shibboleth.mzk.cz

Issued by TERENA SSL CA

About this certificate


This digital certificate with serial number a8:c0:1a:85:fc:35:50:60:41:fe:3b:d0:4b:fa:da:be was issued on by TERENA .

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: localityName or stateOrProvinceName is required if organizationName is set
  • ERROR: stateOrProvinceName is required if organizationName is set

Moravian Library

Organization: Moravian Library
Country: CZ

TERENA

Organization: TERENA
Country: CZ

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): a8:c0:1a:85:fc:35:50:60:41:fe:3b:d0:4b:fa:da:be
Serial Number (int): 224307762246754538001485261327189072574
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 38:5c:7e:e6:6f:a3:b0:1d:1b:60:15:83:c3:1f:1b:12:d1:6d:73:49
AuthorityKeyId: 0c:bd:93:68:0c:f3:de:ab:a3:49:6b:2b:37:57:47:ea:90:e3:b9:ed

Fingerprint (sha1): 96:5f:b4:6e:e0:f8:1e:fb:fa:f9:aa:76:28:3e:70:5a:c4:e7:5f:ed
Fingerprint (sha256): 5d:5a:69:33:3b:f3:05:2e:63:8b:fd:8b:9c:b4:55:e0:62:2a:e3:2d:62:be:16:50:a7:ec:56:93:95:dd:6a:9a

Issuing Certificate URL: http://crt.tcs.terena.org/TERENASSLCA.crt

Revocation information

OCSP Server: http://ocsp.tcs.terena.org
CRL Distribution Point: http://crl.tcs.terena.org/TERENASSLCA.crl

Check the revocation status for the current certificate on shibboleth.mzk.cz
7
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

shibboleth.mzk.cz
aleph.mzk.cz
beta.mzk.cz
ezproxy.mzk.cz
mzk.cz
vufind-devel.mzk.cz
vufind.mzk.cz

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIEwjCCA6qgAwIBAgIRAKjAGoX8NVBgQf470Ev62r4wDQYJKoZIhvcNAQEFBQAw NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B IFNTTCBDQTAeFw0xMDEyMTMwMDAwMDBaFw0xMzEyMTIyMzU5NTlaMEQxCzAJBgNV BAYTAkNaMRkwFwYDVQQKExBNb3JhdmlhbiBMaWJyYXJ5MRowGAYDVQQDExFzaGli Ym9sZXRoLm16ay5jejCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK8K EctEqku+k4UfpGvpc6GOJA7SjasNGcgCQWGgVv0fcJZ/I6j90FrYfdM2XZOgkW+1 0PgQze5dq/CJFjN5JAPtjxQIg1TJ16uuDEKfNPhg7spnLa90bnTYnHlZvi7Q63oj EnO3Jm6246B/KUM65jD75/f8Vd5JcY7XVhTu3k46Z9kZ3+CdOPyB2WOhpxDowZsp r9TbkQNDr0X7NhT5REq4pknmeYLYe4OXwUhS8Cx94NnZ8qPKQNyAhQMQp0b6lCvA eKciSrfWq2fdZWgg2JjiD2aWP9Xi4GhIy44+bbPvSFRADpi5I90jcS/OWFZsD5de rM56iaTv6lqDNA1rFd8CAwEAAaOCAbswggG3MB8GA1UdIwQYMBaAFAy9k2gM896r o0lrKzdXR+qQ47ntMB0GA1UdDgQWBBQ4XH7mb6OwHRtgFYPDHxsS0W1zSTAOBgNV HQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+g LaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBt BggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVu YS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50 Y3MudGVyZW5hLm9yZzBzBgNVHREEbDBqghFzaGliYm9sZXRoLm16ay5jeoIMYWxl cGgubXprLmN6ggtiZXRhLm16ay5jeoIOZXpwcm94eS5temsuY3qCBm16ay5jeoIT dnVmaW5kLWRldmVsLm16ay5jeoINdnVmaW5kLm16ay5jejANBgkqhkiG9w0BAQUF AAOCAQEAKJL7bR9S8l/vJNKTMe7M91X7b5L5wbBH/Ye0FS4gwnyGNwZi93tPu6Ow c/dVUZMOjk9jy8IVi6+fHgAZbLWbzCR+aU4eMqvUivLaQF6PTIuweZruVg+xP6R+ L/wZjCANf5UyZt2D/s//IoCbueO3qkhpXodoQX3AtY4I8hVcl8lfwS1/IAJLQddM 5G+OiuKsUKVuIorvGkCeGbmvphz2xOCW8qIxwDSZs6o4QMn9YfObvQ3ZAWf6czDN 0xlNDd8E8AqPFfMYn97mw9vr/DJ2pKKN4XTkJ9ann49dZrOIAL+ooPbxBz0SQ3E7 yxZ/q8WW2FytaNLLo92OMWjtvH023g== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoRy0SqS76ThR+ka+lz oY4kDtKNqw0ZyAJBYaBW/R9wln8jqP3QWth90zZdk6CRb7XQ+BDN7l2r8IkWM3kk A+2PFAiDVMnXq64MQp80+GDuymctr3RudNiceVm+LtDreiMSc7cmbrbjoH8pQzrm MPvn9/xV3klxjtdWFO7eTjpn2Rnf4J04/IHZY6GnEOjBmymv1NuRA0OvRfs2FPlE SrimSeZ5gth7g5fBSFLwLH3g2dnyo8pA3ICFAxCnRvqUK8B4pyJKt9arZ91laCDY mOIPZpY/1eLgaEjLjj5ts+9IVEAOmLkj3SNxL85YVmwPl16sznqJpO/qWoM0DWsV 3wIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 224307762246754538001485261327189072574 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2010-12-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-12-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Moravian Library' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'shibboleth.mzk.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22096668828459586990881622945468806770895649898209021501596238221845580545205019381026347114516490408349395792129409475825397872772719749545058111973582914860298284401450119232537958640426775628642899732243589781097697115443566208508281505684172338664658369491268265943158558542522647227073286683458399168183927469753388333135234121197523160250724038149691010596676445446747689655439763856973003031395415007150471020124899448198343807009556833888660063592189260145261748754779222684903175329271326082046726575247849607219346791293163227047695296813524005777935474374680418485839018088810622017001906047598536533153247 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0cbd93680cf3deaba3496b2b375747ea90e3b9ed . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 385c7ee66fa3b01d1b601583c31f1b12d16d7349 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.tcs.terena.org/TERENASSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.tcs.terena.org/TERENASSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.tcs.terena.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shibboleth.mzk.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aleph.mzk.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beta.mzk.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ezproxy.mzk.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mzk.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vufind-devel.mzk.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vufind.mzk.cz' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002892fb6d1f52f25fef24d29331eeccf755fb6f92f9c1b047fd87b4152e20c27c86370662f77b4fbba3b073f75551930e8e4f63cbc2158baf9f1e00196cb59bcc247e694e1e32abd48af2da405e8f4c8bb0799aee560fb13fa47e2ffc198c200d7f953266dd83fecfff22809bb9e3b7aa48695e8768417dc0b58e08f2155c97c95fc12d7f20024b41d74ce46f8e8ae2ac50a56e228aef1a409e19b9afa61cf6c4e096f2a231c03499b3aa3840c9fd61f39bbd0dd90167fa7330cdd3194d0ddf04f00a8f15f3189fdee6c3dbebfc3276a4a28de174e427d6a79f8f5d66b38800bfa8a0f6f1073d1243713bcb167fabc596d85cad68d2cba3dd8e3168edbc7d36de