maristinvercargill.co.nz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:bf:bf:16:50:18:6d:ef:88:72:85:c5:23:c8:f5:9a:48:ac was issued on by Let's Encrypt.
With 88 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=maristinvercargill.co.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:bf:bf:16:50:18:6d:ef:88:72:85:c5:23:c8:f5:9a:48:acSerial Number (int): 326584788279434060795480505517985532364972
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 73:c1:86:3c:5f:88:ce:b4:5f:c6:82:de:03:75:11:3d:67:cb:c0:e3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ea:76:f0:c1:cc:66:f5:d9:e9:8d:75:26:55:10:1c:3e:eb:51:4b:9e
Fingerprint (sha256): 90:28:84:cd:c4:67:67:8f:1a:7f:6e:da:7c:d9:3d:55:2d:d8:6f:34:48:9d:a9:31:43:35:21:06:3d:65:00:7a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate maristinvercargill.co.nz
88
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for maristinvercargill.co.nz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aff.org.nz
aoraki-dragons.co.nz
ardmoremarist.co.nz
arra.org.nz
bayolympic.co.nz
bbafc.org.nz
bopbadminton.co.nz
bowlssouthland.co.nz
brooklyncroquetclub.org
burwoodafc.co.nz
businesshb.nz
canoeslalomnz.org.nz
capitalfootball.org.nz
carltonjuniorsrugby.co.nz
centralfootball.co.nz
centralfootball.org.nz
clevedontennisclub.co.nz
cmydt.co.nz
cornwallcricket.co.nz
druryfootball.co.nz
ecbafc.co.nz
footballsouth.co.nz
foxtongolf.co.nz
gksports.co.nz
glenviewsoccer.co.nz
greenhithefootball.org
hbcc.org.nz
helensvillerugby.co.nz
hockeymanawatu.org.nz
howicknetball.org.nz
karakasportspark.co.nz
katikatifc.co.nz
kbhs.school.nz
mainlandfootball.co.nz
maristinvercargill.co.nz
marlboroughfootball.co.nz
mbnc.co.nz
mrra.co.nz
nelsonbaysfootball.co.nz
newplymouthcroquetclub.co.nz
nff.org.nz
nhrra.co.nz
norths.co.nz
northsrugby.co.nz
nzfootball.co.nz
oratiaunited.co.nz
otahuhusoccer.org.nz
papakuracityfc.org.nz
papakuranetball.org.nz
papamoafootballclub.co.nz
papamoafootballclub.nz
papanuiredwoodafc.co.nz
papatoetoeunited.co.nz
parklandsunited.co.nz
parklandsunitedsportsclub.net.nz
pcbasketballclub.co.nz
phoenixsynchro.co.nz
ravensbourne.co.nz
rivertongolf.co.nz
sasfootball.club
sasfootball.org.nz
schoolground.co.nz
schoolground.nz
slalomnz.org.nz
southlandfootball.org.nz
speedway.co.nz
sportcanterbury.org.nz
sportnorthland.co.nz
sportnorthland.nz
sporttasman.org.nz
sportwaitakere.co.nz
sportwaitakere.nz
sydenhamrugby.co.nz
takapunaafc.co.nz
taradalefootball.org.nz
tcafc.co.nz
teawamutuafc.co.nz
thesalmonrun.nz
unimountafc.org.nz
waibopfootball.co.nz
waihekeunited.org.nz
waihoraclaytarget.co.nz
waitakerecityfc.org.nz
waitakererugby.co.nz
wakefieldfc.nz
westernafc.com
worldseriescricket.co.nz
wssfa.nz
aoraki-dragons.co.nz
ardmoremarist.co.nz
arra.org.nz
bayolympic.co.nz
bbafc.org.nz
bopbadminton.co.nz
bowlssouthland.co.nz
brooklyncroquetclub.org
burwoodafc.co.nz
businesshb.nz
canoeslalomnz.org.nz
capitalfootball.org.nz
carltonjuniorsrugby.co.nz
centralfootball.co.nz
centralfootball.org.nz
clevedontennisclub.co.nz
cmydt.co.nz
cornwallcricket.co.nz
druryfootball.co.nz
ecbafc.co.nz
footballsouth.co.nz
foxtongolf.co.nz
gksports.co.nz
glenviewsoccer.co.nz
greenhithefootball.org
hbcc.org.nz
helensvillerugby.co.nz
hockeymanawatu.org.nz
howicknetball.org.nz
karakasportspark.co.nz
katikatifc.co.nz
kbhs.school.nz
mainlandfootball.co.nz
maristinvercargill.co.nz
marlboroughfootball.co.nz
mbnc.co.nz
mrra.co.nz
nelsonbaysfootball.co.nz
newplymouthcroquetclub.co.nz
nff.org.nz
nhrra.co.nz
norths.co.nz
northsrugby.co.nz
nzfootball.co.nz
oratiaunited.co.nz
otahuhusoccer.org.nz
papakuracityfc.org.nz
papakuranetball.org.nz
papamoafootballclub.co.nz
papamoafootballclub.nz
papanuiredwoodafc.co.nz
papatoetoeunited.co.nz
parklandsunited.co.nz
