cert-externalauthapi.caais-test-int.gov.cz

- Digitální a informační agentura -

Issued by PostSignum Public CA 5

About this certificate

This digital certificate with serial number a7:fb:63 was issued on by Česká pošta, s.p..

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
  • Apple recommends that certificates be issued with a maximum validity of 397 days. TLS server certificates issued on or after September 1, 2020 00:00 GMT/UTC should not have a validity period greater than 397 days (https://support.apple.com/en-us/HT211025)

Digitální a informační agentura

Company registration number: D906210
Organization: Digitální a informační agentura
Locality: Praha
Country: CZ

Česká pošta, s.p.

Organization: Česká pošta, s.p.
Country: CZ

This certificate will expire on

Certificate Details

Serial Number (hex): a7:fb:63
Serial Number (int): 11008867
Serial Number lenght: 24 bits, 3 octets

SubjectKeyId: 7a:2b:d6:23:de:d5:a8:f0:df:03:d4:46:8f:7f:ab:a8:b6:c0:e1:bf
AuthorityKeyId: e3:ce:31:51:f3:4c:91:f5:7d:b7:05:89:b1:78:d0:a3:0a:c6:43:99

Fingerprint (sha1): 52:50:78:3a:37:0c:24:9d:05:5e:c8:92:d7:48:82:cf:1b:04:83:83
Fingerprint (sha256): 07:ad:46:d1:eb:48:7e:13:6e:f0:99:9c:85:ee:9a:5a:83:eb:c5:0b:0c:9e:24:4c:ae:a9:81:46:44:e4:30:5d

Issuing Certificate URL: http://crt.postsignum.cz/crt/pspublicca5.crt

Revocation information

OCSP Server: http://ocsp.postsignum.cz/OCSP/VCA5/
CRL Distribution Point: http://crl.postsignum.cz/crl/pspublicca5.crl
CRL Distribution Point: http://crl2.postsignum.cz/crl/pspublicca5.crl
CRL Distribution Point: http://crl.postsignum.eu/crl/pspublicca5.crl

Check the revocation status for certificate cert-externalauthapi.caais-test-int.gov.cz

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cert-externalauthapi.caais-test-int.gov.cz

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cert-externalauthapi.caais-test-int.gov.cz
cert-externaleditapi10.caais-test-int.gov.cz
cert-externaleditapi11.caais-test-int.gov.cz
cert-usercertificatehttpsloader.caais-test-int.gov.cz
externalauthapi.caais-test-int.gov.cz
externaleditapi10.caais-test-int.gov.cz
externaleditapi11.caais-test-int.gov.cz
usercertificatehttpsloader.caais-test-int.gov.cz

Other certificates including the domain name gov.cz

(limited to 100 certificates)
copernicus.gov.cz
zony-idsjk.kraj-jihocesky.gov.cz
ctu.gov.cz
rpp-ais.egon.gov.cz
odok.cz
eru.gov.cz
ov.gov.cz
data.gov.cz
pruvodce.udh.gov.cz
cms.gov.cz
ov.gov.cz
data.mvcr.gov.cz
portal.gov.cz
smlouvy.gov.cz
rpp-aism-pub-test.egon.gov.cz
cert-externalauthapi.caais-test-int.gov.cz
irop.gov.cz
data.gov.cz
upv.gov.cz
frs.gov.cz
digitalnicesko.gov.cz
zakony.gov.cz
vzdelavani.gov.cz
data.mvcr.gov.cz
slovnik.gov.cz
voda.gov.cz
*.gov.cz
geoportal.gov.cz
xn--slovnk-7va.gov.cz
data.kraj-jihocesky.gov.cz
testrs.gov.cz
rpp-ais-test.egon.gov.cz
twist-gp.kraj-jihocesky.gov.cz
mids.gov.cz
zony.kraj-jihocesky.gov.cz
www.gov.cz
code.gov.cz
viap1p.ros-iais.egon.gov.cz
vea801.gov.cz
desu.gov.cz
viap1t.ros-iais.egon.gov.cz
biap1t.ros-iais.egon.gov.cz
opendata.gov.cz
ext-mattermost.nic.cz
ria.gov.cz
admin.gov.cz
rrtv.gov.cz
*.szpi.gov.cz
covid.gov.cz
www.gov.cz
vea801.gov.cz
zony.kraj-jihocesky.gov.cz
*.kraj-jihocesky.gov.cz
spektrum.ctu.gov.cz
vyzkum.gov.cz
razr-pub.egon.gov.cz
testrs.gov.cz
ra.gov.cz
mids.gov.cz
archi.gov.cz
zds.kraj-jihocesky.gov.cz
nap.gov.cz
rpp-opendata-test.egon.gov.cz
cms.gov.cz
opendata.gov.cz
rpp-aism.egon.gov.cz
museion.kraj-jihocesky.gov.cz
prod.frs.gov.cz
tsl.gov.cz
isnipi.gov.cz
testrs.gov.cz
vea801.gov.cz
rpp-ais.egon.gov.cz
www.snsu.cz
tsl.gov.cz
uohs.cz
registrace.udh.gov.cz
gov.cz
admin.pruvodcepripojenim.gov.cz
vyzkum.gov.cz
smlouvy.gov.cz
rpp-aism-pub.egon.gov.cz
brvpn.ros.egon.gov.cz
uzsvm.cz
scitani.gov.cz
eru.gov.cz
mids.gov.cz
obcan.portal.gov.cz
upv.gov.cz
voda.gov.cz
code.gov.cz
ares.gov.cz
chciidentitu.gov.cz
biap1t.ros-iais.egon.gov.cz
viap1p.ros-iais.egon.gov.cz
czechtourism.gov.cz
anonymizace.gov.cz
*.kraj-jihocesky.gov.cz
mk.gov.cz
isdv.upv.gov.cz

