esemes.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:c2:6a:4c:db:cd:75:6d:ee:ae:75:1b:21:c2:85:18:ea:b0 was issued on by Let's Encrypt.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=esemes.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:c2:6a:4c:db:cd:75:6d:ee:ae:75:1b:21:c2:85:18:ea:b0Serial Number (int): 327492934218183070742538786401464312457904
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 0a:89:37:7d:cd:72:ef:7d:1d:e4:e8:a7:26:a9:e1:5d:fd:60:51:32
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 3c:b2:7f:b2:87:a3:0c:c7:d4:af:39:5a:43:af:f4:0c:0b:79:98:c5
Fingerprint (sha256): 2c:dd:ae:09:3e:cb:4d:d4:2f:6a:9e:82:0b:d3:2a:f1:a1:c5:fa:ae:53:28:55:84:85:ac:d8:06:99:f3:76:dc
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate esemes.cz
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for esemes.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
esemes.cz
goip.esemes.cz
m.esemes.cz
smsapi.esemes.cz
www.esemes.cz
goip.esemes.cz
m.esemes.cz
smsapi.esemes.cz
www.esemes.cz
Other certificates including the domain name esemes.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for esemes.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGMzCCBRugAwIBAgISA8JqTNvNdW3urnUbIcKFGOqwMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA1MjYwNTQ3MDBaFw0x NzA4MjQwNTQ3MDBaMBQxEjAQBgNVBAMTCWVzZW1lcy5jejCCAiIwDQYJKoZIhvcN AQEBBQADggIPADCCAgoCggIBAM2AJrV/xR8bSPDQ7Wq5NSayH/Kr075+shki1YEB TVPxeF38zPgxJ0AGBXz9B10zMDMaAvLxH+VShwCYpJpAxWB+8DUtSXZ7knr6PT6s BKO8ATCftsIpxa2uGE2W06H2O34ivfJJRSTr/lObUrFrWQ3sEywo27tVPVo3X+Pf dJp1ouVXIl0Tf6UVkwUHj4MzH+yWMT83t/tLsSFzvaj0MWez++St6q8kMTXW2LHp NzpfV1Gz8SMJe8QZekLPtYXknAh42SE8a2zLmHjwdoIFFimf2CLCNovlzGNPSOfn XHIjccFlMw17If2yT3Vv/nKuwEjO8UZBnJF6YD2E0noW+HsLKMt5lSaHWqxEDXFy KPybGKuIlEuagzrtfsXkYfZKmo01ixiHGQqZ32tbvE8LQ4so5GntIXR3QuXDWhC1 cFyj7sHxILZIAHFJrMUbUj/IhzjEpfbQvdV4z71IDrWZeAvGUxlFY1MeU8SiJ5iN zwVOrRbJtb/5gm4GofjTzJoOCeRIiu40z0j9vpdTKfAcjGG3u5BsHS0hHbtaz96b McUF5RsBHPBJCFfGutdy5yYamwoBIwn2mGkZplyBT95vXFJkH4SynEcn4FJBIKvg AbEKllQZdpv2UMpadsDQAMBnlsP57zu38lywuWzoOf6N38xVLcMJGzpW3ckyDckR qWPZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAqJN33Ncu99 HeTopyap4V39YFEyMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8G CCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxl dHNlbmNyeXB0Lm9yZy8wUgYDVR0RBEswSYIJZXNlbWVzLmN6gg5nb2lwLmVzZW1l cy5jeoILbS5lc2VtZXMuY3qCEHNtc2FwaS5lc2VtZXMuY3qCDXd3dy5lc2VtZXMu Y3owgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYG CCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUH AgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9u IGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGgg dGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNy eXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAV4ga7HT4R+5g 6ntmO7eAUzH3ZdIozjVMm5x4VTNYpW5DCFRhSF1QK80CUDaE43LaMJjMKb37p4oB DjGx6e7F4LMtuz4WL59rvcbZh7inGalCglGtJ8OsG3OHuFuyd/cpmw5rfR9IdT5o Wa7CbtqjtNTUp9Mq+ui1wYSJgC70P2d2uP82S1Gu7zSP7taVmbttUMkHTE3SIFq3 tvIkiGSqRgMGQHc9V4Ipn1B2GcdGQbiVdz5FppiSPQWVLeHgF99hwAEiCZPSYi1y RH1iqnzxbgLld4VhwaWyoYJ+CwA76sOaVyhP4Vqp1M3+6xqwGXtwSpZFeEyCTMGY IbRKL/kdPA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzYAmtX/FHxtI8NDtark1 