vlada.cz

- Úřad vlády České republiky -

Issued by GeoTrust EV RSA CA 2018

About this certificate

This digital certificate with serial number 05:ac:80:13:31:c8:35:bd:e1:ad:17:33:af:ff:5c:93 was issued on by DigiCert Inc.

With 23 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Úřad vlády České republiky

Company registration number: Government Entity
Organization: Úřad vlády České republiky
Locality: Praha
Country: CZ

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:ac:80:13:31:c8:35:bd:e1:ad:17:33:af:ff:5c:93
Serial Number (int): 7541812707763729334751695760552582291
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: ce:18:2d:3b:18:d4:dd:c2:50:4b:a5:6f:11:c2:06:4b:e4:69:49:fd
AuthorityKeyId: ca:92:67:52:61:de:ae:fc:ba:22:2b:7f:1c:87:4c:25:fb:6f:99:58

Fingerprint (sha1): a1:f6:7c:de:9b:51:e1:e8:c8:2b:63:b6:1b:bd:83:37:a4:01:f5:be
Fingerprint (sha256): 9d:52:d0:6a:e1:e5:79:68:6a:1f:54:b4:5f:15:d9:c1:94:d1:e8:a3:f1:29:ff:6a:f8:ce:5b:e8:e0:00:46:9b

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl

Check the revocation status for certificate vlada.cz

23

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for vlada.cz

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

vlada.cz
dap.vlada.cz
icm.vlada.cz
ria.vlada.cz
ema.vlada.cz
lotr.vlada.cz
kormoran.vlada.cz
albatros.vlada.cz
icv.vlada.cz
isap.vlada.cz
foto.vlada.cz
www.odok.cz
odok.cz
help.odok.cz
apps.odok.cz
apps-test.odok.cz
icm.odok.cz
albatros.odok.cz
kormoran.odok.cz
proxy.odok.cz
test.odok.cz
proxytest.odok.cz
www.vlada.cz

Other certificates including the domain name vlada.cz

(limited to 100 certificates)
dotace-lidskaprava.vlada.cz
*.vlada.cz
oo.vlada.cz
sslvpn.vlada.cz
zakazky.vlada.cz
dapmobile.vlada.cz
zakazky.vlada.cz
*.vlada.cz
sslvpn.vlada.cz
sslvpn.vlada.cz
dotace-drogy.vlada.cz
wifiuvcr.vlada.cz
*.vlada.cz
cloud.vlada.cz
albatros.odok.cz
*.vlada.cz
vlada.cz
vlada.cz
oo.vlada.cz
zakazky.vlada.cz
vlada.cz
pis3.vlada.cz
www.vlada.cz
dotace-lidskaprava.vlada.cz
vlada.cz
www.vlada.cz
sslvpn.vlada.cz
zakazky.vlada.cz
dotace-lidskaprava.vlada.cz
zakazky.vlada.cz
dotace-drogy.vlada.cz
dotace-drogy.vlada.cz
alvao.vlada.cz
vlada.cz
dotace-lidskaprava.vlada.cz
vlada.cz
vlada.cz
vlada.cz
vlada.cz
cloud.vlada.cz
cixp.vlada.cz
dotace-drogy.vlada.cz
dotace-drogy.vlada.cz
wifiuvcr.vlada.cz
vlada.cz
dotace-lidskaprava.vlada.cz
dotace-lidskaprava.vlada.cz
pis3.vlada.cz
wifiuvcr.vlada.cz
*.vlada.cz
sslvpn.vlada.cz
antispam01.vlada.cz
dotace-lidskaprava.vlada.cz
www.vlada.cz
wifiuvcr.vlada.cz
cloud.vlada.cz
sslvpn2.vlada.cz
antispam02.vlada.cz
pis3.vlada.cz
vlada.cz
dapmobile.vlada.cz
*.vlada.cz
dotace-lidskaprava.vlada.cz
dotace-lidskaprava.vlada.cz
www.vlada.cz

