www.zivnost.cz

Issued by Let's Encrypt Authority X1

About this certificate


This digital certificate with serial number 01:0e:6c:dd:a0:19:fc:46:08:28:20:75:07:8b:9b:82:da:92 was issued on by Let's Encrypt .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

www.zivnost.cz

Let's Encrypt

Organization: Let's Encrypt

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 01:0e:6c:dd:a0:19:fc:46:08:28:20:75:07:8b:9b:82:da:92
Serial Number (int): 92020946437048207779216029071319354235538
Serial Number lenght: 137 bits, 18 octets

SubjectKeyId: 64:2c:76:93:e6:eb:fc:e4:40:ae:e4:94:f7:8d:24:69:8d:f5:d5:6d
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 9c:94:02:56:61:54:64:97:c4:72:f0:fc:d4:13:42:b3:1f:9f:f2:36
Fingerprint (sha256): 49:52:4c:8e:d3:ac:e9:1d:eb:72:4a:68:a3:99:ab:53:12:db:74:04:c6:4a:b1:e0:8d:75:ab:a8:ae:24:1e:8f

Issuing Certificate URL: http://cert.int-x1.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x1.letsencrypt.org/

Check the revocation status for the current certificate on www.zivnost.cz
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

8 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.zivnost.cz
zivnost.cz

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIGDDCCBPSgAwIBAgISAQ5s3aAZ/EYIKCB1B4ubgtqSMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNTEyMDQwOTM3MDBaFw0x NjAzMDMwOTM3MDBaMBkxFzAVBgNVBAMTDnd3dy56aXZub3N0LmN6MIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwrVyy3HTyHdzRYSsAtlTMKJ+BNKL3mQW 00fay3FpWlC3aYPbnxNkdp+3BJ4uFVrS5vg8tgdzLNsICpFrzr08wCayURKmUY4K tEp0SMX3c3lxgyksL2Z0s6ce2s5iwtiTxwys7n/aAuVG3MTWhpdWpc/fG5vEpUsw vLLJXiakz6xfnhiTb2ej6vuVzPJY4fq0iuxFCwAWWHLuEiws+3I/45TzIh3pGxRy 41RjmrLvFphIzOPxI6nGgzk6UYD6DK3xannpS7DoH8oXZ7gDsVpsLygBZnZLwQKQ Eu5YLFBtQ2BoIz7p93qIAImSSdxbDubAJalLOc0Jh1poHCQHosfkOWUZ2Zah0xxe WoNGklOA9wAra+ugXgOWGikG/jcQfpdkHFvdnUhFI7DONR6ad4CoR1gMzrgV8qYG KDkZJpgwnEFL95oGyz00iweUBMWtIU3ENgEvgKHAeoFFVVJtESQzT0JhwVbn48w2 ug5ukJX784OBuJAttD+saMgke+xbPCRU0gzX4qLluybU1J5QGVyaxv5nX74f6u2d 15AmWvbxJzAstksegyJYJFxSGwJvoJBrWzHsBWJ4kGtJz4B8xa+GRct+4UCG2ZW1 u6iw7x7sM1kTLBxTAJdbWYKUOpqzt7cRRlZfdSVF+ar7awCrZCJn+jOsnLTLekjY Dk9foK2UZbECAwEAAaOCAhswggIXMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUZCx2 k+br/ORAruSU940kaY311W0wHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwcAYIKwYBBQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQt eDEubGV0c2VuY3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgxLmxldHNlbmNyeXB0Lm9yZy8wJQYDVR0RBB4wHIIOd3d3Lnppdm5vc3QuY3qC Cnppdm5vc3QuY3owgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8T AQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCB qwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJl bGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRh bmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczov L2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA NC2xkqe+LHPx56+yqGWq8d1uW62MKyvLWC5qAnohx8Gl2+7lnvA2e7AkBJ8oOtw1 TVToTDTaJ23GSVIFCn9w+jJsM0P6We3jsEiqWhpqA6cMGrHMyGYsBj0ZdMdWy6x5 yevYP5Fm76idIWZ2kiGMe750N25KTlvdR032teZv2QsSPAasVCtv9hjD0Qbc4sAK gwFPA+ZeTKbusFszozvbsbbU8SfmE81pEMuhx3paXtDfr6whuMF5oRkJ7bgeJ3SF DNnc/oyU3uyeKWzJQST6QtQ9/fGWQmAlgye/8QQwcsRLe9lexrq/T4jfh6NXXEEJ m6Mq7b9FopbsmpGZ+qe0kQ== -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwrVyy3HTyHdzRYSsAtlT MKJ+BNKL3mQW00fay3FpWlC3aYPbnxNkdp+3BJ4uFVrS5vg8tgdzLNsICpFrzr08 wCayURKmUY4KtEp0SMX3c3lxgyksL2Z0s6ce2s5iwtiTxwys7n/aAuVG3MTWhpdW pc/fG5vEpUswvLLJXiakz6xfnhiTb2ej6vuVzPJY4fq0iuxFCwAWWHLuEiws+3I/ 45TzIh3pGxRy41RjmrLvFphIzOPxI6nGgzk6UYD6DK3xannpS7DoH8oXZ7gDsVps LygBZnZLwQKQEu5YLFBtQ2BoIz7p93qIAImSSdxbDubAJalLOc0Jh1poHCQHosfk OWUZ2Zah0xxeWoNGklOA9wAra+ugXgOWGikG/jcQfpdkHFvdnUhFI7DONR6ad4Co R1gMzrgV8qYGKDkZJpgwnEFL95oGyz00iweUBMWtIU3ENgEvgKHAeoFFVVJtESQz T0JhwVbn48w2ug5ukJX784OBuJAttD+saMgke+xbPCRU0gzX4qLluybU1J5QGVya xv5nX74f6u2d15AmWvbxJzAstksegyJYJFxSGwJvoJBrWzHsBWJ4kGtJz4B8xa+G Rct+4UCG2ZW1u6iw7x7sM1kTLBxTAJdbWYKUOpqzt7cRRlZfdSVF+ar7awCrZCJn +jOsnLTLekjYDk9foK2UZbECAwEAAQ== -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 92020946437048207779216029071319354235538 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-12-04 09:37:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-03-03 09:37:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.zivnost.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 794342531060461346986100254101245643655734810226245938855794510553813053443216608704294224168772289907522739940203439279503790895213015916055219723734365867554308015531958903223868698747983964606128642486672581498063172366805627657540217235192850243213691352985192164036139702833143258867178739291886821964873790102381301462754477752244626836124923204755812608065513588298593543854454323758783924446334544305841671550010795007838812811927717937187863756704564864400293224076197220053354651150672998500032110187461042831387245949453166073279730687195938043803292777254744885969212327573094122818389682186374055224768852537890660169536330062762705360590630675781414182788783607814131607760713103725433138882929700079299542230252811845182839700366252217508821641591558745142544705216717006646504367383701740115421475962324755688733832003351733960323005507886069801144522590654217230247124013818928047283944682309495315727660966402682014290000527784845580033481825076755701118179840185553213012531839028290466014032477112290221811853809679900974612231118220815257440158536338545681014809793812928603401890662363274246567747184610137085570623204587060326453235215292213563491610528948205241837196650006307153031299126721903532447347533233 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 642c7693e6ebfce440aee494f78d24698df5d56d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x1.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zivnost.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zivnost.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00342db192a7be2c73f1e7afb2a865aaf1dd6e5bad8c2b2bcb582e6a027a21c7c1a5dbeee59ef0367bb024049f283adc354d54e84c34da276dc64952050a7f70fa326c3343fa59ede3b048aa5a1a6a03a70c1ab1ccc8662c063d1974c756cbac79c9ebd83f9166efa89d21667692218c7bbe74376e4a4e5bdd474df6b5e66fd90b123c06ac542b6ff618c3d106dce2c00a83014f03e65e4ca6eeb05b33a33bdbb1b6d4f127e613cd6910cba1c77a5a5ed0dfafac21b8c179a11909edb81e2774850cd9dcfe8c94deec9e296cc94124fa42d43dfdf1964260258327bff1043072c44b7bd95ec6babf4f88df87a3575c41099ba32aedbf45a296ec9a9199faa7b491