isnipi.gov.cz
Issued by I.CA TLS DV/OV CA/RSA 06/2022
About this certificate
This digital certificate with serial number 01:80:7a:25:f3:8f:9f:a5:45 was issued on by První certifikační autorita, a.s..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains the invalid attribute type 2.5.4.5 If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
SERIALNUMBER=ICA - 1210429,CN=isnipi.gov.cz
První certifikační autorita, a.s.
Organization:
První certifikační autorita, a.s.
Country:
CZ
This certificate will expire on
Certificate Details
Serial Number (hex): 01:80:7a:25:f3:8f:9f:a5:45Serial Number (int): 27704497785739912517
Serial Number lenght: 65 bits, 9 octets
SubjectKeyId: 8a:9d:ff:82:3d:b1:0a:2b:4e:79:83:9e:84:43:56:c0:37:32:fd:ed
AuthorityKeyId: 94:19:75:cd:dd:59:58:59:b5:b3:cf:7e:02:39:11:33:81:96:9e:ab
Fingerprint (sha1): ad:d7:f8:34:ac:e2:df:04:a4:bc:da:ec:3e:86:a2:c3:31:e8:46:4e
Fingerprint (sha256): 16:18:d3:04:04:19:c4:20:2c:d5:56:64:4b:68:14:4f:e0:ae:03:3d:1c:9b:ce:e6:9f:08:4e:d9:cd:a3:00:e4
Issuing Certificate URL: http://s.ica.cz/sca22_rsa.cer
Revocation information
OCSP Server: http://ocsp.ica.cz/sca22_rsaCRL Distribution Point: http://scrldp1.ica.cz/sca22_rsa.crl
CRL Distribution Point: http://scrldp2.ica.cz/sca22_rsa.crl
Check the revocation status for certificate isnipi.gov.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for isnipi.gov.cz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
isnipi.gov.cz
www.isnipi.gov.cz
www.isnipi.gov.cz
Other certificates including the domain name gov.cz
(limited to 100 certificates)
copernicus.gov.cz
zony-idsjk.kraj-jihocesky.gov.cz
ctu.gov.cz
rpp-ais.egon.gov.cz
odok.cz
eru.gov.cz
ov.gov.cz
data.gov.cz
pruvodce.udh.gov.cz
cms.gov.cz
ov.gov.cz
data.mvcr.gov.cz
portal.gov.cz
smlouvy.gov.cz
rpp-aism-pub-test.egon.gov.cz
cert-externalauthapi.caais-test-int.gov.cz
irop.gov.cz
data.gov.cz
upv.gov.cz
frs.gov.cz
digitalnicesko.gov.cz
zakony.gov.cz
vzdelavani.gov.cz
data.mvcr.gov.cz
slovnik.gov.cz
voda.gov.cz
*.gov.cz
geoportal.gov.cz
xn--slovnk-7va.gov.cz
data.kraj-jihocesky.gov.cz
testrs.gov.cz
rpp-ais-test.egon.gov.cz
twist-gp.kraj-jihocesky.gov.cz
mids.gov.cz
zony.kraj-jihocesky.gov.cz
www.gov.cz
code.gov.cz
viap1p.ros-iais.egon.gov.cz
vea801.gov.cz
desu.gov.cz
viap1t.ros-iais.egon.gov.cz
biap1t.ros-iais.egon.gov.cz
opendata.gov.cz
ext-mattermost.nic.cz
subca1.narodni-ca.gov.cz
ria.gov.cz
admin.gov.cz
rrtv.gov.cz
*.szpi.gov.cz
covid.gov.cz
www.gov.cz
vea801.gov.cz
zony.kraj-jihocesky.gov.cz
*.kraj-jihocesky.gov.cz
spektrum.ctu.gov.cz
vyzkum.gov.cz
razr-pub.egon.gov.cz
testrs.gov.cz
ra.gov.cz
mids.gov.cz
archi.gov.cz
zds.kraj-jihocesky.gov.cz
nap.gov.cz
rpp-opendata-test.egon.gov.cz
cms.gov.cz
