938038932601063706601655723427431436102755504588966464162957445790856541572959328195459006594875775109553990623059012469790727801779851740014339819574030775515806828735235275143037029474792546594935601282263874898403935628294737883036596455958964254029997007256873551477421988502305814650376494370570074085962264285627558467324502518972703470015772617703329508713847654141329029239806977173030578048773166357632012294075473768869442116850644001329384094353835191086020755281609385952483 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b9e0d535e700b3ed114c05250b5208f9901de0a4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roseengineering.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.roseengineering.co.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000169fff5d0f60000040300483046022100cf26940d06373e3c7326bb126ef8d14e5d532da2ace5751be6bc33c3c57cb5ce022100aac6132f1807621269b4771cd867cdb71e55eb61b83c1c6a289f5a308d2862d3007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000169fff5d16e0000040300473045022100dd731acc696d45aa35de5fb2f2e1d263fff8ec7a38bb83d93bbd96cc5676dda602204470ac6dfefa6dbdf51d2623df4f44076791e668c8b2379393a981855288e4ca . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002bfc96576a11eed03aaca99046cb03bec2e01830df89fc8823bf8b400b54faf16f680c810b02fc8ac6ee8b2c5fc2d9dc38687190d868083cb4851aa1ba18c037386b5e4424e33d5dd4480f3c610d608a1700504c5ea93683bb6b09401921554e66b81da8b7cdc8628a051877d74477c1bd084fd6c66e3c0584e3dedf1f2fcd0278c606daa983014d67a629759fed9e80796e14602f3c0859c2947acd6f1d652b44c8e328f13d5745278bc2e2bdae87a768a52725ab7be55e701e9bc535bbb339f46f004e2bc86aaddc477e02ca541e7625bb05f7c8d341f64fbb662fc47978df1595f167eeb2499d36fdacff2239d506e650bdb8aec2bd62358db2983e558550