haas.nic.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:2b:33:9a:c4:ba:cd:6c:8c:4e:2e:cf:4c:9e:bc:2a:5b:98 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=haas.nic.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:2b:33:9a:c4:ba:cd:6c:8c:4e:2e:cf:4c:9e:bc:2a:5b:98Serial Number (int): 276037593804534635138725685127163136334744
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 87:44:fe:f7:e4:1e:59:ab:b7:79:5e:10:38:96:40:e9:bd:78:fc:01
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 9f:ea:21:23:20:71:ee:bb:d0:02:47:d1:8e:87:1b:e2:3c:4b:46:67
Fingerprint (sha256): 0b:e4:21:29:9d:e2:8b:3b:ac:12:fa:ef:4c:28:fe:d2:60:58:09:c2:1e:45:1a:d8:73:f7:00:63:fe:ed:22:21
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate haas.nic.cz
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for haas.nic.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
haas.nic.cz
Other certificates including the domain name nic.cz
(limited to 100 certificates)
sentry.labs.nic.cz
bgpcrunch.labs.nic.cz
nic.cz
devpub.labs.nic.cz
mirrors.nic.cz
nic.cz
zonemaster.labs.nic.cz
mojeid.regtest.nic.cz
stats.nic.cz
cz-test.dsdng.nic.cz
rdap.nic.cz
stork.nic.cz
odvr.nic.cz
public.nic.cz
gitlab.labs.nic.cz
sentry.labs.nic.cz
dscng.labs.nic.cz
stats.labs.nic.cz
katalogrouteru.cz
mirrors.nic.cz
haas.nic.cz
onlinechat2.nic.cz
ethercalc.labs.nic.cz
mail.nic.cz
whois.nic.cz
redmine.labs.nic.cz
nextcloud.labs.nic.cz
rdap.nic.cz
mail.nic.cz
moodle.nic.cz
dnssec-validator.labs.nic.cz
devpub.labs.nic.cz
mailing.nic.cz
stats.nic.cz
gitlab.nic.cz
bgpcrunch.labs.nic.cz
nic.cz
test-ipv6.nic.cz
stork.nic.cz
mailing.akademie.nic.cz
kalendar.nic.cz
ethercalc.labs.nic.cz
blog.nic.cz
gitlab.labs.nic.cz
eidasnode-test.nic.cz
knihy.nic.cz
netmetr-control.labs.nic.cz
intranet.nic.cz
haas.nic.cz
akademie.nic.cz
kalendar.nic.cz
mojeid.fred.nic.cz
moodle.nic.cz
katalogrouteru.cz
lettie.labs.nic.cz
nic.cz
howl.labs.nic.cz
mdm.nic.cz
ext-mattermost.nic.cz
bobek.nic.cz
secure.nic.cz
yangson.labs.nic.cz
mirror-r-01.nic.cz
yangson.labs.nic.cz
sentry.labs.nic.cz
onlinechat2.nic.cz
nic.cz
dnscheck.labs.nic.cz
gitlab.nic.cz
jetscreen.labs.nic.cz
webid.labs.nic.cz
nic.cz
akademie.nic.cz
mailing-mojeid.nic.cz
devpub.labs.nic.cz
api.nic.cz
gitweb.labs.nic.cz
public.nic.cz
blog.nic.cz
kalendar.nic.cz
kalendar.nic.cz
akademie.nic.cz
yangson.labs.nic.cz
piwik.nic.cz
dnscheck.labs.nic.cz
sophie.labs.nic.cz
epp.nic.cz
akademie.nic.cz
howl.labs.nic.cz
bobek.nic.cz
katalogrouteru.cz
intranet.nic.cz
labs.nic.cz
moodle.nic.cz
dnssec-validator.labs.nic.cz
sentry.labs.nic.cz
csp.nic.cz
howl.labs.nic.cz
piwik.nic.cz
akademie.nic.cz
bgpcrunch.labs.nic.cz
nic.cz
devpub.labs.nic.cz
mirrors.nic.cz
nic.cz
zonemaster.labs.nic.cz
mojeid.regtest.nic.cz
stats.nic.cz
cz-test.dsdng.nic.cz
rdap.nic.cz
stork.nic.cz
odvr.nic.cz
public.nic.cz
gitlab.labs.nic.cz
sentry.labs.nic.cz
dscng.labs.nic.cz
stats.labs.nic.cz
katalogrouteru.cz
mirrors.nic.cz
haas.nic.cz
onlinechat2.nic.cz
ethercalc.labs.nic.cz
mail.nic.cz
whois.nic.cz
redmine.labs.nic.cz
nextcloud.labs.nic.cz
rdap.nic.cz
mail.nic.cz
moodle.nic.cz
dnssec-validator.labs.nic.cz
devpub.labs.nic.cz
mailing.nic.cz
stats.nic.cz
gitlab.nic.cz
bgpcrunch.labs.nic.cz
nic.cz
test-ipv6.nic.cz
stork.nic.cz
mailing.akademie.nic.cz
kalendar.nic.cz
ethercalc.labs.nic.cz