opendata.gov.cz
rpp-aism.egon.gov.cz
museion.kraj-jihocesky.gov.cz
prod.frs.gov.cz
tsl.gov.cz
isnipi.gov.cz
testrs.gov.cz
vea801.gov.cz
rpp-ais.egon.gov.cz
www.snsu.cz
tsl.gov.cz
uohs.cz
registrace.udh.gov.cz
gov.cz
sprava-dev.edoklady.gov.cz
admin.pruvodcepripojenim.gov.cz
vyzkum.gov.cz
smlouvy.gov.cz
rpp-aism-pub.egon.gov.cz
brvpn.ros.egon.gov.cz
uzsvm.cz
scitani.gov.cz
eru.gov.cz
mids.gov.cz
obcan.portal.gov.cz
upv.gov.cz
voda.gov.cz
code.gov.cz
ares.gov.cz
chciidentitu.gov.cz
biap1t.ros-iais.egon.gov.cz
viap1p.ros-iais.egon.gov.cz
czechtourism.gov.cz
anonymizace.gov.cz
qve.narodni-ca.gov.cz
zony-idsjk.kraj-jihocesky.gov.cz
ctu.gov.cz
rpp-ais.egon.gov.cz
odok.cz
eru.gov.cz
ov.gov.cz
data.gov.cz
pruvodce.udh.gov.cz
cms.gov.cz
ov.gov.cz
data.mvcr.gov.cz
portal.gov.cz
smlouvy.gov.cz
rpp-aism-pub-test.egon.gov.cz
cert-externalauthapi.caais-test-int.gov.cz
irop.gov.cz
data.gov.cz
upv.gov.cz
frs.gov.cz
digitalnicesko.gov.cz
zakony.gov.cz
vzdelavani.gov.cz
data.mvcr.gov.cz
slovnik.gov.cz
voda.gov.cz
*.gov.cz
geoportal.gov.cz
xn--slovnk-7va.gov.cz
data.kraj-jihocesky.gov.cz
testrs.gov.cz
rpp-ais-test.egon.gov.cz
twist-gp.kraj-jihocesky.gov.cz
mids.gov.cz
zony.kraj-jihocesky.gov.cz
www.gov.cz
code.gov.cz
viap1p.ros-iais.egon.gov.cz
vea801.gov.cz
desu.gov.cz
viap1t.ros-iais.egon.gov.cz
biap1t.ros-iais.egon.gov.cz
opendata.gov.cz
ext-mattermost.nic.cz
subca1.narodni-ca.gov.cz
ria.gov.cz
admin.gov.cz
rrtv.gov.cz
*.szpi.gov.cz
covid.gov.cz
www.gov.cz
vea801.gov.cz
zony.kraj-jihocesky.gov.cz
*.kraj-jihocesky.gov.cz
spektrum.ctu.gov.cz
vyzkum.gov.cz
razr-pub.egon.gov.cz
testrs.gov.cz
ra.gov.cz
mids.gov.cz
archi.gov.cz
zds.kraj-jihocesky.gov.cz
nap.gov.cz
rpp-opendata-test.egon.gov.cz
cms.gov.cz
opendata.gov.cz
rpp-aism.egon.gov.cz
museion.kraj-jihocesky.gov.cz
prod.frs.gov.cz
tsl.gov.cz
isnipi.gov.cz
testrs.gov.cz
vea801.gov.cz
rpp-ais.egon.gov.cz
www.snsu.cz
tsl.gov.cz
uohs.cz
registrace.udh.gov.cz
gov.cz
sprava-dev.edoklady.gov.cz
admin.pruvodcepripojenim.gov.cz
vyzkum.gov.cz
smlouvy.gov.cz
rpp-aism-pub.egon.gov.cz
brvpn.ros.egon.gov.cz
uzsvm.cz
scitani.gov.cz
eru.gov.cz
mids.gov.cz
obcan.portal.gov.cz
upv.gov.cz
voda.gov.cz
code.gov.cz
ares.gov.cz
chciidentitu.gov.cz
biap1t.ros-iais.egon.gov.cz
viap1p.ros-iais.egon.gov.cz
czechtourism.gov.cz
anonymizace.gov.cz
qve.narodni-ca.gov.cz
Certificate
