manurewasouth.school.nz
Issued by R3
About this certificate
This digital certificate with serial number 04:5b:ed:d1:0e:f0:f4:4d:18:d0:71:2d:93:f1:16:40:85:e9 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=manurewasouth.school.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:5b:ed:d1:0e:f0:f4:4d:18:d0:71:2d:93:f1:16:40:85:e9Serial Number (int): 379730951644934946603928471607735148905961
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 22:0f:3d:f5:7b:54:58:cd:fd:78:58:6b:8e:4f:d1:08:ba:d0:b3:45
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 95:4e:4d:1b:a7:69:9f:7b:45:a5:ed:22:e3:9b:c6:3d:ca:2d:f9:ea
Fingerprint (sha256): b0:1b:5f:9f:4a:6a:6d:d6:00:1e:d3:ef:77:4f:b4:7d:14:11:b5:cc:bf:db:43:ee:c3:4c:60:0e:88:20:aa:5a
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate manurewasouth.school.nz
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for manurewasouth.school.nz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
manurewasouth.school.nz
Other certificates including the domain name manurewasouth.school.nz
(limited to 100 certificates)
www.manurewasouth.school.nz
kiwischools.co.nz
manurewasouth.school.nz
sni.cloudflaressl.com
manurewasouth.school.nz
kiwischools.co.nz
manurewasouth.school.nz
sni.cloudflaressl.com
manurewasouth.school.nz
manurewasouth.school.nz
kiwischools.co.nz
manurewasouth.kiwischools.com
kiwischools.co.nz
kiwischools.co.nz
kiwischools.co.nz
manurewasouth.school.nz
sni.cloudflaressl.com
manurewasouth.school.nz
kiwischools.co.nz
manurewasouth.school.nz
sni.cloudflaressl.com
manurewasouth.school.nz
manurewasouth.school.nz
kiwischools.co.nz
manurewasouth.kiwischools.com
kiwischools.co.nz
kiwischools.co.nz
Certificate
The complete raw certificate details for manurewasouth.school.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgISBFvt0Q7w9E0Y0HEtk/EWQIXpMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjQxMDA2MThaFw0yNDA2MjIxMDA2MTdaMCIxIDAeBgNVBAMT F21hbnVyZXdhc291dGguc2Nob29sLm56MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A MIICCgKCAgEAwElSSbt3m71Z5eFSotfOnT10Rw8pzV5KU88aqHS8VmlyTxRsiaaC YGBaYpvTBTUACPEaB5YSHw/NVNp2jNSRdvu3jLYxtEznYMT6FIzzVgLCyhwftw/B DvOL3whqDszt2LtYGoHD7Jnl2We+GcjG1aEm646BjBHarE+pqGa6/7IcrWJa9yyj Ycyk7+t7M1ju2uWnemEtH99qxwKJsP3UVt+MqBFD1s2vQ/yCCkgYcl/qkJV/pZFe uQhAiZAsqUc4cqMNCGhPKtwAur3LCz+/CBxRJG6d/te91sIwD1LYdUwO6Aodc24w tdhw3HSUjoZyZKlhwSHJXirW9gSS4NTuoOvO32gaFgWxkplljIjSYC0Bst/J0Bud OgzmrswOAiLUk1Q8PwPhCWkkW2TKkPAo7npiG7zj+w30BFOcDwedILyOfuHIL0eG 5z8/aS5hNuQM+C0A6gErAtA+CJl8LTqirWcC0YadGtSqWPOiZkNY3BLctHL9BnTS WGax2FcI8a89/3uYrUN2/TmwoUCl0dSTxv25heBTtBp/uXXUDQBsZkrjoROcUnmn hNzuh0wZJnl0MyEierjf0oRswTTHIAgPsPaQ1ymS5fry94iPMnQR9BGDnWELhssk 1l/6OtQRBnDL0B+vpAj1oVSrlTCP/zCKbc869Em4/0NV5kr6WSSxTLsCAwEAAaOC AhowggIWMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUIg899XtUWM39eFhrjk/RCLrQ s0UwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEE STBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUH MAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wIgYDVR0RBBswGYIXbWFudXJld2Fz b3V0aC5zY2hvb2wubnowEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5 AgQCBIH2BIHzAPEAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAA AY5wI84ZAAAEAwBHMEUCIQCVm5fKdH1QXRArvN02/DKNJSJ/n0Zt6nDOdZI+yl3G GAIgd/hIqCj6EEVjQcbdAR9Jdp7v2+eOIMmC4pxdcUB+6y4AdwCi4r/WHt4vLweg 1k5tN6fcZUOwxrUuotq3iviabfUX2AAAAY5wI9uDAAAEAwBIMEYCIQCnZitZGI2b Hu+/lLrBAr1Dh6+5CR855KMZriNunuX2xQIhAPt+/bA5NN+FWvnp0s6uiDyp5Drh d1mG1sCkwzStjIMHMA0GCSqGSIb3DQEBCwUAA4IBAQBhOx5pMD+nEhMCG45CF3vq W5bYgKa4dcGZAsCliT1/kr8tGVY3W93QvPi/H1Vf16Zr6fzG7UZgWQHlYY0TFQyL lo9XeBWOlv3mL8ykTgZI5CkkJVWpfleDHqMg9SdJsr6ANOetjKCfpq9nHJraQP91 dHcKx2tA/imeqvIoR2U7I1F/C+eo2AGCBfmnvIVmQ5ockbx97KMleYXDZhm5kU+5 