www.mikulasske.cz
Issued by TERENA SSL CA
About this certificate
This digital certificate with serial number df:bb:51:e0:6a:d8:28:84:f8:b3:29:3f:c5:5e:32:67 was issued on by TERENA.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.mikulasske.cz,OU=Domain Control Validated
TERENA
Organization:
TERENA
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): df:bb:51:e0:6a:d8:28:84:f8:b3:29:3f:c5:5e:32:67Serial Number (int): 297390463227935281770249720335421026919
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: d5:f2:dc:f2:7f:75:bf:a4:70:11:f7:f9:28:74:7f:a7:f0:7c:79:74
AuthorityKeyId: 0c:bd:93:68:0c:f3:de:ab:a3:49:6b:2b:37:57:47:ea:90:e3:b9:ed
Fingerprint (sha1): 94:01:86:65:25:65:b7:a7:3d:46:a1:1f:b8:51:80:08:e7:86:35:b4
Fingerprint (sha256): 94:11:93:bd:88:d5:d1:1d:93:df:00:aa:de:c0:0a:81:36:95:42:f1:a0:21:30:30:71:4d:81:b8:84:da:55:08
Issuing Certificate URL: http://crt.tcs.terena.org/TERENASSLCA.crt
Revocation information
OCSP Server: http://ocsp.tcs.terena.orgCRL Distribution Point: http://crl.tcs.terena.org/TERENASSLCA.crl
Check the revocation status for certificate www.mikulasske.cz
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.mikulasske.cz
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.mikulasske.cz
admin.mikulasske.cz
bakalari.mikulasske.cz
esf.mikulasske.cz
mikulasske.cz
weblogin.mikulasske.cz
webmail.mikulasske.cz
admin.mikulasske.cz
bakalari.mikulasske.cz
esf.mikulasske.cz
mikulasske.cz
weblogin.mikulasske.cz
webmail.mikulasske.cz
Other certificates including the domain name mikulasske.cz
(limited to 100 certificates)
mail.mikulasske.cz
www.mikulasske.cz
mail.mikulasske.cz
www.mikulasske.cz
idp.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
mail.mikulasske.cz
mail.mikulasske.cz
www.mikulasske.cz
radius.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
radius.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
radius.mikulasske.cz
radius.mikulasske.cz
mail.mikulasske.cz
www.mikulasske.cz
mail.mikulasske.cz
www.mikulasske.cz
idp.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
mail.mikulasske.cz
mail.mikulasske.cz
www.mikulasske.cz
radius.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
radius.mikulasske.cz
www.mikulasske.cz
www.mikulasske.cz
radius.mikulasske.cz
radius.mikulasske.cz
mail.mikulasske.cz
Certificate
The complete raw certificate details for www.mikulasske.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIRAN+7UeBq2CiE+LMpP8VeMmcwDQYJKoZIhvcNAQEFBQAw NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B IFNTTCBDQTAeFw0xNDA3MjMwMDAwMDBaFw0xNTA3MjMyMzU5NTlaMD8xITAfBgNV BAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEaMBgGA1UEAxMRd3d3Lm1pa3Vs YXNza2UuY3owggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhSNf1+DLx LdkcmJUFxKFVWBkFXDArJ65yVcBxIqnoLPBVz6oazTwDXvC2z/E4CaCMD9BhI9iB y2L/1VxacxRhTbuw/kypcQKFB5o3+g2iz49G0obmaOxeyJwXFVACyVyy9bcI46h6 q/70XgeFSXhOeksmoP+Wd739TJ7lu0U2pVFviHJ1YBaC08CnGot87p2IF0lQ5e5x w2qi/HysY5wnMegbs5SMhavjgRJ1FgLk3Y0QnWWW5cMTbTTcySEqGLY+d8eMtcXw HnxtX1un7RA0eFzSSqiMoNIOsuxzfBhFAjL80qSU+XnU+4aUEgBGNW67YwC9AwPU k/npAkn7VvL5AgMBAAGjggHvMIIB6zAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3 V0fqkOO57TAdBgNVHQ4EFgQU1fLc8n91v6RwEff5KHR/p/B8eXQwDgYDVR0PAQH/ BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAh0wCAYGZ4EMAQIBMDoGA1UdHwQz MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v Y3NwLnRjcy50ZXJlbmEub3JnMIGcBgNVHREEgZQwgZGCEXd3dy5taWt1bGFzc2tl LmN6ghNhZG1pbi5taWt1bGFzc2tlLmN6ghZiYWthbGFyaS5taWt1bGFzc2tlLmN6 