www.primocar.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:10:21:af:f9:43:7b:ee:84:28:ff:0b:e5:71:54:c2:26:36 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.primocar.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:10:21:af:f9:43:7b:ee:84:28:ff:0b:e5:71:54:c2:26:36Serial Number (int): 266826153897493534376309874139903767488054
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 77:07:3b:e3:5b:44:f1:9b:5c:25:34:4c:44:e3:26:53:48:65:ee:ed
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 32:12:a0:89:bf:33:18:87:f1:15:ae:51:6b:ab:f9:37:60:55:43:d5
Fingerprint (sha256): b4:c4:3b:44:5a:8f:54:10:ad:33:31:d7:2a:8d:8d:05:dd:e3:73:a4:d2:cd:24:a7:b1:cc:d4:c3:21:d7:e9:98
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.primocar.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.primocar.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
primocar.cz
www.primocar.cz
www.primocar.cz
Other certificates including the domain name primocar.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.primocar.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYTCCBUmgAwIBAgISAxAhr/lDe+6EKP8L5XFUwiY2MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAzMjkwMjI0NTJaFw0x OTA2MjcwMjI0NTJaMBoxGDAWBgNVBAMTD3d3dy5wcmltb2Nhci5jejCCAiIwDQYJ KoZIhvcNAQEBBQADggIPADCCAgoCggIBANuJXpT6FkLrFbnrvmcY37KAn/2g7Dxn cXGB2dT5g3fF4f43ZCUSA0IT9i/+IucUwf4RNSv72R/7/4JSO8gLvyqKDTNJLNSE kzQbZGAb5ZLK6yr/rRZp/DVlbVBJskgEybA3h8RBFE7YMN5ETT2t21fsex0JeiXQ DHx8dedMDQBz20/7y9x7W/tPw/+UOy2XrWx75I6Km4uUDV7QTn6v9uFJlIQQRbca 85OoAgcAhmpmy98WElq1QTHIzMn2kk8BRL6qzDh//+Xrg/ezhOcGcBF5JT2G+M9w DexG6BEKyE5ZMw54z91UgqOfo62jghTC+ljPS7+0b5jfjkTCK2Z5VS6n/RrPrJKe 0WGWOKAsMFv1G+BSlkj1maS/AhWMA2EVKOCqPGfJCNEZ7qVp+zh4VZgm4cSs3DVX dG2U8gspzrrj0Rw+G1hq2DKPIqJ95kTNMMjnl/jSJD71+h9cIDbmqREoRG7QPga+ haRHSyt89hq+ye2T3w+nnB4E3KN1H7188DDODcYytH8S0Sd1RBq9spyYPiS32pd0 gZOKY93AELf6N3c85nIhSwnAOOo9nshYtgaflA0PpvmWufdmje4s3Hvn3KIa9SlJ HpmUE4pEZ2yib7516EsBpPR5EqQHvScuBrceneXdKxl8xmyyK/Cn/5dQMUU4snWz JMheZN0bQPsHAgMBAAGjggJvMIICazAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHcH O+NbRPGbXCU0TETjJlNIZe7tMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wJwYDVR0RBCAwHoILcHJpbW9jYXIuY3qCD3d3 dy5wcmltb2Nhci5jejBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEB ATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQIG CisGAQQB1nkCBAIEgfMEgfAA7gB1AHR+2oMxrTMQkSGcziVPQnDCv/1eQiAIxjc1 eeYQe8xWAAABacd6kjAAAAQDAEYwRAIgMBzvlTli4zKGyXMDJWdZg2smOrPmR09G 6aXoCzf1kPwCIAn7SbtvX0DEgGbf7OGV1VUIAs722dtN/smzdug6C8uuAHUAY/Lb zeg7zCzPC3KEJ1drM6SNYXePvXWmOLHHaFRL2I0AAAFpx3qSLwAABAMARjBEAiAz 7tPxCjKYlw09Fx9pLbQVP9kdMpOy3Gb0o49ZpRPNBwIgdnvFG6H6ATLo+QSyaf/a TzYMDZHJCmPbCEuOOxaTJiAwDQYJKoZIhvcNAQELBQADggEBAGjpimbJsHmsmKrv G4XQxSVN/ibjVhtzbO6mh1XVgz3HD7O25tzmbNVL7nVsC1wo5k1YIJB8A3nBqb+n 8fi7z/pY6IJd7PqyaTezYgLW8FQObVfsUOGUi5QGLf6E0SuaIzNXI5fw/+wtcRXw 2SvOBGxZZ4KC5kfD2RtHv21xeP8BuKTiS8K0Mh6mrPAvP6eMABnrvXIiSUQgzuyw ISMPSfBBqXmjbWFJw4GOKlihjr8kJkXGQ9nag8Q6MMkUvui/uC0fF0wEoRoJGazp P+k8QEZe7cEVABaDGLSDRv9sV3IqNZh5n1C8kBVEnm2O9Vn5gS4c/W7LGtB1X1Gl y+4m6fk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA24lelPoWQusVueu+Zxjf soCf/aDsPGdxcYHZ1PmDd8Xh/jdkJRIDQhP2L/4i5xTB/hE1K/vZH/v/glI7yAu/ KooNM0ks1ISTNBtkYBvlksrrKv+tFmn8NWVtUEmySATJsDeHxEEUTtgw3kRNPa3b V+x7HQl6JdAMfHx150wNAHPbT/vL3Htb+0/D/5Q7LZetbHvkjoqbi5QNXtBOfq/2 