DV SSL/TLS Certificate for hostareal.cz

Certificate is witin its validity period

Issued by Let's Encrypt (R11)

About the hostareal.cz DV SSL/TLS Certificate

This certificate with serial number 05:9a:24:6b:10:7d:06:c6:5c:ce:c2:35:f4:79:04:83:05:4f for hostareal.cz was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for hostareal.cz provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:9a:24:6b:10:7d:06:c6:5c:ce:c2:35:f4:79:04:83:05:4f
Serial Number (int): 488013322282662047492812697687180143953231
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 36:02:19:e0:0c:9c:fa:87:18:5c:c2:5a:5c:5e:62:48:fc:6d:12:8a
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): ef:30:cd:8c:4d:a9:a4:56:e3:be:f6:a4:90:5e:c1:89:9d:f9:36:21
Fingerprint (SHA-256): 22:e1:16:59:13:59:03:cd:2e:5f:0a:69:c2:70:e7:a6:70:6e:0f:b6:45:a5:32:bc:57:2f:f8:59:3d:f5:24:ba

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r11.c.lencr.org/80.crl

Check the revocation status for certificate hostareal.cz
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for hostareal.cz

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for hostareal.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISBZokaxB9BsZczsI19HkEgwVPMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjUwNjA4MDAzNzA5WhcNMjUwOTA2MDAzNzA4WjAXMRUwEwYDVQQD
Ewxob3N0YXJlYWwuY3owggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD4
omFI7zN7tl/1sTLQoE7z6V4IMKgVuDzsrbbjf2lIMt15jmsUa9R5xU9Q1Tv/3fHd
6Q7pp0pC4+GKgPn9TFQS8aIXeaVVvMWw5jPvTFlb02/sUbZd6R5ZFbojtXnMsraq
ZCEppmJL1KVdZmJsbR7XqKrewHKuCNnnJkGmic8Bpl3CIS8umRyGvhpxml8l2nI7
Hm8UNaCU4wiUgAa/98C+ZIucnDIfBP4iqqlvdMfkWn3Vms4GF3nd7ICU0FbPSP//
6H1KEnIxv31+zFF29A+sntmqbJbJnDvZQXByJZy2WQg0zeqx3C1Hd4dRw5yA5lzM
S/Pky41dtBHR+nxBxB/7C2q8fwBMK/vxYbuZ5XCVHW/FONVX9/SUsKoTjvC0GwVL
sW63jJC6c5IxAvcFFWtvNgSGAnIjzfoMY55WZIj6jocHXwPwdoawb3CAE2mhAfao
jKJknsFQz1Iy2rrE4zzqBG0Qef1YKCxrcSdoZtFXRa1eH8cRy/m9TDG5uG55HeuU
e36QrXZm6PjvmypaVEWB15A9wM8V+r1ZpPxCRe6w6n1yZbuOVW2Dbt3irjFq/PNe
HOO/+vtvCcUV5D8Qs3UleGQgbaPYLIl/v3zyYb3vcwzrN8F3MNc37868njzYoUFo
X7gv9986tNJa5fRPngAa934cSEBwdsLKI1Lz6nyE3QIDAQABo4ICLTCCAikwDgYD
VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBQ2AhngDJz6hxhcwlpcXmJI/G0SijAfBgNVHSME
GDAWgBTFz0ak6vTDwHpslcQtsF6SLybjuTAzBggrBgEFBQcBAQQnMCUwIwYIKwYB
BQUHMAKGF2h0dHA6Ly9yMTEuaS5sZW5jci5vcmcvMCkGA1UdEQQiMCCCDGhvc3Rh
cmVhbC5jeoIQd3d3Lmhvc3RhcmVhbC5jejATBgNVHSAEDDAKMAgGBmeBDAECATAu
BgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjExLmMubGVuY3Iub3JnLzgwLmNybDCC
AQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AKRCxQZJYGFUjw/U6pz7ei0mRU2HqX8v
30VZ9idPOoRUAAABl00t14QAAAQDAEYwRAIgFKM1sypPjgHDdctA/30FngnNnWwF
9Ivx0P8q0X71ZXMCIGhq8Zl3vD3PbirkE8hO2Hfv/d3QAx65nh8gLOr3KYFGAHYA
DeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGXTS3fVAAABAMARzBF
AiEAlfYy2HRlI9Yed7e4Caa489Igzdg7B26vBTE0vysKGz4CIFvoDCNA8QGAR1ow
VoCaTG8kkIGJfrjolano0xIgq1AmMA0GCSqGSIb3DQEBCwUAA4IBAQBM7CkBuInT
pZP3soic8YgwR+7xgK0Yp5NnDOV4EZ61Xww6Fmrc3wWdA57DvY2Dctirdpzl6N4P
52LTvaCRfT8w9PGrlyvd8DSLSzzlgDfySBD1WQmiCwqa924M1ihrd69X/YxviUBF
KxBuSIl65cTPUBWuycN/Ki9IrHaw+N1qsTai8i0u26bJ1Go8/etx/DtvSbRw4Gul
ef6YXUcSWz92OJWUmdZ+UTRXAOSTj9BUaDPUauZQ2NgP7HigTJn3p3C/Fz4Lo4wv
HaFw4VxMuS1cIScQFhd06E9oR+jrk7mr+SRK4GiYzpKfVnfH+5ejmTvIDBquUd5D
qP/l+HHFGWnY
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA+KJhSO8ze7Zf9bEy0KBO
8+leCDCoFbg87K22439pSDLdeY5rFGvUecVPUNU7/93x3ekO6adKQuPhioD5/UxU
EvGiF3mlVbzFsOYz70xZW9Nv7FG2XekeWRW6I7V5zLK2qmQhKaZiS9SlXWZibG0e
