nostavebni.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:5d:d8:aa:32:11:1e:b5:3c:e4:c4:61:8c:5e:6d:12:77:57 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=nostavebni.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:5d:d8:aa:32:11:1e:b5:3c:e4:c4:61:8c:5e:6d:12:77:57Serial Number (int): 293271114871960372389965612411369978754903
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 2f:e8:82:67:24:7e:18:34:be:c3:98:b3:43:56:81:f5:75:1d:96:ee
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 6f:1e:82:b7:3f:36:a7:62:cc:72:dc:4a:a0:37:88:ec:0d:f4:69:26
Fingerprint (sha256): 09:97:4e:19:65:44:f9:6e:ac:ea:f5:06:05:34:c7:e2:1e:7a:e6:de:28:a6:3a:49:92:e3:e4:b1:c0:91:5e:8e
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate nostavebni.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nostavebni.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nostavebni.cz
www.nostavebni.cz
www.nostavebni.cz
Other certificates including the domain name nostavebni.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for nostavebni.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGZjCCBU6gAwIBAgISA13YqjIRHrU85MRhjF5tEndXMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAzMTAxNzUyNDlaFw0y MDA2MDgxNzUyNDlaMBgxFjAUBgNVBAMTDW5vc3RhdmVibmkuY3owggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQCxN+T2tQP61PAmq2PygD1Jt9Q2yx2SU91A dbFk8biEVaXWIqsQfZ1R0G3oGj3hhsFJq1ricsVIPHuVA26Z2q+7AynTxTtcHDfG GKwqGVErX99B71msmk+llerQJQn3QATIKOj5PrRoaDZpxo2qUlXtgR6WGFy8cpNg Qgi9ORuZFgaJec0G+hqlojS/bMVdT7l82NpAMsrvtvaZZG0iSUUmfoG0OQH5qRXt efz1jGWlP1D9XYQr3wAOWzTWWGgIeGv3u4s0QH8AbOfI0Ahl0qzMUh9QIz40YG37 yFWPu6PkLKdzXxGD0cazlaE/N6L+bzCbyLU5cKyoHen6USwUCC6hw2bHVuP+65VH BFlwL9/OrKN2hq3r+xFspiNW2ckqm3+aBvJTL6yKsEuD2JQgFKn5n4biRebbClKP mjtwoXZHThncO4E0MJfIMiGYyGf5s7jE17LtM1RZEDcuH0YdQVvXvS3R83Y7mqd/ H7rW32RTk0cEwaXSXayfQhaNKs5mRRcTYiJCxHwhdzqadQFl9OWsJA/l0ZvpkE2t 4ylaoXeEyfAjjpp9kzRZs45YgzWAH5PD1ipOn0Khrl9RI9DvOFUWtCz8wrPjBKHu RDR1p6ouFLO7Bx7jsYwyvxg6LjND8irWkqHIC2eOhyvlKoVFhgLV0MeHQNYa6+9L Pz3yAmfPJQIDAQABo4ICdjCCAnIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQv6IJn JH4YNL7DmLNDVoH1dR2W7jAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMCsGA1UdEQQkMCKCDW5vc3RhdmVibmkuY3qCEXd3 dy5ub3N0YXZlYm5pLmN6MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8T AQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIB BQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIS hBh1loFxRVgAAAFwxcrX0gAABAMARzBFAiBGYPXezAqYCdXC4P4FWp+WybJiuwFS DI5teeCrXYIXugIhAOtm+tN8kGnfYx4hjfIyTejClRRCwTFk5HXtrgKFukNfAHcA sh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFwxcrX3wAABAMASDBG AiEArkDHXHAxBcduV/LQ04UegtGOc3dkU5AqqoN8So1L3IsCIQCdMmZEyjBjAWir Fwhsc6qi7Fz3enB5wNbkyhJvI1w/AjANBgkqhkiG9w0BAQsFAAOCAQEAGqnZN/Ie lMWUWOJ18Hdv93ko/QdaXbDd/V/VGB7rfxdWCSgRvQB/xPxDFJzP41l1t8QQm35z 5K5JJAiHdtUq/UsXxEs4ysXAqiwRKJw4kKz2l4wIYQ2oK7fi4VYk6g8hzY8HV950 lDdwt8ZvpCQBQVmUpTibVZrT9uJb/HXGC/ApK6/3MgWKflRySKIBX7H9q+QHiTgk VdD02kdo0e63zzk9xjh6s5wHuqNxIrW3lNoSgw39YcF4KClnfbMcde/JM7sPvJxk usbN9mtcX4vvajfmc+wRSmrgfDsUak1c+OIKp2rPUAMHDzoTbIaNckHHSg7w78nW SV8kTOHG+GYphw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsTfk9rUD+tTwJqtj8oA9 SbfUNssdklPdQHWxZPG4hFWl1iKrEH2dUdBt6Bo94YbBSata4nLFSDx7lQNumdqv uwMp08U7XBw3xhisKhlRK1/fQe9ZrJpPpZXq0CUJ90AEyCjo+T60aGg2acaNqlJV 7YEelhhcvHKTYEIIvTkbmRYGiXnNBvoapaI0v2zFXU+5fNjaQDLK77b2mWRtIklF