sporty.org.nz

Issued by R3

About this certificate

This digital certificate with serial number 03:c3:f4:b1:d5:76:f9:30:f5:28:b1:89:97:07:69:af:1c:18 was issued on by Let's Encrypt.

With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=sporty.org.nz

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:c3:f4:b1:d5:76:f9:30:f5:28:b1:89:97:07:69:af:1c:18
Serial Number (int): 328017174341958510160812825326753105779736
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 2f:79:65:c2:90:77:a3:e5:82:df:2a:15:d9:1e:69:d9:1f:86:3f:34
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): e6:af:7f:93:ca:8a:3d:da:ac:58:56:68:9a:8b:2e:a7:37:7e:50:f1
Fingerprint (sha256): e0:de:10:b9:c3:4d:d9:05:b9:40:eb:80:d4:12:52:9f:42:8a:d9:64:13:93:69:87:87:f3:e2:56:f4:1a:1d:e3

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate sporty.org.nz

11

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sporty.org.nz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mgcarclubcanterbury.nz
ojcc.org.nz
papatoetoenorth.school.nz
playsoftball.org.nz
southbridgerugby.com
southlandschoolsport.org.nz
sportspark.co.nz
sportspay.co.nz
sporty.org.nz
waikatogolf.co.nz
waikatogolf.nz

Other certificates including the domain name sporty.org.nz

(limited to 100 certificates)

