www.primocar.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:23:41:7d:f7:bd:b5:f4:c4:26:e5:86:83:b2:9a:26:10:16 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.primocar.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:23:41:7d:f7:bd:b5:f4:c4:26:e5:86:83:b2:9a:26:10:16Serial Number (int): 273333794519132530054419673454514039820310
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 39:6a:95:d1:3d:de:4f:4c:91:24:a1:aa:de:6b:90:8d:47:69:73:cd
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): f4:2f:19:d8:3f:5f:9e:30:72:78:f6:e1:15:8b:0b:5a:20:22:77:a1
Fingerprint (sha256): 49:62:0c:b5:7d:14:da:a7:98:b5:b5:23:07:08:c1:25:e2:90:cf:91:7b:a9:40:8b:64:ce:ea:2a:cf:89:cb:39
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.primocar.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.primocar.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
primocar.cz
www.primocar.cz
www.primocar.cz
Other certificates including the domain name primocar.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.primocar.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYjCCBUqgAwIBAgISAyNBffe9tfTEJuWGg7KaJhAWMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODExMTkyMDA1MDVaFw0x OTAyMTcyMDA1MDVaMBoxGDAWBgNVBAMTD3d3dy5wcmltb2Nhci5jejCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBAOTdFyFa5VUxIUyFWZy5LS6/ZQ1wJi0O oBFHqMQffivb+erMFjwVrwYQxBn/1XzzhOSB0CCmLBoZLcde+b3k2MMotWcaulEq JtAQDjmJINlSELxxLq0XnHWxnc6rgMuyw+wYcVn56ZMyCqor4w26pGR+BV6JN86x bYR/1VdUAOue71Sa6XUSF3uQD7ErFF06MKAg8tw99Io/AABRTfdTG1Fz8QsaWk/2 duiOAgPROV7pgbkkXebAW7u7LMgkbl5KbgjIPuzfGM+tTBpx+Kvl7Fx7gFNZLyUg 5oyMFVt110XKT5Bpt3ickf928GjXhlpOzqwyzSYnVQVLwPyaxPzGb+SGAAZcnzeJ k9SpdpwpWadwLhuJyksWHKxuixW9gXplhMHCKUf2U1FNRAhbPriOWR4Q+LqvNVp9 oQlV2VJT0eX5Ffaq6bBnLGiLJAedQjtbNfCtWVBZGjYj57q5e7meHN2ThOwH3lDF keO2aj2kSjq0m1DLJgjWbQ8ImBZKxXQaYyux/v6ULBZrP5NEb/H72uHdb2uDOjNB L4J4LdnK8ytpckRgDeB51C+Llzz1x41CbLR53oftriDZShnZDm4dkZO30cFzJAF/ oZ6q/Jb2B89K00wdmVqWCxzj6yCCL2TNuzNYEClZYClWCltWlrEIE0XwRXY5MlKq 6kkOlolaC3ORAgMBAAGjggJwMIICbDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFDlq ldE93k9MkSShqt5rkI1HaXPNMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wJwYDVR0RBCAwHoILcHJpbW9jYXIuY3qCD3d3 dy5wcmltb2Nhci5jejBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEB ATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQMG CisGAQQB1nkCBAIEgfQEgfEA7wB2AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiT AZ3d8dv+AAABZy3KgfUAAAQDAEcwRQIhAPW/eNdHFjdCnYESjjjXR4aj0RyxaTsM 4LKWZ6hC6gJcAiAjZD9JJspgHjTAc5vIi83G4Y9kNuh5/XnSGLWciugrVAB1ACk8 UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABZy3KgfUAAAQDAEYwRAIg ZBz1Bc/zwkv8nuMt+HGe9jTZe26J49I6TF6lCfyj1GUCIEu0IumJBLOgTY+iGoVv zgpFwEaSz8WtSvjswh71Qts6MA0GCSqGSIb3DQEBCwUAA4IBAQAPuD4paG8i5hD3 GP4Bvtb/h7lyiMHKoZP3kuzVhjekG3K6dmuLSIgfWDuxbvJCNV+vuh9KWS3pGjrR xG4RBTP7QhxpRLz58eUfta08LasQssTfKd1NpU/BTFngKqJbyiP/SEjFy7nPNpkr DZYzpKKaDvqFQT26kC/EMGlP3eSC86fvLw59HH4bzvjYFuoUFpyDsQutaTfCGHV+ +MHUg44RtUXBt3HcYykHmqPY0NuUYrH9MtL3/5rLdS8T2irbpYpCZUhRisGZTUOp MWp8IfJN5memwXEtp/c0R6tQUprr2ORvnuA4N6c/To94RXG2hPSGw37seoYshVEk gXZiTwe1 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5N0XIVrlVTEhTIVZnLkt Lr9lDXAmLQ6gEUeoxB9+K9v56swWPBWvBhDEGf/VfPOE5IHQIKYsGhktx175veTY wyi1Zxq6USom0BAOOYkg2VIQvHEurRecdbGdzquAy7LD7BhxWfnpkzIKqivjDbqk