gitlab.labs.nic.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:25:8b:cf:94:d5:ab:5c:c6:d2:e9:22:ce:5d:62:32:ef:5b was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=gitlab.labs.nic.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:25:8b:cf:94:d5:ab:5c:c6:d2:e9:22:ce:5d:62:32:ef:5bSerial Number (int): 274113145886944537156428854261075867266907
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: a9:a3:95:3b:21:c6:cc:51:7e:b2:c4:e8:24:f2:8c:b8:9f:89:24:d3
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 4f:03:5a:91:19:31:73:a2:a9:89:87:85:29:44:e3:c6:dd:c5:e0:d0
Fingerprint (sha256): 0a:2a:1c:17:96:8e:3f:73:57:a7:da:92:56:cd:29:1c:1d:a9:8c:b2:cc:df:9a:0d:39:2b:df:6c:b4:8f:fd:ca
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate gitlab.labs.nic.cz
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gitlab.labs.nic.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gitlab.labs.nic.cz
jetconf.pages.labs.nic.cz
knot.pages.labs.nic.cz
labs.pages.labs.nic.cz
turris.pages.labs.nic.cz
websites.pages.labs.nic.cz
jetconf.pages.labs.nic.cz
knot.pages.labs.nic.cz
labs.pages.labs.nic.cz
turris.pages.labs.nic.cz
websites.pages.labs.nic.cz
Other certificates including the domain name nic.cz
(limited to 100 certificates)
sentry.labs.nic.cz
bgpcrunch.labs.nic.cz
nic.cz
devpub.labs.nic.cz
mirrors.nic.cz
nic.cz
zonemaster.labs.nic.cz
mojeid.regtest.nic.cz
stats.nic.cz
cz-test.dsdng.nic.cz
rdap.nic.cz
stork.nic.cz
odvr.nic.cz
public.nic.cz
gitlab.labs.nic.cz
sentry.labs.nic.cz
dscng.labs.nic.cz
stats.labs.nic.cz
katalogrouteru.cz
mirrors.nic.cz
haas.nic.cz
onlinechat2.nic.cz
ethercalc.labs.nic.cz
mail.nic.cz
whois.nic.cz
redmine.labs.nic.cz
nextcloud.labs.nic.cz
rdap.nic.cz
mail.nic.cz
moodle.nic.cz
dnssec-validator.labs.nic.cz
devpub.labs.nic.cz
mailing.nic.cz
stats.nic.cz
gitlab.nic.cz
bgpcrunch.labs.nic.cz
nic.cz
test-ipv6.nic.cz
stork.nic.cz
mailing.akademie.nic.cz
kalendar.nic.cz
ethercalc.labs.nic.cz
blog.nic.cz
gitlab.labs.nic.cz
eidasnode-test.nic.cz
netmetr-control.labs.nic.cz
intranet.nic.cz
haas.nic.cz
akademie.nic.cz
kalendar.nic.cz
mojeid.fred.nic.cz
moodle.nic.cz
katalogrouteru.cz
lettie.labs.nic.cz
nic.cz
howl.labs.nic.cz
mdm.nic.cz
ext-mattermost.nic.cz
bobek.nic.cz
secure.nic.cz
yangson.labs.nic.cz
mirror-r-01.nic.cz
yangson.labs.nic.cz
sentry.labs.nic.cz
onlinechat2.nic.cz
nic.cz
dnscheck.labs.nic.cz
gitlab.nic.cz
jetscreen.labs.nic.cz
webid.labs.nic.cz
nic.cz
akademie.nic.cz
mailing-mojeid.nic.cz
devpub.labs.nic.cz
api.nic.cz
gitweb.labs.nic.cz
public.nic.cz
blog.nic.cz
kalendar.nic.cz
kalendar.nic.cz
akademie.nic.cz
yangson.labs.nic.cz
piwik.nic.cz
dnscheck.labs.nic.cz
sophie.labs.nic.cz
