DV SSL/TLS Certificate for umele-stromy.cz

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the umele-stromy.cz DV SSL/TLS Certificate

This certificate with serial number 06:88:80:d0:89:44:69:d1:79:22:ac:7d:21:b8:42:eb:05:77 for umele-stromy.cz was issued on by Let's Encrypt.

With 3 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for umele-stromy.cz provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:88:80:d0:89:44:69:d1:79:22:ac:7d:21:b8:42:eb:05:77
Serial Number (int): 569123341457126535301463091853071930295671
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 82:af:33:48:4c:9a:9f:d8:27:cf:7b:32:c1:f5:72:05:f1:4f:6b:33
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 22:d2:e7:bd:a8:39:8f:16:a3:18:19:e9:c0:0d:61:ab:8f:b4:81:70
Fingerprint (SHA-256): 9e:e3:4b:d6:ea:03:af:7d:45:4d:f2:39:ac:64:1d:43:8f:24:b6:67:2b:81:8d:af:45:7c:11:7b:48:33:9e:b1

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/120.crl

Check the revocation status for certificate umele-stromy.cz
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for umele-stromy.cz

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for umele-stromy.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISBoiA0IlEadF5Iqx9IbhC6wV3MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNTA3MjEwNjIxWhcNMjUwODA1MjEwNjIwWjAaMRgwFgYDVQQD
Ew91bWVsZS1zdHJvbXkuY3owggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDYfnUxYpilb1hkYvx2UNHN9FJZ0YNIjzUOXAmd2ZddG8bnANYDjXAgrrhcsFd
K0jWXzBTbva7xrsvYPWNn78L5EKTGc0sKEuqi4uW380brOU5dIqdMW0iXw6/oF4K
6fofn5xj0LvS+fUtcS4NO7afb4FsFgUDumOWpeDQEX41h5plri4spNx8upbfEt3W
qTJnoLgZ3OEA6rHuYIieyxsT9JnnMPFRlkPf4sokNLXmCZNY3EjfsaCqPva+Zjht
1UcJWYpEof5rutGjOpzcKNQTo1LipRKISAdVNjt+B5IsIHplQ+QHOojYAR7r6g0T
NO5gY+gfDiNVMjDm39sj/C0ZAgMBAAGjggJIMIICRDAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFIKvM0hMmp/YJ897MsH1cgXxT2szMB8GA1UdIwQYMBaAFLu8w0el5Lyp
xsOkcgwQjaI14cjoMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAoYXaHR0cDov
L3IxMC5pLmxlbmNyLm9yZy8wQgYDVR0RBDswOYIRbS51bWVsZS1zdHJvbXkuY3qC
D3VtZWxlLXN0cm9teS5jeoITd3d3LnVtZWxlLXN0cm9teS5jejATBgNVHSAEDDAK
MAgGBmeBDAECATAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8vcjEwLmMubGVuY3Iu
b3JnLzEyMC5jcmwwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDM+w9qhXEJZf6V
m1PO6bJ8IumFXA2XjbapflTA/kwNsAAAAZasx7ieAAAEAwBHMEUCIQCU1ZPNL4Kk
ArOPRcZmKnr4kBCU3SWelV94uOZ7OQ8PUwIgJA1iU40bbJflUfdCGZIY46kGt4TO
qQejOcJc/jbSYVAAdgAaBP9J0FQdQK/2oMO/8djEZy9O7O4jQGiYaxdALtyJfQAA
AZasx7uFAAAEAwBHMEUCIQCnpyUDZXvaQuVwqFUtAm7QVxESkZ74SD1I8EJ4M31h
eAIgU9Kp+MWVRoYPTKwDRkSTo9SX+r7HeSYOqJl/wJ4Tt0AwDQYJKoZIhvcNAQEL
BQADggEBADltMJRhYxLTJ06liAD6Wz6IIW1l48Mm8L19y200DMFZbV5hyY6tB0Y5
QwEiqj61OznsKic/v0LiArLXushAAm5Vb9gpOQLx5bEM/fs775hZdOuZU0l3zRD0
YU/ZgGZ652DsLweFNJDq5uczXUYc/6kMNMPmy3DUPa8ErOmcoG94XPB7aVe+cci9
T4WCmckIZGFTY47N+zS2/VYLfsxb1k0KUZe+YZsOIF2YafFHL7Sxo6uRhARTWHTZ