Certificate

The complete raw certificate details for cert-externalauthapi.caais-test-int.gov.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJBjCCBu6gAwIBAgIEAKf7YzANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJD
WjEXMBUGA1UEYRMOTlRSQ1otNDcxMTQ5ODMxHTAbBgNVBAoMFMSMZXNrw6EgcG/F
oXRhLCBzLnAuMR8wHQYDVQQDExZQb3N0U2lnbnVtIFB1YmxpYyBDQSA1MB4XDTIz
MTIxODA4MjgwMVoXDTI1MDExODA4MjgwMVowgasxCzAJBgNVBAYTAkNaMQ4wDAYD
VQQHEwVQcmFoYTEXMBUGA1UEYRMOTlRSQ1otMTc2NTE5MjExLDAqBgNVBAoMI0Rp
Z2l0w6FsbsOtIGEgaW5mb3JtYcSNbsOtIGFnZW50dXJhMTMwMQYDVQQDEypjZXJ0
LWV4dGVybmFsYXV0aGFwaS5jYWFpcy10ZXN0LWludC5nb3YuY3oxEDAOBgNVBAUT
B0Q5MDYyMTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDMlw/pN/p+
iCLvH+WLBPAGJYBh+ZeLLn6PI4ZtXLPtFDlrod20lpw589fbu6+AToKjxMS27wXW
JilA9+4QAiNiU3kSrpiEC2tK+Y6sJcMrdIGPHL53dN9Inc/NO5/zj2blh9d/xvEG
pSXGIRlAFqO39/4RzDL9+ojTnrjl1rzNxPqhLHzUCddFuO2oss7+Obh8BqlcTyCb
G2rwmz/fDmf0/vuM7hk9l915Ltlc3IPGgnRh64CUeW2rxm+Spcl8ki6wQSaYF0RY
yVTtZA+1guiyB+ixZDdSKpAFuqfMcyxd5x/TADh4jZEHr7rn4nYqiTcE73NcRxcV
xwR1ckJeaaP+GBiqjlCZBXVNeuENpwq3BEOs9OCiXp7MdPZEywkqhKoZFem6sQgr
7uj4ZeIoRszu8w4nOH+p2vTH2oQYJfacHi52WUqbLZpKA5udbKvdmDLIC5EeYntV
gUPWorJHII6kA3SgNjn3LcDfcA4bXHRjqMU0sOkRyCOwZGYSk4seWhSMoh9uqHVF
dgD8vZMM7NeBAzRyarODFSOrVP3oC/YzzYbtD+5xsvUuCKmnsvgV+ckKnbW3ynhb
GaDk0XcSvAJBYtpkljbQfXlaOoG7MtGCxk3xUATKqGLUAekw/qXD3r++3onHLR0b
aMQrVHmS3Ocz1b7HUxltwpa0b8NpjT0OxQIDAQABo4IDdDCCA3AwggF3BgNVHREE
ggFuMIIBaoIqY2VydC1leHRlcm5hbGF1dGhhcGkuY2FhaXMtdGVzdC1pbnQuZ292
LmN6gixjZXJ0LWV4dGVybmFsZWRpdGFwaTEwLmNhYWlzLXRlc3QtaW50Lmdvdi5j
eoIsY2VydC1leHRlcm5hbGVkaXRhcGkxMS5jYWFpcy10ZXN0LWludC5nb3YuY3qC
NWNlcnQtdXNlcmNlcnRpZmljYXRlaHR0cHNsb2FkZXIuY2FhaXMtdGVzdC1pbnQu
Z292LmN6giVleHRlcm5hbGF1dGhhcGkuY2FhaXMtdGVzdC1pbnQuZ292LmN6gidl
eHRlcm5hbGVkaXRhcGkxMC5jYWFpcy10ZXN0LWludC5nb3YuY3qCJ2V4dGVybmFs
ZWRpdGFwaTExLmNhYWlzLXRlc3QtaW50Lmdvdi5jeoIwdXNlcmNlcnRpZmljYXRl
aHR0cHNsb2FkZXIuY2FhaXMtdGVzdC1pbnQuZ292LmN6MEgGA1UdIARBMD8wMwYJ
Z4EGAQIBCYN0MCYwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cucG9zdHNpZ251bS5j
ejAIBgZngQwBAgIwegYIKwYBBQUHAQEEbjBsMDgGCCsGAQUFBzAChixodHRwOi8v
Y3J0LnBvc3RzaWdudW0uY3ovY3J0L3BzcHVibGljY2E1LmNydDAwBggrBgEFBQcw
AYYkaHR0cDovL29jc3AucG9zdHNpZ251bS5jei9PQ1NQL1ZDQTUvMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgw
FoAU484xUfNMkfV9twWJsXjQowrGQ5kwgagGA1UdHwSBoDCBnTAyoDCgLoYsaHR0
cDovL2NybC5wb3N0c2lnbnVtLmN6L2NybC9wc3B1YmxpY2NhNS5jcmwwM6AxoC+G
LWh0dHA6Ly9jcmwyLnBvc3RzaWdudW0uY3ovY3JsL3BzcHVibGljY2E1LmNybDAy
oDCgLoYsaHR0cDovL2NybC5wb3N0c2lnbnVtLmV1L2NybC9wc3B1YmxpY2NhNS5j
cmwwHQYDVR0OBBYEFHor1iPe1ajw3wPURo9/q6i2wOG/MBMGCisGAQQB1nkCBAMB
Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQAG17ubjs17nFsCKtBc+9OlHKzjZE+1
9gMb+hNu97GIKEy95y0g5woRvU1uj79YUQPojuCETeS2aY6fI3zlwbBUHOjZko1v
NYKahWJctkIwVtMNmu3A3ae4MOXldvVqzBzW6HY9N2ALXaOKlUYT89bMkjvnPPGi
QpQ0G6i3XQtSXpPkX7Fon+M9iCSkOy4hTQrDVEZxCjLnhJvmWXA+4tCzAd9zpi+q
BaZg9CIAd4Ao4+hCxD2RXfxf6xWma0SLHeZayreASaSsvA9vvVW7cMxi4lIvO0vy
