*.kandiduju.cz

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:be:42:fb:c6:04:9c:f6:09:eb:5d:86:1a:4d:52:99:b1:ed was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.kandiduju.cz

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:be:42:fb:c6:04:9c:f6:09:eb:5d:86:1a:4d:52:99:b1:ed
Serial Number (int): 326079543840774935964473864967579416244717
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: f3:b5:ad:33:40:9a:72:ee:c7:91:4f:b1:4b:e8:30:3e:1c:9a:9c:32
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 0b:a8:5c:84:86:c3:62:fa:c5:45:dc:30:31:a0:5e:63:b9:a0:84:7c
Fingerprint (sha256): 7b:cb:bc:81:8d:ec:76:40:18:45:24:1c:e9:62:6f:7b:f0:0e:de:c9:a8:68:aa:e0:4a:0d:51:ab:4b:30:06:dd

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate *.kandiduju.cz

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.kandiduju.cz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.kandiduju.cz
kandiduju.cz

Other certificates including the domain name kandiduju.cz

(limited to 100 certificates)
kandiduju.cz
theclimb.app
*.kandiduju.cz
6ngay.com
*.kandiduju.cz
www.aref.works
www.kandiduju.cz
chesspeak.com
chesspeak.com
chance.monadone.com
www.kandiduju.cz
*.kandiduju.cz
auth.mybodyecology.com
auth.mybodyecology.com
www.caritashub.com.br
kandiduju.cz
www.fezrestia.link
www.kandiduju.cz
app.boylecreations.com
www.fezrestia.link
www.kandiduju.cz
admin.kandiduju.cz
www.campo.pixelismo.com.ar
*.kandiduju.cz
*.kandiduju.cz