ghFlc2YubWlrdWxhc3NrZS5jeoINbWlrdWxhc3NrZS5jeoIWd2VibG9naW4ubWlr dWxhc3NrZS5jeoIVd2VibWFpbC5taWt1bGFzc2tlLmN6MA0GCSqGSIb3DQEBBQUA A4IBAQBb/WZwbqnnydI64VpAq4FfSVetmaXgiAXw6U67zyG0wT1knQCzrLzmqBeo b/2OvcieQE3gW4FRKTdYHlusPuWN9d65XRAQYv2PNC/5fNUqxcWXmtYoH20sDzw9 N5Dl4ji6EtS9i312GGILRzW8NrsinD4HmwsSjKvsSrdGUGSbrFl6vVo6zjeNR59m OC6Gm+xh2mX5fWgOlCEFdeImpjQZxTIbB+w6BuZxiSyaZj7olH/kcG52AsEoNZLQ wAFPJfclHoXwIkfIvVlHqNoVdJ8F/9DY7KL95lus9Q2YGI5IINaHWJR0+TYjVPhW LqSpk4+TbJ56JTsweDNXlHvicnhN -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UjX9fgy8S3ZHJiVBcSh VVgZBVwwKyeuclXAcSKp6CzwVc+qGs08A17wts/xOAmgjA/QYSPYgcti/9VcWnMU YU27sP5MqXEChQeaN/oNos+PRtKG5mjsXsicFxVQAslcsvW3COOoeqv+9F4HhUl4 TnpLJqD/lne9/Uye5btFNqVRb4hydWAWgtPApxqLfO6diBdJUOXuccNqovx8rGOc JzHoG7OUjIWr44ESdRYC5N2NEJ1lluXDE2003MkhKhi2PnfHjLXF8B58bV9bp+0Q NHhc0kqojKDSDrLsc3wYRQIy/NKklPl51PuGlBIARjVuu2MAvQMD1JP56QJJ+1by +QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 297390463227935281770249720335421026919 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TERENA SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-07-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-07-23 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.mikulasske.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28439539133793802686664148107470967471681769391444159270591166138579502307659100575055679651529143721025774048408951869845280644909956833903271515376965803539295126191390720405793259529970298314857103978392268123414284642441562018489692567313504067566616978436202575933494676694043064653702403282226948599776405688605183959299680342962501214036403192614221571322822236057427094389188354470027194647912606875025158889308383379597991604093669659843674971219847767328839075636451350009401886357358691562422730136757656779171982274854968531428191683260486714726958894335044536370738123956912270343633892178747467255706361 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0cbd93680cf3deaba3496b2b375747ea90e3b9ed . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d5f2dcf27f75bfa47011f7f928747fa7f07c7974 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.29 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.tcs.terena.org/TERENASSLCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.tcs.terena.org/TERENASSLCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.tcs.terena.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (148 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mikulasske.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin.mikulasske.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bakalari.mikulasske.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esf.mikulasske.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mikulasske.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'weblogin.mikulasske.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.mikulasske.cz' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005bfd66706ea9e7c9d23ae15a40ab815f4957ad99a5e08805f0e94ebbcf21b4c13d649d00b3acbce6a817a86ffd8ebdc89e404de05b81512937581e5bac3ee58df5deb95d101062fd8f342ff97cd52ac5c5979ad6281f6d2c0f3c3d3790e5e238ba12d4bd8b7d7618620b4735bc36bb229c3e079b0b128cabec4ab74650649bac597abd5a3ace378d479f66382e869bec61da65f97d680e94210575e226a63419c5321b07ec3a06e671892c9a663ee8947fe4706e7602c1283592d0c0014f25f7251e85f02247c8bd5947a8da15749f05ffd0d8eca2fde65bacf50d98188e4820d687589474f9362354f8562ea4a9938f936c9e7a253b30783357947be272784d