www.primocar.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:de:14:6f:cb:22:91:fb:c6:28:0a:50:42:bd:a9:3f:aa:4b was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.primocar.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:de:14:6f:cb:22:91:fb:c6:28:0a:50:42:bd:a9:3f:aa:4bSerial Number (int): 336906708276664161281411782768568135821899
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 4e:a7:93:4a:67:87:b3:71:00:fe:76:78:f7:b2:7b:8d:63:1e:5e:20
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): b9:60:8c:95:f7:95:7e:31:d3:40:cf:4e:c1:a0:69:5c:4c:d3:fe:85
Fingerprint (sha256): 01:08:0c:7e:c3:1b:d2:f3:bf:a8:3b:20:26:5a:58:67:89:fa:52:2b:80:fb:17:c7:aa:e5:ac:33:cb:b7:20:b9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.primocar.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.primocar.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
primocar.cz
www.primocar.cz
www.primocar.cz
Other certificates including the domain name primocar.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.primocar.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYzCCBUugAwIBAgISA94Ub8sikfvGKApQQr2pP6pLMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA4MDcxMDU0NTlaFw0x OTExMDUxMDU0NTlaMBoxGDAWBgNVBAMTD3d3dy5wcmltb2Nhci5jejCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKibQglNY99Wx9MIgWljgltXAHEV85Dr GHiT/OP36IrtHkQkNqpj9lKUBPuKJdDDe4pvJj5atVwW6gOSt9l0gOIo+qnuCe9Z 5c0NeDsCfiYLcjU/P7anPduQFDhYPTTpU4SPRcBAc2qM93oueOyIduyqTM0Y4dlE aQombpgkgQZ47fjTobD8E9WRdQ8ShW70DRMpVxFvrkgMBb7+GsANyeTcGEWE5Y4c gxW+OEIs0M/VetGGwuwT6CxQHquvmQ2KcZ4OyW6z3iF4o2+7TMAGCBR7S9vb+sRq 0DwGYThcs+yirwpcbFcsiSrErSd9MfDcKyLNj9phLKRZwAR8nlAluCJRgpiTcPgk 5BWOl1F02Bl6pvDU7kMaQ64RqsZ6mB6/9dTjK6GYHw1D/3DWlKDQCvmHMGrLmdtS Dui+P9HG9aR+p17nXObSp5tCLHwlwC/eqXqmxsIIpSzuz1eWuiXAgy2bqJicp3eU Wx66glCVgQHzit38eHeEIw5bxcBKVkHj5PUazyE5WlPrw0EiS99nWlLhSUXtnpGn NqHdiQA18QNS6eADcURW/550UXvXZV8IXFp48d7DitOcbpBSBAVvQZXFEdWsvU/R 8rk2WYZtqJ+7bpwiQJlMig+tfR5YjAl7pgPdM00Ub0M7UkMa/tcx5dBl9UKLjGnb s5u7OZQeg+tNAgMBAAGjggJxMIICbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFE6n k0pnh7NxAP52ePeye41jHl4gMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wJwYDVR0RBCAwHoILcHJpbW9jYXIuY3qCD3d3 dy5wcmltb2Nhci5jejBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEB ATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQG CisGAQQB1nkCBAIEgfUEgfIA8AB2AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1 eeYQe8xWAAABbGvurZQAAAQDAEcwRQIhAKDmriMsGcOcFehkzzuf85DwGDcTDoB8 czzdlFQLwHN5AiBhPJKlXC8pAgvqXLkNmNRo1/rOMdT46lweaVerIxtXzQB2ACk8 UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABbGvurbIAAAQDAEcwRQIg U7UV3AZk8xAN0DYnuqMldi+mrwqkeB7NA7fC0r292KoCIQDiuaDzXmBU1K9gqfwP c4cBxSltTP8+nAW0sUHgLpWvXzANBgkqhkiG9w0BAQsFAAOCAQEAT3K05qTPF+zD 8EwTLz2Y+uPHwWEFVuYkkElyGHKdJcPyV4Mk3R/qSmqkLdRE5ZhiBPgeKLIb50SA 5Y7ymZ142diOycy6KlfQ4gkjTSpNTAkvNvHf1UQfN2sRqTCkNwtpfCybaJp0GDiH XUS/O5xL797ho895pbNJ7ulNTLwVbPgaino2OX1ZA3QDSsQ/UPQOn0XFn8XPHGCp 4vXib/Ar2HL04A0DfitISqqFFow+T2O6AtxgF32FZA7W1dKZo8kfTq/rmt8di5FX XDhaxDIATx+eDDiI/umVnkdrSD7EKt5fGd2aChxeTmuZ5NTS9F8w2V4fnnPmqtxx UEsAi5UmVA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqJtCCU1j31bH0wiBaWOC W1cAcRXzkOsYeJP84/foiu0eRCQ2qmP2UpQE+4ol0MN7im8mPlq1XBbqA5K32XSA 4ij6qe4J71nlzQ14OwJ+JgtyNT8/tqc925AUOFg9NOlThI9FwEBzaoz3ei547Ih2 