nostavebni.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:d0:ee:e6:47:b1:46:f8:24:c9:d3:e6:d6:22:b3:3b:ee:1e was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=nostavebni.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:d0:ee:e6:47:b1:46:f8:24:c9:d3:e6:d6:22:b3:3b:ee:1eSerial Number (int): 332433142060206643890671689454220417429022
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ec:33:9a:08:bc:4b:4c:92:e8:99:16:32:d7:69:3c:b1:19:48:78:27
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 7e:65:f7:e4:e0:0c:88:d5:66:df:86:70:32:ff:c5:69:33:d2:89:bd
Fingerprint (sha256): f8:16:00:57:bb:b2:8a:cc:c4:84:66:7e:10:02:38:b9:f7:cb:5b:62:c2:a7:46:e6:94:5a:d2:40:1e:89:ce:c3
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate nostavebni.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nostavebni.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nostavebni.cz
www.nostavebni.cz
www.nostavebni.cz
Other certificates including the domain name nostavebni.cz
(limited to 100 certificates)
Certificate
The complete raw certificate details for nostavebni.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGZDCCBUygAwIBAgISA9Du5kexRvgkydPm1iKzO+4eMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTAxMTEwNzM0NTNaFw0x OTA0MTEwNzM0NTNaMBgxFjAUBgNVBAMTDW5vc3RhdmVibmkuY3owggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQC21qMBM5eQYb+ckLmEeDMIPCBfuuBBg7Qt dVKA2nrHVAaQDXufZvodLplP3NA8+LoKjRcGpgLYbS4uuPeH0+3k12URBIlOc/c8 TYiaY21a9dzh3/5NycHF/k/znIg5Ha61Zm8M143GZ6VH2laFfClEKtTwijcJlrYY F4Yhs63jl+YXh/us4NSB6/p2EKwsk+Ci4Br0+SvhaVpdVqkIp5geISQkRmJuQZ0H sMTwdkhNTUyrpoN6QIsUU44E2ITj7Xz9bWyOYR199UN+hRJ8VeqLYD6ijHmy4ODJ VCeJfIesen8lqzG4BnBX25GGeF3/+6ed+3tRqflNMh+kKaY5QgIwqazBFXp4MAK4 TgkQVS2egnVnI5sGVi3uRsmFGsKaPJm0JzZZlmfC+oHe0Rm8+DmVg9l4LToX718z HBdfCNovdh9jfePPKNvnnBkCq2R8U/V9MEkIwFWr3TJTTYKv6oaFIT8Zb2zX1BPv Rvz2S7zDwALH/8UtoJj6v2wGG4ONFfVGgY6Gc6GxDaeVQpKJRv1qFamSg5sCnMDC mOukvi+US+3Bz/U6E3KP5dhOF04BvzEZcw3y21oGF0B+9QrJXooleHNPREVeviNd 0p573aEGR5TmHpVdDi2bcI/p8NtOqtlqRWP9nlWF10LVbwrwz7Y4qeu7X23j7tF4 P8g/DhKJpwIDAQABo4ICdDCCAnAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTsM5oI vEtMkuiZFjLXaTyxGUh4JzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14 My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14 My5sZXRzZW5jcnlwdC5vcmcvMCsGA1UdEQQkMCKCDW5vc3RhdmVibmkuY3qCEXd3 dy5ub3N0YXZlYm5pLmN6MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8T AQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIB AwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjG NzV55hB7zFYAAAFoPAy6QgAABAMARjBEAiBqJsupj08Md4lJCuxR11pRLwJ2gAf7 lBBbuCW041VBQgIgTXKf4dSJSfMv7c8jCpso/eFNwOBXgWfdu6i04cZ+zh0AdgBj 8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvYjQAAAWg8DLpLAAAEAwBHMEUC IBfSrrj3F+FVVRz7pVGXyxRTeV9nMhkiywaxhpaA6CBvAiEA+mt5DeismBFIo7mG +yYyMwqfLWKr/vH9CBdMWC+264gwDQYJKoZIhvcNAQELBQADggEBAF/38URaKzL1 +ZYg+xGFiFJzuJhpcVY59RoBuOuLNMx5U9Hw34bdL4081dC/GBzzVVM5Otj7YhbM 9j8nGDMZ7o0UXsw7EEys1x1ghWqs27qOaVx9gqHJHPcQrQKMbtjDP/jyGavFiQED QmA2bT/PWAVjPl+ddXH30BI3BdbT2ACK+27Sshb7NfStGC5LoL2el92IGEeyErF3 R5YgsPNW7yKhTVGf+1zZwLigDsS1kBrI+yAydwdMFp6UWdjqPPxwWdB5ndrQZR+D c45aOQEOPl8IXPi0guoCtxrwfHN5HyGQMz5neLG5HPyRSt0YIlGgnS5ZPWg7LXVB qAhJlEA7HFQ= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAttajATOXkGG/nJC5hHgz CDwgX7rgQYO0LXVSgNp6x1QGkA17n2b6HS6ZT9zQPPi6Co0XBqYC2G0uLrj3h9Pt 5NdlEQSJTnP3PE2ImmNtWvXc4d/+TcnBxf5P85yIOR2utWZvDNeNxmelR9pWhXwp