Certificate

The complete raw certificate details for *.kandiduju.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISA75C+8YEnPYJ612GGk1SmbHtMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MTAyMTMwMDJaFw0x
OTA5MDgyMTMwMDJaMBkxFzAVBgNVBAMMDioua2FuZGlkdWp1LmN6MIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KRNAWjnzMX1Fszxntsm+kJGkgB8wQT9
kYAxR/9sdpc0M5/0F6cMlEDOrtsrh9Ml39V2GYhivLskTrwm6kdEI0jAjKomBraX
Kh8VzdqSKhww4wcneotj3GkjyZetX8FaSyRdQ17+BZlfaxHhj4yPSTuupEbvibJC
JUZnQQCUfskcuzy/Dt+e+8x2u2ZJurNc8DDCr8xSxIqPuEC+7KS4NEld1ivWIYEP
9KkbZ1JkfIjtp64ymVGcRKDq27vtBOdKws2m5dFW4L0L5BYpJhlG2wRfHxLjGGpB
dsqmUj4ng5QEOGGE7f56I++/L+6ri5WDz/k2BdjjQmwRxxhdhlCDWwIDAQABo4IC
cjCCAm4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTzta0zQJpy7seRT7FL6DA+HJqc
MjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRj
MGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v
cmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5v
cmcvMCcGA1UdEQQgMB6CDioua2FuZGlkdWp1LmN6ggxrYW5kaWR1anUuY3owTAYD
VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa
aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5AgQCBIH2BIHz
APEAdwApPFGWVMg5ZbqqUPxYB9S3b79Yeily3KTDDPTlRUf0eAAAAWtDgzt0AAAE
AwBIMEYCIQDAMV+QtczaAF2u26V+02LvgkJrzhz2rL3vfbUgCzlzSAIhANMxG4op
iKlkTPDdZcTnGk2ngcBdnr7MwwOvfBFGplkYAHYA4mlLribo6UAJ6IYbtjuD1D7n
/nSI+6SPKJMBnd3x2/4AAAFrQ4M9dAAABAMARzBFAiEAm6Jui7L6R3PLEGhtjCpo
3owj9NaS+knK9sUKh5sNPTECIAhdBG2w7tBoWOkbUBFkrylbsdV1PDrQ3teZp9PX
yM+4MA0GCSqGSIb3DQEBCwUAA4IBAQAhn2P3zztcOp0lQU7tg7E4U4rZvs3asd30
wpOlYGnKt7nXT7HUm3RNDxu880uqyU1avfQ2+DHMOHTwyQbLdn1zkN4bzd1u1pki
GeoXyTfJh8KyoEwacLW/JxGguvgh1hChCy6REN2YUYKQUivpM6LLqDpGfygwAHtY
Q7u2OSZMS6omLCENum7XvAyCG6RPQxhhqTbhL1HwZ+R5uhHuGHccGwj34yNhBMdo
HEKIj8zTNqDmcPUWf13uFN3OKQr4AF2cO7K/iNLpPo5/UcspQ+RQEgHNL2Szi0LP
cfgriLDU9LI0zW4Y0kUq3iVwJ9OY87ON2zlHe1GD+hCsJw3ZCb9j
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KRNAWjnzMX1Fszxntsm
+kJGkgB8wQT9kYAxR/9sdpc0M5/0F6cMlEDOrtsrh9Ml39V2GYhivLskTrwm6kdE
I0jAjKomBraXKh8VzdqSKhww4wcneotj3GkjyZetX8FaSyRdQ17+BZlfaxHhj4yP
STuupEbvibJCJUZnQQCUfskcuzy/Dt+e+8x2u2ZJurNc8DDCr8xSxIqPuEC+7KS4
NEld1ivWIYEP9KkbZ1JkfIjtp64ymVGcRKDq27vtBOdKws2m5dFW4L0L5BYpJhlG
2wRfHxLjGGpBdsqmUj4ng5QEOGGE7f56I++/L+6ri5WDz/k2BdjjQmwRxxhdhlCD
WwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 326079543840774935964473864967579416244717
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-10 21:30:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-08 21:30:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.kandiduju.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29368306497614633333214822514646178891567290944844601308928113178507432527938997831431200822601692426185380657631777303656443078219964815884379077412232555949796106699857223421735651531750229366281233382762003581585451695407808974693805690019808123840975998098924363107748039098396655329372986034079302151797144556077169594654869422550263577657296417211938888672140182659989594956575462622384624858160081398905228806023174291549016559898078314202510886270528582767446641531109764159787126428466786608962898654375726591899104238049623178861344342271867502831078311289086634503852627547166249419276597448120757824553819
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f3b5ad33409a72eec7914fb14be8303e1c9a9c32
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kandiduju.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kandiduju.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016b43833b740000040300483046022100c0315f90b5ccda005daedba57ed362ef82426bce1cf6acbdef7db5200b397348022100d3311b8a2988a9644cf0dd65c4e71a4da781c05d9ebeccc303af7c1146a65918007600e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016b43833d7400000403004730450221009ba26e8bb2fa4773cb10686d8c2a68de8c23f4d692fa49caf6c50a879b0d3d310220085d046db0eed06858e91b501164af295bb1d5753c3ad0ded799a7d3d7c8cfb8
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00219f63f7cf3b5c3a9d25414eed83b138538ad9becddab1ddf4c293a56069cab7b9d74fb1d49b744d0f1bbcf34baac94d5abdf436f831cc3874f0c906cb767d7390de1bcddd6ed6992219ea17c937c987c2b2a04c1a70b5bf2711a0baf821d610a10b2e9110dd98518290522be933a2cba83a467f2830007b5843bbb639264c4baa262c210dba6ed7bc0c821ba44f431861a936e12f51f067e479ba11ee18771c1b08f7e3236104c7681c42888fccd336a0e670f5167f5dee14ddce290af8005d9c3bb2bf88d2e93e8e7f51cb2943e4501201cd2f64b38b42cf71f82b88b0d4f4b234cd6e18d2452ade257027d398f3b38ddb39477b5183fa10ac270dd909bf63