parklandsunitedsportsclub.net.nz
pcbasketballclub.co.nz
phoenixsynchro.co.nz
ravensbourne.co.nz
rivertongolf.co.nz
sasfootball.club
sasfootball.org.nz
schoolground.co.nz
schoolground.nz
slalomnz.org.nz
southlandfootball.org.nz
speedway.co.nz
sportcanterbury.org.nz
sportnorthland.co.nz
sportnorthland.nz
sporttasman.org.nz
sportwaitakere.co.nz
sportwaitakere.nz
sydenhamrugby.co.nz
takapunaafc.co.nz
taradalefootball.org.nz
tcafc.co.nz
teawamutuafc.co.nz
thesalmonrun.nz
unimountafc.org.nz
waibopfootball.co.nz
waihekeunited.org.nz
waihoraclaytarget.co.nz
waitakerecityfc.org.nz
waitakererugby.co.nz
wakefieldfc.nz
westernafc.com
worldseriescricket.co.nz
wssfa.nz
Other certificates including the domain name maristinvercargill.co.nz
(limited to 100 certificates)
maristinvercargill.co.nz
amdg.org.nz
sporty.co.nz
sporty.co.nz
sporty.co.nz
sporty.co.nz
maristinvercargill.co.nz
squashauckland.org.nz
sporty.co.nz
maristinvercargill.co.nz
sporty.co.nz
www.akaranacityrifleclub.co.nz
maristinvercargill.co.nz
sporty.co.nz
www.cyclingsc.co.nz
sporty.co.nz
maristinvercargill.co.nz
maristinvercargill.co.nz
maristinvercargill.co.nz
www.pukekohesoftball.co.nz
sporty.co.nz
www.eden.rugby
amdg.org.nz
maristinvercargill.co.nz
www.mooloocommunityrugby.co.nz
www.christchurchmetrocricket.co.nz
www.crossrecreationcentre.co.nz
www.christchurchmetrocricket.org
www.marlinsnetball.co.nz
www.sportsground.com
sporty.co.nz
sporty.co.nz
www.pauanuilifeguards.org.nz
trfu.co.nz
amdg.org.nz
sporty.co.nz
sporty.co.nz
sporty.co.nz
sporty.co.nz
maristinvercargill.co.nz
squashauckland.org.nz
sporty.co.nz
maristinvercargill.co.nz
sporty.co.nz
www.akaranacityrifleclub.co.nz
maristinvercargill.co.nz
sporty.co.nz
www.cyclingsc.co.nz
sporty.co.nz
maristinvercargill.co.nz
maristinvercargill.co.nz
maristinvercargill.co.nz
www.pukekohesoftball.co.nz
sporty.co.nz
www.eden.rugby
amdg.org.nz
maristinvercargill.co.nz
www.mooloocommunityrugby.co.nz
www.christchurchmetrocricket.co.nz
www.crossrecreationcentre.co.nz
www.christchurchmetrocricket.org
www.marlinsnetball.co.nz
www.sportsground.com
sporty.co.nz
sporty.co.nz
www.pauanuilifeguards.org.nz
trfu.co.nz
Certificate
The complete raw certificate details for maristinvercargill.co.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIMXTCCC0WgAwIBAgISA7+/FlAYbe+IcoXFI8j1mkisMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMTkwOTEwMTFaFw0y MDAyMTcwOTEwMTFaMCMxITAfBgNVBAMTGG1hcmlzdGludmVyY2FyZ2lsbC5jby5u ejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdJCNGnAjdO6s6FgY0m DJC0kWMGZq/HX2sXUfHlcD8pT9gSz9F5B6T+AOxz2McK5dOrqZgVhw9WTqbEOT52 K0SKzqgSa6kF8+2yokTHTJqzOp3mOSiIAsOnUZartI4Ni4Qv2xCnZWhD9tc/Cu84 dONghmkIaF8C70JqeQ7IH5lA343/gNbrW67AuKPhRunYxueOiAmEjgn2lc/SG0N6 w+xcCeNygtFFZzcrUAZv2qbotIkHGqef/Ios2LL626naVX4UMJvuIZA5ttBkDbtC 7LwXyX9IIiJBgojENXWaY7Renpq8BTop0KebsrlsgXZczU7N4lBTaUFBiJJ0YnPs dq8CAwEAAaOCCWIwggleMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUc8GGPF+IzrRf xoLeA3URPWfLwOMwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYI KwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0 c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0 c2VuY3J5cHQub3JnLzCCBxYGA1UdEQSCBw0wggcJggphZmYub3JnLm56ghRhb3Jh a2ktZHJhZ29ucy5jby5ueoITYXJkbW9yZW1hcmlzdC5jby5ueoILYXJyYS5vcmcu bnqCEGJheW9seW1waWMuY28ubnqCDGJiYWZjLm9yZy5ueoISYm9wYmFkbWludG9u LmNvLm56ghRib3dsc3NvdXRobGFuZC5jby5ueoIXYnJvb2tseW5jcm9xdWV0Y2x1 Yi5vcmeCEGJ1cndvb2RhZmMuY28ubnqCDWJ1c2luZXNzaGIubnqCFGNhbm9lc2xh bG9tbnoub3JnLm56ghZjYXBpdGFsZm9vdGJhbGwub3JnLm56ghljYXJsdG9uanVu aW9yc3J1Z2J5LmNvLm56ghVjZW50cmFsZm9vdGJhbGwuY28ubnqCFmNlbnRyYWxm b290YmFsbC5vcmcubnqCGGNsZXZlZG9udGVubmlzY2x1Yi5jby5ueoILY215ZHQu Y28ubnqCFWNvcm53YWxsY3JpY2tldC5jby5ueoITZHJ1cnlmb290YmFsbC5jby5u