cert-externalauthapi.caais-test-int.gov.cz
- Digitální a informační agentura -
Issued by PostSignum Public CA 5
About this certificate
This digital certificate with serial number a7:fb:63 was issued on by Česká pošta, s.p..
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
- Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)
Digitální a informační agentura
Company registration number:
D906210
Organization: Digitální a informační agentura
Organization: Digitální a informační agentura
Locality:
Praha
Country: CZ
Country: CZ
Česká pošta, s.p.
Organization:
Česká pošta, s.p.
Country:
CZ
This certificate will expire on
Certificate Details
Serial Number (hex): a7:fb:63Serial Number (int): 11008867
Serial Number lenght: 24 bits, 3 octets
SubjectKeyId: 7a:2b:d6:23:de:d5:a8:f0:df:03:d4:46:8f:7f:ab:a8:b6:c0:e1:bf
AuthorityKeyId: e3:ce:31:51:f3:4c:91:f5:7d:b7:05:89:b1:78:d0:a3:0a:c6:43:99
Fingerprint (sha1): 52:50:78:3a:37:0c:24:9d:05:5e:c8:92:d7:48:82:cf:1b:04:83:83
Fingerprint (sha256): 07:ad:46:d1:eb:48:7e:13:6e:f0:99:9c:85:ee:9a:5a:83:eb:c5:0b:0c:9e:24:4c:ae:a9:81:46:44:e4:30:5d
Issuing Certificate URL: http://crt.postsignum.cz/crt/pspublicca5.crt
Revocation information
OCSP Server: http://ocsp.postsignum.cz/OCSP/VCA5/CRL Distribution Point: http://crl.postsignum.cz/crl/pspublicca5.crl
CRL Distribution Point: http://crl2.postsignum.cz/crl/pspublicca5.crl
CRL Distribution Point: http://crl.postsignum.eu/crl/pspublicca5.crl
Check the revocation status for certificate cert-externalauthapi.caais-test-int.gov.cz
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cert-externalauthapi.caais-test-int.gov.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cert-externalauthapi.caais-test-int.gov.cz
cert-externaleditapi10.caais-test-int.gov.cz
cert-externaleditapi11.caais-test-int.gov.cz
cert-usercertificatehttpsloader.caais-test-int.gov.cz
externalauthapi.caais-test-int.gov.cz
externaleditapi10.caais-test-int.gov.cz
externaleditapi11.caais-test-int.gov.cz
usercertificatehttpsloader.caais-test-int.gov.cz
cert-externaleditapi10.caais-test-int.gov.cz
cert-externaleditapi11.caais-test-int.gov.cz
cert-usercertificatehttpsloader.caais-test-int.gov.cz
externalauthapi.caais-test-int.gov.cz
externaleditapi10.caais-test-int.gov.cz
externaleditapi11.caais-test-int.gov.cz
usercertificatehttpsloader.caais-test-int.gov.cz
Other certificates including the domain name gov.cz
(limited to 100 certificates)
copernicus.gov.cz
zony-idsjk.kraj-jihocesky.gov.cz
ctu.gov.cz
rpp-ais.egon.gov.cz
odok.cz
eru.gov.cz
ov.gov.cz
data.gov.cz
pruvodce.udh.gov.cz
cms.gov.cz
ov.gov.cz
data.mvcr.gov.cz
portal.gov.cz
smlouvy.gov.cz
rpp-aism-pub-test.egon.gov.cz
cert-externalauthapi.caais-test-int.gov.cz
irop.gov.cz
data.gov.cz
upv.gov.cz
frs.gov.cz
digitalnicesko.gov.cz
zakony.gov.cz
vzdelavani.gov.cz
data.mvcr.gov.cz
slovnik.gov.cz
voda.gov.cz
*.gov.cz
geoportal.gov.cz
xn--slovnk-7va.gov.cz