RCrU8Io3CZa2GBeGIbOt45fmF4f7rODUgev6dhCsLJPgouAa9Pkr4WlaXVapCKeY HiEkJEZibkGdB7DE8HZITU1Mq6aDekCLFFOOBNiE4+18/W1sjmEdffVDfoUSfFXq i2A+oox5suDgyVQniXyHrHp/JasxuAZwV9uRhnhd//unnft7Uan5TTIfpCmmOUIC MKmswRV6eDACuE4JEFUtnoJ1ZyObBlYt7kbJhRrCmjyZtCc2WZZnwvqB3tEZvPg5 lYPZeC06F+9fMxwXXwjaL3YfY33jzyjb55wZAqtkfFP1fTBJCMBVq90yU02Cr+qG hSE/GW9s19QT70b89ku8w8ACx//FLaCY+r9sBhuDjRX1RoGOhnOhsQ2nlUKSiUb9 ahWpkoObApzAwpjrpL4vlEvtwc/1OhNyj+XYThdOAb8xGXMN8ttaBhdAfvUKyV6K JXhzT0RFXr4jXdKee92hBkeU5h6VXQ4tm3CP6fDbTqrZakVj/Z5VhddC1W8K8M+2 OKnru19t4+7ReD/IPw4SiacCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 332433142060206643890671689454220417429022 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-11 07:34:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-11 07:34:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nostavebni.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 745915694954755251488816781673799288867392258404072029770118932271124154587012059324896548192672823717429514803875870704412822714061748920870222994493475168990188100527597476842749846910533309712032978340012607332301683975095517267382925941585832286036077537526417277065081328164435292279994599480819233524582103909557523610720795404576511094693317949960631359991430220974012377649062614539135334742001846553583082270022844150484394108270150723705897516140022613091151728771835039683417354752207989672993046592665530452525208582412439490705186411340070046089421614198881836754323799321869387744850362501340904394550976071815048644954137991146956069342604986791188147443355441359207323339241353894182443565735629150575931670465076661823178287670142404673874278699666279488444755662830963034010340892690263010514503727404975741928401513560728172449163397831219528850130900135344946940845595239220332190354177158692924876806930383730681411805010594720492846878447996716455877611421032183749812794694221053460047444242412201975795901189897002369524669913846408318081481983947691953266154305942267469123341084504663021837221646953091955945453051776856372682293666799026555468065802082308235659965732702216501070527937871281739063817832871 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ec339a08bc4b4c92e8991632d7693cb119487827 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nostavebni.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nostavebni.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001683c0cba42000004030046304402206a26cba98f4f0c7789490aec51d75a512f02768007fb94105bb825b4e355414202204d729fe1d48949f32fedcf230a9b28fde14dc0e0578167ddbba8b4e1c67ece1d00760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d000001683c0cba4b0000040300473045022017d2aeb8f717e155551cfba55197cb1453795f67321922cb06b1869680e8206f022100fa6b790de8ac981148a3b986fb2632330a9f2d62abfef1fd08174c582fb6eb88 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005ff7f1445a2b32f5f99620fb1185885273b89869715639f51a01b8eb8b34cc7953d1f0df86dd2f8d3cd5d0bf181cf35553393ad8fb6216ccf63f27183319ee8d145ecc3b104cacd71d60856aacdbba8e695c7d82a1c91cf710ad028c6ed8c33ff8f219abc58901034260366d3fcf5805633e5f9d7571f7d0123705d6d3d8008afb6ed2b216fb35f4ad182e4ba0bd9e97dd881847b212b177479620b0f356ef22a14d519ffb5cd9c0b8a00ec4b5901ac8fb203277074c169e9459d8ea3cfc7059d0799ddad0651f83738e5a39010e3e5f085cf8b482ea02b71af07c73791f2190333e6778b1b91cfc914add182251a09d2e593d683b2d7541a8084994403b1c54