ZH4FXok3zrFthH/VV1QA657vVJrpdRIXe5APsSsUXTowoCDy3D30ij8AAFFN91Mb UXPxCxpaT/Z26I4CA9E5XumBuSRd5sBbu7ssyCRuXkpuCMg+7N8Yz61MGnH4q+Xs XHuAU1kvJSDmjIwVW3XXRcpPkGm3eJyR/3bwaNeGWk7OrDLNJidVBUvA/JrE/MZv 5IYABlyfN4mT1Kl2nClZp3AuG4nKSxYcrG6LFb2BemWEwcIpR/ZTUU1ECFs+uI5Z HhD4uq81Wn2hCVXZUlPR5fkV9qrpsGcsaIskB51CO1s18K1ZUFkaNiPnurl7uZ4c 3ZOE7AfeUMWR47ZqPaRKOrSbUMsmCNZtDwiYFkrFdBpjK7H+/pQsFms/k0Rv8fva 4d1va4M6M0Evgngt2crzK2lyRGAN4HnUL4uXPPXHjUJstHneh+2uINlKGdkObh2R k7fRwXMkAX+hnqr8lvYHz0rTTB2ZWpYLHOPrIIIvZM27M1gQKVlgKVYKW1aWsQgT RfBFdjkyUqrqSQ6WiVoLc5ECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 273333794519132530054419673454514039820310 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-19 20:05:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-17 20:05:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.primocar.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 933682167609843128060988769511694826260580320738862373704448144505363920452287044514979137934691386291418257455119645594582014014971556500145638147823496487223408852129105307105212795025086689128773424604810744403279334830725916401583689487689085266471850464840737396056495350789119228415454482567089151099631908906161567301794411958114825158808191200313930220636361688211222973485510387344570994217081753761109218141375015934930845953482493046516998221800365755189719307715203453899010378510292395171743366072905935754346722340907207041060696523514191407691757580188687216234090749753219334945979424499133521312478965755100619930223371861574884985796705812466249060133094092421124452563203552681612367375442793253887057867491427825424028081682257235642241357077881663773320895847215096189828904388070545605854634807380611246469504996249313782138659749645083873551447385764219928217021557240349538822075221616586004985925175844527433262734514085479854827031919791388844409588884092765061006950113722784077012822614108401901943911481677488520135622973700951677034293202091823669835789732494276263946013056239179250795489582167191559990283105024002093715965374192589421666456265732638289703258688162266755163938062567491394695785575313 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 396a95d13dde4f4c9124a1aade6b908d476973cd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'primocar.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.primocar.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe000001672dca81f50000040300473045022100f5bf78d7471637429d81128e38d74786a3d11cb1693b0ce0b29667a842ea025c022023643f4926ca601e34c0739bc88bcdc6e18f6436e879fd79d218b59c8ae82b54007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001672dca81f500000403004630440220641cf505cff3c24bfc9ee32df8719ef634d97b6e89e3d23a4c5ea509fca3d46502204bb422e98904b3a04d8fa21a856fce0a45c04692cfc5ad4af8ecc21ef542db3a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000fb83e29686f22e610f718fe01bed6ff87b97288c1caa193f792ecd58637a41b72ba766b8b48881f583bb16ef242355fafba1f4a592de91a3ad1c46e110533fb421c6944bcf9f1e51fb5ad3c2dab10b2c4df29dd4da54fc14c59e02aa25bca23ff4848c5cbb9cf36992b0d9633a4a29a0efa85413dba902fc430694fdde482f3a7ef2f0e7d1c7e1bcef8d816ea14169c83b10bad6937c218757ef8c1d4838e11b545c1b771dc6329079aa3d8d0db9462b1fd32d2f7ff9acb752f13da2adba58a426548518ac1994d43a9316a7c21f24de667a6c1712da7f73447ab50529aebd8e46f9ee03837a73f4e8f784571b684f486c37eec7a862c8551248176624f07b5