data.kraj-jihocesky.gov.cz
testrs.gov.cz
rpp-ais-test.egon.gov.cz
twist-gp.kraj-jihocesky.gov.cz
mids.gov.cz
zony.kraj-jihocesky.gov.cz
www.gov.cz
code.gov.cz
viap1p.ros-iais.egon.gov.cz
vea801.gov.cz
desu.gov.cz
viap1t.ros-iais.egon.gov.cz
biap1t.ros-iais.egon.gov.cz
opendata.gov.cz
ext-mattermost.nic.cz
ria.gov.cz
admin.gov.cz
rrtv.gov.cz
*.szpi.gov.cz
covid.gov.cz
www.gov.cz
vea801.gov.cz
zony.kraj-jihocesky.gov.cz
*.kraj-jihocesky.gov.cz
spektrum.ctu.gov.cz
vyzkum.gov.cz
razr-pub.egon.gov.cz
testrs.gov.cz
ra.gov.cz
mids.gov.cz
archi.gov.cz
zds.kraj-jihocesky.gov.cz
nap.gov.cz
rpp-opendata-test.egon.gov.cz
cms.gov.cz
opendata.gov.cz
rpp-aism.egon.gov.cz
museion.kraj-jihocesky.gov.cz
prod.frs.gov.cz
tsl.gov.cz
isnipi.gov.cz
testrs.gov.cz
vea801.gov.cz
rpp-ais.egon.gov.cz
www.snsu.cz
tsl.gov.cz
uohs.cz
registrace.udh.gov.cz
gov.cz
admin.pruvodcepripojenim.gov.cz
vyzkum.gov.cz
smlouvy.gov.cz
rpp-aism-pub.egon.gov.cz
brvpn.ros.egon.gov.cz
uzsvm.cz
scitani.gov.cz
eru.gov.cz
mids.gov.cz
obcan.portal.gov.cz
upv.gov.cz
voda.gov.cz
code.gov.cz
ares.gov.cz
chciidentitu.gov.cz
biap1t.ros-iais.egon.gov.cz
viap1p.ros-iais.egon.gov.cz
czechtourism.gov.cz
anonymizace.gov.cz
*.kraj-jihocesky.gov.cz
mk.gov.cz
isdv.upv.gov.cz
zony-idsjk.kraj-jihocesky.gov.cz
ctu.gov.cz
rpp-ais.egon.gov.cz
odok.cz
eru.gov.cz
ov.gov.cz
data.gov.cz
pruvodce.udh.gov.cz
cms.gov.cz
ov.gov.cz
data.mvcr.gov.cz
portal.gov.cz
smlouvy.gov.cz
rpp-aism-pub-test.egon.gov.cz
cert-externalauthapi.caais-test-int.gov.cz
irop.gov.cz
data.gov.cz
upv.gov.cz
frs.gov.cz
digitalnicesko.gov.cz
zakony.gov.cz
vzdelavani.gov.cz
data.mvcr.gov.cz
slovnik.gov.cz
voda.gov.cz
*.gov.cz
geoportal.gov.cz
xn--slovnk-7va.gov.cz
data.kraj-jihocesky.gov.cz
testrs.gov.cz
rpp-ais-test.egon.gov.cz
twist-gp.kraj-jihocesky.gov.cz
mids.gov.cz
zony.kraj-jihocesky.gov.cz
www.gov.cz
code.gov.cz
viap1p.ros-iais.egon.gov.cz
vea801.gov.cz
desu.gov.cz
viap1t.ros-iais.egon.gov.cz
biap1t.ros-iais.egon.gov.cz
opendata.gov.cz
ext-mattermost.nic.cz
ria.gov.cz
admin.gov.cz
rrtv.gov.cz
*.szpi.gov.cz
covid.gov.cz
www.gov.cz
vea801.gov.cz
zony.kraj-jihocesky.gov.cz
*.kraj-jihocesky.gov.cz
spektrum.ctu.gov.cz
vyzkum.gov.cz
razr-pub.egon.gov.cz
testrs.gov.cz
ra.gov.cz
mids.gov.cz
archi.gov.cz
zds.kraj-jihocesky.gov.cz
nap.gov.cz
rpp-opendata-test.egon.gov.cz
cms.gov.cz
opendata.gov.cz
rpp-aism.egon.gov.cz
museion.kraj-jihocesky.gov.cz
prod.frs.gov.cz
tsl.gov.cz
isnipi.gov.cz
testrs.gov.cz
vea801.gov.cz
rpp-ais.egon.gov.cz
www.snsu.cz
tsl.gov.cz
uohs.cz
registrace.udh.gov.cz
gov.cz
admin.pruvodcepripojenim.gov.cz
vyzkum.gov.cz
smlouvy.gov.cz
rpp-aism-pub.egon.gov.cz
brvpn.ros.egon.gov.cz
uzsvm.cz
scitani.gov.cz
eru.gov.cz
mids.gov.cz
obcan.portal.gov.cz
upv.gov.cz
voda.gov.cz
code.gov.cz
ares.gov.cz
chciidentitu.gov.cz
biap1t.ros-iais.egon.gov.cz
viap1p.ros-iais.egon.gov.cz
czechtourism.gov.cz
anonymizace.gov.cz
*.kraj-jihocesky.gov.cz
mk.gov.cz
isdv.upv.gov.cz
