fabians.org.nz
Issued by R3
About this certificate
This digital certificate with serial number 04:4b:85:d8:57:d6:bf:98:5c:1a:b4:7f:13:a4:5f:23:85:ba was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=fabians.org.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:4b:85:d8:57:d6:bf:98:5c:1a:b4:7f:13:a4:5f:23:85:baSerial Number (int): 374148231887255966804411353859697286546874
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: e7:12:a1:95:b1:95:eb:92:d5:c3:6b:32:7b:5e:28:e9:21:78:85:9e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 25:59:f9:a0:d1:9e:8d:0c:d0:a6:5d:fe:67:e0:00:67:20:86:1b:61
Fingerprint (sha256): 93:08:ed:41:b7:e4:f4:52:b3:c6:4a:34:74:dc:b4:77:6b:30:48:b7:cb:4b:b9:48:5c:57:48:a4:26:24:49:e0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate fabians.org.nz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for fabians.org.nz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
fabians.org.nz
www.fabians.org.nz
www.fabians.org.nz
Other certificates including the domain name fabians.org.nz
(limited to 100 certificates)
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
fabians.org.nz
Certificate
The complete raw certificate details for fabians.org.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgISBEuF2FfWv5hcGrR/E6RfI4W6MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjgxMzU5NTVaFw0yNDAzMjcxMzU5NTRaMBkxFzAVBgNVBAMT DmZhYmlhbnMub3JnLm56MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA tI/LeZ89e3nkUPAi1Vl0tz8D353uobzYNQ3rXwjRw2JJnupBRzukmbgW/1HWiXRr l5eAcup9SOoF5FjrdPfc3hh8kkRMqMWtuUsESyDrpWzEm4za3dGli4WgAj/DCTp9 v46SfA84WAQEzoW6Np0NrSZfyjjCoLTKB/vxVv95dLqgWDreTDzAGmADpR+nGqpo E9LNlgR5ZQTqIIzhx886pE+aoXbDrNld0Vg3/X8xAB11PDHMuWTC7sIa8Pt6Enzx nL99u4t28yyh5P5lN9TJprrqzyP6E4Ize2GRKLmA8MZ2QSsThunym4WhJAKOoUqx Q5XOPjSRqgXxl0aezJ3CIY7BD0xHilXvYgaDNcMdiebTLCMcUqRAAd/HjdGpTIWZ 6n7SVHENcSW/NIXq5am1TAMgLZagC5ESj0zPSsQSiMEBok62XhznEeJK5TUpEnhC aNrGr37f0mgh/A64GDyUHuHFseuSVNbSpVbBjm411KzFkGVMHQL47PT3X+bQa5Lf J5M6598vujq3K3IFvsq2aeQrR5vZRtIeXQPInDrA1BsqZ1BiMkzzXQsk8DPf/+Ms FFqDQdvE38N0QLpYlAbrVcpq/i0XmRtAMyRNNSk2SsLnq/ueEjOP+IVYzBFUSaVP vkijzZgQ8+IiHmNEQPfPToIKKSdZrrRZiaU6oK1+5GUCAwEAAaOCAiIwggIeMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQU5xKhlbGV65LVw2sye14o6SF4hZ4wHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIOZmFiaWFucy5vcmcubnqCEnd3 dy5mYWJpYW5zLm9yZy5uejATBgNVHSAEDDAKMAgGBmeBDAECATCCAQIGCisGAQQB 1nkCBAIEgfMEgfAA7gB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQX AAABjLDwaxIAAAQDAEYwRAIgYhYixC9v7PilSyiFpEv7mRi+l2+rTA+lV+AsMHMZ f9gCIG2byXAsKS8eyj2suCNGkCDAV7zSWvDxGE2KPZDKdmL8AHUAdv+IPwq2+5VR wmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGMsPBtYwAABAMARjBEAiBj1AepCWwS EHE2cY0mzaKH44Q3RzJmKBGWSbzuvqWtbgIgYtj39l9wPGFuBqfVJPdXnUVpkVKt X+iSVlmKskqFxhwwDQYJKoZIhvcNAQELBQADggEBACOclNv3zklEB9Df4X31DgYA 9Rm6InwZsdMPCUff7Pg+vjkrP87s8rqvEEC7KUIIH9P5LKcR4PPcKGXUPQ223Fuw 5+vPVtqkfdC8QQBmFqP6F7rn2RZpUWRULhXKkTMDjkBVLRIOdNh7vxAE5hTtcenA 9Lova5DLHI+17hpj735fBC20khBT/edUit3wwl9lY1V0IgXIqe2ph5orrjimfRGQ LA2T68ftL4uTtoFaz7QdOtsPsk2K9u+62BoC8c4L8sWLNbWhAriMIYPWP2Ei6eI0 jhRJEnIG8q7zWms+FfVJuDHEPCQ0A1y3iRLmhtDDZnKD2EHDL/88zfo/AxtSuYk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtI/LeZ89e3nkUPAi1Vl0 tz8D353uobzYNQ3rXwjRw2JJnupBRzukmbgW/1HWiXRrl5eAcup9SOoF5FjrdPfc 3hh8kkRMqMWtuUsESyDrpWzEm4za3dGli4WgAj/DCTp9v46SfA84WAQEzoW6Np0N