DV SSL/TLS Certificate for mail.lidos.cz

Certificate is witin its validity period

Issued by Let's Encrypt (R10)

About the mail.lidos.cz DV SSL/TLS Certificate

This certificate with serial number 05:e2:5f:0d:e9:50:2a:fd:9a:99:1e:86:9a:4b:38:10:ae:4f for mail.lidos.cz was issued on by Let's Encrypt.

With 3 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for mail.lidos.cz provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 05:e2:5f:0d:e9:50:2a:fd:9a:99:1e:86:9a:4b:38:10:ae:4f
Serial Number (int): 512591593474545049547221395961001341398607
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: b2:dd:dd:04:81:23:7b:31:d4:c1:c7:0e:5d:ab:49:8f:26:3f:cc:86
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): ad:53:6f:f0:ba:2c:e8:af:7a:9d:b6:35:92:37:9b:57:51:47:7c:71
Fingerprint (SHA-256): a3:f5:c3:04:71:49:10:21:9a:dc:5a:e1:04:e0:c9:f0:e6:d7:e6:b6:0f:3d:fe:8b:31:88:be:34:55:51:21:82

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

CRL Distribution Point: http://r10.c.lencr.org/80.crl

Check the revocation status for certificate mail.lidos.cz
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for mail.lidos.cz

Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for mail.lidos.cz in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISBeJfDelQKv2amR6Gmks4EK5PMA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwNjI3MDMyNjU2WhcNMjUwOTI1MDMyNjU1WjAYMRYwFAYDVQQD
Ew1tYWlsLmxpZG9zLmN6MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
yYps6iZXy4XJUxJwfjxc09aIyg9HA9A8DQ9MHQg+2J92qxJgR6KCSO578TwQBzOU
P081GXY3XnTauTJhivPp5jPOBBly9Ws7RuOzrX2zTJOghmQPe5BbpvRFtX10oKdr
8ysPQsMSA7e2u/zmcvH90+BssA4dxPmsQ48oSvrlyEFXUQUBss2/cwgUkphnxi3O
+MKCCd2RfsnuYMyWuo7qzQxSwh5F9pTB4DUSr0wJ5PVRT2wkCknDSTQOEOIs/Lbx
nBXilmtGvnR9N3/Xy3AvAzjAlKAJt93F5bWIJN8W4K2nSoiPyD/kLBJTRv3ClNzY
f6/OxMaD46v0pyqN6yn/WJozrrq/b/P+/O//YMjht5rAVTxMthOHUxdUrnh3PejY
AmMC5iIxVopoFg5g8ix9rtMzNedC3T/u9/WmEnqOtPuF2XmSskjvSBs6JjFCv2Q0
osesmNTTizCtVV+/mr45YAHjr2ZpZVky3z4CzHkC4CWXcTDK/WxuclL1g/p81Kg8
bKyoKE2sikhlCvNEC9u3faOVUY4FQj0w2s1j9UVcBK9waiIvVe3Qd9fIFvK7ERsK
6lw84LK4gHfFW2atfhPVpsSSEQEBMWOS0zVn66vddgWUyeBoubtj7RTYyJVEBNmy
oaL1gKGrJUoMXFM+6angAiOxe4jDqYmMcU4q6Z53CsUCAwEAAaOCAkkwggJFMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUst3dBIEjezHUwccOXatJjyY/zIYwHwYDVR0j
BBgwFoAUu7zDR6XkvKnGw6RyDBCNojXhyOgwMwYIKwYBBQUHAQEEJzAlMCMGCCsG
AQUFBzAChhdodHRwOi8vcjEwLmkubGVuY3Iub3JnLzBEBgNVHREEPTA7ghNhdXRv
Y29uZmlnLmxpZG9zLmN6ghVhdXRvZGlzY292ZXIubGlkb3MuY3qCDW1haWwubGlk
b3MuY3owEwYDVR0gBAwwCjAIBgZngQwBAgEwLgYDVR0fBCcwJTAjoCGgH4YdaHR0
cDovL3IxMC5jLmxlbmNyLm9yZy84MC5jcmwwggEEBgorBgEEAdZ5AgQCBIH1BIHy
APAAdgDtPEvW6AbCpKIAV9vLJOI4Ad9RL+3EhsVwDyDdtz4/4AAAAZevohzhAAAE
AwBHMEUCICJBI9Nw+/FaMukHSkZZ6SBcTnMf7UTch+M10KWGuhzlAiEAqBL4ez2h
3NLnalj7tWq+aBHr7ueOR2+5Uy1MjFk6K9kAdgDd3Mo0ldfhFgXnlTL6x5/4PRxQ
39sAOhQSdgosrLvIKgAAAZevoiT9AAAEAwBHMEUCIEna61v5IwY5ZSPSbqa1CEiX
n/HKUIChU1hHoGcQk8QHAiEA87GU2dL27pSaIT/lEB1nqAPjrW3KXHU9NKuZo7za
qtQwDQYJKoZIhvcNAQELBQADggEBAJfXMWCtgoCzJxjWfbMM7lpGCtdorrEyBwQD
pRFUesxilLqeuKdGL0iiZcLNiExTbUEaFaaVfu4F9WZKdm0IouX59ONupDEGdwnt
6p43UhUvUXUZReNahR2P7uX5dVY4M6XMuXFphq5jbCZl4FoYaSHxTFUcj8s2HR2V
tmTzbsnSj12mLOTkEtxhUOcgWw0whRUoPvwbB3n36Qvw3FswOJDkEmMSq+8gwbx1
/1Fl3V/VMQvZTPBrK3+k/QiG4O7Lr6UTiuZWrRYXv1rUwlGGrX81fR+P2DL5L8nU
bTM9pFQvfv/9bWrHVWh3eTUjMu9jPi8pO7psZpABAQsQnphrF10=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyYps6iZXy4XJUxJwfjxc
09aIyg9HA9A8DQ9MHQg+2J92qxJgR6KCSO578TwQBzOUP081GXY3XnTauTJhivPp
5jPOBBly9Ws7RuOzrX2zTJOghmQPe5BbpvRFtX10oKdr8ysPQsMSA7e2u/zmcvH9
0+BssA4dxPmsQ48oSvrlyEFXUQUBss2/cwgUkphnxi3O+MKCCd2RfsnuYMyWuo7q
zQxSwh5F9pTB4DUSr0wJ5PVRT2wkCknDSTQOEOIs/LbxnBXilmtGvnR9N3/Xy3Av
AzjAlKAJt93F5bWIJN8W4K2nSoiPyD/kLBJTRv3ClNzYf6/OxMaD46v0pyqN6yn/
WJozrrq/b/P+/O//YMjht5rAVTxMthOHUxdUrnh3PejYAmMC5iIxVopoFg5g8ix9
rtMzNedC3T/u9/WmEnqOtPuF2XmSskjvSBs6JjFCv2Q0osesmNTTizCtVV+/mr45
YAHjr2ZpZVky3z4CzHkC4CWXcTDK/WxuclL1g/p81Kg8bKyoKE2sikhlCvNEC9u3
faOVUY4FQj0w2s1j9UVcBK9waiIvVe3Qd9fIFvK7ERsK6lw84LK4gHfFW2atfhPV
psSSEQEBMWOS0zVn66vddgWUyeBoubtj7RTYyJVEBNmyoaL1gKGrJUoMXFM+6ang
AiOxe4jDqYmMcU4q6Z53CsUCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 512591593474545049547221395961001341398607
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-27 03:26:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-09-25 03:26:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.lidos.cz'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 822214420785920067468671716462701435934151466712211809521221651595752313107264324508928412983317622940389072872427913313736511351447022763069390176550483294569544806329261927973520103575889606826104210950998266566457608726443512346093996586278518558130407577577189174087131293369272801654383548145277691046612329809926905965523930822370473600425413367548316929171622502591114640718724069374446772757895084694410088523867164546785349185046777081780021974100540053284359503301098679451809533714435383914367471160904723956900903593759637465874127157347134773635540244729808455156689243951109111213166180727394742666613111506526145519907754479526040521913585174393026235201100063061771903372923895375149985511301833403689247749644440126875929588296704534652213460406349926108531149743462633384119242968880141247415005707522251245441541054666527583844314542680451400615137240475064682495725169840496295495085152118342327020145484790850098539436978467335160985394103750404196716123602565411899186140461540896060882160933524499896411610796093714587657033699539379525515044480169329541334825988126442537660199293036901395453398971283291226790265400837054662006901476804472154841970098154896181406712812704866646821541006405969885373637528261
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b2dddd0481237b31d4c1c70e5dab498f263fcc86
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autoconfig.lidos.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.lidos.cz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.lidos.cz'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (39 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.c.lencr.org/80.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600ed3c4bd6e806c2a4a20057dbcb24e23801df512fedc486c5700f20ddb73e3fe000000197afa21ce100000403004730450220224123d370fbf15a32e9074a4659e9205c4e731fed44dc87e335d0a586ba1ce5022100a812f87b3da1dcd2e76a58fbb56abe6811ebeee78e476fb9532d4c8c593a2bd9007600dddcca3495d7e11605e79532fac79ff83d1c50dfdb003a1412760a2cacbbc82a00000197afa224fd0000040300473045022049daeb5bf92306396523d26ea6b50848979ff1ca5080a1535847a0671093c407022100f3b194d9d2f6ee949a213fe5101d67a803e3ad6dca5c753d34ab99a3bcdaaad4
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0097d73160ad8280b32718d67db30cee5a460ad768aeb132070403a511547acc6294ba9eb8a7462f48a265c2cd884c536d411a15a6957eee05f5664a766d08a2e5f9f4e36ea431067709edea9e3752152f51751945e35a851d8feee5f975563833a5ccb9716986ae636c2665e05a186921f14c551c8fcb361d1d95b664f36ec9d28f5da62ce4e412dc6150e7205b0d308515283efc1b0779f7e90bf0dc5b303890e4126312abef20c1bc75ff5165dd5fd5310bd94cf06b2b7fa4fd0886e0eecbafa5138ae656ad1617bf5ad4c25186ad7f357d1f8fd832f92fc9d46d333da4542f7efffd6d6ac755687779352332ef633e2f293bba6c669001010b109e986b175d