The complete raw certificate details for isnipi.gov.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+DCCA+CgAwIBAgIJAYB6JfOPn6VFMA0GCSqGSIb3DQEBCwUAMH0xJjAkBgNV BAMMHUkuQ0EgVExTIERWL09WIENBL1JTQSAwNi8yMDIyMS0wKwYDVQQKDCRQcnZu w60gY2VydGlmaWthxI1uw60gYXV0b3JpdGEsIGEucy4xFzAVBgNVBGEMDk5UUkNa LTI2NDM5Mzk1MQswCQYDVQQGEwJDWjAeFw0yNDA0MjkwNzUzNDBaFw0yNTA0Mjkw NzUzNDBaMDAxFjAUBgNVBAMMDWlzbmlwaS5nb3YuY3oxFjAUBgNVBAUTDUlDQSAt IDEyMTA0MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+WqAhHvRv W4uUOWA9PajGKCEwvsIeJyyhtxIP8PO335GglgxOBdvV8iWf37S7u/Qm9ap1J9nI FAkjjBEqQn+u2AS2w9vNStAsuTL9p/EMB6F7zT6ahMa0BXRPbCuQnbROqzJJW7Xs yK30+fycGnmjBwZ6EHoAfJ8+Mz36VY8+WKA8XcCSv0Fp/T7Scw7lZtqX4nzOrAf7 MLsWdLRX9JF6qaWayUgwV+LV88s9cRztDiT8PC3Ay778teIFSsIYfqvdYP2m320R cGTOfoWK9fu0zn/YAcX2hXrBb/eA0rEZLE0xS0S4zW7VFlpkSsOyY3u+3gIPuEnB +ieCTJhBdS4BAgMBAAGjggHGMIIBwjArBgNVHREEJDAigg1pc25pcGkuZ292LmN6 ghF3d3cuaXNuaXBpLmdvdi5jejAMBgNVHRMBAf8EAjAAMEUGA1UdIAQ+MDwwMAYN KwYBBAGBuEgKAUgBATAfMB0GCCsGAQUFBwIBFhFodHRwOi8vd3d3LmljYS5jejAI BgZngQwBAgEwXwYDVR0fBFgwVjApoCegJYYjaHR0cDovL3NjcmxkcDEuaWNhLmN6 L3NjYTIyX3JzYS5jcmwwKaAnoCWGI2h0dHA6Ly9zY3JsZHAyLmljYS5jei9zY2Ey Ml9yc2EuY3JsMGMGCCsGAQUFBwEBBFcwVTApBggrBgEFBQcwAoYdaHR0cDovL3Mu aWNhLmN6L3NjYTIyX3JzYS5jZXIwKAYIKwYBBQUHMAGGHGh0dHA6Ly9vY3NwLmlj YS5jei9zY2EyMl9yc2EwDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFJQZdc3d WVhZtbPPfgI5ETOBlp6rMB0GA1UdDgQWBBSKnf+CPbEKK055g56EQ1bANzL97TAT BgNVHSUEDDAKBggrBgEFBQcDATATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG 9w0BAQsFAAOCAgEAKbs6YAbJQxxHLuBf4aLk1K0D8yupQeZebq/FUfRCioqGKX4d XC1JL7bv3cum/PCJSgZV+RcCr7/ZKLN6Cn1r2FUWUyID0ltNqCDCQbvi4mb+akl3 zE9Bx22scddWo46nLht8DJEdtCvKO8WCOvbinhl8VZjGhIGb3CReDhYBNdTJeFTL nzQwgn+xQs5dDM3VcdyNyXdqqXoolZAm/OPOQZqB7WFCdP7wcXYddmZwo1GutttQ kgcK08y6fx4f8BHSSArGurffv6ycQkTLydZIoUv/xpPb3vZ7U+8s9y0OP3TxdZNI bkikFKGHqkYJVeCIK3bxb+Yh4irLurktiTmQkINHGe5pggBJ3Lap6o+DDGg83y1K 2oI18Xhyy3+DAmaxR+6NTdYeVscXbgw5CGaZlycrd9s45mzXeHPWYdTtYVQ3H+/1 Cd7RUKb72jNQ7HXTGm8RfZTF4fsu8elEGJ8jNHr3XsvE/+F19Gsrza6egiTXmTKn 0nFa8RVqm63wJFtFh5LYVMiri2qs3TKwZ/sfHZXVmxAHo/Q0sbNus9BgwSCB0mEG 9olxyOhcnXnXyAA4EAnjT8zXN4dKAGOHYjzpwsE4cQZWEkLOU7Ju3QbGFXKZpOOI DYUJOodo3fsnqE+1H+Sj2KoteJiYgbxtvotVsh5Oe5vs9uLKz9H2AJAr8U8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlqgIR70b1uLlDlgPT2o xighML7CHicsobcSD/Dzt9+RoJYMTgXb1fIln9+0u7v0JvWqdSfZyBQJI4wRKkJ/ rtgEtsPbzUrQLLky/afxDAehe80+moTGtAV0T2wrkJ20TqsySVu17Mit9Pn8nBp5 owcGehB6AHyfPjM9+lWPPligPF3Akr9Baf0+0nMO5Wbal+J8zqwH+zC7FnS0V/SR eqmlmslIMFfi1fPLPXEc7Q4k/DwtwMu+/LXiBUrCGH6r3WD9pt9tEXBkzn6FivX7 tM5/2AHF9oV6wW/3gNKxGSxNMUtEuM1u1RZaZErDsmN7vt4CD7hJwfongkyYQXUu AQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 27704497785739912517 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'I.CA TLS DV/OV CA/RSA 06/2022' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'První certifikační autorita, a.s.