www.canibuild.co.nz.marlboroughma.com
Issued by R3
About this certificate
This digital certificate with serial number 04:ea:33:c0:f7:4e:2b:1d:73:a9:91:73:a3:65:af:57:ac:bb was issued on by Let's Encrypt.
With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.canibuild.co.nz.marlboroughma.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:ea:33:c0:f7:4e:2b:1d:73:a9:91:73:a3:65:af:57:ac:bbSerial Number (int): 428144010151270768671894454052883709537467
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 76:a3:e1:16:e7:35:e7:60:51:67:93:c8:84:85:8c:14:7b:93:ca:17
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 0f:f9:98:0c:93:9d:04:3e:d1:82:b2:4c:e4:c8:ef:4e:03:63:ab:91
Fingerprint (sha256): 94:4a:06:ee:46:25:4d:6d:fd:89:06:b8:d0:61:9d:f1:88:a8:25:ec:97:0f:dc:86:82:0f:b4:7a:9a:61:b6:40
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.canibuild.co.nz.marlboroughma.com
9
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.canibuild.co.nz.marlboroughma.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
allthebestoffers.com
businesscardadvertising.com
computernerd.io.cityofgreenwood.com.equusent.com
corneliuslistings.com
erotic-games.com.crypticgames.com
healthyhomebuilt.com
lifewearable.com
stylewriting.com
www.canibuild.co.nz.marlboroughma.com
businesscardadvertising.com
computernerd.io.cityofgreenwood.com.equusent.com
corneliuslistings.com
erotic-games.com.crypticgames.com
healthyhomebuilt.com
lifewearable.com
stylewriting.com
www.canibuild.co.nz.marlboroughma.com
Other certificates including the domain name marlboroughma.com
(limited to 100 certificates)
marlboroughma.com
marlboroughma.com
marlboroughma.com
www.marlboroughma.com
musicalmemorycare.org
pensaukee.com
turntableneedles.org
dngo.accompli.sh
ilfpc.org
www.canibuild.co.nz.marlboroughma.com
saintflanagan.ie
www.marlboroughma.com
pureindulgence.org
www.marlboroughma.com
trailerupholstery.ca
example316.bible
marlboroughma.com
marlboroughma.com
marlboroughma.com
marlboroughma.com
www.marlboroughma.com
musicalmemorycare.org
pensaukee.com
turntableneedles.org
dngo.accompli.sh
ilfpc.org
www.canibuild.co.nz.marlboroughma.com
saintflanagan.ie
www.marlboroughma.com
pureindulgence.org
www.marlboroughma.com
trailerupholstery.ca
example316.bible
marlboroughma.com
marlboroughma.com
Certificate
The complete raw certificate details for www.canibuild.co.nz.marlboroughma.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgISBOozwPdOKx1zqZFzo2WvV6y7MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjIxMzAyNTBaFw0yNDAzMjExMzAyNDlaMDAxLjAsBgNVBAMT JXd3dy5jYW5pYnVpbGQuY28ubnoubWFybGJvcm91Z2htYS5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNb2Ov8/47/cLshN/zvaN+EA8l84iFpZXu 11FzYEqvIhyfj1SyanwVvxm5/j7UUat9QordxZ7iCFuAk7PtfSPXxVKIyr5rqhH1 aRRKuhkZqVSxMYR8x52JUprFSgIgOZBIsC4EBO9PMQ4qc+awyyTBZPGRqhZJyrmM iKTx7A7/RgEV6YKTGtJh+qcGiSi7Hs9hzsFaVRUzFHVA4IHI0C3oNQLOt9iubJ4o JHMgyEPXeDu5dI3FsbsPEnJ6exzUpMlZI+x0hM8MOUmUBxecroaukgIYJswscF2Y Uvl+ZwFA30ZKa5zqRdGc+DxUvkWyiDpIX9s+D8AQ1VrtDp1bgwRNAgMBAAGjggMH MIIDAzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHaj4RbnNedgUWeTyISFjBR7k8oX MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkw RzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAC hhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIBDQYDVR0RBIIBBDCCAQCCFGFsbHRo ZWJlc3RvZmZlcnMuY29tghtidXNpbmVzc2NhcmRhZHZlcnRpc2luZy5jb22CMGNv bXB1dGVybmVyZC5pby5jaXR5b2ZncmVlbndvb2QuY29tLmVxdXVzZW50LmNvbYIV Y29ybmVsaXVzbGlzdGluZ3MuY29tgiFlcm90aWMtZ2FtZXMuY29tLmNyeXB0aWNn YW1lcy5jb22CFGhlYWx0aHlob21lYnVpbHQuY29tghBsaWZld2VhcmFibGUuY29t ghBzdHlsZXdyaXRpbmcuY29tgiV3d3cuY2FuaWJ1aWxkLmNvLm56Lm1hcmxib3Jv dWdobWEuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB 9gSB8wDxAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGMkdYC +AAABAMARzBFAiATYvGOvsFxgbAo8CG1FHZmdFGt4EZxxJNW7hKXyU+nigIhAIA1 