www.wikimedia.cz

Issued by Let's Encrypt Authority X1

About this certificate


This digital certificate with serial number 01:06:64:43:7a:dd:dd:25:bd:d6:b3:8b:af:68:7e:78:9f:af was issued on by Let's Encrypt .

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

www.wikimedia.cz

Let's Encrypt

Organization: Let's Encrypt

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:06:64:43:7a:dd:dd:25:bd:d6:b3:8b:af:68:7e:78:9f:af
Serial Number (int): 89287253308785728223215498848965548875695
Serial Number lenght: 137 bits, 18 octets

SubjectKeyId: 4f:d0:49:ce:f7:7d:82:9d:61:b0:da:22:63:73:5e:de:de:2e:1f:f5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 0f:9e:1c:1b:f0:32:3b:4f:43:ea:f5:24:e6:03:74:ed:78:59:7c:c4
Fingerprint (sha256): aa:c8:86:b8:3e:4c:66:61:f4:cd:49:a6:a7:00:db:c8:78:fc:93:77:60:6c:d3:f8:6f:4f:0e:9d:6f:42:4b:6d

Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x1.letsencrypt.org/

Check the revocation status for the current certificate on www.wikimedia.cz
4
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

wiki.wikimedia.cz
tracker.wikimedia.cz
redmine.wikimedia.cz
www.wikimedia.cz

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgISAQZkQ3rd3SW91rOLr2h+eJ+vMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMjMxNjAyMDBaFw0x NjAzMjIxNjAyMDBaMBsxGTAXBgNVBAMTEHd3dy53aWtpbWVkaWEuY3owggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDdfbITlUuqJS/bAiPZeE9nC2Mchs4N eS53p+FeQCLBjXfGsfSbufNtjaliizlO6udIj7NI3Eak103PGQl8Es2buuJPmrji 8dnkYl0JHmYfX9dJUdVSt47NR33gdSuXCti3E/oB0+QQlywgwmvprXo5xYwd0BRc LloZBVSLvk8/0K7WSFOzJvN8aWggWrn4xK2JtjucaahEJECDft7m+SCag0rTQ3Bg h87jEbuOcqdc+DpfAoJihDSzPfCT4Io2SzLMaBxXQOwniCHFHfFiNmAp+QhFSXVI a/zbdRDVb7sNDdyN5m8XJw5iSSIWFCsv9B3IZ6wlU9r1h+ONQutlPtRtnyIGB0Ms YDb0+Up09MMCTSX8U6nGtIgbLf7LqdSviAC0m45mWY1ROhRSCFijGtwT9LV9pb8Q EOKzRaQk+dmE8jePSdpBkb23WvXLA+4NscBiOUitKDVISj+UGm6yHfiR9nXwuUhA HN3I2axDvxSRoed+J4S+Itb0enaCAKtaQoPJfAjiKRiBprHwGV9WN2zE0HpwFg4e v0WqAjX976kbQ5XGbFPmY6hf7jTqpcNAO8++GXtTVTOSzrPYcT7jXnkpbhYuoRND iZGnrvh4WTUllKf1j1/w9RjQ/MeeWWL3angXbWpbjtW1XJn+/7It/tNRgGzUXcI3 Jg4x/4Y8ZLbNjQIDAQABo4ICUDCCAkwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRP 0EnO932CnWGw2iJjc17e3i4f9TAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv 86jsoTBwBggrBgEFBQcBAQRkMGIwLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmlu dC14MS5sZXRzZW5jcnlwdC5vcmcvMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5p bnQteDEubGV0c2VuY3J5cHQub3JnLzBaBgNVHREEUzBRghF3aWtpLndpa2ltZWRp YS5jeoIUdHJhY2tlci53aWtpbWVkaWEuY3qCFHJlZG1pbmUud2lraW1lZGlhLmN6 ghB3d3cud2lraW1lZGlhLmN6MIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsr BgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlw dC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25s eSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4g YWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQg aHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEL BQADggEBACi+WzFwscGGg5m6Y7F7laHosnMfWsWeN0CzgzlTziU+oqSK6l/ANFzx x9oHMNXfvz133isgve73P57ZNe3JGegdGVWbk2VKtoMANtT8AEe0qu9aMUS0b9dV Sos5E85KasaNi2G19VzMKiV0uZfsUzjmZEAnoy/E1t9KqtDNkK7B6n6+SwividZL c5zAFblpda+Jhq+4CzVwjkSvPXfeqnkG4pIc/8JjGK9SG95Bhw4AwhzogcEDUFIB pm6Sn3ktWx/TlACEVuZ7nr4WcErzcG8U5GRVqhP7dCxtTUeS6sVtcSPhlM6XUqh2 