Jn6BtDkB+akV7Xn89YxlpT9Q/V2EK98ADls01lhoCHhr97uLNEB/AGznyNAIZdKs zFIfUCM+NGBt+8hVj7uj5Cync18Rg9HGs5WhPzei/m8wm8i1OXCsqB3p+lEsFAgu ocNmx1bj/uuVRwRZcC/fzqyjdoat6/sRbKYjVtnJKpt/mgbyUy+sirBLg9iUIBSp +Z+G4kXm2wpSj5o7cKF2R04Z3DuBNDCXyDIhmMhn+bO4xNey7TNUWRA3Lh9GHUFb 170t0fN2O5qnfx+61t9kU5NHBMGl0l2sn0IWjSrOZkUXE2IiQsR8IXc6mnUBZfTl rCQP5dGb6ZBNreMpWqF3hMnwI46afZM0WbOOWIM1gB+Tw9YqTp9Coa5fUSPQ7zhV FrQs/MKz4wSh7kQ0daeqLhSzuwce47GMMr8YOi4zQ/Iq1pKhyAtnjocr5SqFRYYC 1dDHh0DWGuvvSz898gJnzyUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 293271114871960372389965612411369978754903 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-10 17:52:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-08 17:52:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nostavebni.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 722987739158161395971132551062631643982593900790195204146633585181210299334048796496377507753506361136583544345082160969494689028079451994579165217793003897899901127556269136580452594200217852728985397810094299283147285748549916094841408250238203754141640670839639492841284458110664668242168155925155404234046685590640224756748902991436650887026364214602993997256409687650715387404609520547754194731486239471635924728273972573929365984722487483519851637086985556974106804513875466559198427016743460905831121052820825611578022337833238134250703144123027925589164046331075164433024353891349940867565125385442002727284135005465043661320411457790174459193133596945374948865855305785459052000577745806208088855869945486762373157783022410263653568796683651732051502213787881673170315077458795460657893331041715385004412142311434047277096146728880025227850730289546494059020225614644470553599042010310193572724177696914004551293058312120247226354558974733975307208714985064872856916497602690727933573873022973109194476851937933046397180779254035477030108747411030666970772658888537586951355439073789923365295401394807433727872417056320604100731584563102692837747744799407291659679263990623101896672888798373740595777340824862324445430664997 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2fe88267247e1834bec398b3435681f5751d96ee . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nostavebni.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nostavebni.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076005ea773f9df56c0e7b536487dd049e0327a919a0c84a11212841875968171455800000170c5cad7d2000004030047304502204660f5decc0a9809d5c2e0fe055a9f96c9b262bb01520c8e6d79e0ab5d8217ba022100eb66fad37c9069df631e218df2324de8c2951442c13164e475edae0285ba435f007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e00000170c5cad7df0000040300483046022100ae40c75c703105c76e57f2d0d3851e82d18e73776453902aaa837c4a8d4bdc8b0221009d326644ca30630168ab17086c73aaa2ec5cf77a7079c0d6e4ca126f235c3f02 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001aa9d937f21e94c59458e275f0776ff77928fd075a5db0ddfd5fd5181eeb7f1756092811bd007fc4fc43149ccfe35975b7c4109b7e73e4ae4924088776d52afd4b17c44b38cac5c0aa2c11289c3890acf6978c08610da82bb7e2e15624ea0f21cd8f0757de74943770b7c66fa42401415994a5389b559ad3f6e25bfc75c60bf0292baff732058a7e547248a2015fb1fdabe40789382455d0f4da4768d1eeb7cf393dc6387ab39c07baa37122b5b794da12830dfd61c1782829677db31c75efc933bb0fbc9c64bac6cdf66b5c5f8bef6a37e673ec114a6ae07c3b146a4d5cf8e20aa76acf5003070f3a136c868d7241c74a0ef0efc9d6495f244ce1c6f8662987