Certificate

The complete raw certificate details for sporty.org.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISA8P0sdV2+TD1KLGJlwdprxwYMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAzMTcxOTQ4NDZaFw0yNDA2MTUxOTQ4NDVaMBgxFjAUBgNVBAMT
DXNwb3J0eS5vcmcubnowggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp
TvQFml2YxrhsnGByQ2jR96GVBcXAG4JSheA/N5MJm+hc9ZXNZQqOleg3j/U5OSnd
xOPG6N7CsMOTkDVXkNXGm51E5jTWZ2btsz4jelA64mK5aOom7bjIykKyd2gPMz+s
yM7Wo44xJ+HtQ9UCqL6XjPN7DknukUfR91TcOp5WuULEwNHnrlnq4akA1aCfD+ri
hRgQi3Jjz0hRCoUfGYGj9O83p4r2a6liAbUpMYh4WaDBlMH1XW5tW6x0CwtQLOAN
I0v73W40lsZMIgpTGpOq7Hq77sd2EglGjluLX7b6s2bt4sASOjGHTSkP5e/UGfWh
tnF2GBt5o7vppyABzLo1AgMBAAGjggLgMIIC3DAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
BBYEFC95ZcKQd6Plgt8qFdkeadkfhj80MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
MIHoBgNVHREEgeAwgd2CFm1nY2FyY2x1YmNhbnRlcmJ1cnkubnqCC29qY2Mub3Jn
Lm56ghlwYXBhdG9ldG9lbm9ydGguc2Nob29sLm56ghNwbGF5c29mdGJhbGwub3Jn
Lm56ghRzb3V0aGJyaWRnZXJ1Z2J5LmNvbYIbc291dGhsYW5kc2Nob29sc3BvcnQu
b3JnLm56ghBzcG9ydHNwYXJrLmNvLm56gg9zcG9ydHNwYXkuY28ubnqCDXNwb3J0
eS5vcmcubnqCEXdhaWthdG9nb2xmLmNvLm56gg53YWlrYXRvZ29sZi5uejATBgNV
HSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ADtTd3U+
LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjk4sjQ4AAAQDAEcwRQIgcGhm
6RnEpBhKClevCCuup7Wz+XFy6yQeByplwObHTZACIQDFi5s+hYa6wEjsx32uf6eb
eVQtKDRS4+8JYmh0r5izaAB2AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdM
Wjp0AAABjk4sjVEAAAQDAEcwRQIgPgHVfXfRgzq+i7LMZYl5tRvtrgLj59Ep674a
S2EMUHYCIQDKdqugMXU4n6PehANaxpmdEqCXmd1uU0VXhPqXVr/1rTANBgkqhkiG
9w0BAQsFAAOCAQEAoEpmbP2aK5PFSHB4s0eTwX6wFHLrYZKND3IbTp9mUHbS7XGa
DxpavW63SETV16izCecJXQYADQUbW2Wa19Fp2BfDKPrdpwl+BzcyATYVmkSNpg8/
KlLA8of9RmeyAdjO+EEDzXywufLmTJjhunoLzAWxPmj3uoOcRzNFJDUWOJlJNiK9
6P1nhikoSMHnH5Ps0/eUgc/mmPCbWTTPOzKxE2GoaMCRKZQikrP4+HsO/mdWbdx7
FrKAuICReuK5zJaiiZg7hvmPuzwzWs6vX0+IhIZ16JeqaXLPlmctlW8tlt9XnKyN
cguHkCw5CWafmAZRd5I/swaL9Qt8MLZkHysNdw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U70BZpdmMa4bJxgckNo
0fehlQXFwBuCUoXgPzeTCZvoXPWVzWUKjpXoN4/1OTkp3cTjxujewrDDk5A1V5DV
xpudROY01mdm7bM+I3pQOuJiuWjqJu24yMpCsndoDzM/rMjO1qOOMSfh7UPVAqi+
l4zzew5J7pFH0fdU3DqeVrlCxMDR565Z6uGpANWgnw/q4oUYEItyY89IUQqFHxmB
o/TvN6eK9mupYgG1KTGIeFmgwZTB9V1ubVusdAsLUCzgDSNL+91uNJbGTCIKUxqT
qux6u+7HdhIJRo5bi1+2+rNm7eLAEjoxh00pD+Xv1Bn1obZxdhgbeaO76acgAcy6
NQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 328017174341958510160812825326753105779736
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-17 19:48:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-15 19:48:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sporty.org.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29452458336249856835552076912588690742468992386809681582351762824902871313167208180466920837462062834022119211633849780635262374446178775777881698982075101389198336457839792745917929917375967583782392753548692605901725444703134043757453601351667263697243062779173000076996913356746451925856582836788065738510989788432637672443118466095924757072087148077943011344073584647945224480539301889057921007967276885792175149848538585859477472005888855709503992706916680322236314754148017071095324871849471334994291033226734506583440550375222916583672508805166817211591240910490112392715223703924454053886899748663857909643829
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2f7965c29077a3e582df2a15d91e69d91f863f34
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (224 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mgcarclubcanterbury.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ojcc.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'papatoetoenorth.school.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'playsoftball.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'southbridgerugby.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'southlandschoolsport.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sportspark.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sportspay.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sporty.org.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waikatogolf.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waikatogolf.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e4e2c8d0e00000403004730450220706866e919c4a4184a0a57af082baea7b5b3f97172eb241e072a65c0e6c74d90022100c58b9b3e8586bac048ecc77dae7fa79b79542d283452e3ef09626874af98b36800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e4e2c8d51000004030047304502203e01d57d77d1833abe8bb2cc658979b51bedae02e3e7d129ebbe1a4b610c5076022100ca76aba03175389fa3de84035ac6999d12a09799dd6e53455784fa9756bff5ad
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a04a666cfd9a2b93c5487078b34793c17eb01472eb61928d0f721b4e9f665076d2ed719a0f1a5abd6eb74844d5d7a8b309e7095d06000d051b5b659ad7d169d817c328fadda7097e0737320136159a448da60f3f2a52c0f287fd4667b201d8cef84103cd7cb0b9f2e64c98e1ba7a0bcc05b13e68f7ba839c4733452435163899493622bde8fd6786292848c1e71f93ecd3f79481cfe698f09b5934cf3b32b11361a868c09129942292b3f8f87b0efe67566ddc7b16b280b880917ae2b9cc96a289983b86f98fbb3c335aceaf5f4f88848675e897aa6972cf96672d956f2d96df579cac8d720b87902c3909669f98065177923fb3068bf50b7c30b6641f2b0d77