q+xPTLSANtfl5jcep7AKa3L5Mz41aNEKhL2LisneAHcAdv+IPwq2+5VRwmHM9Ye6 NLSkzbsp3GhCCp/mZ0xaOnQAAAGMkdYDrQAABAMASDBGAiEAtgHbon8VOPKVyuWe 3PQ4hqxlU1HrzWesAtJWLx3OiXECIQDSXUPxawd0Bn5qDTxo0S3tHtqRGD/cWBsh 0qkBaEr1ejANBgkqhkiG9w0BAQsFAAOCAQEAWKZqoPo34MA2ffzN18pP0GUChBQe rL14k+LPwHyA7h1lhGr4pLhEKZ1wzeIReUxb+cUtmCVESPHZi8ZN3UqHZbQFlrvA 7V4GCCNxzxUp8GZi7m5BNxokKdbdt8zt9ezKTWYdvhZYOUTBwLg6I1BVR+X8ZXbM MaN15LC/wx9Zd3fWxYJLxg8CjAr05aItPfz6gfUQ94sjhvusnd//H07i+PjAJNs2 VtfCnhOtmDAcOttAVY82ZBh8nv583OLKyPm8+iLQ76HRbmSc8zLTpMCm7uH2uYlW dgqFlhsN+UCffgolGY4mbYNlbefv++HlFvWUAI6AsSASHpfrAOgAs6fZCw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzW9jr/P+O/3C7ITf872j fhAPJfOIhaWV7tdRc2BKryIcn49Usmp8Fb8Zuf4+1FGrfUKK3cWe4ghbgJOz7X0j 18VSiMq+a6oR9WkUSroZGalUsTGEfMediVKaxUoCIDmQSLAuBATvTzEOKnPmsMsk wWTxkaoWScq5jIik8ewO/0YBFemCkxrSYfqnBokoux7PYc7BWlUVMxR1QOCByNAt 6DUCzrfYrmyeKCRzIMhD13g7uXSNxbG7DxJyensc1KTJWSPsdITPDDlJlAcXnK6G rpICGCbMLHBdmFL5fmcBQN9GSmuc6kXRnPg8VL5Fsog6SF/bPg/AENVa7Q6dW4ME TQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 428144010151270768671894454052883709537467 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-22 13:02:50 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-21 13:02:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.canibuild.co.nz.marlboroughma.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25933780680148548574964425946743513666238632626514996584712622508137151913130453228411056475592905625797213788728569575756074058286501589122500726532639452857837123618382138536822653968466295382864652700785142604631359902170999466154886838873396810933182308842825492794163635822082939933088194647583035183276081898611465473212994653387520429126274690146171711577141741305812007162941555366589760469801348758373401252094847579993083864836827328620421020564083900845173033989412471143697480423202173601588619273375205024346416858452313203386183061313413628224463604382706264017580804784871970736001350478386939098760269 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 76a3e116e735e760516793c884858c147b93ca17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (260 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'allthebestoffers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'businesscardadvertising.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'computernerd.io.cityofgreenwood.com.equusent.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corneliuslistings.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'erotic-games.com.crypticgames.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthyhomebuilt.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lifewearable.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stylewriting.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canibuild.co.nz.marlboroughma.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c91d602f8000004030047304502201362f18ebec17181b028f021b51476667451ade04671c49356ee1297c94fa78a0221008035abec4f4cb48036d7e5e6371ea7b00a6b72f9333e3568d10a84bd8b8ac9de00770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c91d603ad0000040300483046022100b601dba27f1538f295cae59edcf43886ac655351ebcd67ac02d2562f1dce8971022100d25d43f16b0774067e6a0d3c68d12ded1eda91183fdc581b21d2a901684af57a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0058a66aa0fa37e0c0367dfccdd7ca4fd0650284141eacbd7893e2cfc07c80ee1d65846af8a4b844299d70cde211794c5bf9c52d98254448f1d98bc64ddd4a8765b40596bbc0ed5e06082371cf1529f06662ee6e41371a2429d6ddb7ccedf5ecca4d661dbe16583944c1c0b83a23505547e5fc6576cc31a375e4b0bfc31f597777d6c5824bc60f028c0af4e5a22d3dfcfa81f510f78b2386fbac9ddfff1f4ee2f8f8c024db3656d7c29e13ad98301c3adb40558f3664187c9efe7cdce2cac8f9bcfa22d0efa1d16e649cf332d3a4c0a6eee1f6b98956760a85961b0df9409f7e0a25198e266d83656de7effbe1e516f594008e80b120121e97eb00e800b3a7d90b