www.mlsport.cz
Issued by RapidSSL SHA256 CA - G2
About this certificate
This digital certificate with serial number 01:10:b6:ac:de:6d:26:96:94:e0:27:95:00:5b:7f:cf was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.mlsport.cz
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:10:b6:ac:de:6d:26:96:94:e0:27:95:00:5b:7f:cfSerial Number (int): 1416009840150917494785697264042737615
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 4c:f4:bf:e8:3b:be:c2:24:f3:1b:47:3b:b5:6e:48:8e:16:ab:af:12
Fingerprint (sha1): 02:c5:ef:59:f9:b5:c0:66:54:18:b6:58:49:7a:9f:ce:e5:6a:19:92
Fingerprint (sha256): 0d:ed:a0:88:d0:69:77:cf:67:cb:3d:96:c7:56:ff:6e:4e:98:14:eb:cc:7a:25:33:1c:52:d0:4a:54:13:dd:e3
Issuing Certificate URL: http://gs.symcb.com/gs.crt
Revocation information
OCSP Server: http://gs.symcd.comCRL Distribution Point: http://gs.symcb.com/gs.crl
Check the revocation status for certificate www.mlsport.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.mlsport.cz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.mlsport.cz
mlsport.cz
mlsport.cz
Other certificates including the domain name mlsport.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.mlsport.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYzCCBUugAwIBAgIQARC2rN5tJpaU4CeVAFt/zzANBgkqhkiG9w0BAQsFADBH MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX UmFwaWRTU0wgU0hBMjU2IENBIC0gRzIwHhcNMTcwMjI4MDAwMDAwWhcNMjAwMjI4 MjM1OTU5WjAZMRcwFQYDVQQDDA53d3cubWxzcG9ydC5jejCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAJeADitCRg6kW7pY/ffLxLbd0jVXe50PNFgtZAk4 0mW0qMGnauWyfOSfXOg/R5nyEvlB2rGzyvXCxmbyXVWrPOKrySFLlurZPSwDpt6c mFa/rsXYT6yIRZ1RXbsNdvljOiE9+PtzcXiBfN9QDgXrcUd4Kx5jpvwM9qhTRbjM UquKDxFXw8wtk4PWtb2nJWLXUjzYglyk4I2FSeU6HyHoNmFV9KzFVclZ1YM+VASA Lf4d+eJDrE7hQgNRiwAqKLoCidbYlSdQL6vAXlo/FKT48EzjEy1fSzFImxv9xt1A 0o5kU6aZSDSLnO/yc3jNc3FJmnOOr46ZDQrzrZQGbCVuSjsCAwEAAaOCA3cwggNz MCUGA1UdEQQeMByCDnd3dy5tbHNwb3J0LmN6ggptbHNwb3J0LmN6MAkGA1UdEwQC MAAwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2dzLnN5bWNiLmNvbS9ncy5jcmww bwYDVR0gBGgwZjBkBgZngQwBAgEwWjAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cu cmFwaWRzc2wuY29tL2xlZ2FsMCwGCCsGAQUFBwICMCAMHmh0dHBzOi8vd3d3LnJh cGlkc3NsLmNvbS9sZWdhbDAfBgNVHSMEGDAWgBRM9L/oO77CJPMbRzu1bkiOFquv EjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcwAYYTaHR0cDovL2dzLnN5bWNkLmNv bTAmBggrBgEFBQcwAoYaaHR0cDovL2dzLnN5bWNiLmNvbS9ncy5jcnQwggH2Bgor BgEEAdZ5AgQCBIIB5gSCAeIB4AB2AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0R xM227L7MAAABWoSMn/MAAAQDAEcwRQIgeukRwL9lTfRsSEVB7WD9h27GKoVQCAcZ dbnm3XjiHzECIQDGY8Q46S7iLxuTaITi8Vvcz+8jji2dlEFoY7N0FTC1dQB3AKS5 CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABWoSMoEkAAAQDAEgwRgIh AK0zp7LrM/JVuig9vAGK/fpXO2Fdv07PaAl4P7LMbElNAiEAqpKfe0wf0wTZpNl4 eaqdt3Ifdgu1sd1dzZ1hV2lbzkAAdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMA xHuJeqj9ywAAAVqEjKB6AAAEAwBGMEQCIBuy8IALO1/WOF/wHtQc9OJl6OPziTdA UXUqaXuWFMLzAiBcoWDqjQwsREqR8AGlsVZlQNx20jPMqyPvu1nU0miW0AB2ALx4 4d/F9jxoRkkzTaEPoV8JeWkgCcCBtPP2kX8+2bilAAABWoSMoPEAAAQDAEcwRQIg Ua65Bw4U4jl1OHG1YMPJdkaB65R2j3R2lS5yznw2gbMCIQC6aKnWv9VK+oNjanMT NzTE32DKtcmKGMcWf7A6QdIShTANBgkqhkiG9w0BAQsFAAOCAQEAksYE78Fv54aQ fS/gXRQh+aatkQDY1N3IS5dm/SsjWZ0oa0Qt9IumKMnyIlGN5LisGAm/QlTJX4MC G9BFnKr1+ESD2O1+7ucISPqAQSHYZqSXaF9/sz1/pcRweqb5+ZcaYl2pjnvcG2gP CgqWcTRsUeG6oEymeoSmDp9bv2p4xUVAmTienH8cBiOb0lhmjZCpAd6zs1BrEJjy