skolyjh.cz
Issued by R3
About this certificate
This digital certificate with serial number 04:c6:3b:3a:fa:40:c2:49:8f:dc:07:b6:aa:e9:31:82:46:3e was issued on by Let's Encrypt.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=skolyjh.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:c6:3b:3a:fa:40:c2:49:8f:dc:07:b6:aa:e9:31:82:46:3eSerial Number (int): 415903783058089039745425492637124313368126
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: a7:35:68:d1:e6:c7:5b:fb:b5:13:9f:ed:a2:5f:21:fc:17:80:50:e7
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 8e:f6:8f:4e:11:69:25:35:de:d4:e2:7f:3a:c8:2e:82:c2:75:7d:27
Fingerprint (sha256): d4:be:f3:63:64:19:65:5e:d1:c4:74:e3:c4:9a:84:ed:d6:c2:cd:4d:ae:23:58:91:3a:73:3c:ae:ed:2b:4e:db
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate skolyjh.cz
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for skolyjh.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
oaeldo.cz
skolyjh.cz
www.oaeldo.cz
www.skolyjh.cz
skolyjh.cz
www.oaeldo.cz
www.skolyjh.cz
Other certificates including the domain name skolyjh.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for skolyjh.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGCzCCBPOgAwIBAgISBMY7OvpAwkmP3Ae2qukxgkY+MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMTcyMzUxMjhaFw0yNDAxMTUyMzUxMjdaMBUxEzARBgNVBAMT CnNrb2x5amguY3owggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCy9cIS Zf+x/W5Eg1M2vf/vLgc1kugfzvTT4mYr/6lGRi/PqXiESEkWP0PaJEZrxMyl03dF 32GpeBCQ+ER2CqLXJGkLncXMn+Vh3NbQZj0O4KmZ81hL+t/3szuqtEBO47MAex2n 6AA9swanGeoObxO8YFWhz/pv7VKy7RbnDmOm7yrLrcg8yZnsM4iqKfN5+r+MRhba QBNjn1nMgyjPkWPW9Q7IQONt4mh7Jekx1wkbs0PdeiOxhElrp6BuEjMX8wkHuemt Vh9ADfTaiOSyzSy51xW7tAHf4CgT8w37EO0bVqqwXzYDZRRsymCjIM6JmnMOOfam W+wvyCUFbq9LZEqThWm0jBNNARmUP1Uiy341dUKiGxLvP15eqs2lB8un4bxPwv9G LQkc9lbJySj6GTXpDKFZBinfreq15KPnrpt1eTnhAklrGSSwQBBuoEDjcGZ4qtAz 1Fnph5Q5TFHabHdVgX0Z9faz/+0CxLvGUzuhqwQA8bi+qvBIQfONxN9eP4nFZjBx yOEWg6TscONBXie1Swhm03rvQ2AyhvU2lQh7eyimK8EYxJ5uPlDneJr4AL2XGzeO iBpHQoa2Ri6ju/cX0e5WcraID2qjGILAgFYGp4uky3MSLsLDJCiLsbmGCYn3eD77 RoEA6XrBsibNDA03HfN7u73pbs84KxmeQi8T+QIDAQABo4ICNjCCAjIwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBSnNWjR5sdb+7UTn+2iXyH8F4BQ5zAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzA/BgNVHREEODA2gglvYWVsZG8uY3qCCnNrb2x5amguY3qC DXd3dy5vYWVsZG8uY3qCDnd3dy5za29seWpoLmN6MBMGA1UdIAQMMAowCAYGZ4EM AQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAO1N3dT4tuYBOizBbBv5AO2fY T8P0x70ADS1yb+H61BcAAAGLQEQgSgAABAMARzBFAiBB3njq/gBdVsXgnU/1xGkY V/MQz5LvHlXTa6tV8QAXJAIhAJpJioEZSqcDyLa5jRkAZcGtpm1vXOzeSaUgvhVy BdvdAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLQEQgMwAA BAMARzBFAiEA5mCY6Ev1bLEAsh7K/V64+B7Nf6zfHDQnj6jHchUUb0sCIEi0YF9U sj5pdXoGhHWo+EbGLEv65IWupdzePjcMBOEiMA0GCSqGSIb3DQEBCwUAA4IBAQAi ENxXE8wY2TDihWbOLwc6Rpid8S2rnqP9yhu9KKb56nq+lQMLz+PT17GidxkIjTPi rmzo1c8MbcvaqYsRHIbEQGLzWiTszS2ertjYxHZXxDrUREMnG5jHvdQhoiyjYvXh cYMiwUA0IA8In/rrNpdOVs7N1zdalfrNb5pIVBnco4UIXtwiL+ol9Cr4WhV1mwhm DE//JDjts1RjIzslB+6tnnA7ciARND/xAajRRB+UQOxIV5ibrf6MA1/26k+l5Bhm beT8WiDhlltAsHuGlu3A0oBH4la6/pfmUIjxxmmf8BEYYpKyZ5D/w9Rg3mrK4lcI Tvl3YO847KgoM2ZQA8nO -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsvXCEmX/sf1uRINTNr3/ 7y4HNZLoH8700+JmK/+pRkYvz6l4hEhJFj9D2iRGa8TMpdN3Rd9hqXgQkPhEdgqi 1yRpC53FzJ/lYdzW0GY9DuCpmfNYS/rf97M7qrRATuOzAHsdp+gAPbMGpxnqDm8T vGBVoc/6b+1Ssu0W5w5jpu8qy63IPMmZ7DOIqinzefq/jEYW2kATY59ZzIMoz5Fj 