www.aucklandcitylibraries.com

Issued by R3

About this certificate

This digital certificate with serial number 04:4f:94:1a:11:82:90:82:81:d0:ef:63:07:03:7b:d8:5c:1f was issued on by Let's Encrypt.

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.aucklandcitylibraries.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:4f:94:1a:11:82:90:82:81:d0:ef:63:07:03:7b:d8:5c:1f
Serial Number (int): 375528311812034962658553330617244576144415
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: d7:8b:0e:3b:36:7c:cf:fd:73:10:6c:fa:35:2a:e3:48:08:20:e7:2d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 76:3f:a1:90:3b:66:29:82:e4:94:3f:56:37:7c:2e:f4:17:65:9a:6d
Fingerprint (sha256): cb:26:12:d8:f2:38:46:24:75:67:25:70:f8:b8:4d:04:0c:f0:99:b8:c7:10:db:d6:c1:06:af:b9:46:04:68:96

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.aucklandcitylibraries.com

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.aucklandcitylibraries.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aucklandcitylibraries.com
autodiscover.aucklandcitylibraries.com
cpanel.aucklandcitylibraries.com
mail.aucklandcitylibraries.com
webdisk.aucklandcitylibraries.com
webmail.aucklandcitylibraries.com
www.aucklandcitylibraries.com

Other certificates including the domain name aucklandcitylibraries.com

(limited to 100 certificates)
nzchinesejournals.aucklandcitylibraries.com
aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
mail.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
webmail.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com
www.aucklandcitylibraries.com
mail.aucklandcitylibraries.com
nzchinesejournals.aucklandcitylibraries.com