JrIf8qvTvn6yGSLVgQFNU/F4XfzM+DEnQAYFfP0HXTMwMxoC8vEf5VKHAJikmkDF YH7wNS1JdnuSevo9PqwEo7wBMJ+2winFra4YTZbTofY7fiK98klFJOv+U5tSsWtZ DewTLCjbu1U9Wjdf4990mnWi5VciXRN/pRWTBQePgzMf7JYxPze3+0uxIXO9qPQx Z7P75K3qryQxNdbYsek3Ol9XUbPxIwl7xBl6Qs+1heScCHjZITxrbMuYePB2ggUW KZ/YIsI2i+XMY09I5+dcciNxwWUzDXsh/bJPdW/+cq7ASM7xRkGckXpgPYTSehb4 ewsoy3mVJodarEQNcXIo/JsYq4iUS5qDOu1+xeRh9kqajTWLGIcZCpnfa1u8TwtD iyjkae0hdHdC5cNaELVwXKPuwfEgtkgAcUmsxRtSP8iHOMSl9tC91XjPvUgOtZl4 C8ZTGUVjUx5TxKInmI3PBU6tFsm1v/mCbgah+NPMmg4J5EiK7jTPSP2+l1Mp8ByM Ybe7kGwdLSEdu1rP3psxxQXlGwEc8EkIV8a613LnJhqbCgEjCfaYaRmmXIFP3m9c UmQfhLKcRyfgUkEgq+ABsQqWVBl2m/ZQylp2wNAAwGeWw/nvO7fyXLC5bOg5/o3f zFUtwwkbOlbdyTINyRGpY9kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 327492934218183070742538786401464312457904 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-05-26 05:47:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-08-24 05:47:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'esemes.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 838369265628773412983211368300065745430530408683427345029290108797627684849379232502606296737593800966599246065082048126759022279922271501822531316173865184113483866197489739066970336620427885662327420768017187191473901255528343158442504362154961658757335400880906119966983464074806093199562375646429077850826403296880244832449664839034956109256113998382508042032220289628642598353350996948780186759432687144961274789202979605762025844317358859626586455993917040806149064234246103007549479725344292321724873715286096379320626821455806609042501323051382838686322048821463225592687865698011899396448078836840796331708776062382216549221259424003622223796216288904862083051864779744682075437679316453354901640010636816647696903397915364294198279410599780495966674953786916743294858429714370381686488424858811342740585563975226576541115551921799999415394471068103184490506421997415535603099974747197570573732504961212913559416254525707242605095466326679613716647263012414230615375401705676814900035704247979866048371033077477343897914679482857738577904765006365015729582906798347460483529056488371313159479379964412172753950879169514159245608946849554720224561467164412492114890656597378292380198375941569402626850618076969998459039474649 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0a89377dcd72ef7d1de4e8a726a9e15dfd605132 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esemes.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goip.esemes.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.esemes.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smsapi.esemes.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.esemes.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0057881aec74f847ee60ea7b663bb7805331f765d228ce354c9b9c78553358a56e43085461485d502bcd02503684e372da3098cc29bdfba78a010e31b1e9eec5e0b32dbb3e162f9f6bbdc6d987b8a719a9428251ad27c3ac1b7387b85bb277f7299b0e6b7d1f48753e6859aec26edaa3b4d4d4a7d32afae8b5c18489802ef43f6776b8ff364b51aeef348feed69599bb6d50c9074c4dd2205ab7b6f2248864aa46030640773d5782299f507619c74641b895773e45a698923d05952de1e017df61c001220993d2622d72447d62aa7cf16e02e5778561c1a5b2a1827e0b003beac39a57284fe15aa9d4cdfeeb1ab0197b704a9645784c824cc19821b44a2ff91d3c