1vUOyEDjbeJoeyXpMdcJG7ND3XojsYRJa6egbhIzF/MJB7nprVYfQA302ojkss0s udcVu7QB3+AoE/MN+xDtG1aqsF82A2UUbMpgoyDOiZpzDjn2plvsL8glBW6vS2RK k4VptIwTTQEZlD9VIst+NXVCohsS7z9eXqrNpQfLp+G8T8L/Ri0JHPZWycko+hk1 6QyhWQYp363qteSj566bdXk54QJJaxkksEAQbqBA43BmeKrQM9RZ6YeUOUxR2mx3 VYF9GfX2s//tAsS7xlM7oasEAPG4vqrwSEHzjcTfXj+JxWYwccjhFoOk7HDjQV4n tUsIZtN670NgMob1NpUIe3sopivBGMSebj5Q53ia+AC9lxs3jogaR0KGtkYuo7v3 F9HuVnK2iA9qoxiCwIBWBqeLpMtzEi7CwyQoi7G5hgmJ93g++0aBAOl6wbImzQwN Nx3ze7u96W7POCsZnkIvE/kCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 415903783058089039745425492637124313368126 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-17 23:51:28 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-15 23:51:27 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'skolyjh.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 730093072026510540958300703133082210701139594437870964791630982995737818006364943901337894136104116745607488438504156202556633714298122691846613153554864248123990257115600925736111433680442106892736553731107050886038320536875931296709535304049757994662573286842084141883346834627177817415420420365920234057569702216183575381874281418053868181587127540078725449293208696701350436974357444854814559327859623319462778775432231093759144353852224472837486625594338072735330757407557002343066468670886883390248158441235603633562436521874504094516640962366259415283522709281002944163020738622784887273691045053838596256902294553606707889437098286049632912465652476897320648610125931854388874333181534587900292508693094676491822157850965016764760202548889820221411219499979057267670797301107510532645493849762083894414737069908524690535746007593203400559657689134728936254671795777874754761073481850629262760936164093723386524884978657765083930208598851524806763633435840672268137438184126645044415416676437835639266832794178688271383234309037026724487166396419022456221987071119026134211215396813594439315308452705075024155369723534003923868350892113460375496528653710725577228306861095846036628942884716098231128333621215339420602980045817 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a73568d1e6c75bfbb5139feda25f21fc178050e7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oaeldo.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'skolyjh.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.oaeldo.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.skolyjh.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b4044204a0000040300473045022041de78eafe005d56c5e09d4ff5c4691857f310cf92ef1e55d36bab55f10017240221009a498a81194aa703c8b6b98d190065c1ada66d6f5cecde49a520be157205dbdd007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b404420330000040300473045022100e66098e84bf56cb100b21ecafd5eb8f81ecd7facdf1c34278fa8c77215146f4b022048b4605f54b23e69757a068475a8f846c62c4bfae485aea5dcde3e370c04e122 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002210dc5713cc18d930e28566ce2f073a46989df12dab9ea3fdca1bbd28a6f9ea7abe95030bcfe3d3d7b1a27719088d33e2ae6ce8d5cf0c6dcbdaa98b111c86c44062f35a24eccd2d9eaed8d8c47657c43ad44443271b98c7bdd421a22ca362f5e1718322c14034200f089ffaeb36974e56cecdd7375a95facd6f9a485419dca385085edc222fea25f42af85a15759b08660c4fff2438edb35463233b2507eead9e703b722011343ff101a8d1441f9440ec4857989badfe8c035ff6ea4fa5e418666de4fc5a20e1965b40b07b8696edc0d28047e256bafe97e65088f1c6699ff011186292b26790ffc3d460de6acae257084ef97760ef38eca82833665003c9ce