16iq3sByrgjZ5yZBponPAaZdwiEvLpkchr4acZpfJdpyOx5vFDWglOMIlIAGv/fA
vmSLnJwyHwT+Iqqpb3TH5Fp91ZrOBhd53eyAlNBWz0j//+h9ShJyMb99fsxRdvQP
rJ7ZqmyWyZw72UFwciWctlkINM3qsdwtR3eHUcOcgOZczEvz5MuNXbQR0fp8QcQf
+wtqvH8ATCv78WG7meVwlR1vxTjVV/f0lLCqE47wtBsFS7Fut4yQunOSMQL3BRVr
bzYEhgJyI836DGOeVmSI+o6HB18D8HaGsG9wgBNpoQH2qIyiZJ7BUM9SMtq6xOM8
6gRtEHn9WCgsa3EnaGbRV0WtXh/HEcv5vUwxubhueR3rlHt+kK12Zuj475sqWlRF
gdeQPcDPFfq9WaT8QkXusOp9cmW7jlVtg27d4q4xavzzXhzjv/r7bwnFFeQ/ELN1
JXhkIG2j2CyJf7988mG973MM6zfBdzDXN+/OvJ482KFBaF+4L/ffOrTSWuX0T54A
Gvd+HEhAcHbCyiNS8+p8hN0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 488013322282662047492812697687180143953231
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-08 00:37:09 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-06 00:37:08 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hostareal.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1014339434657471015266668282732586052301719655319918078075629538692704239149081678147963160490168493409367474866308907463772545201710786372010380511027794338448543554610948156469713207276674576564196926130789290075519894208792034525147818143006015582346728763785222911412550857413174062176089070458439497856907173697600193189566524442710777085963980998220066164770575215521621924480701636310980269604289944734043457872445220480599840392096675857486683115524443987196017763504293730760733623494065671033610013231182253505743257564998359752276480345152577366193069642921669443210006200663588940845176138834079959028064992324843200476179019562723813504708650983023945214884321959936033640132008050445274899467809443087820710688798239514410799776161111896437252430444910483896437175176549920057838107004333632084320543416241963734228726780444911433352533783620447814635284306216163018425604917890795748410957869475235210293609886111143823810986100839938251942401873550797507650079932888448151514728990288365718767587468075254396441988341723307003773004152495656811713235269527611753195074900708464229771321860822461919626607975039801971943261162216653532449704849623633938616400947394882612834776384442247789115838474061617205699724215517
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							360219e00c9cfa87185cc25a5c5e6248fc6d128a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hostareal.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hostareal.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.c.lencr.org/80.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500a442c506496061548f0fd4ea9cfb7a2d26454d87a97f2fdf4559f6274f3a8454000001974d2dd7840000040300463044022014a335b32a4f8e01c375cb40ff7d059e09cd9d6c05f48bf1d0ff2ad17ef565730220686af19977bc3dcf6e2ae413c84ed877effdddd0031eb99e1f202ceaf72981460076000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa34000001974d2ddf54000004030047304502210095f632d8746523d61e77b7b809a6b8f3d220cdd83b076eaf053134bf2b0a1b3e02205be80c2340f10180475a3056809a4c6f249081897eb8e895a9e8d31220ab5026
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004cec2901b889d3a593f7b2889cf1883047eef180ad18a793670ce578119eb55f0c3a166adcdf059d039ec3bd8d8372d8ab769ce5e8de0fe762d3bda0917d3f30f4f1ab972bddf0348b4b3ce58037f24810f55909a20b0a9af76e0cd6286b77af57fd8c6f8940452b106e48897ae5c4cf5015aec9c37f2a2f48ac76b0f8dd6ab136a2f22d2edba6c9d46a3cfdeb71fc3b6f49b470e06ba579fe985d47125b3f7638959499d67e51345700e4938fd0546833d46ae650d8d80fec78a04c99f7a770bf173e0ba38c2f1da170e15c4cb92d5c212710161774e84f6847e8eb93b9abf9244ae06898ce929f5677c7fb97a3993bc80c1aae51de43a8ffe5f871c51969d8