4UmUhBBFtxrzk6gCBwCGambL3xYSWrVBMcjMyfaSTwFEvqrMOH//5euD97OE5wZw EXklPYb4z3AN7EboEQrITlkzDnjP3VSCo5+jraOCFML6WM9Lv7RvmN+ORMIrZnlV Lqf9Gs+skp7RYZY4oCwwW/Ub4FKWSPWZpL8CFYwDYRUo4Ko8Z8kI0RnupWn7OHhV mCbhxKzcNVd0bZTyCynOuuPRHD4bWGrYMo8ion3mRM0wyOeX+NIkPvX6H1wgNuap EShEbtA+Br6FpEdLK3z2Gr7J7ZPfD6ecHgTco3UfvXzwMM4NxjK0fxLRJ3VEGr2y nJg+JLfal3SBk4pj3cAQt/o3dzzmciFLCcA46j2eyFi2Bp+UDQ+m+Za592aN7izc e+fcohr1KUkemZQTikRnbKJvvnXoSwGk9HkSpAe9Jy4Gtx6d5d0rGXzGbLIr8Kf/ l1AxRTiydbMkyF5k3RtA+wcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 266826153897493534376309874139903767488054 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-29 02:24:52 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-27 02:24:52 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.primocar.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 895631185683520889667724042411354011342976589167912913956475368114470456823896385499828763651929425748851581653454014279796252291643217491641631364580325072647349270862201304640866982455909288913392840446318151598464276728117109345975877615262265782980464834678116610586305535372368092798245679759495623010415050426421487214986037930424289054589287963720018548763414261778327980349997535815266830634971681384394078225101936763434837255988378043829755300189645209532737061457319434088500696287483098930129443988419924950256989007967120973706215417927894474971620977620743542862350733156320904002665451868437243966261778774147441390969476250710883507295115917643188354347445992357156455008810268158824988940984943558114459597402270485761433217928287672680934296633441317766027856585794360735604782146919810714560432589668164709477114110813219511315000034512549974783800042279585251424119859870711902733809415128522337310906982359233777782446693412665607839219040436952338293792145358538250673149910114864760448994678292730733105267107520466757644119524157897347690666851586007143898249761773560056930148242282500588773755699245060428947779967417915806084390264379892651787165943436598966816614657345072197267922759766017960694769580807 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 77073be35b44f19b5c25344c44e326534865eeed . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'primocar.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.primocar.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc5600000169c77a923000000403004630440220301cef953962e33286c97303256759836b263ab3e6474f46e9a5e80b37f590fc022009fb49bb6f5f40c48066dfece195d5550802cef6d9db4dfec9b376e83a0bcbae00750063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d00000169c77a922f0000040300463044022033eed3f10a3298970d3d171f692db4153fd91d3293b2dc66f4a38f59a513cd070220767bc51ba1fa0132e8f904b269ffda4f360c0d91c90a63db084b8e3b16932620 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0068e98a66c9b079ac98aaef1b85d0c5254dfe26e3561b736ceea68755d5833dc70fb3b6e6dce66cd54bee756c0b5c28e64d5820907c0379c1a9bfa7f1f8bbcffa58e8825decfab26937b36202d6f0540e6d57ec50e1948b94062dfe84d12b9a2333572397f0ffec2d7115f0d92bce046c59678282e647c3d91b47bf6d7178ff01b8a4e24bc2b4321ea6acf02f3fa78c0019ebbd7222494420ceecb021230f49f041a979a36d6149c3818e2a58a18ebf242645c643d9da83c43a30c914bee8bfb82d1f174c04a11a0919ace93fe93c40465eedc11500168318b48346ff6c57722a3598799f50bc9015449e6d8ef559f9812e1cfd6ecb1ad0755f51a5cbee26e9f9