Certificate
The complete raw certificate details for cert-externalauthapi.caais-test-int.gov.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJBjCCBu6gAwIBAgIEAKf7YzANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJD WjEXMBUGA1UEYRMOTlRSQ1otNDcxMTQ5ODMxHTAbBgNVBAoMFMSMZXNrw6EgcG/F oXRhLCBzLnAuMR8wHQYDVQQDExZQb3N0U2lnbnVtIFB1YmxpYyBDQSA1MB4XDTIz MTIxODA4MjgwMVoXDTI1MDExODA4MjgwMVowgasxCzAJBgNVBAYTAkNaMQ4wDAYD VQQHEwVQcmFoYTEXMBUGA1UEYRMOTlRSQ1otMTc2NTE5MjExLDAqBgNVBAoMI0Rp Z2l0w6FsbsOtIGEgaW5mb3JtYcSNbsOtIGFnZW50dXJhMTMwMQYDVQQDEypjZXJ0 LWV4dGVybmFsYXV0aGFwaS5jYWFpcy10ZXN0LWludC5nb3YuY3oxEDAOBgNVBAUT B0Q5MDYyMTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDMlw/pN/p+ iCLvH+WLBPAGJYBh+ZeLLn6PI4ZtXLPtFDlrod20lpw589fbu6+AToKjxMS27wXW JilA9+4QAiNiU3kSrpiEC2tK+Y6sJcMrdIGPHL53dN9Inc/NO5/zj2blh9d/xvEG pSXGIRlAFqO39/4RzDL9+ojTnrjl1rzNxPqhLHzUCddFuO2oss7+Obh8BqlcTyCb G2rwmz/fDmf0/vuM7hk9l915Ltlc3IPGgnRh64CUeW2rxm+Spcl8ki6wQSaYF0RY yVTtZA+1guiyB+ixZDdSKpAFuqfMcyxd5x/TADh4jZEHr7rn4nYqiTcE73NcRxcV xwR1ckJeaaP+GBiqjlCZBXVNeuENpwq3BEOs9OCiXp7MdPZEywkqhKoZFem6sQgr 7uj4ZeIoRszu8w4nOH+p2vTH2oQYJfacHi52WUqbLZpKA5udbKvdmDLIC5EeYntV gUPWorJHII6kA3SgNjn3LcDfcA4bXHRjqMU0sOkRyCOwZGYSk4seWhSMoh9uqHVF dgD8vZMM7NeBAzRyarODFSOrVP3oC/YzzYbtD+5xsvUuCKmnsvgV+ckKnbW3ynhb GaDk0XcSvAJBYtpkljbQfXlaOoG7MtGCxk3xUATKqGLUAekw/qXD3r++3onHLR0b aMQrVHmS3Ocz1b7HUxltwpa0b8NpjT0OxQIDAQABo4IDdDCCA3AwggF3BgNVHREE ggFuMIIBaoIqY2VydC1leHRlcm5hbGF1dGhhcGkuY2FhaXMtdGVzdC1pbnQuZ292 LmN6gixjZXJ0LWV4dGVybmFsZWRpdGFwaTEwLmNhYWlzLXRlc3QtaW50Lmdvdi5j eoIsY2VydC1leHRlcm5hbGVkaXRhcGkxMS5jYWFpcy10ZXN0LWludC5nb3YuY3qC NWNlcnQtdXNlcmNlcnRpZmljYXRlaHR0cHNsb2FkZXIuY2FhaXMtdGVzdC1pbnQu Z292LmN6giVleHRlcm5hbGF1dGhhcGkuY2FhaXMtdGVzdC1pbnQuZ292LmN6gidl eHRlcm5hbGVkaXRhcGkxMC5jYWFpcy10ZXN0LWludC5nb3YuY3qCJ2V4dGVybmFs ZWRpdGFwaTExLmNhYWlzLXRlc3QtaW50Lmdvdi5jeoIwdXNlcmNlcnRpZmljYXRl aHR0cHNsb2FkZXIuY2FhaXMtdGVzdC1pbnQuZ292LmN6MEgGA1UdIARBMD8wMwYJ Z4EGAQIBCYN0MCYwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cucG9zdHNpZ251bS5j ejAIBgZngQwBAgIwegYIKwYBBQUHAQEEbjBsMDgGCCsGAQUFBzAChixodHRwOi8v Y3J0LnBvc3RzaWdudW0uY3ovY3J0L3BzcHVibGljY2E1LmNydDAwBggrBgEFBQcw AYYkaHR0cDovL29jc3AucG9zdHNpZ251bS5jei9PQ1NQL1ZDQTUvMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgw FoAU484xUfNMkfV9twWJsXjQowrGQ5kwgagGA1UdHwSBoDCBnTAyoDCgLoYsaHR0 cDovL2NybC5wb3N0c2lnbnVtLmN6L2NybC9wc3B1YmxpY2NhNS5jcmwwM6AxoC+G LWh0dHA6Ly9jcmwyLnBvc3RzaWdudW0uY3ovY3JsL3BzcHVibGljY2E1LmNybDAy oDCgLoYsaHR0cDovL2NybC5wb3N0c2lnbnVtLmV1L2NybC9wc3B1YmxpY2NhNS5j cmwwHQYDVR0OBBYEFHor1iPe1ajw3wPURo9/q6i2wOG/MBMGCisGAQQB1nkCBAMB Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQAG17ubjs17nFsCKtBc+9OlHKzjZE+1 9gMb+hNu97GIKEy95y0g5woRvU1uj79YUQPojuCETeS2aY6fI3zlwbBUHOjZko1v NYKahWJctkIwVtMNmu3A3ae4MOXldvVqzBzW6HY9N2ALXaOKlUYT89bMkjvnPPGi QpQ0G6i3XQtSXpPkX7Fon+M9iCSkOy4hTQrDVEZxCjLnhJvmWXA+4tCzAd9zpi+q BaZg9CIAd4Ao4+hCxD2RXfxf6xWma0SLHeZayreASaSsvA9vvVW7cMxi4lIvO0vy