YkdF6NhSwu7ZD40I5uHtk9xR+ISZRn/qU/+R8muL99zKeCgkhIG5ySTT2Y5AS96G
lFPPfpJW2bmNUDqvW2LTteUr2z7zr/BDiIN3LhCg89hTdPZTwxu08cNV7x0lZpEg
18sNoa6jI8EpYAF1JUi36dkzu4ARHEbi0VTcWw2EBd6vx2Bu5xXxHYpDAx3aKr2w
+m8ORu9VSvUDtrjisOTMSpm1Eb2VfWk9CgoBUjlNL3wCR41sRs9FVGSzmaEvuzzt
S8VfBuQnIExJgG/m6YXxWiYApYuLFO0k+SM6Ad0AsfZRGBnasgWIqlpYThFUQXuk
JNa9uGGVP09SVGXf/shpkDfB4uH+Lz7GdX0tN6GhopEcaihN5u5IZvfX+ISRi41g
X+BIFC9zKRiBhQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzJcP6Tf6fogi7x/liwTw
BiWAYfmXiy5+jyOGbVyz7RQ5a6HdtJacOfPX27uvgE6Co8TEtu8F1iYpQPfuEAIj
YlN5Eq6YhAtrSvmOrCXDK3SBjxy+d3TfSJ3PzTuf849m5YfXf8bxBqUlxiEZQBaj
t/f+Ecwy/fqI05645da8zcT6oSx81AnXRbjtqLLO/jm4fAapXE8gmxtq8Js/3w5n
9P77jO4ZPZfdeS7ZXNyDxoJ0YeuAlHltq8ZvkqXJfJIusEEmmBdEWMlU7WQPtYLo
sgfosWQ3UiqQBbqnzHMsXecf0wA4eI2RB6+65+J2Kok3BO9zXEcXFccEdXJCXmmj
/hgYqo5QmQV1TXrhDacKtwRDrPTgol6ezHT2RMsJKoSqGRXpurEIK+7o+GXiKEbM
7vMOJzh/qdr0x9qEGCX2nB4udllKmy2aSgObnWyr3ZgyyAuRHmJ7VYFD1qKyRyCO
pAN0oDY59y3A33AOG1x0Y6jFNLDpEcgjsGRmEpOLHloUjKIfbqh1RXYA/L2TDOzX
gQM0cmqzgxUjq1T96Av2M82G7Q/ucbL1Lgipp7L4FfnJCp21t8p4Wxmg5NF3ErwC
QWLaZJY20H15WjqBuzLRgsZN8VAEyqhi1AHpMP6lw96/vt6Jxy0dG2jEK1R5ktzn
M9W+x1MZbcKWtG/DaY09DsUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 11008867
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NTRCZ-47114983'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Česká pošta, s.p.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PostSignum Public CA 5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-18 08:28:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-18 08:28:01 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Praha'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NTRCZ-17651921'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Digitální a informační agentura'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cert-externalauthapi.caais-test-int.gov.cz'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'D906210'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 834654732899064854455232239178371452040138845143621054406915184194575057813254599391560800763665674301583493384307411242148825969185414646361541242196275058298526903488153527296742052935719034944230415789693575950257502354743045654436543482257226727892909356487158600598012215233946014380912708706710982948318061024479218630555639746450926179004018088980131369200107575155977342040288389811909847161380128718418309182974314101135161780087913712280308646023280375621457063459747700105477162377969733719474172629291870917374359988147811954419299988790731502370973976076419369419931034576205257501754092382425970113526953850020981216531169254421249830922745651357704481656213970601039335536721891240947142288715360334331183946148577547456152494960915130020076991006974224415572148094945219622958611695776152111232927110586475484229006152279414458152633278122135816151947212859630190974470678054686510825220596733919631467079625333377116891000737137229896685476498379729532709890210510628672916840566361303854219833414567724499008474565190837357510518367856998642209698418838883588895943832905845090209930630344743655813915093853756337851470668698397711986306830277497230503295640304655916225023944360439750369612120507475362925388828357
