everycar.co.nz
Issued by R3
About this certificate
This digital certificate with serial number 04:1e:26:5c:21:32:ea:15:d6:00:8b:99:b7:16:d9:96:a7:8f was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=everycar.co.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:1e:26:5c:21:32:ea:15:d6:00:8b:99:b7:16:d9:96:a7:8fSerial Number (int): 358708603763173323434264239836922945906575
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: f8:d0:b0:85:24:80:59:d6:65:21:fa:b4:cd:22:05:8b:93:94:cb:b5
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c8:13:96:60:5a:81:3a:90:db:b7:b6:d9:83:cc:a6:d9:6e:a9:50:06
Fingerprint (sha256): 82:36:83:6a:c4:29:d3:75:69:69:92:cc:30:1e:dc:33:c8:8f:a7:6e:f0:d8:89:55:31:ac:11:04:20:fa:2c:fc
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate everycar.co.nz
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for everycar.co.nz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
everycar.co.nz
m.everycar.co.nz
www.everycar.co.nz
m.everycar.co.nz
www.everycar.co.nz
Other certificates including the domain name everycar.co.nz
(limited to 100 certificates)
Certificate
The complete raw certificate details for everycar.co.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDzCCBPegAwIBAgISBB4mXCEy6hXWAIuZtxbZlqePMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDYwOTM1MDJaFw0yNDA3MDUwOTM1MDFaMBkxFzAVBgNVBAMT DmV2ZXJ5Y2FyLmNvLm56MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA y9kc6vD31tfT2HhgZMRBNythCPxeWNsfw39mbS3YSGt7FHalwMubsLFiZfkRFXns RxJy1V8Xh6YGn4sbZiqGz4n9kn9MW8gTyvgx5TX7uocD3+L9t9xRJQ2yjrEoGGCu w1uKoqeZeE17DHpLabdLxOgXdMLYnOqvtJozilC9StXIHGUdX65k8POCEsH5Gip7 runhbuO+Y+dXFWZSpCvEmwgKnISO2J8Em6K4X5tnI+6RmLCyenitzBqY/Ju3DmAy z9bAmEMHEi9ig1hETyYp/JAiSQOXtV0qPBsMvl7qgI6fB2A3QUuKNZWiUsXikkuH psE6IEeAnoXyAHVvamgijNXHxazTm6JaNIjXhjibtahAE45uwfeLodImjFipRY/J GM0Id3BqE72stLOBkAU6xUETG2woJ/PH+sHVYgolRhXfRgNLhtFQcG1uaS+IKOW3 cDb0HAfYJeIDKSZ3nUJ6hMSE6yhc5vxYccuQLKkiFUJBm+k7Y/idNjhTw5RW+OUa BU0bFHtjxj82gQXZ1xQUQRbOMacT6d1ooUi5LBfqPpcAuDASSR4i6imbY6jutmIo XpImmNkdezXhSzjJqGwZ16Ey6h8s6PpTEy7wdCboazb3wxAZIYqvG/iQU4zXQtBo NWuBhZ5Bl+QiKGGWD1ASidJv4ZhItgwAFuElUUUWA3cCAwEAAaOCAjYwggIyMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQU+NCwhSSAWdZlIfq0zSIFi5OUy7UwHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wPwYDVR0RBDgwNoIOZXZlcnljYXIuY28ubnqCEG0u ZXZlcnljYXIuY28ubnqCEnd3dy5ldmVyeWNhci5jby5uejATBgNVHSAEDDAKMAgG BmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3ADtTd3U+LbmAToswWwb+ QDtn2E/D9Me9AA0tcm/h+tQXAAABjrL52cgAAAQDAEgwRgIhAI/IRmVSN8FfTzGE QzE6fLwrhnAF+vvJwX8pgdKnq9quAiEAhVjReCjUn52sxR9RxVE4NyTplRLsoQAi e2SBsfY+4c4AdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY6y +doQAAAEAwBGMEQCIE6VT7YODoqzvuYRFrkPoCHPmquayWX2Ver2xUIJCYv7AiAV Lb9YN37dL60PwIYuuRpv+vilJrwD0uG+X7Z+jPMcbzANBgkqhkiG9w0BAQsFAAOC AQEAG0cX3D2eKF5lJFbt87rTUGrs//bDTGL9ZvrGYK2+x47E+zQmTdMZHP7O3EDx H8XBONMNwzBDkI1a4aGp9JU95WKTD87+Cck1fHXmcW5lWsWYbmaDB1doDj6pGsrN zC0wH3f/ohYzsJW8Cmoa5J/4hh1KkaSXrs4PuUDk9otFF1lt/9NPE6LCYVp8bo8Q neyyycIbPpfx8HOmT7AoZ6svWy5OOIM5qwFLDuciMEdqXyjAIY0/+TtHEqSfISFe /QO1zd7o3he84KaR1Eef1cSuGb3bTbLPdwvBXX1iHO0yWCc7vFT0S/JdYiaz0HmB Q3HlC50ELyH1hX6ZBkAvQLa/JQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAy9kc6vD31tfT2HhgZMRB NythCPxeWNsfw39mbS3YSGt7FHalwMubsLFiZfkRFXnsRxJy1V8Xh6YGn4sbZiqG z4n9kn9MW8gTyvgx5TX7uocD3+L9t9xRJQ2yjrEoGGCuw1uKoqeZeE17DHpLabdL