DV SSL/TLS Certificate for www.kitchendraw.cz

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the www.kitchendraw.cz DV SSL/TLS Certificate

This certificate with serial number 05:d9:5c:e4:4d:62:a5:d7:18:cd:3d:1f:bf:d4:cd:d0:c3:f8 for www.kitchendraw.cz was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.kitchendraw.cz provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:d9:5c:e4:4d:62:a5:d7:18:cd:3d:1f:bf:d4:cd:d0:c3:f8
Serial Number (int): 509526177669502062476049291911646915118072
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: f7:9e:0a:81:2e:c9:32:5b:3a:39:83:ca:aa:56:ef:5e:9b:a6:f8:f8
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 4d:c0:38:70:7b:29:74:e9:83:76:9a:9c:3d:a7:e9:bc:a0:a4:59:ca
Fingerprint (SHA-256): f4:30:09:a6:96:49:0b:0f:9d:a7:72:76:c8:15:db:0e:f5:de:73:3c:a1:f6:29:57:e6:90:b0:39:5e:1f:de:3c

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/121.crl

Check the revocation status for certificate www.kitchendraw.cz
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.kitchendraw.cz

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for www.kitchendraw.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISBdlc5E1ipdcYzT0fv9TN0MP4MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTEzMDAzMjQ4WhcNMjUwODExMDAzMjQ3WjAdMRswGQYDVQQD
ExJ3d3cua2l0Y2hlbmRyYXcuY3owggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQCSuWRqgxWpW3npcud1MshpEcG6Hz09dVHWVUDj239GEbMCBKZ7CxDpjcyA
H68gay0FCERZaeFWgSKYIVHw3r4zYgClbsSeTsedsRws2A+7a37yKoTcEz5Zwc/S
v5r+nk+eS3pg3zB/h8+9OrcLMEAHr24hySDmRUShvCvtLfyaaMu8w5DWrcjeHYkB
lvv6PLjnvS2sXkOR/9jkU6hBKkHiBuOn9/a5AdDFokq41tAuk7XkUCClfNMtfSXz
mRkGA3HxyNHYBr3gCE//O+v9dhXbJ+FQ+uiHcTfJ+ibf7iLjOJ4PpVb3TZdQ2DTL
x7Vz23za6yCgNjwCwHjlgbz4jAKJmmP3kuQqH83d2KKfHWWw6vhDK5PhKBjuotk3
AsbPZxMSI+foY1JVmattOLDpWjs5GMUux+eIGIYvCKMIQxWEU7zXN/8VRbskgtlN
XgLLT7NmmL/I/UHrRm3hBLaAASIvgYsqIin4xtbGainD3kNfKTHSeTj5ztoTZ3BO
DkcjIxw9KcjjXg8T952G6TxhR1/jblNPmaZuuM56+U2vi91etKPOOkr6rNofCjAk
7E4HpFbJ8gKw+jbrhHObyGA0jtNibbmtvgpppm97jJWhb/Giyt74FfJdG+fi+Sf0
wH7Xg32MANJsNMvlvdpjpkwTPgo9jk9lBgkqUqB4UBbz4YNidQIDAQABo4ICMzCC
Ai8wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT3ngqBLskyWzo5g8qqVu9em6b4+DAf
BgNVHSMEGDAWgBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUw
IwYIKwYBBQUHMAKGF2h0dHA6Ly9yMTAuaS5sZW5jci5vcmcvMC0GA1UdEQQmMCSC
DmtpdGNoZW5kcmF3LmN6ghJ3d3cua2l0Y2hlbmRyYXcuY3owEwYDVR0gBAwwCjAI
BgZngQwBAgEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL3IxMC5jLmxlbmNyLm9y
Zy8xMjEuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAzPsPaoVxCWX+lZtT
zumyfCLphVwNl422qX5UwP5MDbAAAAGWx0SDIQAABAMARzBFAiEA+7MEUAqDNXh+
inDBa+mBgzu1vz6n6OxfnZJmuzHt4YcCIHbBnI2AELB0vnukSqHXhT1mNSSu6nGq
b+fxKOPN1J9xAHYAGgT/SdBUHUCv9qDDv/HYxGcvTuzuI0BomGsXQC7ciX0AAAGW
x0SGDwAABAMARzBFAiBcYxo1+km7v+YX5UOatwGCClAVHVRXu3btZEHct9pzRQIh
AKoUMhNPP/NxuEIaxC9ZQqlFpXhStDNUGpF46L/C+bEfMA0GCSqGSIb3DQEBCwUA
A4IBAQCY4spNqMACA58eH+3i3whME4/tjSN9Qh8Q4QevHmzu7bTlzW+6Cc/I4R2e
7b1MxnGbvsoic2WoxUxAtvzeASb/CN+Puw1IA0QxlQWz4Wb7bvNRGakMKywrMueA
CwWbKvYBdu1NIWPF7quXJ4eLFTaBHLdn31YU6l0XBs4UwfPo22RouR43aXkH8zwY
IHln/lOSw5vaXV4wUAwBQGtrBG4OXoDjktfU80pK21iPXVZUcS1yBlkfj9s6mJ9o
PmYGm2HVTUq9GZxEF9XAEzl2ZzJj9luSChXH+O+ydH19ptbKLNwLWWrARmy86Whv
DzcmUcqpWkIU48nB1J2FoMpWYHnq
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkrlkaoMVqVt56XLndTLI
aRHBuh89PXVR1lVA49t/RhGzAgSmewsQ6Y3MgB+vIGstBQhEWWnhVoEimCFR8N6+
M2IApW7Enk7HnbEcLNgPu2t+8iqE3BM+WcHP0r+a/p5Pnkt6YN8wf4fPvTq3CzBA