rSZfyjjCoLTKB/vxVv95dLqgWDreTDzAGmADpR+nGqpoE9LNlgR5ZQTqIIzhx886 pE+aoXbDrNld0Vg3/X8xAB11PDHMuWTC7sIa8Pt6EnzxnL99u4t28yyh5P5lN9TJ prrqzyP6E4Ize2GRKLmA8MZ2QSsThunym4WhJAKOoUqxQ5XOPjSRqgXxl0aezJ3C IY7BD0xHilXvYgaDNcMdiebTLCMcUqRAAd/HjdGpTIWZ6n7SVHENcSW/NIXq5am1 TAMgLZagC5ESj0zPSsQSiMEBok62XhznEeJK5TUpEnhCaNrGr37f0mgh/A64GDyU HuHFseuSVNbSpVbBjm411KzFkGVMHQL47PT3X+bQa5LfJ5M6598vujq3K3IFvsq2 aeQrR5vZRtIeXQPInDrA1BsqZ1BiMkzzXQsk8DPf/+MsFFqDQdvE38N0QLpYlAbr Vcpq/i0XmRtAMyRNNSk2SsLnq/ueEjOP+IVYzBFUSaVPvkijzZgQ8+IiHmNEQPfP ToIKKSdZrrRZiaU6oK1+5GUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 374148231887255966804411353859697286546874 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-28 13:59:55 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-27 13:59:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fabians.org.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 736627462333495962838050016849587463498890753846429579294620081536494693317469570943324327600276410252994103139511244592085656823965141216995233987755109363007622837141815655915099223689753541598835954311084656813202872530670148553983965331420684806446478712586327993476542652177600692975188624030734028418743278811198718707705060717918552650491659733990531314297772079158973315789136306294806775441829048900972860781238238789132022695315843825635317638755434118520754752823047315740828612511745860170378705330901744232386467079978011113043339700361487929262363409036297783292435270640127357964816260293796005165901370546753333843779548115071824026564910392522415167560961221597861122369595440407559971638744247119917700320495512242212958099856350945409536016443035577607626060126964129773308991453098760563090239913540662928060964640777397240425931010260543865167771905584682022001758321280040597129634936767130080570058239996572119571695811555202224797674429714734863415474479918972663478776086740595869700174267846052666111950468437121923789523281181285513165620058512698322652922394370231939908768925020881340225439295481442167006802643390614764786022971119787192907154971579955027686301062218987949492969911640558941449423348837 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e712a195b195eb92d5c36b327b5e28e92178859e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fabians.org.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fabians.org.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cb0f06b1200000403004630440220621622c42f6fecf8a54b2885a44bfb9918be976fab4c0fa557e02c3073197fd802206d9bc9702c292f1eca3dacb823469020c057bcd25af0f1184d8a3d90ca7662fc00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018cb0f06d630000040300463044022063d407a9096c12107136718d26cda287e3843747326628119649bceebea5ad6e022062d8f7f65f703c616e06a7d524f7579d45699152ad5fe89256598ab24a85c61c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00239c94dbf7ce494407d0dfe17df50e0600f519ba227c19b1d30f0947dfecf83ebe392b3fceecf2baaf1040bb2942081fd3f92ca711e0f3dc2865d43d0db6dc5bb0e7ebcf56daa47dd0bc41006616a3fa17bae7d916695164542e15ca9133038e40552d120e74d87bbf1004e614ed71e9c0f4ba2f6b90cb1c8fb5ee1a63ef7e5f042db4921053fde7548addf0c25f656355742205c8a9eda9879a2bae38a67d11902c0d93ebc7ed2f8b93b6815acfb41d3adb0fb24d8af6efbad81a02f1ce0bf2c58b35b5a102b88c2183d63f6122e9e2348e1449127206f2aef35a6b3e15f549b831c43c2434035cb78912e686d0c3667283d841c32fff3ccdfa3f031b52b989