sporty.org.nz

Issued by R3

About this certificate

This digital certificate with serial number 03:47:da:64:c4:05:e7:26:d9:f3:8d:97:75:62:34:6d:af:40 was issued on by Let's Encrypt.

With 54 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=sporty.org.nz

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:47:da:64:c4:05:e7:26:d9:f3:8d:97:75:62:34:6d:af:40
Serial Number (int): 285787200755254297122822067817610512019264
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 1a:b1:62:2b:70:02:66:22:e8:14:ef:45:76:48:a4:44:e9:96:ba:12
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): f8:88:a2:20:52:09:0e:70:81:1e:3e:9b:e8:0d:45:8e:1a:d0:dc:f1
Fingerprint (sha256): ad:06:e9:3b:69:29:c1:57:8f:82:dd:77:32:71:d3:1b:ef:23:29:60:d5:1b:64:12:e0:a6:29:63:37:9a:ca:51

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate sporty.org.nz

54

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sporty.org.nz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aucklandcricket.co.nz
canterburypickleball.org.nz
canterburywhitewaterclub.co.nz
christchurchpark.co.nz
clubredcliffs.co.nz
colindaleparkraceway.nz
dodgeballcanterbury.co.nz
dunediniceskatingclub.com
dunedinicestadium.co.nz
hadlow.school.nz
hamiltonwanderers.co.nz
hbspeedwayclubinc.co.nz
heretaunga.school.nz
hessa.org.nz
hinuerarugby.com
hockeysouthcanterbury.co.nz
jcc.org.nz
kaiauaboatingclub.nz
kapitiruntri.org.nz
mackenzieicehockey.nz
maori.basketball
mauao.school.nz
morrinsvillebowlingclub.co.nz
msfc.org.nz
mxt.co.nz
navalpoint.co.nz
newlandsprimary.school.nz
northernswords.co.nz
npsuc.co.nz
npsuc.org.nz
ongaongagolfclub.co.nz
paraparaumucollege.school.nz
pc.school.nz
pnghs.school.nz
queenstownpickleballclub.org
rakaiasalmon.co.nz
rln.co.nz
rookiesox.co.nz
runa-yachtingnz.org.nz
sporty.org.nz
stjohns.school.nz
stream.school.nz
tawafootball.org.nz
teawamutunetball.co.nz
teohuikaroatouch.co.nz
tfc.net.nz
thenorthsports.co.nz
tikipungafc.co.nz
touchnzinternational.co.nz
touchnzinternational.nz
waibopfutsal.co.nz
wairoacollege.school.nz
whanganuirugby.co.nz
xlr8sportstrust.org.nz

Other certificates including the domain name sporty.org.nz

(limited to 100 certificates)