blog.nic.cz
gitlab.labs.nic.cz
eidasnode-test.nic.cz
knihy.nic.cz
netmetr-control.labs.nic.cz
intranet.nic.cz
haas.nic.cz
akademie.nic.cz
kalendar.nic.cz
mojeid.fred.nic.cz
moodle.nic.cz
katalogrouteru.cz
lettie.labs.nic.cz
nic.cz
howl.labs.nic.cz
mdm.nic.cz
ext-mattermost.nic.cz
bobek.nic.cz
secure.nic.cz
yangson.labs.nic.cz
mirror-r-01.nic.cz
yangson.labs.nic.cz
sentry.labs.nic.cz
onlinechat2.nic.cz
nic.cz
dnscheck.labs.nic.cz
gitlab.nic.cz
jetscreen.labs.nic.cz
webid.labs.nic.cz
nic.cz
akademie.nic.cz
mailing-mojeid.nic.cz
devpub.labs.nic.cz
api.nic.cz
gitweb.labs.nic.cz
public.nic.cz
blog.nic.cz
kalendar.nic.cz
kalendar.nic.cz
akademie.nic.cz
yangson.labs.nic.cz
piwik.nic.cz
dnscheck.labs.nic.cz
sophie.labs.nic.cz
epp.nic.cz
akademie.nic.cz
howl.labs.nic.cz
bobek.nic.cz
katalogrouteru.cz
intranet.nic.cz
labs.nic.cz
moodle.nic.cz
dnssec-validator.labs.nic.cz
sentry.labs.nic.cz
csp.nic.cz
howl.labs.nic.cz
piwik.nic.cz
akademie.nic.cz
Certificate
The complete raw certificate details for haas.nic.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTzCCBTegAwIBAgISAyszmsS6zWyMTi7PTJ68KluYMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMjcxMDAwMzFaFw0x OTA1MjgxMDAwMzFaMBYxFDASBgNVBAMTC2hhYXMubmljLmN6MIICIjANBgkqhkiG 9w0BAQEFAAOCAg8AMIICCgKCAgEAs1nXb3MuCKhKAwcAOzrobCUv5ArgdNwJCXZd ZnaswnREvVdSpe/yVkK6iCvbBHCfM5tQ/QKmBGO4agGKo2VXGzUTyx+G8Anz+Ebf jqPBft7t/Vedt62VauU2ztKiSVM8sK8eKTr3zWU3V60bsWI+m+VKVEHu80sMUlUH v0kqI2uvgOfgz88eQtk4nBFND0hIT0m50IZiZ0etGzgtvdS53sl6WECqj7pd7ye5 91RFEowkMUi64Wuw9bi+xoKAUG/bybZQG4+yYpvd7+c8jNTFfCixy+DRpRJ/TXvD eYPKxPSBIhh/WvD+DUXoxpyQgnXD5YwLhCTvRuv/qQuY8mmKIbgYL+Maj56cwjz/ HmkdO1N7ctTzcPiU6kVMWxXV2EJqsBO3opi32t8kYV5ux0WAgd1ScnAJEW/ZJVos PNE/h+R/CNbz926+MfLDWNnCprSCCHdrMK+5e1Oh5LDG/pyg3cr+/oraT/BTWoUg +3Ab2qlif5tICUa9HRUK7RnlapKWPm5HroaQR1OODnBnfuy5d7/SH7YBAlCmLBAI rBQ7IlWt1qEC9fKyQtHNofOczWgyXjyGQgj0kbcSZx3vW1IpjeYKtjIZK1FFCE2Y Y4TVHcH0DEKpVGEqxSveo4uCXmlPafIEmxrltwdJQhjNilU+swzEN0VV4F1uUkL6 L7u4aTcCAwEAAaOCAmEwggJdMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUh0T+9+Qe Wau3eV4QOJZA6b14/AEwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEw bwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMu bGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMu bGV0c2VuY3J5cHQub3JnLzAWBgNVHREEDzANggtoYWFzLm5pYy5jejBMBgNVHSAE RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2 AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1eeYQe8xWAAABaS6c8kIAAAQDAEcw RQIgLRd+fKcXBMWmb0jzqYiuNSPwn3tLBfVWnRpEBLM+xm0CIQDiykZ0Ieh7UbHd BkyMCWDlLAH0R3TouFXRJ8Rc3/dqDgB3AGPy283oO8wszwtyhCdXazOkjWF3j711 pjixx2hUS9iNAAABaS6c8j8AAAQDAEgwRgIhAI0R+ZEcaVqDkgx0mcrxPSOid1ZV wZPDAhr2CG/i0ebLAiEAsYSo+Eef2dRBXQSKpZfsbSjXdJkMN4I/zpm+jBSK9XEw DQYJKoZIhvcNAQELBQADggEBABeJ5dEUsRcFqoHXPNGRVaWk08+Z0iXTlC5A70R5 xLZ2zNL3m+TnYA7OPxaUZnyx60QWpyUgp3VCg01uoSlhFGGwnlRZTtH+zypv/CTE siP0WEPg7yE4PhmAVO09OyLRL7m75ZYbvuwb3bOtVpvOjV6ETmq2y3g0k7+jSX5v neG+I2P8B75aYk0jYj0Bix5d75RvkA+7N/4Rf/KWy5yfr6jQvVyLzyTPQMR+xtdf VM73dhOSuDpRFQa3B3Bs3SIm46hYAtu9xMhTbdDn9GXhPqVrlMHStwRAjjo981LD b0M9C8bU5cmborI9xU75mozXg47/aTOV/yUR8+lU/aP5SGE= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs1nXb3MuCKhKAwcAOzro bCUv5ArgdNwJCXZdZnaswnREvVdSpe/yVkK6iCvbBHCfM5tQ/QKmBGO4agGKo2VX GzUTyx+G8Anz+EbfjqPBft7t/Vedt62VauU2ztKiSVM8sK8eKTr3zWU3V60bsWI+ m+VKVEHu80sMUlUHv0kqI2uvgOfgz88eQtk4nBFND0hIT0m50IZiZ0etGzgtvdS5 3sl6WECqj7pd7ye591RFEowkMUi64Wuw9bi+xoKAUG/bybZQG4+yYpvd7+c8jNTF fCixy+DRpRJ/TXvDeYPKxPSBIhh/WvD+DUXoxpyQgnXD5YwLhCTvRuv/qQuY8mmK IbgYL+Maj56cwjz/HmkdO1N7ctTzcPiU6kVMWxXV2EJqsBO3opi32t8kYV5ux0WA gd1ScnAJEW/ZJVosPNE/h+R/CNbz926+MfLDWNnCprSCCHdrMK+5e1Oh5LDG/pyg 3cr+/oraT/BTWoUg+3Ab2qlif5tICUa9HRUK7RnlapKWPm5HroaQR1OODnBnfuy5 d7/SH7YBAlCmLBAIrBQ7IlWt1qEC9fKyQtHNofOczWgyXjyGQgj0kbcSZx3vW1Ip jeYKtjIZK1FFCE2YY4TVHcH0DEKpVGEqxSveo4uCXmlPafIEmxrltwdJQhjNilU+ swzEN0VV4F1uUkL6L7u4aTcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 276037593804534635138725685127163136334744 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-27 10:00:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-28 10:00:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'haas.nic.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 731688012876508462295297821055115023995296046249391405810095572363851668214347039694054628148374882617278177244844823297975942256197173867759466352884274058388666813626565660857790778177694584752353463452857456501847707909170465809538801848549828486867686217610788489584289669239306590616407766143748864987427956348553671021757570320660103885837867271043055481485612294880162437280814797997121054742751752513031146340970465383563816762435796618337349741634968012316545109985191948495909647921290626241739421618932876147919089281035665466310744085495421031138876258819230967787731892844262363383254469807008801737223270532148778651659859361384689551043486603582195082980269407502944604784079415783029268461551373518843030125269123493635726249725708870118285204709494835531941720965409191311269730677138677615701108342444155033923690221417598773931596438558197174587528214471420805857810901352392759713390141471900282715414668333986152184059512284671178554803409348791292898940288294828188370344821230978421179519937545944689575513406451111856984453229300247222460285812030598118915479437928720196908010640948520718487472949057258044166010304854061114621817852109833780568047719548237208547757399552785099001513529487633354835367586103 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8744fef7e41e59abb7795e10389640e9bd78fc01 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'haas.nic.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001692e9cf242000004030047304502202d177e7ca71704c5a66f48f3a988ae3523f09f7b4b05f5569d1a4404b33ec66d022100e2ca467421e87b51b1dd064c8c0960e52c01f44774e8b855d127c45cdff76a0e00770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001692e9cf23f00000403004830460221008d11f9911c695a83920c7499caf13d23a2775655c193c3021af6086fe2d1e6cb022100b184a8f8479fd9d4415d048aa597ec6d28d774990c37823fce99be8c148af571 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001789e5d114b11705aa81d73cd19155a5a4d3cf99d225d3942e40ef4479c4b676ccd2f79be4e7600ece3f1694667cb1eb4416a72520a77542834d6ea129611461b09e54594ed1fecf2a6ffc24c4b223f45843e0ef21383e198054ed3d3b22d12fb9bbe5961bbeec1bddb3ad569bce8d5e844e6ab6cb783493bfa3497e6f9de1be2363fc07be5a624d23623d018b1e5def946f900fbb37fe117ff296cb9c9fafa8d0bd5c8bcf24cf40c47ec6d75f54cef7761392b83a511506b707706cdd2226e3a85802dbbdc4c8536dd0e7f465e13ea56b94c1d2b704408e3a3df352c36f433d0bc6d4e5c99ba2b23dc54ef99a8cd7838eff693395ff2511f3e954fda3f94861