xLbgyq+DLPN0vTaUp2s0kl/5d132K6k= -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3X2yE5VLqiUv2wIj2XhP ZwtjHIbODXkud6fhXkAiwY13xrH0m7nzbY2pYos5TurnSI+zSNxGpNdNzxkJfBLN m7riT5q44vHZ5GJdCR5mH1/XSVHVUreOzUd94HUrlwrYtxP6AdPkEJcsIMJr6a16 OcWMHdAUXC5aGQVUi75PP9Cu1khTsybzfGloIFq5+MStibY7nGmoRCRAg37e5vkg moNK00NwYIfO4xG7jnKnXPg6XwKCYoQ0sz3wk+CKNksyzGgcV0DsJ4ghxR3xYjZg KfkIRUl1SGv823UQ1W+7DQ3cjeZvFycOYkkiFhQrL/QdyGesJVPa9YfjjULrZT7U bZ8iBgdDLGA29PlKdPTDAk0l/FOpxrSIGy3+y6nUr4gAtJuOZlmNUToUUghYoxrc E/S1faW/EBDis0WkJPnZhPI3j0naQZG9t1r1ywPuDbHAYjlIrSg1SEo/lBpush34 kfZ18LlIQBzdyNmsQ78UkaHnfieEviLW9Hp2ggCrWkKDyXwI4ikYgaax8BlfVjds xNB6cBYOHr9FqgI1/e+pG0OVxmxT5mOoX+406qXDQDvPvhl7U1Uzks6z2HE+4155 KW4WLqETQ4mRp674eFk1JZSn9Y9f8PUY0PzHnlli92p4F21qW47VtVyZ/v+yLf7T UYBs1F3CNyYOMf+GPGS2zY0CAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 89287253308785728223215498848965548875695 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-23 16:02:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-22 16:02:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.wikimedia.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 903604438075730345117224991135043902494589245712293147421436502022129402383538225669823765940150697573072900981846915845304526154994399720938880234870058546027817701767444564578236808467952945918403189962711269733012734380021675387362675194196822775550116597973012042335222569145742107278597235040398188768176412775187329255182127119724974630957533381164856082478994757766403434552079406619296614841843073433905156218979945815146422651157747827621839848225714324367784818785228036459316833259162464577073905781957873829547356473508709287033596388584903107287268900015912000019559074745291202363825738939249915845242126753106342145100469558132815691936001441775455001869743620786639562274630574542344238939086219821873170337624356199205877153652223169880895041527416285707017859301245348646597372712137557272665673102050086938209083222573472236047953939994699659646191363554380688915494640616421424995339278219920233107911682257563346118311486810355793462156414880128831450366106794406374204869356922292543551934822979639544826273170517560347494618425087491095846268533362512865002155255233949028757534194145477223255650462151980653485758570326464097781416168365182519004660828989619754101954951466276061910985387824592763003539475853 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4fd049cef77d829d61b0da2263735edede2e1ff5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.wikimedia.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tracker.wikimedia.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'redmine.wikimedia.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wikimedia.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0028be5b3170b1c1868399ba63b17b95a1e8b2731f5ac59e3740b3833953ce253ea2a48aea5fc0345cf1c7da0730d5dfbf3d77de2b20bdeef73f9ed935edc919e81d19559b93654ab6830036d4fc0047b4aaef5a3144b46fd7554a8b3913ce4a6ac68d8b61b5f55ccc2a2574b997ec5338e6644027a32fc4d6df4aaad0cd90aec1ea7ebe4b08af89d64b739cc015b96975af8986afb80b35708e44af3d77deaa7906e2921cffc26318af521bde41870e00c21ce881c103505201a66e929f792d5b1fd394008456e67b9ebe16704af3706f14e46455aa13fb742c6d4d4792eac56d7123e194ce9752a876c4b6e0caaf832cf374bd3694a76b34925ff9775df62ba9