Certificate

The complete raw certificate details for sporty.org.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJXTCCCEWgAwIBAgISA0faZMQF5ybZ842XdWI0ba9AMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MjEwMDU3MzVaFw0yNDA4MTkwMDU3MzRaMBgxFjAUBgNVBAMT
DXNwb3J0eS5vcmcubnowggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+
CxjbPyCeO4wxioRwvnjAMt0buXauCW8Tejn6wBaI8mSTxwYQne9d/dkAYpFBwgIJ
GoUvoQ+Xd13aeqCggWL7jLOVMs7Doi5/6IuAdLHdFyUn1GlI2Xcmss+dNrbt7sB9
51RYd4MYpjObYLGO1juQLGAspRUnDR4MEUgAMpJonujGvvEx/kNBk28Nwfvk5NW2
Ss5/6SlfZA49rfauUkETWXkcFoi+n5RYi4AiqzvDGfHGTio51Y/bzgljTJ2m1QzL
0+UWGsADg4tXU0sTgdE6sZ0v5DvoA8Zo/UOPEIehwfv7/zPpwaS/0LoV9CyUv/pW
HZ35V9gD5LDtnZDA6fuNAgMBAAGjggaFMIIGgTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFBqxYitwAmYi6BTvRXZIpETplroSMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MIIEjAYDVR0RBIIEgzCCBH+CFWF1Y2tsYW5kY3JpY2tldC5jby5ueoIbY2FudGVy
YnVyeXBpY2tsZWJhbGwub3JnLm56gh5jYW50ZXJidXJ5d2hpdGV3YXRlcmNsdWIu
Y28ubnqCFmNocmlzdGNodXJjaHBhcmsuY28ubnqCE2NsdWJyZWRjbGlmZnMuY28u
bnqCF2NvbGluZGFsZXBhcmtyYWNld2F5Lm56ghlkb2RnZWJhbGxjYW50ZXJidXJ5
LmNvLm56ghlkdW5lZGluaWNlc2thdGluZ2NsdWIuY29tghdkdW5lZGluaWNlc3Rh
ZGl1bS5jby5ueoIQaGFkbG93LnNjaG9vbC5ueoIXaGFtaWx0b253YW5kZXJlcnMu
Y28ubnqCF2hic3BlZWR3YXljbHViaW5jLmNvLm56ghRoZXJldGF1bmdhLnNjaG9v
bC5ueoIMaGVzc2Eub3JnLm56ghBoaW51ZXJhcnVnYnkuY29tghtob2NrZXlzb3V0
aGNhbnRlcmJ1cnkuY28ubnqCCmpjYy5vcmcubnqCFGthaWF1YWJvYXRpbmdjbHVi
Lm56ghNrYXBpdGlydW50cmkub3JnLm56ghVtYWNrZW56aWVpY2Vob2NrZXkubnqC
EG1hb3JpLmJhc2tldGJhbGyCD21hdWFvLnNjaG9vbC5ueoIdbW9ycmluc3ZpbGxl
Ym93bGluZ2NsdWIuY28ubnqCC21zZmMub3JnLm56gglteHQuY28ubnqCEG5hdmFs
cG9pbnQuY28ubnqCGW5ld2xhbmRzcHJpbWFyeS5zY2hvb2wubnqCFG5vcnRoZXJu
c3dvcmRzLmNvLm56ggtucHN1Yy5jby5ueoIMbnBzdWMub3JnLm56ghZvbmdhb25n
YWdvbGZjbHViLmNvLm56ghxwYXJhcGFyYXVtdWNvbGxlZ2Uuc2Nob29sLm56ggxw
Yy5zY2hvb2wubnqCD3BuZ2hzLnNjaG9vbC5ueoIccXVlZW5zdG93bnBpY2tsZWJh
bGxjbHViLm9yZ4IScmFrYWlhc2FsbW9uLmNvLm56gglybG4uY28ubnqCD3Jvb2tp
ZXNveC5jby5ueoIWcnVuYS15YWNodGluZ256Lm9yZy5ueoINc3BvcnR5Lm9yZy5u
eoIRc3Rqb2hucy5zY2hvb2wubnqCEHN0cmVhbS5zY2hvb2wubnqCE3Rhd2Fmb290
YmFsbC5vcmcubnqCFnRlYXdhbXV0dW5ldGJhbGwuY28ubnqCFnRlb2h1aWthcm9h
dG91Y2guY28ubnqCCnRmYy5uZXQubnqCFHRoZW5vcnRoc3BvcnRzLmNvLm56ghF0
aWtpcHVuZ2FmYy5jby5ueoIadG91Y2huemludGVybmF0aW9uYWwuY28ubnqCF3Rv
dWNobnppbnRlcm5hdGlvbmFsLm56ghJ3YWlib3BmdXRzYWwuY28ubnqCF3dhaXJv
YWNvbGxlZ2Uuc2Nob29sLm56ghR3aGFuZ2FudWlydWdieS5jby5ueoIWeGxyOHNw
b3J0c3RydXN0Lm9yZy5uejATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB
1nkCBAIEgfUEgfIA8AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz
AAABj5jeSw4AAAQDAEcwRQIhAOi8Z7mGSGM84kxc/KGhqi9nr/mmmwUZqOf/7ffZ
0TveAiBpKmYvGV4ittHuHj5XuYefCIevCCvvMjmbu8RkMOeXSwB2AN/hVuuqBa+1
nA+GcY2owDJOrlbZbqf1pWoB0cE7vlJcAAABj5jeS9oAAAQDAEcwRQIhAMgasLQn
Ob5k30QCicPbQQkMkSpuwQMPOsKuoQfMBKJeAiAQf4+tOsRgGPGcxWemWeLj9iJh
AxomexPVSRDqLshb3DANBgkqhkiG9w0BAQsFAAOCAQEAZ/1P6t32mDKsk2pdVJ+u
MH8ZiaApNZTa0CzbsYCAf3Cw1ltvfPAx0BclV7wNxfDXYsUhhi1jy3KOHg1OwN8p
a10+aZKQ8NLfvpjE/ye/CDCsGjRrfdOZ2xJvydeG45Nn4zAN3l4tkCDTsVJB1LYy
CzFX4QuiDS9uFjJhzWNyqGLIsGVxvofx2N1uLKpewfn0afQ1zMhI7uGqedKI0SS5
WdsG2dUtVw3j4p6g2Pqn76V4+i66FQ+ZMkU17oXHcIbFGLQl5pdMa2S+iOE1xDKx
gkv4XrLmTS7qEQcyPxl805rJ+oIIINuSHuT1iDocQVfYXvsO31gKnfAW/QCrm9LP
4w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgsY2z8gnjuMMYqEcL54
wDLdG7l2rglvE3o5+sAWiPJkk8cGEJ3vXf3ZAGKRQcICCRqFL6EPl3dd2nqgoIFi
+4yzlTLOw6Iuf+iLgHSx3RclJ9RpSNl3JrLPnTa27e7AfedUWHeDGKYzm2CxjtY7
kCxgLKUVJw0eDBFIADKSaJ7oxr7xMf5DQZNvDcH75OTVtkrOf+kpX2QOPa32rlJB
E1l5HBaIvp+UWIuAIqs7wxnxxk4qOdWP284JY0ydptUMy9PlFhrAA4OLV1NLE4HR
OrGdL+Q76APGaP1DjxCHocH7+/8z6cGkv9C6FfQslL/6Vh2d+VfYA+Sw7Z2QwOn7
jQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 285787200755254297122822067817610512019264
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-21 00:57:35 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-19 00:57:34 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sporty.org.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23990750125262370839043823710004359900300272196203018645573679748455762165738102269329935427560111390102024343013646229367832563648945529659660943406362995867383182717591467922644320339800893085618369543838542004467620329039524492326592531961616569467517643023508061530452043563590980653589848032015672083662176262303201987556308688425471311060035938308464494568260701695977995147366722334584682730881797912806176471105499325232030707222596814435832986088477738919329261080759263442456235695543986374016340550529204326692954311990030641599196353082382811566950718681502082974352446996092639593889506528828696377817997
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1ab1622b70026622e814ef457648a444e996ba12
