stage.jancaeshop.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:0d:e0:f6:0b:0c:96:a7:cb:10:91:6f:d3:12:ff:f6:01:a7 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=stage.jancaeshop.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:0d:e0:f6:0b:0c:96:a7:cb:10:91:6f:d3:12:ff:f6:01:a7Serial Number (int): 266059553165439829879393287560387745939879
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 7f:cd:4d:be:9e:05:5a:9b:45:ad:46:1e:13:1d:ba:f1:c2:cf:e1:17
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 1d:3e:35:b3:4a:de:c6:3a:53:21:0f:39:45:0f:53:8b:01:bd:21:5b
Fingerprint (sha256): 9d:ef:7f:fa:f3:45:2f:12:f6:21:7b:38:fb:bb:b0:23:68:92:97:fb:a1:45:36:22:f3:e3:1a:82:91:e3:fa:ff
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate stage.jancaeshop.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for stage.jancaeshop.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.stage.jancaeshop.cz
stage.jancaeshop.cz
stage.jancaeshop.cz
Other certificates including the domain name jancaeshop.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for stage.jancaeshop.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGczCCBVugAwIBAgISAw3g9gsMlqfLEJFv0xL/9gGnMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAyMjAxMDAyMTJaFw0x OTA1MjExMDAyMTJaMB4xHDAaBgNVBAMTE3N0YWdlLmphbmNhZXNob3AuY3owggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC8EzwFaPVvF8jPOBW1Iv1L54+K f2iJow35SNV17zBsrwybJrg+99ljqg4oSYEVkZO/LTVXj0hWIZ4BzRjdD28QGl77 j0efb/+bMnu/6sZX/MqcwIvD2VkBOMQjrO/JfC4HWMwIWPf8Pm0rs/7rXygHf99a aUo9QY7HVjm7mJ9CX4fjXgQdesXB2wp8n6FOrVynwQGyi5YJ7f/doEd9FByCw1MS VoBPjt3Qk6nOPNt1S1EPg1pRvh94SyTIE6MYVRUrUXK79JlLSAcrXKSi8g1mfXvO K7p0tER81LjlSaFxrG/zA27r5+/q/n1Xyv8vbuTAP1bodiVkrSoNJefvQFvE672P wEead3CIY37JUHjAoOzQsarPBb2JfiFy/YJUrYkTCfqS2u5WTdqZPVuYlT+erznk gxGDzxqy1fBvFhKjavjqJ3sF3W/1W4D+AwRlrFl6KuHRh/e3lD0eWZ/XwB3160eZ MABiaA3gGlrnbVBR+jT2MWsOktyqLYCzxu2C5UNtg9+CZKjFBw+A4zR6uZgAuRp8 4kTYRwKiHrjUjGz3CYpU80hJ92luXMtO8CgQHt5TEtOmkOpPMAcdarYZFIPkFOvi zXawQR4VYjcBrM5ulnA1G1wXUr5H68GHVerfdm5a6Pq6j7M3g2stY1sNSstiKfz0 2oKFpD9t6LyDFIiKIwIDAQABo4ICfTCCAnkwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBR/zU2+ngVam0WtRh4THbrxws/hFzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMDUGA1UdEQQuMCyCFSouc3RhZ2UuamFu Y2Flc2hvcC5jeoITc3RhZ2UuamFuY2Flc2hvcC5jejBMBgNVHSAERTBDMAgGBmeB DAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl dHNlbmNyeXB0Lm9yZzCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1AOJpS64m6OlA CeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAABaQqR+v0AAAQDAEYwRAIgV9l0bVC0 A/GRlRIC/z1DDq1FrULZEeAlVZViOYiyA2YCIHcJmSC2fjxMMwEvskg9hKsH6F+J w+VzWtSGXFUm6V+pAHUAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgA AAFpCpH5bAAABAMARjBEAiAIq9ZTrwtNL5YwkRTFpklm8t5fYpFxe8u7Kcosv8sr IgIgO5ZJoY7yPeNl4Ttyy31ZxsecTAPa68JGW1vEVUd/CyswDQYJKoZIhvcNAQEL BQADggEBAGWP9ULMQ5vigA6JmV51m9DEmVaUeHQyIffMbqvmVvRYaDvDjR/wDIFy x2GP4DbPPo+kzCfXP0BgRrOnr53q4TR/mv9VbfJJ7ilJE5VASGPdFme2chK+NBX2 +SktzeUTxGeOdEnAMBFG6HykZxu2FMcXRmNaVRPcUEbynoHQEZ0yn9MdzbWo7VYG i5DYaHwXeJoMKjhokRfkUcYZa1Si0y0IMz+LI6Gc9346GcDkV1PZ/2F4fQ8lqWIY DBp44o79pqOluKEacu0ltrFbUJIq1khE8g6nJB+CyVYcJRgpzwgyzJ0ZbG10PecJ oEcr79Xk+nCdma6+Pwt3FLH1TPi0MWc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvBM8BWj1bxfIzzgVtSL9 S+ePin9oiaMN+UjVde8wbK8Mmya4PvfZY6oOKEmBFZGTvy01V49IViGeAc0Y3Q9v EBpe+49Hn2//mzJ7v+rGV/zKnMCLw9lZATjEI6zvyXwuB1jMCFj3/D5tK7P+618o