venice-cz.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:3e:c8:08:3c:e2:c5:02:a2:a3:6e:ce:82:4e:10:2c:c4:5c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=venice-cz.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:3e:c8:08:3c:e2:c5:02:a2:a3:6e:ce:82:4e:10:2c:c4:5cSerial Number (int): 282700252916821888807951297736525805831260
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 51:dd:e4:4c:76:fa:f2:b6:74:6d:26:78:27:ba:34:26:b0:0b:b2:8a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 73:67:db:a3:65:b0:bd:93:99:fd:13:d0:dc:9c:40:50:06:15:d1:36
Fingerprint (sha256): 69:00:b1:61:f0:2c:fc:cd:91:5e:c2:b5:93:89:14:4d:41:d0:8f:83:7c:cb:db:a1:34:44:49:84:3d:22:4c:3c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate venice-cz.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for venice-cz.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
venice-cz.cz
www.venice-cz.cz
www.venice-cz.cz
Other certificates including the domain name venice-cz.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for venice-cz.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDjCCBPagAwIBAgISAz7ICDzixQKio27Ogk4QLMRcMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA3MjEyMTA1MDBaFw0x NjEwMTkyMTA1MDBaMBcxFTATBgNVBAMTDHZlbmljZS1jei5jejCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBANTRxsKtBDb0M6zlZ0tmJe7rR18iOT2QmEM7 3Afix6zIL7ReX5cCxhCt6i7YCMFKprN+AwtLWbDRqkHgjCm2IVb7nmb85ChnWBwP khLMltQx764ac7irLNozB+hhqxK7en5e2QN8r+eQAsx800Yvp9OJRdtaGybUla/A Lpvdzb6Yd3tORpkQWUXaUdIzXFWJeN+6eABxzMKngXDjPcqnQ/FZS/cMwv31DK1T h6ziOHa9MUyr0aA5XhLb2Ckdw4LzQjKfqDEhHFgzmWN2l1m057BMM2pgejtWxo73 QM/W5ascDFqd4GzbdqmT0EPur/954UiMYQbdo6zPzztB2++tzSDJKLBPOuerF4lP 219Sl9h2PbCyDTtMbCl/ooSTpKmA/+itKujihlIZS1DobPEY+4DQ555gse3Br6r4 eG4ZIOBOnXIYRF2rrSq6c0M8E+1k7rdVNf5NYnr9LhwiyLy/TA6dI3SoiRHKhNYU 3qV7K3MWE91ETVTdzCTy13ZvABTCuof8NhNTnTIL5gcftr+lqEch/LRiAa2jprAd 82ZNLJOEA+m/sxG+t9nZwNsK9pRBCBTeLG1lq+GgmY6jw0ony1t7XlmFnFTrMlBF L2MrcKCU9QaAzs3nNLd6VFYbphLiUoZwFVGupOa20nYT1BTK8mKt6c6qHOIVPQcn wG0uPkWjAgMBAAGjggIfMIICGzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFHd5Ex2 +vK2dG0meCe6NCawC7KKMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MHAGCCsGAQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMCkGA1UdEQQiMCCCDHZlbmljZS1jei5jeoIQd3d3 LnZlbmljZS1jei5jejCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC 3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3Jn MIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUg cmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29y ZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBz Oi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IB AQBMTALfnBMF40YH7l5TUneLVCsP0DUlOwSqLMGzhGFh0yAMhs6V1mVb5GHUEYvB zxGUaDS/Kcsxj1jR4/r5RsyuuJCQqJ3eGONZz4KDLmAX7W68oocyAKyJ8jFUdd/4 lnS3LuMjm1+tGhnFe9NN/l+5pujRcRWJRJKCU1Gx+K2eajUiuIFDQvnwaHx/3Kuz Np+liTZqz0NSpQt7lqVUmCHXPlh/VRctQSw+phkFsCHFtZhUkoi7gLO6e7bXeS7S NPMvw0lEwufOSoj5kdAmwRrpVI6VvWGFTkQ8dhQBcGkcHnw4m4pCsUJcm38KIXQp iEtA49YzatOzTQNiZu6SGsqR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1NHGwq0ENvQzrOVnS2Yl 