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRCZ-26439395' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-29 07:53:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-29 07:53:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'isnipi.gov.cz' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ICA - 1210429' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24029967045842178172621076225889329464631033498368453051053420526715692026395722051183908055749706682703306612922437077950691449589870399923382017591331373546996165376688790235778473754950683047267418266932894446939017116393811939716450930389676063867588292007190253358083199816544667697196188241907325460374842652778068580290643141727297134943223452904225485833841693228627953677440141115504907491955366618563173542952061308733056831789789588314294338898933152990264969562588708268201551839806306978834425946200086631089261959992984798981739912904108202342393606695644195378624696051531776488343553649641409322757633 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'isnipi.gov.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.isnipi.gov.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.23624.10.1.72.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.ica.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (88 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://scrldp1.ica.cz/sca22_rsa.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://scrldp2.ica.cz/sca22_rsa.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://s.ica.cz/sca22_rsa.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.ica.cz/sca22_rsa' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 941975cddd595859b5b3cf7e0239113381969eab . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8a9dff823db10a2b4e79839e844356c03732fded . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0029bb3a6006c9431c472ee05fe1a2e4d4ad03f32ba941e65e6eafc551f4428a8a86297e1d5c2d492fb6efddcba6fcf0894a0655f91702afbfd928b37a0a7d6bd85516532203d25b4da820c241bbe2e266fe6a4977cc4f41c76dac71d756a38ea72e1b7c0c911db42bca3bc5823af6e29e197c5598c684819bdc245e0e160135d4c97854cb9f3430827fb142ce5d0ccdd571dc8dc9776aa97a28959026fce3ce419a81ed614274fef071761d766670a351aeb6db5092070ad3ccba7f1e1ff011d2480ac6bab7dfbfac9c4244cbc9d648a14bffc693dbdef67b53ef2cf72d0e3f74f17593486e48a414a187aa460955e0882b76f16fe621e22acbbab92d89399090834719ee69820049dcb6a9ea8f830c683cdf2d4ada8235f17872cb7f830266b147ee8d4dd61e56c7176e0c3908669997272b77db38e66cd77873d661d4ed6154371feff509ded150a6fbda3350ec75d31a6f117d94c5e1fb2ef1e944189f23347af75ecbc4ffe175f46b2bcdae9e8224d79932a7d2715af1156a9badf0245b458792d854c8ab8b6aacdd32b067fb1f1d95d59b1007a3f434b1b36eb3d060c12081d26106f68971c8e85c9d79d7c800381009e34fccd737874a006387623ce9c2c1387106561242ce53b26edd06c6157299a4e3880d85093a8768ddfb27a84fb51fe4a3d8aa2d78989881bc6dbe8b55b21e4e7b9becf6e2cacfd1f600902bf14f