YkdF6NhSwu7ZD40I5uHtk9xR+ISZRn/qU/+R8muL99zKeCgkhIG5ySTT2Y5AS96G lFPPfpJW2bmNUDqvW2LTteUr2z7zr/BDiIN3LhCg89hTdPZTwxu08cNV7x0lZpEg 18sNoa6jI8EpYAF1JUi36dkzu4ARHEbi0VTcWw2EBd6vx2Bu5xXxHYpDAx3aKr2w +m8ORu9VSvUDtrjisOTMSpm1Eb2VfWk9CgoBUjlNL3wCR41sRs9FVGSzmaEvuzzt S8VfBuQnIExJgG/m6YXxWiYApYuLFO0k+SM6Ad0AsfZRGBnasgWIqlpYThFUQXuk JNa9uGGVP09SVGXf/shpkDfB4uH+Lz7GdX0tN6GhopEcaihN5u5IZvfX+ISRi41g X+BIFC9zKRiBhQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzJcP6Tf6fogi7x/liwTw BiWAYfmXiy5+jyOGbVyz7RQ5a6HdtJacOfPX27uvgE6Co8TEtu8F1iYpQPfuEAIj YlN5Eq6YhAtrSvmOrCXDK3SBjxy+d3TfSJ3PzTuf849m5YfXf8bxBqUlxiEZQBaj t/f+Ecwy/fqI05645da8zcT6oSx81AnXRbjtqLLO/jm4fAapXE8gmxtq8Js/3w5n 9P77jO4ZPZfdeS7ZXNyDxoJ0YeuAlHltq8ZvkqXJfJIusEEmmBdEWMlU7WQPtYLo sgfosWQ3UiqQBbqnzHMsXecf0wA4eI2RB6+65+J2Kok3BO9zXEcXFccEdXJCXmmj /hgYqo5QmQV1TXrhDacKtwRDrPTgol6ezHT2RMsJKoSqGRXpurEIK+7o+GXiKEbM 7vMOJzh/qdr0x9qEGCX2nB4udllKmy2aSgObnWyr3ZgyyAuRHmJ7VYFD1qKyRyCO pAN0oDY59y3A33AOG1x0Y6jFNLDpEcgjsGRmEpOLHloUjKIfbqh1RXYA/L2TDOzX gQM0cmqzgxUjq1T96Av2M82G7Q/ucbL1Lgipp7L4FfnJCp21t8p4Wxmg5NF3ErwC QWLaZJY20H15WjqBuzLRgsZN8VAEyqhi1AHpMP6lw96/vt6Jxy0dG2jEK1R5ktzn M9W+x1MZbcKWtG/DaY09DsUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11008867 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NTRCZ-47114983' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Česká pošta, s.p.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PostSignum Public CA 5' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-18 08:28:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-18 08:28:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Praha' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NTRCZ-17651921' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Digitální a informační agentura' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cert-externalauthapi.caais-test-int.gov.cz' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'D906210' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 834654732899064854455232239178371452040138845143621054406915184194575057813254599391560800763665674301583493384307411242148825969185414646361541242196275058298526903488153527296742052935719034944230415789693575950257502354743045654436543482257226727892909356487158600598012215233946014380912708706710982948318061024479218630555639746450926179004018088980131369200107575155977342040288389811909847161380128718418309182974314101135161780087913712280308646023280375621457063459747700105477162377969733719474172629291870917374359988147811954419299988790731502370973976076419369419931034576205257501754092382425970113526953850020981216531169254421249830922745651357704481656213970601039335536721891240947142288715360334331183946148577547456152494960915130020076991006974224415572148094945219622958611695776152111232927110586475484229006152279414458152633278122135816151947212859630190974470678054686510825220596733919631467079625333377116891000737137229896685476498379729532709890210510628672916840566361303854219833414567724499008474565190837357510518367856998642209698418838883588895943832905845090209930630344743655813915093853756337851470668698397711986306830277497230503295640304655916225023944360439750369612120507475362925388828357 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert-externalauthapi.caais-test-int.