eoIMZWNiYWZjLmNvLm56ghNmb290YmFsbHNvdXRoLmNvLm56ghBmb3h0b25nb2xm LmNvLm56gg5na3Nwb3J0cy5jby5ueoIUZ2xlbnZpZXdzb2NjZXIuY28ubnqCFmdy ZWVuaGl0aGVmb290YmFsbC5vcmeCC2hiY2Mub3JnLm56ghZoZWxlbnN2aWxsZXJ1 Z2J5LmNvLm56ghVob2NrZXltYW5hd2F0dS5vcmcubnqCFGhvd2lja25ldGJhbGwu b3JnLm56ghZrYXJha2FzcG9ydHNwYXJrLmNvLm56ghBrYXRpa2F0aWZjLmNvLm56 gg5rYmhzLnNjaG9vbC5ueoIWbWFpbmxhbmRmb290YmFsbC5jby5ueoIYbWFyaXN0 aW52ZXJjYXJnaWxsLmNvLm56ghltYXJsYm9yb3VnaGZvb3RiYWxsLmNvLm56ggpt Ym5jLmNvLm56ggptcnJhLmNvLm56ghhuZWxzb25iYXlzZm9vdGJhbGwuY28ubnqC HG5ld3BseW1vdXRoY3JvcXVldGNsdWIuY28ubnqCCm5mZi5vcmcubnqCC25ocnJh LmNvLm56ggxub3J0aHMuY28ubnqCEW5vcnRoc3J1Z2J5LmNvLm56ghBuemZvb3Ri YWxsLmNvLm56ghJvcmF0aWF1bml0ZWQuY28ubnqCFG90YWh1aHVzb2NjZXIub3Jn Lm56ghVwYXBha3VyYWNpdHlmYy5vcmcubnqCFnBhcGFrdXJhbmV0YmFsbC5vcmcu bnqCGXBhcGFtb2Fmb290YmFsbGNsdWIuY28ubnqCFnBhcGFtb2Fmb290YmFsbGNs dWIubnqCF3BhcGFudWlyZWR3b29kYWZjLmNvLm56ghZwYXBhdG9ldG9ldW5pdGVk LmNvLm56ghVwYXJrbGFuZHN1bml0ZWQuY28ubnqCIHBhcmtsYW5kc3VuaXRlZHNw b3J0c2NsdWIubmV0Lm56ghZwY2Jhc2tldGJhbGxjbHViLmNvLm56ghRwaG9lbml4 c3luY2hyby5jby5ueoIScmF2ZW5zYm91cm5lLmNvLm56ghJyaXZlcnRvbmdvbGYu Y28ubnqCEHNhc2Zvb3RiYWxsLmNsdWKCEnNhc2Zvb3RiYWxsLm9yZy5ueoISc2No b29sZ3JvdW5kLmNvLm56gg9zY2hvb2xncm91bmQubnqCD3NsYWxvbW56Lm9yZy5u eoIYc291dGhsYW5kZm9vdGJhbGwub3JnLm56gg5zcGVlZHdheS5jby5ueoIWc3Bv cnRjYW50ZXJidXJ5Lm9yZy5ueoIUc3BvcnRub3J0aGxhbmQuY28ubnqCEXNwb3J0 bm9ydGhsYW5kLm56ghJzcG9ydHRhc21hbi5vcmcubnqCFHNwb3J0d2FpdGFrZXJl LmNvLm56ghFzcG9ydHdhaXRha2VyZS5ueoITc3lkZW5oYW1ydWdieS5jby5ueoIR dGFrYXB1bmFhZmMuY28ubnqCF3RhcmFkYWxlZm9vdGJhbGwub3JnLm56ggt0Y2Fm Yy5jby5ueoISdGVhd2FtdXR1YWZjLmNvLm56gg90aGVzYWxtb25ydW4ubnqCEnVu aW1vdW50YWZjLm9yZy5ueoIUd2FpYm9wZm9vdGJhbGwuY28ubnqCFHdhaWhla2V1 bml0ZWQub3JnLm56ghd3YWlob3JhY2xheXRhcmdldC5jby5ueoIWd2FpdGFrZXJl Y2l0eWZjLm9yZy5ueoIUd2FpdGFrZXJlcnVnYnkuY28ubnqCDndha2VmaWVsZGZj Lm56gg53ZXN0ZXJuYWZjLmNvbYIYd29ybGRzZXJpZXNjcmlja2V0LmNvLm56ggh3 c3NmYS5uejBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYG CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB 1nkCBAIEgfUEgfIA8AB1ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3vi5Be AAABboMkHlYAAAQDAEYwRAIgFNmwjGwfx5rgcqwaEiltXtATM5QSY1aSmCDF7IEv WjwCICt6PT5xwABJA/ySCp0sMxHeRCE6uIVezcQhPMVfzADgAHcAb1N2rDHwMRnY mQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFugyQegAAABAMASDBGAiEAwQeRpNAp OkMcvp03wWlArwl8/PbeZy2ab8q+WqpnJFACIQCJMfORRc4qkLPX7w1KiiY0Jjs5 TwtHq3m8s2vp50RKGDANBgkqhkiG9w0BAQsFAAOCAQEAROKxhTnz+1kAnUQ4boIn DcKklIykAh7lTOVc1hxfgIT3H5QClMW17xLnjGwdecAl6Jykr35D5pvnFPCJvO9J LM8D2dF2XgijFIz3GZN81xcBiI2a6PRW0u/mwexBn6vYaEJxGqXBmTS/2DYNFCld ESMkQDYfNaclq+JC6T7mkiRKtHtOvhxP3b4g1DEiklbk3z57q2Si84f5LiuUhM6z atm0LX0Nq8x5mM4ID80QHNLNoTxTtdEHNLiqLycbrtlB06/4HDpSFxbZYIXHYG61 E6qF1WjQj4Eg/yPfPuTHU7C1pT/tA1uHn5awC1fxol2rmQmi+1PkvXD4mhGE82IG mQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0kI0acCN07qzoWBjSYM kLSRYwZmr8dfaxdR8eVwPylP2BLP0XkHpP4A7HPYxwrl06upmBWHD1ZOpsQ5PnYr RIrOqBJrqQXz7bKiRMdMmrM6neY5KIgCw6dRlqu0jg2LhC/bEKdlaEP21z8K7zh0 42CGaQhoXwLvQmp5DsgfmUDfjf+A1utbrsC4o+FG6djG546ICYSOCfaVz9IbQ3rD 7FwJ43KC0UVnNytQBm/apui0iQcap5/8iizYsvrbqdpVfhQwm+4hkDm20GQNu0Ls vBfJf0giIkGCiMQ1dZpjtF6emrwFOinQp5uyuWyBdlzNTs3iUFNpQUGIknRic+x2 rwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 326584788279434060795480505517985532364972 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-19 09:10:11 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-17 09:10:11 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'maristinvercargill.co.