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert-externalauthapi.caais-test-int.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert-externaleditapi10.caais-test-int.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert-externaleditapi11.caais-test-int.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert-usercertificatehttpsloader.caais-test-int.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'externalauthapi.caais-test-int.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'externaleditapi10.caais-test-int.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'externaleditapi11.caais-test-int.gov.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usercertificatehttpsloader.caais-test-int.gov.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.134.1.2.1.9.500
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.postsignum.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.postsignum.cz/crt/pspublicca5.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.postsignum.cz/OCSP/VCA5/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName e3ce3151f34c91f57db70589b178d0a30ac64399
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (160 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.postsignum.cz/crl/pspublicca5.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl2.postsignum.cz/crl/pspublicca5.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.postsignum.eu/crl/pspublicca5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7a2bd623ded5a8f0df03d4468f7faba8b6c0e1bf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0006d7bb9b8ecd7b9c5b022ad05cfbd3a51cace3644fb5f6031bfa136ef7b188284cbde72d20e70a11bd4d6e8fbf585103e88ee0844de4b6698e9f237ce5c1b0541ce8d9928d6f35829a85625cb6423056d30d9aedc0dda7b830e5e576f56acc1cd6e8763d37600b5da38a954613f3d6cc923be73cf1a24294341ba8b75d0b525e93e45fb1689fe33d8824a43b2e214d0ac35446710a32e7849be659703ee2d0b301df73a62faa05a660f42200778028e3e842c43d915dfc5feb15a66b448b1de65acab78049a4acbc0f6fbd55bb70cc62e2522f3b4bf2624745e8d852c2eed90f8d08e6e1ed93dc51f88499467fea53ff91f26b8bf7dcca7828248481b9c924d3d98e404bde869453cf7e9256d9b98d503aaf5b62d3b5e52bdb3ef3aff0438883772e10a0f3d85374f653c31bb4f1c355ef1d25669120d7cb0da1aea323c1296001752548b7e9d933bb80111c46e2d154dc5b0d8405deafc7606ee715f11d8a43031dda2abdb0fa6f0e46ef554af503b6b8e2b0e4cc4a99b511bd957d693d0a0a0152394d2f7c02478d6c46cf455464b399a12fbb3ced4bc55f06e427204c49806fe6e985f15a2600a58b8b14ed24f9233a01dd00b1f6511819dab20588aa5a584e1154417ba424d6bdb861953f4f525465dffec8699037c1e2e1fe2f3ec6757d2d37a1a1a2911c6a284de6ee4866f7d7f884918b8d605fe048142f7329188185