matej-vacha.cz

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:91:16:9f:23:c2:70:1a:6a:4f:c1:7a:7c:61:13:8c:8a:91 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:

  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

matej-vacha.cz

Let's Encrypt

Organization: Let's Encrypt
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 03:91:16:9f:23:c2:70:1a:6a:4f:c1:7a:7c:61:13:8c:8a:91
Serial Number (int): 310707870315213886239646965207162237520529
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: e2:cc:96:79:2a:f9:30:f3:ec:66:7f:cf:89:29:8e:84:69:52:af:21
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 8e:42:bf:a4:c3:48:a7:4a:3f:e9:f9:e3:dc:ac:72:a5:80:17:ae:10
Fingerprint (sha256): 00:3b:65:ea:a6:1e:7c:a2:46:60:3a:02:4e:fb:f8:09:36:50:61:f4:a7:ac:cd:2b:9e:95:7a:26:27:6e:fa:b6

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate matej-vacha.cz

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for matej-vacha.cz


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

matej-vacha.cz
www.matej-vacha.cz

Certificate

The complete raw certificate details for matej-vacha.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgISA5EWnyPCcBpqT8F6fGETjIqRMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA0MDkwMTM0MTRaFw0x
ODA3MDgwMTM0MTRaMBkxFzAVBgNVBAMTDm1hdGVqLXZhY2hhLmN6MIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwHnz/jZUt4+1ckZDtrRBJt2KdAMC7Pa
YFGq82mznuR/BTCrlhaNyCgs3cYNPPXdbvLnrhHpLa8O/RgFiizCD8PD6mGn+PD1
YBQ0rCg448gzXmbc8HJ4HdvT+YQ/BGmqxkMziOTKBIKoZw4ggFfJr9tROCrgEARG
aMOzWx8KLky9Fx11OYW/IAXD1WsBEpeEnJSwLzHdaZjgf0yI+s9o8VKF8DRYVXXD
VvN0TdH7CUMQPtVdxq0O+7R5PHthWda+YhqePFDHukBKo4UT8sbdhCdpQeWB45Uz
KTF379rhQnEtkKbxYUdRcPfWI+eNHV2TDJSlAuLMNA3+bm+SqaJw9QIDAQABo4ID
KTCCAyUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTizJZ5Kvkw8+xmf8+JKY6EaVKv
ITAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRj
MGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v
cmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5v
cmcvMC0GA1UdEQQmMCSCDm1hdGVqLXZhY2hhLmN6ghJ3d3cubWF0ZWotdmFjaGEu
Y3owgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYG
CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUH
AgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9u
IGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGgg
dGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNy
eXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1ANt0
r+7LKeyx/so+cW0s5bmquzb3hHGDx12dTze2H79kAAABYqhA/RIAAAQDAEYwRAIg
F/T20xZ2zQE0Cfc+4OkDawxKgyJ8+f5ySan1hlJQiMcCIHS/2iKr8Nk7dsrQAUbu
o61E9bLuGbUoseZbgtK9N6Q7AHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz0
5UVH9HgAAAFiqED9NQAABAMARzBFAiAMRI6yoMqb/0T3YKeGAvwUDxXwvGewm2zz
etnSTvbCHAIhAIiXV5jk1XMdumDR+AVACA8fQFx7FW/38W1CHZID0k2vMA0GCSqG
SIb3DQEBCwUAA4IBAQBX9g0B8g3HohO6bwRB3RquscydxwQY/aZjvSJ+Fx2sU+2e
VLfsoEi3eTBt52eF+vP0+ILrX34mkCYdo7m3Q5p5Ofdlaz7IOktP2fO728rrAFRb
AeE6hDza6JEcKqwLl5LmaMQwWwCfiHH5VMNH8w04N/yvWefE35c9lscWCu4cjZUw
/5EkENXI4jqXHLGhk7771PAKnbzlkD3EQRGl5iwocSjPX9f0/YENrfqT3Cy3rnyF
XnjJtj+cFilMbtXJLIp59cHMdpDBl1KopkxXOjF3gdImkFeX2tnqwY1G95WXV+Tw
gaGMnCcOoKaumKgtJPJDtw5lrgnKbNkJ05qQgAZ/
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwHnz/jZUt4+1ckZDtrR
BJt2KdAMC7PaYFGq82mznuR/BTCrlhaNyCgs3cYNPPXdbvLnrhHpLa8O/RgFiizC
D8PD6mGn+PD1YBQ0rCg448gzXmbc8HJ4HdvT+YQ/BGmqxkMziOTKBIKoZw4ggFfJ
r9tROCrgEARGaMOzWx8KLky9Fx11OYW/IAXD1WsBEpeEnJSwLzHdaZjgf0yI+s9o
8VKF8DRYVXXDVvN0TdH7CUMQPtVdxq0O+7R5PHthWda+YhqePFDHukBKo4UT8sbd
hCdpQeWB45UzKTF379rhQnEtkKbxYUdRcPfWI+eNHV2TDJSlAuLMNA3+bm+SqaJw
9QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 310707870315213886239646965207162237520529
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-04-09 01:34:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-08 01:34:14 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'matej-vacha.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25122362333774329989909086611903065470600517338819965630823603117711280919945954835241522782615825576910011705129470516073116180418523345135762718267355421632379559707756371931473535997381067303754304613056338323817935358148956731119016071987329798611726166586032639461718479160630007260944100920933300071146654377808366244871794324789022126606451328203815319738948350095032387740103271207235602412643886922248281784605192344730115804815411833679458483344824793332799882069406488826326329362576504239649446764571324566585045079936338378126933806479765074565500906281363514013354524222205367651842850651840694173462773
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e2cc96792af930f3ec667fcf89298e846952af21
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'matej-vacha.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.matej-vacha.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef007500db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf6400000162a840fd120000040300463044022017f4f6d31676cd013409f73ee0e9036b0c4a83227cf9fe7249a9f586525088c7022074bfda22abf0d93b76cad00146eea3ad44f5b2ee19b528b1e65b82d2bd37a43b007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000162a840fd35000004030047304502200c448eb2a0ca9bff44f760a78602fc140f15f0bc67b09b6cf37ad9d24ef6c21c02210088975798e4d5731dba60d1f80540080f1f405c7b156ff7f16d421d9203d24daf
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0057f60d01f20dc7a213ba6f0441dd1aaeb1cc9dc70418fda663bd227e171dac53ed9e54b7eca048b779306de76785faf3f4f882eb5f7e2690261da3b9b7439a7939f7656b3ec83a4b4fd9f3bbdbcaeb00545b01e13a843cdae8911c2aac0b9792e668c4305b009f8871f954c347f30d3837fcaf59e7c4df973d96c7160aee1c8d9530ff912410d5c8e23a971cb1a193befbd4f00a9dbce5903dc44111a5e62c287128cf5fd7f4fd810dadfa93dc2cb7ae7c855e78c9b63f9c16294c6ed5c92c8a79f5c1cc7690c19752a8a64c573a317781d226905797dad9eac18d46f7959757e4f081a18c9c270ea0a6ae98a82d24f243b70e65ae09ca6cd909d39a9080067f