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21117811558437715860426626975012090270956258076105473288488046377558500782433658796919127597810951689970768292129300679272546756354729975038007994148045557413145517009806660139096767850223853766301955458923787128987411625606821862131298130681357915151007425955620832786244368209302233782376396852320678002578073398866529906070220828919152609267488950992099288234521113159512909142326326694507457030101719057832908859923287295305512266322319107364458633341160991302356397942446590636706106905644854229538848111515610725186460072719953780953430049966357566649965699467016860363848502737926428910301994672435095361320623 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 73c1863c5f88ceb45fc682de0375113d67cbc0e3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1805 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aff.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aoraki-dragons.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ardmoremarist.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arra.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bayolympic.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bbafc.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bopbadminton.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bowlssouthland.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brooklyncroquetclub.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'burwoodafc.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'businesshb.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canoeslalomnz.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'capitalfootball.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carltonjuniorsrugby.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'centralfootball.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'centralfootball.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clevedontennisclub.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmydt.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cornwallcricket.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'druryfootball.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ecbafc.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'footballsouth.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'foxtongolf.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gksports.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'glenviewsoccer.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greenhithefootball.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hbcc.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'helensvillerugby.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hockeymanawatu.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'howicknetball.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'karakasportspark.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'katikatifc.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kbhs.school.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mainlandfootball.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maristinvercargill.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marlboroughfootball.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mbnc.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mrra.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nelsonbaysfootball.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'newplymouthcroquetclub.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nff.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nhrra.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'norths.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'northsrugby.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nzfootball.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oratiaunited.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'otahuhusoccer.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'papakuracityfc.