xOgXdMLYnOqvtJozilC9StXIHGUdX65k8POCEsH5Gip7runhbuO+Y+dXFWZSpCvE mwgKnISO2J8Em6K4X5tnI+6RmLCyenitzBqY/Ju3DmAyz9bAmEMHEi9ig1hETyYp /JAiSQOXtV0qPBsMvl7qgI6fB2A3QUuKNZWiUsXikkuHpsE6IEeAnoXyAHVvamgi jNXHxazTm6JaNIjXhjibtahAE45uwfeLodImjFipRY/JGM0Id3BqE72stLOBkAU6 xUETG2woJ/PH+sHVYgolRhXfRgNLhtFQcG1uaS+IKOW3cDb0HAfYJeIDKSZ3nUJ6 hMSE6yhc5vxYccuQLKkiFUJBm+k7Y/idNjhTw5RW+OUaBU0bFHtjxj82gQXZ1xQU QRbOMacT6d1ooUi5LBfqPpcAuDASSR4i6imbY6jutmIoXpImmNkdezXhSzjJqGwZ 16Ey6h8s6PpTEy7wdCboazb3wxAZIYqvG/iQU4zXQtBoNWuBhZ5Bl+QiKGGWD1AS idJv4ZhItgwAFuElUUUWA3cCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 358708603763173323434264239836922945906575 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-06 09:35:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-05 09:35:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'everycar.co.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 831627681741779981184429077835749423567579169892518384878160481638118139461967777174263321220743903613444620126548899473431904613612201072047568179614177227567871154037924727738439803370587824334604667370491839859783989007716180131683143356347832586580223578853591380281282009160268391157944799638300399545302901224338710190895700617179439971191359847545482091289517204616210327901220877763522942426259329435990356095248857602512709712207061077090064678148942995856930262352520530008046229680737511802914806905452449728798719558524466649703133864158167470717177059325612287871343164056941193029331335601011610093193653979074063111662812894192217684838650787929300602544947566436619835810429981518017828025830888623759130556477091689972556930212413389187634803966591767143792570275166640722244516369991496052994134141272043583825065017563087046021550502949752262937844142307567522883875533264208923696828533041230865284966801855447626959704184393673744000722704168199732783361033053999320500433134297647012249722796384814273001688551452436592206474420655174552186756000102175302283086533741588328821259252658024607836582628820438591393298420427898620671114494420275664618358000997215946791634811498084125219850792974532200175290942327 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f8d0b085248059d66521fab4cd22058b9394cbb5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'everycar.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.everycar.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.everycar.co.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018eb2f9d9c800000403004830460221008fc846655237c15f4f318443313a7cbc2b867005fafbc9c17f2981d2a7abdaae0221008558d17828d49f9dacc51f51c551383724e99512eca100227b6481b1f63ee1ce00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018eb2f9da10000004030046304402204e954fb60e0e8ab3bee61116b90fa021cf9aab9ac965f655eaf6c54209098bfb0220152dbf58377edd2fad0fc0862eb91a6ffaf8a526bc03d2e1be5fb67e8cf31c6f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001b4717dc3d9e285e652456edf3bad3506aecfff6c34c62fd66fac660adbec78ec4fb34264dd3191cfecedc40f11fc5c138d30dc33043908d5ae1a1a9f4953de562930fcefe09c9357c75e6716e655ac5986e66830757680e3ea91acacdcc2d301f77ffa21633b095bc0a6a1ae49ff8861d4a91a497aece0fb940e4f68b4517596dffd34f13a2c2615a7c6e8f109decb2c9c21b3e97f1f073a64fb02867ab2f5b2e4e388339ab014b0ee72230476a5f28c0218d3ff93b4712a49f21215efd03b5cddee8de17bce0a691d4479fd5c4ae19bddb4db2cf770bc15d7d621ced3258273bbc54f44bf25d6226b3d079814371e50b9d042f21f5857e9906402f40b6bf25