p0LjWY1wxdXWOa3oiJkNpQWak7UBkWcHOgPjpAbeXfBpsv471y5gdIaxzyCZG1i8 kNAtp5EaOhuX9PURMC0PIN48POM9TFhQxXAJ8cIWkrb/Hvu0NW7M+b0kh7B65Rfo X5xy1Y1OwQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4AOK0JGDqRbulj998vE tt3SNVd7nQ80WC1kCTjSZbSowadq5bJ85J9c6D9HmfIS+UHasbPK9cLGZvJdVas8 4qvJIUuW6tk9LAOm3pyYVr+uxdhPrIhFnVFduw12+WM6IT34+3NxeIF831AOBetx R3grHmOm/Az2qFNFuMxSq4oPEVfDzC2Tg9a1vaclYtdSPNiCXKTgjYVJ5TofIeg2 YVX0rMVVyVnVgz5UBIAt/h354kOsTuFCA1GLACoougKJ1tiVJ1Avq8BeWj8UpPjw TOMTLV9LMUibG/3G3UDSjmRTpplINIuc7/JzeM1zcUmac46vjpkNCvOtlAZsJW5K OwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1416009840150917494785697264042737615 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.mlsport.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19125130495265886518556588793278299616349353730247771637051775011771272794665150802294172222597864174303826524104172689155883827120081758641060965806520568658357359015483054098493274655476493109713299932129490281605389551697088455282338898934006708545651192399858909110924391845147798928035525865304955958235314864777882021073477694235470188328543701476098991893714034982079132779082037528699656797055755595831409222840626912867189171909231150412018783239635095221132888171570822667985402612283200242172288145049414114937382723608995257757935501636468302659323094889654604590340760868081295248690748435581716623411771 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mlsport.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mlsport.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gs.symcb.com/gs.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.rapidssl.com/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4cf4bfe83bbec224f31b473bb56e488e16abaf12 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gs.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gs.symcb.com/gs.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes) 01e0007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015a848c9ff3000004030047304502207ae911c0bf654df46c484541ed60fd876ec62a855008071975b9e6dd78e21f31022100c663c438e92ee22f1b936884e2f15bdccfef238e2d9d94416863b3741530b575007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000015a848ca0490000040300483046022100ad33a7b2eb33f255ba283dbc018afdfa573b615dbf4ecf6809783fb2cc6c494d022100aa929f7b4c1fd304d9a4d97879aa9db7721f760bb5b1dd5dcd9d6157695bce40007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000015a848ca07a000004030046304402201bb2f0800b3b5fd6385ff01ed41cf4e265e8e3f389374051752a697b9614c2f302205ca160ea8d0c2c444a91f001a5b1566540dc76d233ccab23efbb59d4d26896d0007600bc78e1dfc5f63c684649334da10fa15f0979692009c081b4f3f6917f3ed9b8a50000015a848ca0f10000040300473045022051aeb9070e14e239753871b560c3c9764681eb94768f7476952e72ce7c3681b3022100ba68a9d6bfd54afa83636a73133734c4df60cab5c98a18c7167fb03a41d21285 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0092c604efc16fe786907d2fe05d1421f9a6ad9100d8d4ddc84b9766fd2b23599d286b442df48ba628c9f222518de4b8ac1809bf4254c95f83021bd0459caaf5f84483d8ed7eeee70848fa804121d866a497685f7fb33d7fa5c4707aa6f9f9971a625da98e7bdc1b680f0a0a9671346c51e1baa04ca67a84a60e9f5bbf6a78c5454099389e9c7f1c06239bd258668d90a901deb3b3506b1098f2a742e3598d70c5d5d639ade888990da5059a93b5019167073a03e3a406de5df069b2fe3bd72e607486b1cf20991b58bc90d02da7911a3a1b97f4f511302d0f20de3c3ce33d4c5850c57009f1c21692b6ff1efbb4356eccf9bd2487b07ae517e85f9c72d58d4ec1