stage.jancaeshop.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:ee:7d:c9:8f:7c:99:b1:9b:59:fe:66:62:ec:17:93:56:8a was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=stage.jancaeshop.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ee:7d:c9:8f:7c:99:b1:9b:59:fe:66:62:ec:17:93:56:8aSerial Number (int): 342491261183862205622578448175045799007882
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: fa:e6:b4:21:31:fb:d4:c2:63:19:d8:de:4a:c4:12:a8:73:2f:c3:19
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 81:22:c3:44:2d:8e:eb:35:43:e1:b2:a3:7e:ed:32:71:11:f1:6a:13
Fingerprint (sha256): 92:46:98:b8:97:49:c0:ea:32:ee:a8:41:56:13:e4:a0:08:8d:b4:f9:84:d0:40:fc:41:9f:dd:0a:89:30:d5:f8
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate stage.jancaeshop.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for stage.jancaeshop.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.stage.jancaeshop.cz
stage.jancaeshop.cz
stage.jancaeshop.cz
Other certificates including the domain name jancaeshop.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for stage.jancaeshop.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGdjCCBV6gAwIBAgISA+59yY98mbGbWf5mYuwXk1aKMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MDUwOTAyMTNaFw0x OTEyMDQwOTAyMTNaMB4xHDAaBgNVBAMTE3N0YWdlLmphbmNhZXNob3AuY3owggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDY4OaypWEhmRj8YNv0ByhNQw7y ToQtPHDo6wix7qtxLbNCYL4yUNsaHpgZ9xutfJ2iq4WWeAo9m+zd8yvsCTxCwU/6 BH2TGxiFRgXxetvVcOmIcTml+8gTrLoikVl9apxoTGRxq4BU/LqdiXQE2JmvXQXs x6vwMYapoAhoKhkl8kds1QK8fiqTsiuO9fHJfJPsWtFKusqPRyJmUgSYFUf8Afk5 wBaue3uMWtrQvlKTr0vk8ztliABH3x7WqedOnOkWo4HyQX0w9e/ade+G9RjZk1Rr L1hKLSbbCNgiGM5IS5HWffk7GbEHkGC7wMGRxX2Czq62+t3DnDUs/w+K4yhcEuWh ijsrAxEoB8gdXIfVoTnnHv9f1y1MDSheCvwd/xVf3zb5O+V9aobNu8C+bfLy9MLl hOFofzN6KEfjjjZTkfycnuMv95Ize/QVOBBmUWnzAXXcEHc8WCoZVVqx907936eZ SeU2p696KM1OI2QYLygiYnvpEFcGY78iJBeAZDzssx4cHs/8GTXnPBT4IDa7CLd4 N/KOBw7Fg4e370seolJmenSOtbago6FQSvTLu61IJrT6H0S0q2NuWJ/PoVbUWl1T aUkG+vVKCpRG4dO0BkhMSf7RHolhFw460hRWNwmHxR1wfcoFoxFelIVVWArEvn6z NqmqJACGzIzG/AOxgwIDAQABo4ICgDCCAnwwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBT65rQhMfvUwmMZ2N5KxBKocy/DGTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMDUGA1UdEQQuMCyCFSouc3RhZ2UuamFu Y2Flc2hvcC5jeoITc3RhZ2UuamFuY2Flc2hvcC5jejBMBgNVHSAERTBDMAgGBmeB DAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl dHNlbmNyeXB0Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AOJpS64m6OlA CeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABbQDf3E0AAAQDAEgwRgIhAKI3Crxk g/A2VsL/Q+pqOJh97VodGXJIcIfaSqVVEKvDAiEAjeAj2UyGxowQjuS/lrf7jePc 1AE0CqX83eYetu4f2MAAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvY jQAAAW0A39w3AAAEAwBHMEUCIQDMShJxIO206uKRJsZoMUtx347fmgvdsnheRrrT qOo5NQIgPNjdjN6VRvad8cRlugVCxSvPJ2Jx6MN3lwnERGxyQiowDQYJKoZIhvcN AQELBQADggEBAAFSEdEbhlNERp0Dzlhb2qAPIvxIAe0yY+GjGCmCVywU/fLicT89 MCXI2UuNkYM1YVP9MF7xDCTt7QDXaVXiGb6DvjiZPqizt+mmgJJVBqGWSG3ChrCk hb/9W5OAD0ZHjqLU1fTYBAVmgX6Sjw5HDLedoI4GZ9yOU5tnsXRHAAe0b3WV4WRU TE51apkwWBIpPkfFMW/7jqWJfJ0bSwoMOLxc3lebqLMHhkYf4RnOEQ/Y+hNKvcLn mZfXIGY1lfcXXzD5E8/f3ur4s7Tn3Ze5Ito7V2wJAHjR2b9zdmehtm6UXLnZZgTb f9zOozllli9MZ2wqBd9ypZXc1U1x2n/wAEs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2ODmsqVhIZkY/GDb9Aco TUMO8k6ELTxw6OsIse6rcS2zQmC+MlDbGh6YGfcbrXydoquFlngKPZvs3fMr7Ak8 QsFP+gR9kxsYhUYF8Xrb1XDpiHE5pfvIE6y6IpFZfWqcaExkcauAVPy6nYl0BNiZ r10F7Mer8DGGqaAIaCoZJfJHbNUCvH4qk7IrjvXxyXyT7FrRSrrKj0ciZlIEmBVH /AH5OcAWrnt7jFra0L5Sk69L5PM7ZYgAR98e1qnnTpzpFqOB8kF9MPXv2nXvhvUY 2ZNUay9YSi0m2wjYIhjOSEuR1n35OxmxB5Bgu8DBkcV9gs6utvrdw5w1LP8PiuMo XBLloYo7KwMRKAfIHVyH1aE55x7/X9ctTA0oXgr8Hf8VX982+TvlfWqGzbvAvm3y 8vTC5YThaH8zeihH4442U5H8nJ7jL/eSM3v0FTgQZlFp8wF13BB3PFgqGVVasfdO /d+nmUnlNqeveijNTiNkGC8oImJ76RBXBmO/IiQXgGQ87LMeHB7P/Bk15zwU+CA2 uwi3eDfyjgcOxYOHt+9LHqJSZnp0jrW2oKOhUEr0y7utSCa0+h9EtKtjblifz6FW 1FpdU2lJBvr1SgqURuHTtAZITEn+0R6JYRcOOtIUVjcJh8UdcH3KBaMRXpSFVVgK xL5+szapqiQAhsyMxvwDsYMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 342491261183862205622578448175045799007882 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-05 09:02:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-04 09:02:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stage.jancaeshop.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 884787168290959587140141217765734884952173424118201016798734605589053264688524497598308251316992335968676482584407205850468845615662043803877677044952262057476320878732345638520814835695791904754345053599676460587424920333698416821873305874457238508495792927271304998694834866237244052973675701199914892191249825199590622723232045095013717171060554707446672612684615307464642064581674137288565370682917097194992623957352298620946654990088159646436156440757124508997943946671160717043292664896721304137500203774628116410030443857625977443977314377220013370859633149123434567829203842018231744720943319846286678839805436358270162391595483231332183968719458524511160217548960895173711691179280073595935633557980916981166676268237959503983393761187265783175256102018445573179632330857926550939462439797872497128325457673051377714935857170688454261394020548918625284017800720005371596402645756566162564156608510314505612892443891216695153518996264622174409771268346974437655801889040009105839264734804756039575892889430979894602579294805113565970640073066218309683427951077966945967676449133510617872755453201261997636477289283538607032319851920573487446393345176286161936985931189468775832378074129538553735258927184958638633869981757827 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fae6b42131fbd4c26319d8de4ac412a8732fc319 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stage.jancaeshop.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jancaeshop.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016d00dfdc4d0000040300483046022100a2370abc6483f03656c2ff43ea6a38987ded5a1d1972487087da4aa55510abc30221008de023d94c86c68c108ee4bf96b7fb8de3dcd401340aa5fcdde61eb6ee1fd8c000760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d00dfdc370000040300473045022100cc4a127120edb4eae29126c668314b71df8edf9a0bddb2785e46bad3a8ea393502203cd8dd8cde9546f69df1c465ba0542c52bcf276271e8c3779709c4446c72422a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00015211d11b865344469d03ce585bdaa00f22fc4801ed3263e1a3182982572c14fdf2e2713f3d3025c8d94b8d9183356153fd305ef10c24eded00d76955e219be83be38993ea8b3b7e9a680925506a196486dc286b0a485bffd5b93800f46478ea2d4d5f4d8040566817e928f0e470cb79da08e0667dc8e539b67b174470007b46f7595e164544c4e756a99305812293e47c5316ffb8ea5897c9d1b4b0a0c38bc5cde579ba8b30786461fe119ce110fd8fa134abdc2e79997d720663595f7175f30f913cfdfdeeaf8b3b4e7dd97b922da3b576c090078d1d9bf737667a1b66e945cb9d96604db7fdccea33965962f4c676c2a05df72a595dcd54d71da7ff0004b