milestonephotography.co.nz

Issued by R3

About this certificate

This digital certificate with serial number 03:b2:8c:57:dd:54:81:2f:d2:af:a1:41:71:02:a3:3a:63:d1 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=milestonephotography.co.nz

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:b2:8c:57:dd:54:81:2f:d2:af:a1:41:71:02:a3:3a:63:d1
Serial Number (int): 322093667245552036627497198532003953796049
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 48:64:ea:d0:e4:01:d5:b4:c2:6a:13:67:a1:13:bc:37:26:eb:85:bf
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 85:38:67:33:97:ac:c0:cf:38:7d:67:5a:36:96:42:73:61:c4:d6:90
Fingerprint (sha256): f7:72:c4:6b:fb:f5:e3:d0:e1:f9:6a:17:4f:b3:e8:cd:a6:71:e6:9c:80:06:d6:6e:2b:5e:a2:1c:6d:3e:a1:32

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate milestonephotography.co.nz

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for milestonephotography.co.nz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

milestonephotography.co.nz

Other certificates including the domain name milestonephotography.co.nz

(limited to 100 certificates)

Certificate

The complete raw certificate details for milestonephotography.co.nz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISA7KMV91UgS/Sr6FBcQKjOmPRMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMTMxNDM3MTRaFw0yNDA1MTMxNDM3MTNaMCUxIzAhBgNVBAMT
Gm1pbGVzdG9uZXBob3RvZ3JhcGh5LmNvLm56MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlMoebCh0G0uGwrAuQ7LECJ3CoDrscuukBu88NLYClA+dWa5N
uUJJaHGeftTchcM6QT0LDwPhroqV4bO59xi0YcoHZHss+Z/yNLK5zFkugbMxANAF
zd75gR/Fv6vK6dHebjwlbpMmbDVDtyVBY/vaB3F64MPhAcxASAVQk9tfh8FLsz3g
HM/oi2HeNx3yoGkc0C6p6yMP4nprOp+j+O76SThkrGAGDfpJCBzdZt5ORLRfXyXT
KHRZ7Ku4B64utLTERlWNCjE8yqANWXzeVbEHxD+cwxWI7mkwiJ3MTeerIWYya4g6
4xJCBO8Myl+bN0a4JxV19/bXOLT7y6rCuuSVoQIDAQABo4ICHTCCAhkwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBRIZOrQ5AHVtMJqE2ehE7w3JuuFvzAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzAlBgNVHREEHjAcghptaWxlc3RvbmVwaG90b2dyYXBoeS5j
by5uejATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA
8QB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjaMdeccAAAQD
AEgwRgIhAPRv/Fdc3pWpmOEY6vhAoQBhb3+JjgkdgCyH5WKO0IKWAiEAmoaR7rmk
afYZ18nQJ4wdA0VTC2+wr7yM+zofNPo6KvYAdgCi4r/WHt4vLweg1k5tN6fcZUOw
xrUuotq3iviabfUX2AAAAY2jHXqEAAAEAwBHMEUCIQDL9OYPMfQo61//rdYGYgAW
UehLgPW/aJH8v6VcxSzA1wIgZQG2Ch0I+Bg2zoDg8tqGh7cmdvCRvNGEcoz+v7o6
muIwDQYJKoZIhvcNAQELBQADggEBAFD+/7TfsQ9AKcqY1fHUAm8gqOkVyZsph0QO
eFX3Hg9tgiiFVR3fiC3e0CMUUAJxmEvwX+NDiGvefzeMaHZscC99lvgMf9KONRVl
rP/OauenV7XheMehqqb+gEk8VbNvRYk4Ixw7OQX97lg5x3RDf2Qf2HYEbstoZNKY
zJEC9S4zwI3YSg88gDWKGYQQU7aNEI5vEMENERWviCuWkq/aKjyvF7IJSv+SMVs0
+ac1LSX2+YsuOYxVi1TEr9OqaspfWWnvxa7LRNPlrkE/QGZqz6PSuUljhbyKEvTh
kcLgSF7ysKm02J4O4vX7TbRaWVLqAYedZmK84ziTKu3R3Z1harA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMoebCh0G0uGwrAuQ7LE
CJ3CoDrscuukBu88NLYClA+dWa5NuUJJaHGeftTchcM6QT0LDwPhroqV4bO59xi0
YcoHZHss+Z/yNLK5zFkugbMxANAFzd75gR/Fv6vK6dHebjwlbpMmbDVDtyVBY/va
B3F64MPhAcxASAVQk9tfh8FLsz3gHM/oi2HeNx3yoGkc0C6p6yMP4nprOp+j+O76
SThkrGAGDfpJCBzdZt5ORLRfXyXTKHRZ7Ku4B64utLTERlWNCjE8yqANWXzeVbEH
xD+cwxWI7mkwiJ3MTeerIWYya4g64xJCBO8Myl+bN0a4JxV19/bXOLT7y6rCuuSV
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 322093667245552036627497198532003953796049
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-13 14:37:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-13 14:37:13 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'milestonephotography.co.nz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18782937648622032707264212339426054987597220757647447108841976469610917512706001045675209358381482189143327056793935575827749789395949911392067430182319583235475608729077706974318741292234092610840610266461652942000899889342843654627361306915622397275670755460036942830572014181935767201898248401270860667251454138812637615539780632997137722189126561177339196384816557610494416298029149710363251463285721380586905953080809236554897181160215795960957253617314948573211437856834296603244981169030845971999290054168695737333097095490276470242393522251526839867050825153941684316922508167378509166098790890216586257667489
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4864ead0e401d5b4c26a1367a113bc3726eb85bf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'milestonephotography.co.nz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018da31d79c70000040300483046022100f46ffc575cde95a998e118eaf840a100616f7f898e091d802c87e5628ed082960221009a8691eeb9a469f619d7c9d0278c1d0345530b6fb0afbc8cfb3a1f34fa3a2af6007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018da31d7a840000040300473045022100cbf4e60f31f428eb5fffadd60662001651e84b80f5bf6891fcbfa55cc52cc0d702206501b60a1d08f81836ce80e0f2da8687b72676f091bcd184728cfebfba3a9ae2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0050feffb4dfb10f4029ca98d5f1d4026f20a8e915c99b2987440e7855f71e0f6d822885551ddf882dded02314500271984bf05fe343886bde7f378c68766c702f7d96f80c7fd28e351565acffce6ae7a757b5e178c7a1aaa6fe80493c55b36f458938231c3b3905fdee5839c774437f641fd876046ecb6864d298cc9102f52e33c08dd84a0f3c80358a19841053b68d108e6f10c10d1115af882b9692afda2a3caf17b2094aff92315b34f9a7352d25f6f98b2e398c558b54c4afd3aa6aca5f5969efc5aecb44d3e5ae413f40666acfa3d2b9496385bc8a12f4e191c2e0485ef2b0a9b4d89e0ee2f5fb4db45a5952ea01879d6662bce338932aedd1dd9d616ab0