CYGWzp9ImW/ugba449lUCyTY/zwZ8v/G+lestRjaLQuzVJc3WriL8JOQpLlvGk6I rgJY98VjnEeeMRLWoRnTaZiqWOAvVN9x9OWCdj9nFLYwnicjJm31ZFEN1eFkFugQ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwElSSbt3m71Z5eFSotfO nT10Rw8pzV5KU88aqHS8VmlyTxRsiaaCYGBaYpvTBTUACPEaB5YSHw/NVNp2jNSR dvu3jLYxtEznYMT6FIzzVgLCyhwftw/BDvOL3whqDszt2LtYGoHD7Jnl2We+GcjG 1aEm646BjBHarE+pqGa6/7IcrWJa9yyjYcyk7+t7M1ju2uWnemEtH99qxwKJsP3U Vt+MqBFD1s2vQ/yCCkgYcl/qkJV/pZFeuQhAiZAsqUc4cqMNCGhPKtwAur3LCz+/ CBxRJG6d/te91sIwD1LYdUwO6Aodc24wtdhw3HSUjoZyZKlhwSHJXirW9gSS4NTu oOvO32gaFgWxkplljIjSYC0Bst/J0BudOgzmrswOAiLUk1Q8PwPhCWkkW2TKkPAo 7npiG7zj+w30BFOcDwedILyOfuHIL0eG5z8/aS5hNuQM+C0A6gErAtA+CJl8LTqi rWcC0YadGtSqWPOiZkNY3BLctHL9BnTSWGax2FcI8a89/3uYrUN2/TmwoUCl0dST xv25heBTtBp/uXXUDQBsZkrjoROcUnmnhNzuh0wZJnl0MyEierjf0oRswTTHIAgP sPaQ1ymS5fry94iPMnQR9BGDnWELhssk1l/6OtQRBnDL0B+vpAj1oVSrlTCP/zCK bc869Em4/0NV5kr6WSSxTLsCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 379730951644934946603928471607735148905961 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-24 10:06:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-22 10:06:17 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'manurewasouth.school.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 784460119527922490038051849272684214176952502211873437491384853609270510814056670299258566430890873653209601019571093229819781200957242326954161818741833131273461159147447923549921440677368112244891216749992463307333158927009238914890213752644284067454611424211665745598230341502713847777896193668635453480623911322055998287352517376578759462248064609789854364036910766631222941988181444475447919432351278132232818309499839750198014934676132482615678878793350068956804212108576891234789777475004466031452629085986691875342602707165907073341319232072202757100660997180020756083548144301556919304076704571151003913274188061390910927115767084627651529623334919602865465201855112808670684013128095987665545479798672877899083080668275419052116287454301217860125707770013954508587130545124961105137192733496523610393631593565598510411446434418580087478151741545138905014703006596499505068308685318605954219024813735263101062544719736953582367856241641872843390370409745011913675338918960342810415793134737081653789517068393946897684543677143962529333542364611158978706278177746995322375998719168021814676093309106286341537444028087569847046335129314177326347353873914655127562437978321787856916356009090762922865384215110513821769608023227 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 220f3df57b5458cdfd78586b8e4fd108bad0b345 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manurewasouth.school.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018e7023ce190000040300473045022100959b97ca747d505d102bbcdd36fc328d25227f9f466dea70ce75923eca5dc618022077f848a828fa10456341c6dd011f49769eefdbe78e20c982e29c5d71407eeb2e007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e7023db830000040300483046022100a7662b59188d9b1eefbf94bac102bd4387afb9091f39e4a319ae236e9ee5f6c5022100fb7efdb03934df855af9e9d2ceae883ca9e43ae1775986d6c0a4c334ad8c8307 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00613b1e69303fa71213021b8e42177bea5b96d880a6b875c19902c0a5893d7f92bf2d1956375bddd0bcf8bf1f555fd7a66be9fcc6ed46605901e5618d13150c8b968f5778158e96fde62fcca44e0648e429242555a97e57831ea320f52749b2be8034e7ad8ca09fa6af671c9ada40ff7574770ac76b40fe299eaaf22847653b23517f0be7a8d8018205f9a7bc8566439a1c91bc7deca3257985c36619b9914fb9098196ce9f48996fee81b6b8e3d9540b24d8ff3c19f2ffc6fa57acb518da2d0bb35497375ab88bf09390a4b96f1a4e88ae0258f7c5639c479e3112d6a119d36998aa58e02f54df71f4e582763f6714b6309e2723266df564510dd5e16416e810