B3/fWmlKPUGOx1Y5u5ifQl+H414EHXrFwdsKfJ+hTq1cp8EBsouWCe3/3aBHfRQc gsNTElaAT47d0JOpzjzbdUtRD4NaUb4feEskyBOjGFUVK1Fyu/SZS0gHK1ykovIN Zn17ziu6dLREfNS45Umhcaxv8wNu6+fv6v59V8r/L27kwD9W6HYlZK0qDSXn70Bb xOu9j8BHmndwiGN+yVB4wKDs0LGqzwW9iX4hcv2CVK2JEwn6ktruVk3amT1bmJU/ nq855IMRg88astXwbxYSo2r46id7Bd1v9VuA/gMEZaxZeirh0Yf3t5Q9Hlmf18Ad 9etHmTAAYmgN4Bpa521QUfo09jFrDpLcqi2As8btguVDbYPfgmSoxQcPgOM0ermY ALkafOJE2EcCoh641Ixs9wmKVPNISfdpblzLTvAoEB7eUxLTppDqTzAHHWq2GRSD 5BTr4s12sEEeFWI3AazObpZwNRtcF1K+R+vBh1Xq33ZuWuj6uo+zN4NrLWNbDUrL Yin89NqChaQ/bei8gxSIiiMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 266059553165439829879393287560387745939879 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-20 10:02:12 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-21 10:02:12 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stage.jancaeshop.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 767279607212179700026662386073942311772367365283981421769913530214838642478268881086065225178176252895987860051301601099648832426976977387504159295010977614316273976751972090560883434034000017640777811009288315544306636332155080299517951819193357187884417397377271483752852314869282584510717156280978070846609666870950100506031920930700194427446788500836507758011291539896023686856993249705779037338482964293607141427973345295518438677099789729882115273157829321295198293072169827598101974459398511563311822365774463670734099196809042750366927454340020228834320544274096460604719191500160139916005041032490444913748968648195921978965852042659483886780184765812298942167405776979932184176717927061102885775440429062965442667081995294374310000761068819990800400961871176748363273289540073220601534150328733540431357183568597896991434112363103463137493152419269889235621965016777605998324427516550334503803752224234430032652608557805208031577095493373864727916962093797661671091724505185153664036574415151656181192530859123642597442128842649505601120732795772684052349249413116067134967565807839154418061748736323558677964639093242875150392064711532568670621289100840182406844892747620857000863126917593675755261222570159586292510788131 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7fcd4dbe9e055a9b45ad461e131dbaf1c2cfe117 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stage.jancaeshop.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jancaeshop.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe000001690a91fafd0000040300463044022057d9746d50b403f191951202ff3d430ead45ad42d911e0255595623988b20366022077099920b67e3c4c33012fb2483d84ab07e85f89c3e5735ad4865c5526e95fa9007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001690a91f96c0000040300463044022008abd653af0b4d2f96309114c5a64966f2de5f6291717bcbbb29ca2cbfcb2b2202203b9649a18ef23de365e13b72cb7d59c6c79c4c03daebc2465b5bc455477f0b2b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00658ff542cc439be2800e89995e759bd0c499569478743221f7cc6eabe656f458683bc38d1ff00c8172c7618fe036cf3e8fa4cc27d73f406046b3a7af9deae1347f9aff556df249ee29491395404863dd1667b67212be3415f6f9292dcde513c4678e7449c0301146e87ca4671bb614c71746635a5513dc5046f29e81d0119d329fd31dcdb5a8ed56068b90d8687c17789a0c2a38689117e451c6196b54a2d32d08333f8b23a19cf77e3a19c0e45753d9ff61787d0f25a962180c1a78e28efda6a3a5b8a11a72ed25b6b15b50922ad64844f20ea7241f82c9561c251829cf0832cc9d196c6d743de709a0472befd5e4fa709d99aebe3f0b7714b1f54cf8b43167