epp.nic.cz
akademie.nic.cz
howl.labs.nic.cz
bobek.nic.cz
katalogrouteru.cz
intranet.nic.cz
labs.nic.cz
moodle.nic.cz
dnssec-validator.labs.nic.cz
sentry.labs.nic.cz
csp.nic.cz
howl.labs.nic.cz
piwik.nic.cz
akademie.nic.cz
onlinechat.nic.cz
bgpcrunch.labs.nic.cz
nic.cz
devpub.labs.nic.cz
mirrors.nic.cz
nic.cz
zonemaster.labs.nic.cz
mojeid.regtest.nic.cz
stats.nic.cz
cz-test.dsdng.nic.cz
rdap.nic.cz
stork.nic.cz
odvr.nic.cz
public.nic.cz
gitlab.labs.nic.cz
sentry.labs.nic.cz
dscng.labs.nic.cz
stats.labs.nic.cz
katalogrouteru.cz
mirrors.nic.cz
haas.nic.cz
onlinechat2.nic.cz
ethercalc.labs.nic.cz
mail.nic.cz
whois.nic.cz
redmine.labs.nic.cz
nextcloud.labs.nic.cz
rdap.nic.cz
mail.nic.cz
moodle.nic.cz
dnssec-validator.labs.nic.cz
devpub.labs.nic.cz
mailing.nic.cz
stats.nic.cz
gitlab.nic.cz
bgpcrunch.labs.nic.cz
nic.cz
test-ipv6.nic.cz
stork.nic.cz
mailing.akademie.nic.cz
kalendar.nic.cz
ethercalc.labs.nic.cz
blog.nic.cz
gitlab.labs.nic.cz
eidasnode-test.nic.cz
netmetr-control.labs.nic.cz
intranet.nic.cz
haas.nic.cz
akademie.nic.cz
kalendar.nic.cz
mojeid.fred.nic.cz
moodle.nic.cz
katalogrouteru.cz
lettie.labs.nic.cz
nic.cz
howl.labs.nic.cz
mdm.nic.cz
ext-mattermost.nic.cz
bobek.nic.cz
secure.nic.cz
yangson.labs.nic.cz
mirror-r-01.nic.cz
yangson.labs.nic.cz
sentry.labs.nic.cz
onlinechat2.nic.cz
nic.cz
dnscheck.labs.nic.cz
gitlab.nic.cz
jetscreen.labs.nic.cz
webid.labs.nic.cz
nic.cz
akademie.nic.cz
mailing-mojeid.nic.cz
devpub.labs.nic.cz
api.nic.cz
gitweb.labs.nic.cz
public.nic.cz
blog.nic.cz
kalendar.nic.cz
kalendar.nic.cz
akademie.nic.cz
yangson.labs.nic.cz
piwik.nic.cz
dnscheck.labs.nic.cz
sophie.labs.nic.cz
epp.nic.cz
akademie.nic.cz
howl.labs.nic.cz
bobek.nic.cz
katalogrouteru.cz
intranet.nic.cz
labs.nic.cz
moodle.nic.cz
dnssec-validator.labs.nic.cz
sentry.labs.nic.cz
csp.nic.cz
howl.labs.nic.cz
piwik.nic.cz
akademie.nic.cz
onlinechat.nic.cz
Certificate
The complete raw certificate details for gitlab.labs.nic.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG3zCCBcegAwIBAgISAyWLz5TVq1zG0ukizl1iMu9bMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MDMxMDAwMjNaFw0x OTA5MDExMDAwMjNaMB0xGzAZBgNVBAMTEmdpdGxhYi5sYWJzLm5pYy5jejCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPU4dWZ+PmxWWdbYmbpK768cH3o9 23k9LIpMiFErU/ir5O21jXKcsWucQ5tL51z6rAexVq+xMSuDvZZbYmllKpeJqrou ppkpZBYm6AohtpfOxHlSIXIw+SyJigieKIjYzJug7uRNs0MGgMxOi6Fj+izILiof Si33voTP/cHP5A8yFumJ8TxS5turMNv4QdTr9b2QPIAP8O5wQ3ej0I5tULrU8lZK Zf+p02u8GsB+0hVgOxEbjWJr+spG6iKALnz2QFmlhtupOudBmR9vsu41dimy2n2z J3OJm5AsAykHR35UqElaJOOv/yGdjAPz9vvsIMzR6f2+ENofGHFCjAlZoT8emAen LqO43mWbsyfUPiRu25LCM58JF3LCmFIRceTuhfT74Y/pgsXFE6WeFwUSGpXx2o8H