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1155 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aucklandcricket.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canterburypickleball.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canterburywhitewaterclub.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'christchurchpark.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clubredcliffs.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'colindaleparkraceway.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dodgeballcanterbury.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dunediniceskatingclub.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dunedinicestadium.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hadlow.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hamiltonwanderers.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hbspeedwayclubinc.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heretaunga.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hessa.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hinuerarugby.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hockeysouthcanterbury.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jcc.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kaiauaboatingclub.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kapitiruntri.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mackenzieicehockey.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'maori.basketball'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mauao.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'morrinsvillebowlingclub.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'msfc.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mxt.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'navalpoint.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'newlandsprimary.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'northernswords.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'npsuc.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'npsuc.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ongaongagolfclub.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paraparaumucollege.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pc.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pnghs.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'queenstownpickleballclub.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rakaiasalmon.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rln.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rookiesox.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'runa-yachtingnz.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sporty.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stjohns.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stream.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tawafootball.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'teawamutunetball.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'teohuikaroatouch.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tfc.net.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thenorthsports.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tikipungafc.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'touchnzinternational.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'touchnzinternational.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waibopfutsal.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wairoacollege.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'whanganuirugby.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xlr8sportstrust.org.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018f98de4b0e0000040300473045022100e8bc67b98648633ce24c5cfca1a1aa2f67aff9a69b0519a8e7ffedf7d9d13bde0220692a662f195e22b6d1ee1e3e57b9879f0887af082bef32399bbbc46430e7974b007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f98de4bda0000040300473045022100c81ab0b42739be64df440289c3db41090c912a6ec1030f3ac2aea107cc04a25e0220107f8fad3ac46018f19cc567a659e2e3f62261031a267b13d54910ea2ec85bdc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0067fd4feaddf69832ac936a5d549fae307f1989a0293594dad02cdbb180807f70b0d65b6f7cf031d0172557bc0dc5f0d762c521862d63cb728e1e0d4ec0df296b5d3e699290f0d2dfbe98c4ff27bf0830ac1a346b7dd399db126fc9d786e39367e3300dde5e2d9020d3b15241d4b6320b3157e10ba20d2f6e163261cd6372a862c8b06571be87f1d8dd6e2caa5ec1f9f469f435ccc848eee1aa79d288d124b959db06d9d52d570de3e29ea0d8faa7efa578fa2eba150f99324535ee85c77086c518b425e6974c6b64be88e135c432b1824bf85eb2e64d2eea1107323f197cd39ac9fa820820db921ee4f5883a1c4157d85efb0edf580a9df016fd00ab9bd2cfe3