topenergy.co.nz
Issued by R3
About this certificate
This digital certificate with serial number 04:21:44:c6:20:c9:eb:ea:5e:3e:27:40:27:90:5c:8f:69:43 was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=topenergy.co.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:21:44:c6:20:c9:eb:ea:5e:3e:27:40:27:90:5c:8f:69:43Serial Number (int): 359769878078958300349234235137126441118019
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 68:ea:b8:41:1f:db:38:a1:fb:f7:dc:20:e7:4b:93:ee:f5:06:d0:14
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 9c:70:ea:1b:c9:3f:12:3a:06:79:1c:b5:14:d0:66:a4:af:7c:49:6b
Fingerprint (sha256): 9f:aa:85:5c:a7:2a:3d:46:3d:55:47:7e:eb:21:97:5e:19:0d:19:2b:7f:b5:54:31:a7:99:4f:91:d0:58:ed:5c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate topenergy.co.nz
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for topenergy.co.nz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ngawhageneration.co.nz
ngawhageneration.nz
topenergy.co.nz
www.ngawhageneration.co.nz
www.ngawhageneration.nz
www.topenergy.co.nz
ngawhageneration.nz
topenergy.co.nz
www.ngawhageneration.co.nz
www.ngawhageneration.nz
www.topenergy.co.nz
Other certificates including the domain name topenergy.co.nz
(limited to 100 certificates)
*.topenergy.co.nz
secure.topenergy.co.nz
topenergy.co.nz
topenergy.co.nz
mobile.topenergy.co.nz
outages.topenergy.co.nz
topenergy.co.nz
topenergy.co.nz
topenergy.co.nz
*.topenergy.co.nz
*.topenergy.co.nz
outages.topenergy.co.nz
topenergy.co.nz
topenergy.co.nz
outages.topenergy.co.nz
secure.topenergy.co.nz
topenergy.co.nz
ngawhageneration.co.nz
*.topenergy.co.nz
outages.topenergy.co.nz
*.topenergy.co.nz
outages.topenergy.co.nz
*.topenergy.co.nz
secure.topenergy.co.nz
topenergy.co.nz
topenergy.co.nz
mobile.topenergy.co.nz
outages.topenergy.co.nz
topenergy.co.nz
topenergy.co.nz
topenergy.co.nz
*.topenergy.co.nz
*.topenergy.co.nz
outages.topenergy.co.nz
topenergy.co.nz
topenergy.co.nz
outages.topenergy.co.nz
secure.topenergy.co.nz
topenergy.co.nz
ngawhageneration.co.nz
*.topenergy.co.nz
outages.topenergy.co.nz
*.topenergy.co.nz
outages.topenergy.co.nz
*.topenergy.co.nz
Certificate
The complete raw certificate details for topenergy.co.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFZTCCBE2gAwIBAgISBCFExiDJ6+pePidAJ5Bcj2lDMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMjkxNzIwMjFaFw0yNDA0MjgxNzIwMjBaMBoxGDAWBgNVBAMT D3RvcGVuZXJneS5jby5uejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ALy0aPkwmZPrBXVKn7orVdJYvTlyE6gEIJDmPNq8MjeQfG421N4aQAPjC8nvUbTg BC+GuAlAJ4eSghpZC06WdqTmbCrz+xJSGCK7cbMTt4y4uRQhmEmJzl3q/iLskM8J oTctl+VJRd1xQT2yU8ry0JW6Uf9bqs18zRQjcXmD/OsNB+ugh92AzKk1TgzNIixd uXIUqUtGv7fk04Frm5wb4aXFDvBREjz7q8HiZkhhbSv0oC8d6MHh0bLPubu4UQ9P ghXB0jFR2EvnFm2JUikdHKAMyfv71pfEQoGokqqCmrKfhvU1wK8mdl5uXdAP9l+x NuD9kKF1LHBkpTbCBTrJKjUCAwEAAaOCAoswggKHMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUaOq4QR/bOKH799wg50uT7vUG0BQwHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wgZMGA1UdEQSBizCBiIIWbmdhd2hhZ2VuZXJhdGlvbi5jby5ueoITbmdhd2hh Z2VuZXJhdGlvbi5ueoIPdG9wZW5lcmd5LmNvLm56ghp3d3cubmdhd2hhZ2VuZXJh dGlvbi5jby5ueoIXd3d3Lm5nYXdoYWdlbmVyYXRpb24ubnqCE3d3dy50b3BlbmVy Z3kuY28ubnowEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1 BIHyAPAAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAY1Wc2ud AAAEAwBHMEUCIGP9BxjlzijeEpFLLm0RBqV0JDw1WBeQ5+FrglxRu9leAiEAhLD+ aH7XF0DmfpZ/ssBqIUFaZwNIk3/kNQHxDoJ3j8MAdgCi4r/WHt4vLweg1k5tN6fc ZUOwxrUuotq3iviabfUX2AAAAY1Wc2xPAAAEAwBHMEUCIQCdNgVu+LKsF0N+50ru DL6TlvluIJRwqlhS5O94ZfXBWgIgCQC+7xO/SWDWAkwB1fVi5WKjHpreimpl6rdG LX0ITzkwDQYJKoZIhvcNAQELBQADggEBACk4bx0iTIBdG18Ih2701ISbl0Sses9r 8oqEUN3tt8wLOS/N2ipArEXSV84FLc30LWsbOoB2wnjRmS3uaa8xIOUeafA1RtYn JXCKb7E/sop1JaOtYFYSADEOGN98/TCBQeN4WTiqDpr8PpJz7x98ywIBs5TpJXZs LaaFWdARLGC7JIZAl9Vs9MLkwXG9J5TPFAlty92wB2n9q+8ooB0OrOjIWtOzbrf6 KJ4BLbhmZBXMr38aNEUDSYAhxvxtqD544KGTTMp83t57s8jJ7oDJW4FD6LSUu05g CJXz/yPeB5Z1EB1Rlq/v6RCD7xnw5zmsfZiUwB6taJZL4+30M1na6lw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLRo+TCZk+sFdUqfuitV 0li9OXITqAQgkOY82rwyN5B8bjbU3hpAA+MLye9RtOAEL4a4CUAnh5KCGlkLTpZ2 pOZsKvP7ElIYIrtxsxO3jLi5FCGYSYnOXer+IuyQzwmhNy2X5UlF3XFBPbJTyvLQ lbpR/1uqzXzNFCNxeYP86w0H66CH3YDMqTVODM0iLF25chSpS0a/t+TTgWubnBvh pcUO8FESPPurweJmSGFtK/SgLx3oweHRss+5u7hRD0+CFcHSMVHYS+cWbYlSKR0c oAzJ+/vWl8RCgaiSqoKasp+G9TXAryZ2Xm5d0A/2X7E24P2QoXUscGSlNsIFOskq NQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 359769878078958300349234235137126441118019 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-29 17:20:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-28 17:20:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'topenergy.co.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23821764846141055307590900188012014578878989458956030432639974822413172278332018209349477337196035814387765563005503366669740009840207848756306135870001429773781365344449072857328288524391583683721463492199006206491256780776650131899618740097888609556124768495385553099671077908381020292633953320939621375039692387371285024055010598635303536643459268257826812138223972964182835183825010497983319245927227688852519377802814822034892907193019911939901231319196493398876853585743024430880896068748252790256968241277123841301339312358592449966308004146809338105640799324045104006299202419486883763708345837751059362687541 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 68eab8411fdb38a1fbf7dc20e74b93eef506d014 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (139 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ngawhageneration.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ngawhageneration.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'topenergy.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ngawhageneration.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ngawhageneration.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.topenergy.co.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d56736b9d0000040300473045022063fd0718e5ce28de12914b2e6d1106a574243c35581790e7e16b825c51bbd95e02210084b0fe687ed71740e67e967fb2c06a21415a670348937fe43501f10e82778fc3007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d56736c4f00000403004730450221009d36056ef8b2ac17437ee74aee0cbe9396f96e209470aa5852e4ef7865f5c15a02200900beef13bf4960d6024c01d5f562e562a31e9ade8a6a65eab7462d7d084f39 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0029386f1d224c805d1b5f08876ef4d4849b9744ac7acf6bf28a8450ddedb7cc0b392fcdda2a40ac45d257ce052dcdf42d6b1b3a8076c278d1992dee69af3120e51e69f03546d62725708a6fb13fb28a7525a3ad60561200310e18df7cfd308141e3785938aa0e9afc3e9273ef1f7ccb0201b394e925766c2da68559d0112c60bb24864097d56cf4c2e4c171bd2794cf14096dcbddb00769fdabef28a01d0eace8c85ad3b36eb7fa289e012db8666415ccaf7f1a344503498021c6fc6da83e78e0a1934cca7cdede7bb3c8c9ee80c95b8143e8b494bb4e600895f3ff23de079675101d5196afefe91083ef19f0e739ac7d9894c01ead68964be3edf43359daea5c