B69uIckg5kVEobwr7S38mmjLvMOQ1q3I3h2JAZb7+jy4570trF5Dkf/Y5FOoQSpB
4gbjp/f2uQHQxaJKuNbQLpO15FAgpXzTLX0l85kZBgNx8cjR2Aa94AhP/zvr/XYV
2yfhUProh3E3yfom3+4i4zieD6VW902XUNg0y8e1c9t82usgoDY8AsB45YG8+IwC
iZpj95LkKh/N3diinx1lsOr4QyuT4SgY7qLZNwLGz2cTEiPn6GNSVZmrbTiw6Vo7
ORjFLsfniBiGLwijCEMVhFO81zf/FUW7JILZTV4Cy0+zZpi/yP1B60Zt4QS2gAEi
L4GLKiIp+MbWxmopw95DXykx0nk4+c7aE2dwTg5HIyMcPSnI414PE/edhuk8YUdf
425TT5mmbrjOevlNr4vdXrSjzjpK+qzaHwowJOxOB6RWyfICsPo264Rzm8hgNI7T
Ym25rb4KaaZve4yVoW/xosre+BXyXRvn4vkn9MB+14N9jADSbDTL5b3aY6ZMEz4K
PY5PZQYJKlKgeFAW8+GDYnUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 509526177669502062476049291911646915118072
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-13 00:32:48 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-11 00:32:47 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.kitchendraw.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 598582465157377909600439808547298008176551302783151066760293735369885681921440856470103546308764516550929195408335779304513391370490887859390082157963094971361205928368761105957891627771993071091242598325797597480975897117788168842617262400323257216550915815745884699090597109993157558598339122783870205465109340994329662953820937281624498837821545234878964615535797919711119733801277306582279857814498000323056564008708368495574960953992725852182503431503623317403293552571135884541903819871463515968507041975736456460441851799359605632222320987321009885542854522890669849419356383226524492770457186027743439612384010835570291410201730231925172761902744534303442242156485586262377033113244676005706013961400403366437752687466872416355598190938894770308253715254587760656238362753399043660210236694157321047313833554817716305101197874650715599684510197515281049501003217388630145605226192120572973797625516725598843630815938345324330706274121811033377522613304376506931905365070069395848052251596578901642445169817875447773953402701742216222619299187751106242591291050858703095046678849224377797255372107587360118954428297514221363143469445125540202906224967117341325552155649020941333519818939755474253073004333686077042078897103477
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f79e0a812ec9325b3a3983caaa56ef5e9ba6f8f8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kitchendraw.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kitchendraw.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/121.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000196c74483210000040300473045022100fbb304500a8335787e8a70c16be981833bb5bf3ea7e8ec5f9d9266bb31ede187022076c19c8d8010b074be7ba44aa1d7853d663524aeea71aa6fe7f128e3cdd49f710076001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d00000196c744860f000004030047304502205c631a35fa49bbbfe617e5439ab701820a50151d5457bb76ed6441dcb7da7345022100aa1432134f3ff371b8421ac42f5942a945a57852b433541a9178e8bfc2f9b11f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0098e2ca4da8c002039f1e1fede2df084c138fed8d237d421f10e107af1e6ceeedb4e5cd6fba09cfc8e11d9eedbd4cc6719bbeca227365a8c54c40b6fcde0126ff08df8fbb0d480344319505b3e166fb6ef35119a90c2b2c2b32e7800b059b2af60176ed4d2163c5eeab9727878b1536811cb767df5614ea5d1706ce14c1f3e8db6468b91e37697907f33c18207967fe5392c39bda5d5e30500c01406b6b046e0e5e80e392d7d4f34a4adb588f5d5654712d7206591f8fdb3a989f683e66069b61d54d4abd199c4417d5c0133976673263f65b920a15c7f8efb2747d7da6d6ca2cdc0b596ac0466cbce9686f0f372651caa95a4214e3c9c1d49d85a0ca566079ea