Certificate

The complete raw certificate details for vlada.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIAzCCBuugAwIBAgIQBayAEzHINb3hrRczr/9ckzANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdHZW9UcnVzdCBFViBSU0EgQ0EgMjAx
ODAeFw0yMzAyMjcwMDAwMDBaFw0yNDAyMjgyMzU5NTlaMIGnMRMwEQYLKwYBBAGC
NzwCAQMTAkNaMRowGAYDVQQPDBFHb3Zlcm5tZW50IEVudGl0eTEaMBgGA1UEBRMR
R292ZXJubWVudCBFbnRpdHkxCzAJBgNVBAYTAkNaMQ4wDAYDVQQHEwVQcmFoYTEo
MCYGA1UECgwfw5rFmWFkIHZsw6FkeSDEjGVza8OpIHJlcHVibGlreTERMA8GA1UE
AxMIdmxhZGEuY3owggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDclywa
APBKaiLwXYBYBhNE37TdgFwrQinXyAynX7XxDzFg8+cFC+KOvA5nOeghMRo0FlEg
OzgmleIoD+M7FMvKiJXKMVKGeGJvPQB8V34/gpgVySr+NB8f1FR+TnJg0fDdh4NF
0AI95f480hqDWOPKF4EWockyKCHogKZfkSB8B6sXaKD7kcoKuk797YRTZMiCTgu9
zRQK+EHISB4aeSZD5gcwjY2GR9Lp1Z5nFyR/khajLZlykPNULCaF/F5GBVWngCzW
uK/t6vdWW7G2sde66DqwprNae02SGgYfFc+sfRLA5HlkVK+ZAQ3cH037jsEE0+5n
ammty3/jZXeE6uabAgMBAAGjggRuMIIEajAfBgNVHSMEGDAWgBTKkmdSYd6u/Loi
K38ch0wl+2+ZWDAdBgNVHQ4EFgQUzhgtOxjU3cJQS6VvEcIGS+RpSf0wggFkBgNV
HREEggFbMIIBV4IIdmxhZGEuY3qCDGRhcC52bGFkYS5jeoIMaWNtLnZsYWRhLmN6
ggxyaWEudmxhZGEuY3qCDGVtYS52bGFkYS5jeoINbG90ci52bGFkYS5jeoIRa29y
bW9yYW4udmxhZGEuY3qCEWFsYmF0cm9zLnZsYWRhLmN6ggxpY3YudmxhZGEuY3qC
DWlzYXAudmxhZGEuY3qCDWZvdG8udmxhZGEuY3qCC3d3dy5vZG9rLmN6ggdvZG9r
LmN6ggxoZWxwLm9kb2suY3qCDGFwcHMub2Rvay5jeoIRYXBwcy10ZXN0Lm9kb2su
Y3qCC2ljbS5vZG9rLmN6ghBhbGJhdHJvcy5vZG9rLmN6ghBrb3Jtb3Jhbi5vZG9r
LmN6gg1wcm94eS5vZG9rLmN6ggx0ZXN0Lm9kb2suY3qCEXByb3h5dGVzdC5vZG9r
LmN6ggx3d3cudmxhZGEuY3owDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY2RwLmdl
b3RydXN0LmNvbS9HZW9UcnVzdEVWUlNBQ0EyMDE4LmNybDBKBgNVHSAEQzBBMAsG
CWCGSAGG/WwCATAyBgVngQwBATApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRp
Z2ljZXJ0LmNvbS9DUFMwdwYIKwYBBQUHAQEEazBpMCYGCCsGAQUFBzABhhpodHRw
Oi8vc3RhdHVzLmdlb3RydXN0LmNvbTA/BggrBgEFBQcwAoYzaHR0cDovL2NhY2Vy
dHMuZ2VvdHJ1c3QuY29tL0dlb1RydXN0RVZSU0FDQTIwMTguY3J0MAkGA1UdEwQC
MAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AO7N0GTV2xrOxVy3nbTNE6Iy
h0Z8vOzew1FIWUZxH7WbAAABhpKAwL8AAAQDAEcwRQIhAK2aYE0a/dGDlPKZkLAh
8aKstd/31U8K1qIY4wYsOK+wAiBKe/vw90vGqy4T/cjjlVc6JNQNNcyZKGjuvhF1
JCOMGQB2AHPZnokbTJZ4oCB9R53mssYc0FFecRkqjGuAEHrBd3K1AAABhpKAwTQA
AAQDAEcwRQIhAP+hxxj+NnMJdOETH4qfs+UMkmHscp0yY0pIaH2bF42aAiARmUho
uflx9fXRZ1iHdBV2nTeiexdU0LMfd14EWUdyPQB1AEiw42vapkc0D+VqAvqdMOsc
UgHLVt0sgdm7v6s52IRzAAABhpKAwPsAAAQDAEYwRAIgS4a/zesqGs+arPMOTagc
JxGHSLQ8pVui+8QiDqtn4TsCIA7ajnR580wby5CA1RfEdKOsMkLfYlu4ifxC5fGZ
1hDlMA0GCSqGSIb3DQEBCwUAA4IBAQCfmJa7bTxx0T7udV868YKQ5nteBPz3j5r8
+5b+fokKJC7gjBceV2mJiIpAso/PAWOxfKdhPWkXbKLDLH5N7IVty7KidiRTJS/m
LLFI+kWKMydSOLk6lTVNVIqQg6ZkVa+p9xYhAV0D6p23Mxso4kJsNS0PuqJt01fx
9lHfoq/JirA2KZyPdbNx8No/rU5nK6nrOgDjjy6iPkpPjJzwuko2lFaj4OiJcewf
g3RnNH5pIor2WJdSBR2n+XV8hWi90vVcEhigSocXVKrLi+z3gAoYB6A9Hm/vkbQh
PZpz23+uOZtOjBVhtGbzTUUvV4d78TFD3RN9r844BLpdYkj0sAzr
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JcsGgDwSmoi8F2AWAYT
RN+03YBcK0Ip18gMp1+18Q8xYPPnBQvijrwOZznoITEaNBZRIDs4JpXiKA/jOxTL
yoiVyjFShnhibz0AfFd+P4KYFckq/jQfH9RUfk5yYNHw3YeDRdACPeX+PNIag1jj
yheBFqHJMigh6ICmX5EgfAerF2ig+5HKCrpO/e2EU2TIgk4Lvc0UCvhByEgeGnkm
Q+YHMI2NhkfS6dWeZxckf5IWoy2ZcpDzVCwmhfxeRgVVp4As1riv7er3VluxtrHX
uug6sKazWntNkhoGHxXPrH0SwOR5ZFSvmQEN3B9N+47BBNPuZ2pprct/42V3hOrm
mwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7541812707763729334751695760552582291
