DV SSL/TLS Certificate for *.11hodinhruzy.cz

Certificate has expired

Issued by Let's Encrypt (R11)

About the *.11hodinhruzy.cz DV SSL/TLS Certificate

This certificate with serial number 04:2b:55:1f:8a:ad:90:30:86:d9:2e:0e:98:55:a1:7e:bd:83 for *.11hodinhruzy.cz was issued on by Let's Encrypt.

With 2 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate has already expired and will cause a warning or error message. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for *.11hodinhruzy.cz provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate expired on

Certificate Details

Serial Number (hex): 04:2b:55:1f:8a:ad:90:30:86:d9:2e:0e:98:55:a1:7e:bd:83
Serial Number (int): 363194433658209294869829249201703651032451
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: ee:d0:45:5d:77:89:75:ab:bd:eb:80:9e:9b:87:80:f9:c4:bd:55:2f
Authority Key Identifier: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9

Fingerprint (SHA-1): 62:26:a5:47:69:98:b8:4b:8f:5a:05:cd:a2:4d:40:ce:63:9c:11:fa
Fingerprint (SHA-256): bf:30:7b:6f:f1:fb:b9:e2:c3:bc:03:8c:a2:3d:da:57:be:d6:74:6f:14:ee:a3:01:14:11:d4:6b:31:48:8d:af

Issuing Certificate URL: http://r11.i.lencr.org/

Revocation Information

OCSP Server: http://r11.o.lencr.org

Check the revocation status for certificate *.11hodinhruzy.cz
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for *.11hodinhruzy.cz

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for *.11hodinhruzy.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISBCtVH4qtkDCG2S4OmFWhfr2DMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTEwHhcNMjQxMTI3MTIxMzQ1WhcNMjUwMjI1MTIxMzQ0WjAcMRowGAYDVQQD
DBEqLjExaG9kaW5ocnV6eS5jejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxV/w/F0Wh7OonXrDBZvlWJDsNpJ1d2MyLB0usxbBS+D9dpQAPpZPu+uyL5
h66NVeglM1KGyjVjNAEPewDYWKXh0LfgzsKhz5xWdHXEfdzpeHj0/dChK22Und+r
EY/Y3CxBcyLrZngCJ/5vr1ZE2U7shXi7CZAAfHwM+BH7kktpgBh2U3MIdIOR70FH
gQx6oBXFhY0bS3wrCoNQkKfVeklN0adoi/RwTSNsqIClyIIzTSJ09B1rRs41zhrL
vvKisJn/SNE/bGkG8Gw72XGkzX8ohEG52EmuvM19o/zEWWQF+s7MrsoQFIs58cDw
NMggDWfwb/KJqGQBaY2j4X2MBDcCAwEAAaOCAiUwggIhMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQU7tBFXXeJdau964Cem4eA+cS9VS8wHwYDVR0jBBgwFoAUxc9GpOr0
w8B6bJXELbBeki8m47kwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZodHRw
Oi8vcjExLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmkubGVu
Y3Iub3JnLzAtBgNVHREEJjAkghEqLjExaG9kaW5ocnV6eS5jeoIPMTFob2Rpbmhy
dXp5LmN6MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB
8QDvAHYAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGTbcBAIQAA
BAMARzBFAiAzA7cRCMHTdwPrmaic8VlthqecAzevJJFqLAd9d2Uz9QIhAKAXx38U
KtYpqwHrAaMT5gQoW6Nh6Kjklv2y1AAMgPjwAHUAzxFW7tUufK/zh1vZaS6b6Rpx
Z0qwF+ysAdJbd87MOwgAAAGTbcBAWgAABAMARjBEAiBd3Tr40GPNwDnJmnqe+UAL
GnN+aAKaTAjzwUXcRX5gNQIgP1H5MWQMJiNv8oohJv7DIQY0Q/fcPO9iCQ7zfgtP
S58wDQYJKoZIhvcNAQELBQADggEBAD0jIxWMdPR7SKTJgdBxNw+zu0po4PXBYPTo
hqrfoil+IjnOCQEDuXxFrgpoxhR1OsJvn1PsjhJyOernyhvRItKv0u2Pah4ZAurG
gYr3BnjtPhZmxdCWFaPESB0UNhSep3RZwXwFGgJlUOaiN8DK0GQBI5wggG0/2JUN
lefIn2jM6CFf/MWSA2Un5+/v5d7oP4KluXsRnvJzlBOW/1CtFuVqPAdIVFXhfEYi
wNQsJRpE6mD1OmesN1SVrVqFIdqop7Q1FG+ZRPaSq1OmLw+jx4hFNy8F6YSyG2yq
KldoneAApK+HYDLj3M5m4qI4+GgKzjXOa+3JjENVVScFo/B1UCU=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFX/D8XRaHs6idesMFm+
VYkOw2knV3YzIsHS6zFsFL4P12lAA+lk+767IvmHro1V6CUzUobKNWM0AQ97ANhY
peHQt+DOwqHPnFZ0dcR93Ol4ePT90KErbZSd36sRj9jcLEFzIutmeAIn/m+vVkTZ
TuyFeLsJkAB8fAz4EfuSS2mAGHZTcwh0g5HvQUeBDHqgFcWFjRtLfCsKg1CQp9V6
SU3Rp2iL9HBNI2yogKXIgjNNInT0HWtGzjXOGsu+8qKwmf9I0T9saQbwbDvZcaTN
fyiEQbnYSa68zX2j/MRZZAX6zsyuyhAUiznxwPA0yCANZ/Bv8omoZAFpjaPhfYwE
NwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 363194433658209294869829249201703651032451
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-27 12:13:45 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-25 12:13:44 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.11hodinhruzy.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23775207706630024601119545394759780998443425799195932927282405979322177006815253823437187584416611402532493841909511510000261646612712523473806119089741382588187702193113043186913358843409592577035820651013010137987363133941271308370606327548535872116183146243170640562071044068914879937394049731677657265705669334547356516723238999553358455459973957379883541171964820456327246526738232052149034022649242963148108503333490396610741567160521712932629819533780682862928322728727819116369721695441203819164910952501771770487572547006228211984370592104372338765194482682840604298841044710408123868779748807409375524946999
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							eed0455d778975abbdeb809e9b8780f9c4bd552f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.11hodinhruzy.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '11hodinhruzy.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e7000001936dc04021000004030047304502203303b71108c1d37703eb99a89cf1596d86a79c0337af24916a2c077d776533f5022100a017c77f142ad629ab01eb01a313e604285ba361e8a8e496fdb2d4000c80f8f0007500cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b08000001936dc0405a000004030046304402205ddd3af8d063cdc039c99a7a9ef9400b1a737e68029a4c08f3c145dc457e603502203f51f931640c26236ff28a2126fec321063443f7dc3cef62090ef37e0b4f4b9f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003d2323158c74f47b48a4c981d071370fb3bb4a68e0f5c160f4e886aadfa2297e2239ce090103b97c45ae0a68c614753ac26f9f53ec8e127239eae7ca1bd122d2afd2ed8f6a1e1902eac6818af70678ed3e1666c5d09615a3c4481d1436149ea77459c17c051a026550e6a237c0cad06401239c20806d3fd8950d95e7c89f68cce8215ffcc592036527e7efefe5dee83f82a5b97b119ef273941396ff50ad16e56a3c07485455e17c4622c0d42c251a44ea60f53a67ac375495ad5a8521daa8a7b435146f9944f692ab53a62f0fa3c78845372f05e984b21b6caa2a57689de000a4af876032e3dcce66e2a238f8680ace35ce6bedc98c4355552705a3f0755025