DV SSL/TLS Certificate for www.hrebik.cz

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the www.hrebik.cz DV SSL/TLS Certificate

This certificate with serial number 06:f2:9e:0e:c5:37:20:68:12:8c:0b:cb:0d:2b:a3:c3:0a:91 for www.hrebik.cz was issued on by Let's Encrypt.

This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for www.hrebik.cz provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 06:f2:9e:0e:c5:37:20:68:12:8c:0b:cb:0d:2b:a3:c3:0a:91
Serial Number (int): 605232143100920894427234778654452289309329
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: 39:d5:b9:9e:3e:08:4c:f3:92:13:a6:62:87:10:36:13:0a:77:1e:02
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): 32:23:ed:10:a7:3c:f9:17:c9:1e:af:9b:ca:96:59:89:93:d8:22:c3
Fingerprint (SHA-256): c4:6c:c1:61:18:98:05:be:2a:38:ad:ad:f7:e4:59:9b:56:2b:d0:a5:19:fe:c9:08:8a:92:a8:01:71:1e:6c:a4

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/18.crl

Check the revocation status for certificate www.hrebik.cz
1
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for www.hrebik.cz

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

www.hrebik.cz

X.509 Certificate

The complete raw X.509 certificate details for www.hrebik.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgISBvKeDsU3IGgSjAvLDSujwwqRMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjEwMTA1ODI0WhcNMjUwOTA4MTA1ODIzWjAYMRYwFAYDVQQD
Ew13d3cuaHJlYmlrLmN6MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
2r3AdwXDfal7KbdAFIo095Y0wN/gdu/HECh6LEj+VCsqnouxHdOO/ZEk9Ddavsdu
02ggxZhfIGZB/oKxNX55cZ/nAEahWRbLRo0x8RKgVNA29nQjxJ7lvY7IfWvbJ/6m
JARQrEq5lljSyOmo3bf8fP0a0J0nRFxEAmoiho6Qc3OdYNXr0pajGUtw7s4h8KS0
9nkotsqpLnUi+jjHsrOzSN+9Zp2R7g4Kc1B0iJ2xp0x0TjE0N952XHRH+J1+OHWo
kiKQVTVBf165gzzlDKCayghq62A1nxVDxScDDOOWhdewIjg+yrF3voPqXLbFKjcM
rR2CC8rPzNmfCqlTCaMF3wIDAQABo4ICHTCCAhkwDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud
DgQWBBQ51bmePghM85ITpmKHEDYTCnceAjAfBgNVHSMEGDAWgBS7vMNHpeS8qcbD
pHIMEI2iNeHI6DAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAKGF2h0dHA6Ly9y
MTAuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDXd3dy5ocmViaWsuY3owEwYDVR0g
BAwwCjAIBgZngQwBAgEwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL3IxMC5jLmxl
bmNyLm9yZy8xOC5jcmwwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdwDd3Mo0ldfh
FgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAZdZs1SuAAAEAwBIMEYCIQCBIt/i
g4ev5NeHsvmEh2NuChkW4KVpD61Un71KuhpLcQIhAPemY3dgREA9sg7zgdcMxwUl
Mo/DHoPZV9Ir8gIFQCTAAHUA7TxL1ugGwqSiAFfbyyTiOAHfUS/txIbFcA8g3bc+
P+AAAAGXWbNcRQAABAMARjBEAiAh5K0nW1wLMw3mtEM2f/8dDgOJbQepl8RkwcBR
W4n1zQIgGPOXCmDEoA/B1pXU0HBAj/voiAy1SXjLDucdlXB+HoAwDQYJKoZIhvcN
AQELBQADggEBAAJ2/qnSeY4bmz5pkjExVk0JXeCmRzrbow3phw4+Cei4SBjWMf/F
WvSK6k4UEyGVKi50vlO5aVX1XVkFRj5gshXTxsi/WbSy40Dm4cQ5TspdAthk9tom
onP+F6mZNwY0SlSQRK/8ZEBUmYj/+RxBc8sK3IoLb8dfH4gFhjEg700xcoKp3G3f
qzC5xPMHTwA16y05n/A5eqvS/kGG6yYl0vh4OL9LnUdzIrfUk2ngf0WL5VpsJLqJ
tObK/rQCj/u71R1LNyj6g+x4W36h/oNYdt+PWnnjZJV86dNKQBmAzLfXisfGrw9T
OZWG7r3srd0LDWNsn62UmnG6XEah1hAlZI0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r3AdwXDfal7KbdAFIo0
95Y0wN/gdu/HECh6LEj+VCsqnouxHdOO/ZEk9Ddavsdu02ggxZhfIGZB/oKxNX55
cZ/nAEahWRbLRo0x8RKgVNA29nQjxJ7lvY7IfWvbJ/6mJARQrEq5lljSyOmo3bf8
fP0a0J0nRFxEAmoiho6Qc3OdYNXr0pajGUtw7s4h8KS09nkotsqpLnUi+jjHsrOz
SN+9Zp2R7g4Kc1B0iJ2xp0x0TjE0N952XHRH+J1+OHWokiKQVTVBf165gzzlDKCa
yghq62A1nxVDxScDDOOWhdewIjg+yrF3voPqXLbFKjcMrR2CC8rPzNmfCqlTCaMF
3wIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 605232143100920894427234778654452289309329
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-10 10:58:24 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-08 10:58:23 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.hrebik.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27613520590544818128517155167219122534117647339677077548791802653173114803065997819279110943167081585120582541500319607808860702591336650483321331861026106574755125832783957142848592749825491355944261305682531040125854899855515042189736877459294230132126548081573018811556632883156100619013912905603010198688726445906853314119001876249302183372136009837069744013616412661517955139943871489536768025886665034217982578787426053878042218444969094126317189333816937540932350263299592185460256716259704995100759156493296102649059541791974871663443529600266248954921474671629385063474151055301608320027394934893027898099167
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							39d5b99e3e084cf39213a662871036130a771e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hrebik.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/18.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007700dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a0000019759b354ae00000403004830460221008122dfe28387afe4d787b2f98487636e0a1916e0a5690fad549fbd4aba1a4b71022100f7a663776044403db20ef381d70cc70525328fc31e83d957d22bf202054024c0007500ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe00000019759b35c450000040300463044022021e4ad275b5c0b330de6b443367fff1d0e03896d07a997c464c1c0515b89f5cd022018f3970a60c4a00fc1d695d4d070408ffbe8880cb54978cb0ee71d95707e1e80
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000276fea9d2798e1b9b3e69923131564d095de0a6473adba30de9870e3e09e8b84818d631ffc55af48aea4e141321952a2e74be53b96955f55d5905463e60b215d3c6c8bf59b4b2e340e6e1c4394eca5d02d864f6da26a273fe17a9993706344a549044affc6440549988fff91c4173cb0adc8a0b6fc75f1f8805863120ef4d317282a9dc6ddfab30b9c4f3074f0035eb2d399ff0397aabd2fe4186eb2625d2f87838bf4b9d477322b7d49369e07f458be55a6c24ba89b4e6cafeb4028ffbbbd51d4b3728fa83ec785b7ea1fe835876df8f5a79e364957ce9d34a401980ccb7d78ac7c6af0f53399586eebdecaddd0b0d636c9fad949a71ba5c46a1d61025648d