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'papakuranetball.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'papamoafootballclub.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'papamoafootballclub.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'papanuiredwoodafc.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'papatoetoeunited.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parklandsunited.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parklandsunitedsportsclub.net.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pcbasketballclub.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'phoenixsynchro.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ravensbourne.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rivertongolf.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sasfootball.club' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sasfootball.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'schoolground.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'schoolground.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'slalomnz.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'southlandfootball.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'speedway.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sportcanterbury.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sportnorthland.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sportnorthland.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sporttasman.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sportwaitakere.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sportwaitakere.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sydenhamrugby.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'takapunaafc.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'taradalefootball.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tcafc.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'teawamutuafc.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thesalmonrun.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'unimountafc.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waibopfootball.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waihekeunited.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waihoraclaytarget.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waitakerecityfc.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waitakererugby.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wakefieldfc.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'westernafc.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldseriescricket.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wssfa.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016e83241e560000040300463044022014d9b08c6c1fc79ae072ac1a12296d5ed0133394126356929820c5ec812f5a3c02202b7a3d3e71c0004903fc920a9d2c3311de44213ab8855ecdc4213cc55fcc00e00077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016e83241e800000040300483046022100c10791a4d0293a431cbe9d37c16940af097cfcf6de672d9a6fcabe5aaa6724500221008931f39145ce2a90b3d7ef0d4a8a2634263b394f0b47ab79bcb36be9e7444a18 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0044e2b18539f3fb59009d44386e82270dc2a4948ca4021ee54ce55cd61c5f8084f71f940294c5b5ef12e78c6c1d79c025e89ca4af7e43e69be714f089bcef492ccf03d9d1765e08a3148cf719937cd71701888d9ae8f456d2efe6c1ec419fabd86842711aa5c19934bfd8360d14295d11232440361f35a725abe242e93ee692244ab47b4ebe1c4fddbe20d431229256e4df3e7bab64a2f387f92e2b9484ceb36ad9b42d7d0dabcc7998ce080fcd101cd2cda13c53b5d10734b8aa2f271baed941d3aff81c3a521716d96085c7606eb513aa85d568d08f8120ff23df3ee4c753b0b5a53fed035b879f96b00b57f1a25dab9909a2fb53e4bd70f89a1184f3620699