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust EV RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Entity'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CZ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Praha'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Úřad vlády České republiky'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vlada.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27846972918110783212523109240655503681391281945766337523458847186582929541043708445307774182276678680584009010530916721382477721003158035073505293343692522563929498257656109242109333225592825930175567767319819769028284927490531639956313231223473858740677174895472496548947917247364759289209879185915984243594597918929061639209339739969033489243579029647436751495636092996732012016679825563024294408789206098438116774987861551756426994707343208980768950284457042461805208811313838361504819782489041291339522735997664986532331438537411801836066458837722642309018125084987375930013282511342570072599146328651227355342491
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ca92675261deaefcba222b7f1c874c25fb6f9958
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ce182d3b18d4ddc2504ba56f11c2064be46949fd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (347 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dap.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icm.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ria.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ema.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lotr.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kormoran.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'albatros.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icv.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'isap.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'foto.vlada.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps-test.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icm.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'albatros.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kormoran.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proxy.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proxytest.odok.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.vlada.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (57 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustEVRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (107 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustEVRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001869280c0bf0000040300473045022100ad9a604d1afdd18394f29990b021f1a2acb5dff7d54f0ad6a218e3062c38afb002204a7bfbf0f74bc6ab2e13fdc8e395573a24d40d35cc992868eebe117524238c1900760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b5000001869280c1340000040300473045022100ffa1c718fe36730974e1131f8a9fb3e50c9261ec729d32634a48687d9b178d9a022011994868b9f971f5f5d16758877415769d37a27b1754d0b31f775e045947723d00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001869280c0fb000004030046304402204b86bfcdeb2a1acf9aacf30e4da81c27118748b43ca55ba2fbc4220eab67e13b02200eda8e7479f34c1bcb9080d517c474a3ac3242df625bb889fc42e5f199d610e5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009f9896bb6d3c71d13eee755f3af18290e67b5e04fcf78f9afcfb96fe7e890a242ee08c171e576989888a40b28fcf0163b17ca7613d69176ca2c32c7e4dec856dcbb2a2762453252fe62cb148fa458a33275238b93a95354d548a9083a66455afa9f71621015d03ea9db7331b28e2426c352d0fbaa26dd357f1f651dfa2afc98ab036299c8f75b371f0da3fad4e672ba9eb3a00e38f2ea23e4a4f8c9cf0ba4a369456a3e0e88971ec1f837467347e69228af6589752051da7f9757c8568bdd2f55c1218a04a871754aacb8becf7800a1807a03d1e6fef91b4213d9a73db7fae399b4e8c1561b466f34d452f57877bf13143dd137dafce3804ba5d6248f4b00ceb