speechnz.co.nz
Issued by R3
About this certificate
This digital certificate with serial number 03:5d:6c:3c:36:29:49:4a:7a:e0:0e:4a:67:84:d8:9c:e4:0f was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=speechnz.co.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:5d:6c:3c:36:29:49:4a:7a:e0:0e:4a:67:84:d8:9c:e4:0fSerial Number (int): 293126987178805455752661321729997899883535
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 1f:24:7b:c4:41:37:ee:c0:03:f6:81:ad:eb:30:65:45:c7:5d:6d:b3
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 24:04:00:78:00:66:bd:0f:4c:b2:40:2b:46:54:d7:08:79:3c:0f:da
Fingerprint (sha256): 71:9f:47:2b:25:64:8f:2c:f3:16:ba:71:ca:27:4f:5a:21:fc:cc:8c:67:dc:eb:cf:a9:4e:e9:59:90:d6:53:f7
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate speechnz.co.nz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for speechnz.co.nz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
speechnz.co.nz
www.speechnz.co.nz
www.speechnz.co.nz
Other certificates including the domain name speechnz.co.nz
(limited to 100 certificates)
online.speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
online.speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
speechnz.co.nz
online.speechnz.co.nz
Certificate
The complete raw certificate details for speechnz.co.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISA11sPDYpSUp64A5KZ4TYnOQPMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMTYyMzEwNThaFw0yNDA2MTQyMzEwNTdaMBkxFzAVBgNVBAMT DnNwZWVjaG56LmNvLm56MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 3tU8iDRvyJzyG04zNj99IC0ESDSMQQWhtPFqIhfF/bZcNVSstHieymEQriND0dgc j0pUX7gYZPAqEkyo0wiIkzed7IsPG84qc9O14xloaG4HYgJo8+zau90gckroaEmN Zylo/NvoD6b1/jQg7NwdlaBFixV5RfZEjAc/h1jycDePHwGGLNOVQbpWq05sHmlA hG6E86ko/j+SPPCQWGjj5/8fZ8OGv5Wp3w4zEZhQ8a5Of/MlvsXT+Jm1OE8H2P+d 5QjDlJ7ojilRYB6S74SEjS5F0zGXvSe1dF3Ti2AcGM0H1qFzU6JeJ9LfyAjQltxV ui/zKbL+7SGj2SU5fXhDIQIDAQABo4ICJDCCAiAwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBQfJHvEQTfuwAP2ga3rMGVFx11tszAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzAtBgNVHREEJjAkgg5zcGVlY2huei5jby5ueoISd3d3LnNwZWVjaG56LmNvLm56 MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYA O1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGOSb9PMwAABAMARzBF AiAv34uiF/S5LaiuWYV/HnS2Ma0oDKifzgR06mfI/l3bngIhAPMwznAM6orByhG7 KkeuuJl0Dl0RLw1wL1cIzXbpdDjWAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGOSb9PPwAABAMARzBFAiEAgm1je1QcKtPgkCQjecmHszBTRn4Q 2Zg5uWgsFg5dNrwCIGdMThHeONQTAt44fItVgAxf5Ink9RK9oQZKClgH9wlwMA0G CSqGSIb3DQEBCwUAA4IBAQBvMU9kMzL2Jqa3MdRGZ+MdesH0Tp3ZrE5r0rnVy6BY fTtK3DEmF9vmfyT88ibYEPv1KlXCFVdjICZzivCt/ZZwPUrmm3MpMfTL01uaM/F0 VXb1v1Kw9u785bu5PcRUJzj0E1kuFXOFR5KmbUYP0dBqHDo1ovgTTXCjLFdWwOYk LHOLcaQpSQF9eCVbOQMd5ezS9BkqZFnhTSjL116SJVDkfcG5/8P5AvTyvbbmUcZe S/FpISL/F0dD/xAmXNLttB9LRMqVmTmREDkpS6kuqVcocOxYo36wmitWLa3nyphL tTmIGrPGPcpDLky2db7PtVUvQvb0PQXWVc5PCnkZnGxq -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tU8iDRvyJzyG04zNj99 IC0ESDSMQQWhtPFqIhfF/bZcNVSstHieymEQriND0dgcj0pUX7gYZPAqEkyo0wiI kzed7IsPG84qc9O14xloaG4HYgJo8+zau90gckroaEmNZylo/NvoD6b1/jQg7Nwd laBFixV5RfZEjAc/h1jycDePHwGGLNOVQbpWq05sHmlAhG6E86ko/j+SPPCQWGjj 5/8fZ8OGv5Wp3w4zEZhQ8a5Of/MlvsXT+Jm1OE8H2P+d5QjDlJ7ojilRYB6S74SE jS5F0zGXvSe1dF3Ti2AcGM0H1qFzU6JeJ9LfyAjQltxVui/zKbL+7SGj2SU5fXhD IQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 293126987178805455752661321729997899883535 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-16 23:10:58 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-14 23:10:57 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'speechnz.co.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28130054516622004128376251641289263067137636156852730461238846843072626720405483028343361350068458345519416082832719577838180726040081363780299200728379872525080212349135213747083625532470856359317883412698129575854203353936973597530740910980232104668571649379058780494978651367453411977130915925886141582535110665004166580071237427485060508199102704194892540506722636275121507651741697027234042246932605820825828203773868258139823876716649191537628438312348046732653480347190762654310843731571745801638134113284523696525994276910261399053730728962857072069657120838477032295856806978067980280405568047844844428084001 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1f247bc44137eec003f681adeb306545c75d6db3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'speechnz.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.speechnz.co.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e49bf4f33000004030047304502202fdf8ba217f4b92da8ae59857f1e74b631ad280ca89fce0474ea67c8fe5ddb9e022100f330ce700cea8ac1ca11bb2a47aeb899740e5d112f0d702f5708cd76e97438d6007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018e49bf4f3f0000040300473045022100826d637b541c2ad3e090242379c987b33053467e10d99839b9682c160e5d36bc0220674c4e11de38d41302de387c8b55800c5fe489e4f512bda1064a0a5807f70970 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006f314f643332f626a6b731d44667e31d7ac1f44e9dd9ac4e6bd2b9d5cba0587d3b4adc312617dbe67f24fcf226d810fbf52a55c21557632026738af0adfd96703d4ae69b732931f4cbd35b9a33f1745576f5bf52b0f6eefce5bbb93dc4542738f413592e1573854792a66d460fd1d06a1c3a35a2f8134d70a32c5756c0e6242c738b71a42949017d78255b39031de5ecd2f4192a6459e14d28cbd75e922550e47dc1b9ffc3f902f4f2bdb6e651c65e4bf1692122ff174743ff10265cd2edb41f4b44ca959939911039294ba92ea9572870ec58a37eb09a2b562dade7ca984bb539881ab3c63dca432e4cb675becfb5552f42f6f43d05d655ce4f0a79199c6c6a