square.nz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:54:35:f1:c9:54:ed:09:74:b6:26:43:fe:78:4c:eb:42:a8 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=square.nz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:54:35:f1:c9:54:ed:09:74:b6:26:43:fe:78:4c:eb:42:a8Serial Number (int): 289992281127451933669516114801365766324904
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e1:b6:cb:43:71:b4:d3:77:c4:58:e4:30:ad:cd:b8:58:3a:f9:33:04
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 47:03:49:09:45:1a:b4:66:14:02:1b:96:e3:8b:9b:8e:12:cd:22:4b
Fingerprint (sha256): c5:05:68:43:23:a4:07:a0:c4:f0:be:93:b7:d9:14:54:87:39:3d:3a:88:e7:17:d1:0e:52:03:42:53:29:ee:8b
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate square.nz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for square.nz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
square.nz
www.square.nz
www.square.nz
Other certificates including the domain name square.nz
(limited to 100 certificates)
Certificate
The complete raw certificate details for square.nz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWTCCBUGgAwIBAgISA1Q18clU7Ql0tiZD/nhM60KoMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMjkwMDI5MTJaFw0y MDA1MjkwMDI5MTJaMBQxEjAQBgNVBAMTCXNxdWFyZS5uejCCAiIwDQYJKoZIhvcN AQEBBQADggIPADCCAgoCggIBALOAaD03NLVn3Dia1vnH/QP+ktkUAFYwNxcFjvxW iEk5ATbokEvNiljO0KpVI3+nF5hmuDp1Nf8M9w8sYXUvSns82fmIb9TKZ+v0qPR+ CiG6ot5R5/tWCQu/10at48V/8wOLVol8SaU3mqOaJp+GNISCRgApMnCZjlWHQPDH KC4b9zZKpU/yTSUAQl6EIRw3pAN1Mx0FKpM9S2PVCzeS0ArDjfvq6XF/pI0rxA5b mL/BcXutIMS2UA29ebbLJ2MZvokoDIaBh8GiJJbg8tIvyEi52OUskmsALVfenJYE WyMexzJa50LTyIszkOCcjnzCiMmDJkCqeWttKZ1sQpiNL7rsMfafhfgcojDrNCQP WU7eVqjC1ncNRMulhT0BcMkBxPDag8YtdJ1YQ7zlXAj4x1LB0sInfFoXYlip5sHt 0p4O4ldJN+Qq3Xnf7oQZ3ZkF6D63VHvXIapCmIqA7nC3ANfVrL1vl3PMn1vAfgcP hjpaX6O8dh5/oa2VyV036C8jLm9pwi5HT8q8yRKLVK9TT+SAV6gFs36Oc/kPWxx6 MVdEt0quKlC+vDUhbGh25ypdIXRCDfI8YJ0gFSLHuxjxlXUUt5KAx5KWSBTL3Amo kGxhA1OMo8zsI/Au1A+bImp8I6n5/qD1acTBQxQDH0rAc/FX5CDF23FK3s4O8nYN wstzAgMBAAGjggJtMIICaTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFOG2y0NxtNN3 xFjkMK3NuFg6+TMEMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8G CCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZy8wIwYDVR0RBBwwGoIJc3F1YXJlLm56gg13d3cuc3F1YXJl Lm56MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYB BQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIE AgSB9QSB8gDwAHYA5xLysDd+GmL7jskMYYTx6ns3y1YdESZb8+DzS/JBVG4AAAFw jo/HzwAABAMARzBFAiBAmd+Rp8j9coNAXaTFsDc+bQl2gPqpz3HEw20rkJYdygIh AIm72WHxylZJz90PPwL3QDgb91xqjOwB7u1PEHW2x9BpAHYAsh4FzIuizYogTodm +Su5iiUgZ2va+nDnsklTLe+LkF4AAAFwjo/HxQAABAMARzBFAiBVJpCAb61S6F5H ytH27XIM8IOayGYWyGqylAnohW5RxgIhAJOL/97csNv6TTsEtVz1fH8h3TSIa2jA j6XCIoyu2pJyMA0GCSqGSIb3DQEBCwUAA4IBAQBwntpdySPt+0QioUYily1ab4d+ 0qKf/vhS0YX6ZgKXq6hbNp1M7GsAUG1XdBO38dQ25oIUe8y6EF/jdV1Pn4UYh6jd u3OS796vCYpVWuc58JJxwW9sfhZlkiecW+37zsVK7RZrZcjCocZ7/GrvSvEhjJgv H/IozD5KchCWBH/QmzJJikW/ByL/LG8S2lE5rpq5RA4Tj8VUzW763g9R5XtFs9bv L1I0VWck9l9qzf3J8+lNej7ce6D+xZA5k1Lds547ybHzbAB+lZ03d5au2FEWFvSp ItoKbGPKN5DzeiIfJJZHlwY55mpud30pgy2DHX+ecBKd9pvVptSsUiuaqFEM -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs4BoPTc0tWfcOJrW+cf9 A/6S2RQAVjA3FwWO/FaISTkBNuiQS82KWM7QqlUjf6cXmGa4OnU1/wz3DyxhdS9K ezzZ+Yhv1Mpn6/So9H4KIbqi3lHn+1YJC7/XRq3jxX/zA4tWiXxJpTeao5omn4Y0 hIJGACkycJmOVYdA8McoLhv3NkqlT/JNJQBCXoQhHDekA3UzHQUqkz1LY9ULN5LQ CsON++rpcX+kjSvEDluYv8Fxe60gxLZQDb15tssnYxm+iSgMhoGHwaIkluDy0i/I SLnY5SySawAtV96clgRbIx7HMlrnQtPIizOQ4JyOfMKIyYMmQKp5a20pnWxCmI0v uuwx9p+F+ByiMOs0JA9ZTt5WqMLWdw1Ey6WFPQFwyQHE8NqDxi10nVhDvOVcCPjH UsHSwid8WhdiWKnmwe3Sng7iV0k35Crded/uhBndmQXoPrdUe9chqkKYioDucLcA 19WsvW+Xc8yfW8B+Bw+GOlpfo7x2Hn+hrZXJXTfoLyMub2nCLkdPyrzJEotUr1NP 5IBXqAWzfo5z+Q9bHHoxV0S3Sq4qUL68NSFsaHbnKl0hdEIN8jxgnSAVIse7GPGV dRS3koDHkpZIFMvcCaiQbGEDU4yjzOwj8C7UD5sianwjqfn+oPVpxMFDFAMfSsBz 8VfkIMXbcUrezg7ydg3Cy3MCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 289992281127451933669516114801365766324904 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-29 00:29:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-29 00:29:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'square.nz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 732302599139702402475429095228420595962266881113072128093709313543569979917853095766061531343361208379675901485880106950411277005271288782757050153292756964050353008569627129207258030938060174859186613906108446146937316038351732435937724525927589682151081215489018496637063452038814385464839422791426296436825267425005975265787517511839337559824613521733123171105822457606423408483064695416598725304065146854102536997977885189730956956529928636922603652087213134822095027275373419395778975287351236602509965995405998090224677095051001030897624505530767675367825799642702350557781070295983024346723363064928913647744775610690933381687951334444182944103155669993940453099321741310103615893816169334411003791223302264367666951473455021570371490805759836076228508876355329576726115338033481576995958986833523913948562298925720823462815988256804051508050698269843416230265876360542316594280835063282586765469583864323970486829029998855221036770013331341866890374138238895385453395715056206736961104094685329790180277385737671550415043471808070951452368057254187494229189907685245678744122900177046884858023988099520923390479785025296405077659487907243060215137282997500547112511637759627489142403174444324254460039201998101892033719487347 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e1b6cb4371b4d377c458e430adcdb8583af93304 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'square.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.square.nz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600e712f2b0377e1a62fb8ec90c6184f1ea7b37cb561d11265bf3e0f34bf241546e000001708e8fc7cf000004030047304502204099df91a7c8fd7283405da4c5b0373e6d097680faa9cf71c4c36d2b90961dca02210089bbd961f1ca5649cfdd0f3f02f740381bf75c6a8cec01eeed4f1075b6c7d069007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e000001708e8fc7c500000403004730450220552690806fad52e85e47cad1f6ed720cf0839ac86616c86ab29409e8856e51c6022100938bffdedcb0dbfa4d3b04b55cf57c7f21dd34886b68c08fa5c2228caeda9272 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00709eda5dc923edfb4422a14622972d5a6f877ed2a29ffef852d185fa660297aba85b369d4cec6b00506d577413b7f1d436e682147bccba105fe3755d4f9f851887a8ddbb7392efdeaf098a555ae739f09271c16f6c7e166592279c5bedfbcec54aed166b65c8c2a1c67bfc6aef4af1218c982f1ff228cc3e4a721096047fd09b32498a45bf0722ff2c6f12da5139ae9ab9440e138fc554cd6efade0f51e57b45b3d6ef2f5234556724f65f6acdfdc9f3e94d7a3edc7ba0fec590399352ddb39e3bc9b1f36c007e959d377796aed8511616f4a922da0a6c63ca3790f37a221f249647970639e66a6e777d29832d831d7f9e70129df69bd5a6d4ac522b9aa8510c