Certificate

The complete raw certificate details for www.aucklandcitylibraries.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISBE+UGhGCkIKB0O9jBwN72FwfMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMTIwMzI0NDZaFw0yNDA1MTIwMzI0NDVaMCgxJjAkBgNVBAMT
HXd3dy5hdWNrbGFuZGNpdHlsaWJyYXJpZXMuY29tMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAuyiyH3oVnk/5iXqIXvIihloAIoDzQoG8H18j7vzaNOn/
xOP2YSl8nvCPLZduT7zB8HObPLt2Up8XP69e8UUpCY4Aax3ZYUUhh8YovSRUs0FR
kViE7TTqm1zGOSbk0V6qbz4Pax9Rjw4PcRp0P9xbsEM2zFngfrJ40a8AfSmbw5U1
c134EFe+dhYdUW3hVy9y1j793fnK5TiBoEY+HVi+9EXGcgdOSsraDF3gwb4deOTQ
UOqUGCSXFcMiBloMiPkHfPBuQcroCr9cYzzEPNRDWNol29KvSOWcCZ5wGkK/5SHi
gBdQbF0xU5L/HpVnYhYF3fy85suB2aYoDnvA3heQ5wIDAQABo4IC7jCCAuowDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBTXiw47NnzP/XMQbPo1KuNICCDnLTAfBgNVHSME
GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB
BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov
L3IzLmkubGVuY3Iub3JnLzCB9QYDVR0RBIHtMIHqghlhdWNrbGFuZGNpdHlsaWJy
YXJpZXMuY29tgiZhdXRvZGlzY292ZXIuYXVja2xhbmRjaXR5bGlicmFyaWVzLmNv
bYIgY3BhbmVsLmF1Y2tsYW5kY2l0eWxpYnJhcmllcy5jb22CHm1haWwuYXVja2xh
bmRjaXR5bGlicmFyaWVzLmNvbYIhd2ViZGlzay5hdWNrbGFuZGNpdHlsaWJyYXJp
ZXMuY29tgiF3ZWJtYWlsLmF1Y2tsYW5kY2l0eWxpYnJhcmllcy5jb22CHXd3dy5h
dWNrbGFuZGNpdHlsaWJyYXJpZXMuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB
BQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB
2bu/qznYhHMAAAGNm49z3wAABAMARzBFAiAkZv/jueHL+WjsEL8f8vikOvJyt9on
ye+tsN8wX5gwYQIhALuUpOpmprZPgaY2AL6QVWPD4bNG+/2vMmPLBBbkZHPvAHcA
ouK/1h7eLy8HoNZObTen3GVDsMa1LqLat4r4mm31F9gAAAGNm490uQAABAMASDBG
AiEAqClZPfHvGOywOa+oJjSYRBkNDLP2jTbLP2SxtR5Wp6sCIQCLRUUqL/usP34W
+WvXEEMM9lDVkOgHdJ2VXxxFDfgoEzANBgkqhkiG9w0BAQsFAAOCAQEAeKbPQm47
BbL1xlj4j7136IiDYNz4RSXadtZMd485pVQNlcPP+Sv5wztI95igGVfqMxRnDecv
NnftrscPmiOvmCUdrgJ+EgQKZrwwYTTjlvFqUrYdqz0rEbNle8BYZ6J/6ztNfH4I
CWQzL2FwVm1ptikSxlrBf5KCTzlX3rLAVtX3c+t1FRT/lnVTMoB8UUj1Bblg58h0
a21yYz33CMEVyQiyTdQC98zS+/SG38qNEpyr8YIMcGu+nIwTthX4OWDOC3B+5yrC
tbCEahH/rl2CfNgvGiajUtys1OZ0OEdH/APuUkfjEnPihMsbtJYdJGkaiaRlsok0
HfAoKu7GUbOriw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyiyH3oVnk/5iXqIXvIi
hloAIoDzQoG8H18j7vzaNOn/xOP2YSl8nvCPLZduT7zB8HObPLt2Up8XP69e8UUp
CY4Aax3ZYUUhh8YovSRUs0FRkViE7TTqm1zGOSbk0V6qbz4Pax9Rjw4PcRp0P9xb
sEM2zFngfrJ40a8AfSmbw5U1c134EFe+dhYdUW3hVy9y1j793fnK5TiBoEY+HVi+
9EXGcgdOSsraDF3gwb4deOTQUOqUGCSXFcMiBloMiPkHfPBuQcroCr9cYzzEPNRD
WNol29KvSOWcCZ5wGkK/5SHigBdQbF0xU5L/HpVnYhYF3fy85suB2aYoDnvA3heQ
5wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 375528311812034962658553330617244576144415
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-12 03:24:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-12 03:24:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.aucklandcitylibraries.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23626630872021043013177497143294319158878858790091775793118645265657669718491855484955492226223791565103494397989851263237445031818371367761441097830473570809729795301290924981705195351418378307048669462492691598703216319879130757386720530166755779257857664664064429447461007417184641267344133283428219301217276536777927575661918248266027076432512014700528149777322414086064253286776971007729183459110696567464980865121138221925094121740863450105432689898952121742359533350266249334484895293824562484263440020850387862804198485384525387665792799344798031216118087649187262732013858091820875837033834394324282398707943
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d78b0e3b367ccffd73106cfa352ae3480820e72d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (237 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aucklandcitylibraries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.aucklandcitylibraries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.aucklandcitylibraries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.aucklandcitylibraries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.aucklandcitylibraries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.aucklandcitylibraries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aucklandcitylibraries.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d9b8f73df000004030047304502202466ffe3b9e1cbf968ec10bf1ff2f8a43af272b7da27c9efadb0df305f983061022100bb94a4ea66a6b64f81a63600be905563c3e1b346fbfdaf3263cb0416e46473ef007700a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018d9b8f74b90000040300483046022100a829593df1ef18ecb039afa826349844190d0cb3f68d36cb3f64b1b51e56a7ab0221008b45452a2ffbac3f7e16f96bd710430cf650d590e807749d955f1c450df82813
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0078a6cf426e3b05b2f5c658f88fbd77e8888360dcf84525da76d64c778f39a5540d95c3cff92bf9c33b48f798a01957ea3314670de72f3677edaec70f9a23af98251dae027e12040a66bc306134e396f16a52b61dab3d2b11b3657bc05867a27feb3b4d7c7e080964332f6170566d69b62912c65ac17f92824f3957deb2c056d5f773eb751514ff96755332807c5148f505b960e7c8746b6d72633df708c115c908b24dd402f7ccd2fbf486dfca8d129cabf1820c706bbe9c8c13b615f83960ce0b707ee72ac2b5b0846a11ffae5d827cd82f1a26a352dcacd4e674384747fc03ee5247e31273e284cb1bb4961d24691a89a465b289341df0282aeec651b3ab8b