7utHXyI5PZCYQzvcB+LHrMgvtF5flwLGEK3qLtgIwUqms34DC0tZsNGqQeCMKbYh VvueZvzkKGdYHA+SEsyW1DHvrhpzuKss2jMH6GGrErt6fl7ZA3yv55ACzHzTRi+n 04lF21obJtSVr8Aum93Nvph3e05GmRBZRdpR0jNcVYl437p4AHHMwqeBcOM9yqdD 8VlL9wzC/fUMrVOHrOI4dr0xTKvRoDleEtvYKR3DgvNCMp+oMSEcWDOZY3aXWbTn sEwzamB6O1bGjvdAz9blqxwMWp3gbNt2qZPQQ+6v/3nhSIxhBt2jrM/PO0Hb763N IMkosE8656sXiU/bX1KX2HY9sLINO0xsKX+ihJOkqYD/6K0q6OKGUhlLUOhs8Rj7 gNDnnmCx7cGvqvh4bhkg4E6dchhEXautKrpzQzwT7WTut1U1/k1iev0uHCLIvL9M Dp0jdKiJEcqE1hTepXsrcxYT3URNVN3MJPLXdm8AFMK6h/w2E1OdMgvmBx+2v6Wo RyH8tGIBraOmsB3zZk0sk4QD6b+zEb632dnA2wr2lEEIFN4sbWWr4aCZjqPDSifL W3teWYWcVOsyUEUvYytwoJT1BoDOzec0t3pUVhumEuJShnAVUa6k5rbSdhPUFMry Yq3pzqoc4hU9ByfAbS4+RaMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 282700252916821888807951297736525805831260 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-07-21 21:05:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-19 21:05:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'venice-cz.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 868227562258469374903166375675845197007715642895738969792491571853673437145759221714924784072306519602779890023857122011364446895347022482121935977906513777046268765573806987965877329833565070401362646680274835627092979742284360338075486738058748107992568279113909793603911113308817159953351157541315588468406039486929105889006515818371179930665566226878659565193530749250542437661164846059896764208332039430393612842453336608530735758212683439415051617267416213837923550778959043907144993431100121915841264153009913998228464503327908271785625445469731491492464732545963386834865097570899741101287269384169200032071235060654554516172902641776761073683703018402886676320869492352467561363048933952439143172259189034659752600629443452908007201510218470400459155956778208459315358523851980436430579346335313863305346606660651059807948759236206022638448382206503919489374765148202228666697265133076895861409307560008653034771257081703182092902998752147251145518012399741711003835195170684982936283273439784312952540845252288136750454923286621826726459637823551150285057622333298689076413661655982277718533312128480905278148392386465452486750578465353303195722355076016248021014674618562350044367722293310693354828420866929377282529052067 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 51dde44c76faf2b6746d267827ba3426b00bb28a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'venice-cz.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.venice-cz.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004c4c02df9c1305e34607ee5e5352778b542b0fd035253b04aa2cc1b3846161d3200c86ce95d6655be461d4118bc1cf11946834bf29cb318f58d1e3faf946ccaeb89090a89dde18e359cf82832e6017ed6ebca2873200ac89f2315475dff89674b72ee3239b5fad1a19c57bd34dfe5fb9a6e8d17115894492825351b1f8ad9e6a3522b8814342f9f0687c7fdcabb3369fa589366acf4352a50b7b96a5549821d73e587f55172d412c3ea61905b021c5b598549288bb80b3ba7bb6d7792ed234f32fc34944c2e7ce4a88f991d026c11ae9548e95bd61854e443c76140170691c1e7c389b8a42b1425c9b7f0a217429884b40e3d6336ad3b34d036266ee921aca91