7KpMzRjh2URpCiZumCSBBnjt+NOhsPwT1ZF1DxKFbvQNEylXEW+uSAwFvv4awA3J 5NwYRYTljhyDFb44QizQz9V60YbC7BPoLFAeq6+ZDYpxng7JbrPeIXijb7tMwAYI FHtL29v6xGrQPAZhOFyz7KKvClxsVyyJKsStJ30x8NwrIs2P2mEspFnABHyeUCW4 IlGCmJNw+CTkFY6XUXTYGXqm8NTuQxpDrhGqxnqYHr/11OMroZgfDUP/cNaUoNAK +YcwasuZ21IO6L4/0cb1pH6nXudc5tKnm0IsfCXAL96peqbGwgilLO7PV5a6JcCD LZuomJynd5RbHrqCUJWBAfOK3fx4d4QjDlvFwEpWQePk9RrPITlaU+vDQSJL32da UuFJRe2ekac2od2JADXxA1Lp4ANxRFb/nnRRe9dlXwhcWnjx3sOK05xukFIEBW9B lcUR1ay9T9HyuTZZhm2on7tunCJAmUyKD619HliMCXumA90zTRRvQztSQxr+1zHl 0GX1QouMaduzm7s5lB6D600CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 336906708276664161281411782768568135821899 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-07 10:54:59 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-05 10:54:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.primocar.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 687854411211959018995276684105348468654538199250084460319215510788790878067284256843011839765262933872836502574615071220984734279440758124804010869552626058915656091842785688003275554033225295795131636663373183370557769244509823899608882780008483122967896565081798066108825972682587571135319013139657024070050469255454697021141598765606154432311002963393785216860453126952859361327446980056837987422141283302355349635573947348532434853109010168186124262791684686154901463759213802468012252555196679970299236831039088714489933334310287834253966430122587704050801195388269059480035106454366428154832885897222121236666798690258767557190698352030919009699077967171471472774226911428566460815692946484496484104904083252565420879416230774806062502306191649921706473323081248835899882234770203845074254587344295870340046387311007491612833417330282412107996148483647922943144601927780942661118784406164659149028558156854149097011867845437480888786323955889992632920623667493262222136483612887832065043322164986135924723026200512331780690392152154196560061954942567940939612601046329453030962148038639617787556075261078674181590941836627376397045642083957457995651288564234143315203723529288771558393160782833987039218104959204616916716219213 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4ea7934a6787b37100fe7678f7b27b8d631e5e20 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'primocar.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.primocar.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c6beead940000040300473045022100a0e6ae232c19c39c15e864cf3b9ff390f01837130e807c733cdd94540bc073790220613c92a55c2f29020bea5cb90d98d468d7face31d4f8ea5c1e6957ab231b57cd007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c6beeadb20000040300473045022053b515dc0664f3100dd03627baa325762fa6af0aa4781ecd03b7c2d2bdbdd8aa022100e2b9a0f35e6054d4af60a9fc0f738701c5296d4cff3e9c05b4b141e02e95af5f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004f72b4e6a4cf17ecc3f04c132f3d98fae3c7c1610556e62490497218729d25c3f2578324dd1fea4a6aa42dd444e5986204f81e28b21be74480e58ef2999d78d9d88ec9ccba2a57d0e209234d2a4d4c092f36f1dfd5441f376b11a930a4370b697c2c9b689a741838875d44bf3b9c4befdee1a3cf79a5b349eee94d4cbc156cf81a8a7a36397d590374034ac43f50f40e9f45c59fc5cf1c60a9e2f5e26ff02bd872f4e00d037e2b484aaa85168c3e4f63ba02dc60177d85640ed6d5d299a3c91f4eafeb9adf1d8b91575c385ac432004f1f9e0c3888fee9959e476b483ec42ade5f19dd9a0a1c5e4e6b99e4d4d2f45f30d95e1f9e73e6aadc71504b008b952654