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert-externaleditapi10.caais-test-int.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert-externaleditapi11.caais-test-int.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert-usercertificatehttpsloader.caais-test-int.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'externalauthapi.caais-test-int.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'externaleditapi10.caais-test-int.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'externaleditapi11.caais-test-int.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usercertificatehttpsloader.caais-test-int.gov.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.134.1.2.1.9.500 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.postsignum.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.postsignum.cz/crt/pspublicca5.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.postsignum.cz/OCSP/VCA5/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e3ce3151f34c91f57db70589b178d0a30ac64399 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (160 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.postsignum.cz/crl/pspublicca5.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl2.postsignum.cz/crl/pspublicca5.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.postsignum.eu/crl/pspublicca5.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7a2bd623ded5a8f0df03d4468f7faba8b6c0e1bf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0006d7bb9b8ecd7b9c5b022ad05cfbd3a51cace3644fb5f6031bfa136ef7b188284cbde72d20e70a11bd4d6e8fbf585103e88ee0844de4b6698e9f237ce5c1b0541ce8d9928d6f35829a85625cb6423056d30d9aedc0dda7b830e5e576f56acc1cd6e8763d37600b5da38a954613f3d6cc923be73cf1a24294341ba8b75d0b525e93e45fb1689fe33d8824a43b2e214d0ac35446710a32e7849be659703ee2d0b301df73a62faa05a660f42200778028e3e842c43d915dfc5feb15a66b448b1de65acab78049a4acbc0f6fbd55bb70cc62e2522f3b4bf2624745e8d852c2eed90f8d08e6e1ed93dc51f88499467fea53ff91f26b8bf7dcca7828248481b9c924d3d98e404bde869453cf7e9256d9b98d503aaf5b62d3b5e52bdb3ef3aff0438883772e10a0f3d85374f653c31bb4f1c355ef1d25669120d7cb0da1aea323c1296001752548b7e9d933bb80111c46e2d154dc5b0d8405deafc7606ee715f11d8a43031dda2abdb0fa6f0e46ef554af503b6b8e2b0e4cc4a99b511bd957d693d0a0a0152394d2f7c02478d6c46cf455464b399a12fbb3ced4bc55f06e427204c49806fe6e985f15a2600a58b8b14ed24f9233a01dd00b1f6511819dab20588aa5a584e1154417ba424d6bdb861953f4f525465dffec8699037c1e2e1fe2f3ec6757d2d37a1a1a2911c6a284de6ee4866f7d7f884918b8d605fe048142f7329188185