89ph2s36/vyyfkbFCAceyC5a6isFA3u7HNAuv9naMWQa7Q1cdX5wzuCoWCs6oMgh
hXBainJ+Dl2O3xlMQ6V6TjKEomHll78=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2H51MWKYpW9YZGL8dlD
RzfRSWdGDSI81DlwJndmXXRvG5wDWA41wIK64XLBXStI1l8wU272u8a7L2D1jZ+/
C+RCkxnNLChLqouLlt/NG6zlOXSKnTFtIl8Ov6BeCun6H5+cY9C70vn1LXEuDTu2
n2+BbBYFA7pjlqXg0BF+NYeaZa4uLKTcfLqW3xLd1qkyZ6C4GdzhAOqx7mCInssb
E/SZ5zDxUZZD3+LKJDS15gmTWNxI37Ggqj72vmY4bdVHCVmKRKH+a7rRozqc3CjU
E6NS4qUSiEgHVTY7fgeSLCB6ZUPkBzqI2AEe6+oNEzTuYGPoHw4jVTIw5t/bI/wt
GQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 569123341457126535301463091853071930295671
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-07 21:06:21 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-08-05 21:06:20 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'umele-stromy.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24664783186772259010908953477991103434304994415150173647547843405541429577912758878164169201608604721357024342333088196125626686048455999925192374328838071073850196723097694485681586188777439320939412515895287117861368272386243163524080675220979590643662289703502771488434080813314833771743344383313284143970754711400254991730476211600760470383385919552732788934369022692751387801576952147569017396692616955664798277682432144558040396621159079893473427158362781864025269984236688578296544166873982236769213812244946020707576029847292120695795191886474951713108974866253633735591108057825949189516307925156547905989913
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							82af33484c9a9fd827cf7b32c1f57205f14f6b33
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.umele-stromy.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'umele-stromy.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.umele-stromy.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/120.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ccfb0f6a85710965fe959b53cee9b27c22e9855c0d978db6a97e54c0fe4c0db000000196acc7b89e000004030047304502210094d593cd2f82a402b38f45c6662a7af8901094dd259e955f78b8e67b390f0f530220240d62538d1b6c97e551f742199218e3a906b784cea907a339c25cfe36d261500076001a04ff49d0541d40aff6a0c3bff1d8c4672f4eecee234068986b17402edc897d00000196acc7bb850000040300473045022100a7a72503657bda42e570a8552d026ed0571112919ef8483d48f04278337d6178022053d2a9f8c59546860f4cac03464493a3d497fabec779260ea8997fc09e13b740
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00396d3094616312d3274ea58800fa5b3e88216d65e3c326f0bd7dcb6d340cc1596d5e61c98ead074639430122aa3eb53b39ec2a273fbf42e202b2d7bac840026e556fd8293902f1e5b10cfdfb3bef985974eb99534977cd10f4614fd980667ae760ec2f07853490eae6e7335d461cffa90c34c3e6cb70d43daf04ace99ca06f785cf07b6957be71c8bd4f858299c908646153638ecdfb34b6fd560b7ecc5bd64d0a5197be619b0e205d9869f1472fb4b1a3ab918404535874d9f3da61dacdfafefcb27e46c508071ec82e5aea2b05037bbb1cd02ebfd9da31641aed0d5c757e70cee0a8582b3aa0c82185705a8a727e0e5d8edf194c43a57a4e3284a261e597bf