Aa/GV5sOoR7dt2h1MTCM7lI2akFUa7KB8tt9XrfSpw2CDiiQXci1eoyNMJ+FVhA6 tf+Y7b8jZrTgQzdBuRAzLYXfsGv6NzHpSEeDVr98ZpwM8L4a39J6oUiPU0NGKMQ/ zCKnj+KJqNXQrnyckvNOb2emArdqahEMvGQwMWp5gWV1676Xmnprc/3anMsfT8RU PFvdA/ZrG6jHpHuU5dgGUZZpNHf7koDWOs0D+3VPCZBK/BXtkhXLQmjlYtFagJEa ZcFaqkOUoiMXcXydAgMBAAGjggLqMIIC5jAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FKmjlTshxsxRfrLE6CTyjLifiSTTMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wgaAGA1UdEQSBmDCBlYISZ2l0bGFiLmxh YnMubmljLmN6ghlqZXRjb25mLnBhZ2VzLmxhYnMubmljLmN6ghZrbm90LnBhZ2Vz LmxhYnMubmljLmN6ghZsYWJzLnBhZ2VzLmxhYnMubmljLmN6ghh0dXJyaXMucGFn ZXMubGFicy5uaWMuY3qCGndlYnNpdGVzLnBhZ2VzLmxhYnMubmljLmN6MEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv AHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFrHP9T3wAABAMA RzBFAiEArQr+MFhIYiNH0XF4ukmIm6yHAzLRGDwxPYkI7MvwDhYCIEUFVSiNUZvm qKNWlwdxLvFazf0KofE3WBpqeyvHkKLrAHUAKTxRllTIOWW6qlD8WAfUt2+/WHop ctykwwz05UVH9HgAAAFrHP9TrgAABAMARjBEAiAzsECsPrjEDF4nsGtTa1tty14x NY37QINmUM8ozrXYWgIgMS2B0ydHrgmZ/UfRPLFtiMER21AaJPDTdIaPOIsuVmcw DQYJKoZIhvcNAQELBQADggEBACJqFqNJgr2o/7DqrWUPWT3gU+15VE/Q2QQ8BvHm af4yHtY1emSQQk4BbqnjAglDIIvkdAGxvatWifMG6xzPOgItE8+yY9utMMr2oMz+ ayvfUZI4DVzzXpSs+pZKZ+RVoHAB9BFJHt6v4EuFtv/sAsl3MJT2BTKhIQ5SVJe0 qLq+pYJSG3OYvSEfKBqSIyjKItLmXSiQgYGQbVdBwS8IRVoUD5UlnwnlPLDXVUYR qDca0s2rY+BG4QoRSdY8NDvrlIV4tHOYiWMuVfrbY6/zlEC61U6MR/r47vUyhaJQ WtgTOeYUKthku7g78vziAvjfxdz7U32TxEeGBkjXxZpY0Cg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9Th1Zn4+bFZZ1tiZukrv rxwfej3beT0sikyIUStT+Kvk7bWNcpyxa5xDm0vnXPqsB7FWr7ExK4O9lltiaWUq l4mqui6mmSlkFiboCiG2l87EeVIhcjD5LImKCJ4oiNjMm6Du5E2zQwaAzE6LoWP6 LMguKh9KLfe+hM/9wc/kDzIW6YnxPFLm26sw2/hB1Ov1vZA8gA/w7nBDd6PQjm1Q utTyVkpl/6nTa7wawH7SFWA7ERuNYmv6ykbqIoAufPZAWaWG26k650GZH2+y7jV2 KbLafbMnc4mbkCwDKQdHflSoSVok46//IZ2MA/P2++wgzNHp/b4Q2h8YcUKMCVmh Px6YB6cuo7jeZZuzJ9Q+JG7bksIznwkXcsKYUhFx5O6F9Pvhj+mCxcUTpZ4XBRIa lfHajwcBr8ZXmw6hHt23aHUxMIzuUjZqQVRrsoHy231et9KnDYIOKJBdyLV6jI0w n4VWEDq1/5jtvyNmtOBDN0G5EDMthd+wa/o3MelIR4NWv3xmnAzwvhrf0nqhSI9T Q0YoxD/MIqeP4omo1dCufJyS805vZ6YCt2pqEQy8ZDAxanmBZXXrvpeaemtz/dqc yx9PxFQ8W90D9msbqMeke5Tl2AZRlmk0d/uSgNY6zQP7dU8JkEr8Fe2SFctCaOVi 0VqAkRplwVqqQ5SiIxdxfJ0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 274113145886944537156428854261075867266907 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-03 10:00:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-01 10:00:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gitlab.labs.nic.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1000412527027739511292017534144157015970654714998161379826943732703271678664541186550557214988359983018983070286654058784316375111973283547049050767135676182199415258701728145660981662279395902283870018305666693655741274706363432904195444139776387448404860715327987538051127653966591618209415872077040804571846398986114622839671945808502664789499750144864457684028034013473661861176272520425125498776102363071131151875454521500063607356630384328656757819151667499135189907310397887442810330106454105441167533896968060418865980894128029791117649392812994082508896708428974355249994369652138586822691661259520969949506963439700170935202805037756699660434527577476492272639612682881494397044727711768397972457547420914464593310228094207481134393089220293593323885381682402822931225727118005922417303083128239174728682504060422715049091099562287368877567615503611764673323108444736385341783172798673750735933148828551311457552028319527653921261635161915531894557321657652842758672854474915776103564860106880285021563862365117373848113599074964819736699375125809856498581673726460593731637316794754034636685054051432796730152381806418538845785122748993692560190454800827554915129751306001943270736344867572944735731660981295336330248682653 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a9a3953b21c6cc517eb2c4e824f28cb89f8924d3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (152 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gitlab.labs.nic.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jetconf.pages.labs.nic.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'knot.pages.labs.nic.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'labs.pages.labs.nic.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'turris.pages.labs.nic.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'websites.pages.labs.nic.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016b1cff53df0000040300473045022100ad0afe305848622347d17178ba49889bac870332d1183c313d8908eccbf00e160220450555288d519be6a8a3569707712ef15acdfd0aa1f137581a6a7b2bc790a2eb007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016b1cff53ae0000040300463044022033b040ac3eb8c40c5e27b06b536b5b6dcb5e31358dfb40836650cf28ceb5d85a0220312d81d32747ae0999fd47d13cb16d88c111db501a24f0d374868f388b2e5667 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00226a16a34982bda8ffb0eaad650f593de053ed79544fd0d9043c06f1e669fe321ed6357a6490424e016ea9e3020943208be47401b1bdab5689f306eb1ccf3a022d13cfb263dbad30caf6a0ccfe6b2bdf5192380d5cf35e94acfa964a67e455a07001f411491edeafe04b85b6ffec02c9773094f60532a1210e525497b4a8babea582521b7398bd211f281a922328ca22d2e65d28908181906d5741c12f08455a140f95259f09e53cb0d7554611a8371ad2cdab63e046e10a1149d63c343beb948578b4739889632e55fadb63aff39440bad54e8c47faf8eef53285a2505ad81339e6142ad864bbb83bf2fce202f8dfc5dcfb537d93c447860648d7c59a58d028