nestoria.com.br
Issued by R3
About this certificate
This digital certificate with serial number 03:df:2e:a4:69:5e:a3:7d:87:18:24:9c:ca:1d:fb:15:db:97 was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=nestoria.com.br
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:df:2e:a4:69:5e:a3:7d:87:18:24:9c:ca:1d:fb:15:db:97Serial Number (int): 337281823780291976604148298665039660178327
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 51:6f:65:f9:e8:e3:51:38:c5:be:02:4c:a1:e8:07:ba:6c:12:9a:a3
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 7f:ee:74:c9:15:83:96:f3:50:a3:53:60:89:54:7f:2a:2e:a6:ce:85
Fingerprint (sha256): 25:88:59:9a:28:97:2c:d3:0f:19:d4:e9:05:85:73:d9:99:c2:6e:be:06:31:37:57:41:26:ee:55:fc:95:e7:d1
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate nestoria.com.br
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nestoria.com.br
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
api.nestoria.com.br
nestoria.com.br
rss.nestoria.com.br
s.nestoria.com.br
share.nestoria.com.br
www.nestoria.com.br
nestoria.com.br
rss.nestoria.com.br
s.nestoria.com.br
share.nestoria.com.br
www.nestoria.com.br
Other certificates including the domain name nestoria.com.br
(limited to 100 certificates)
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
www.nestoria.cl
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
www.nestoria.cl
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
nestoria.com.br
nestoria.com.br
nestoria.com.br
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
amp.nestoria.ae
amp.nestoria.ae
nestoria.com.br
Certificate
The complete raw certificate details for nestoria.com.br in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgISA98upGleo32HGCScyh37FduXMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA2MjYwNzQ3NTFaFw0yMzA5MjQwNzQ3NTBaMBoxGDAWBgNVBAMT D25lc3RvcmlhLmNvbS5icjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AMDn3pWnaNfzxQ/Yl/AaTeCISuWMJmSlmvPXz2qc9qUWVNWUt+f2SNm1LT/GkaAw Bs3T8IZywWmPm1ESlJPT2aTcXVDU6Bl3LvQ9dHD+YNdbgc8CKk2n2sbRJqtKTZeD fXJGB5sJ88wrRhP0UOfEG0zaBAOc/LUJo69nQLYWbP3cis2qFdJV1G+Es/hpPord oKLFrYtcKG+7ZQvdxhGzZwnD631FWC+XT4aq922bPqK2TRqzX/rhc8G6cSmplSQW eqMx6tAr/LNNtHpYYurPVWZ2ztDcXeypNy/fM4dM50dK9jJqA+QdRG1ME24u42wR txbNE03icTuErw4pwYjpPQMCAwEAAaOCAnwwggJ4MA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUUW9l+ejjUTjFvgJMoegHumwSmqMwHwYDVR0jBBgwFoAUFC6zF7dYVsuu UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y Zy8wgYMGA1UdEQR8MHqCE2FwaS5uZXN0b3JpYS5jb20uYnKCD25lc3RvcmlhLmNv bS5icoITcnNzLm5lc3RvcmlhLmNvbS5icoIRcy5uZXN0b3JpYS5jb20uYnKCFXNo YXJlLm5lc3RvcmlhLmNvbS5icoITd3d3Lm5lc3RvcmlhLmNvbS5icjATBgNVHSAE DDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AHoyjFTYty22 IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiPbjTQUAAAQDAEgwRgIhAJh9xfeC HuUyWw1BTRvOlsdM1wGgR1DONi4LJVPB25DcAiEAqBYc3xm2cctFpRxz6k4usLQ8 KE154AFRZZ+c5+OemdAAdgC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20 mQAAAYj2400GAAAEAwBHMEUCIQD10PmB2zeI+Xxy8kZEzElaSqOqpflsXSuF35d5 879kkgIgBDENVKn+olusFDQHMy280CoSYU5y34mVDCdEngGBOfowDQYJKoZIhvcN AQELBQADggEBAHNtB7y8ce6/QSXkOyXlDb1WyNrPs+7/IDUorxq1hzRanelVKlDp A++qb7dD6qllh/u2rQxIfzKHYVd5K+TiiQAGE51obLhd3njqH6ipIh+90hVToiEY OZWKj9rtITueronKwMFSLjnh+/kfVj9GGcLgg1AyzsE1FZKbtecfbmuaoU0guzxh tmxWqwhG6ZaAXITkfBagl2zN9u2p8l2Kbr7ycnozoli08d+lcWJm29tC90F9ZVKr kGYCpPTwwq22KE22n1hhRs348+ufPNlOGLBQKC6f7dkFHxtF4tINzYdtOu5YzwW6 GhTIFfRR1gAuRThdbF2wDn4vgfyhHsQ/lNM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOfelado1/PFD9iX8BpN 4IhK5YwmZKWa89fPapz2pRZU1ZS35/ZI2bUtP8aRoDAGzdPwhnLBaY+bURKUk9PZ pNxdUNToGXcu9D10cP5g11uBzwIqTafaxtEmq0pNl4N9ckYHmwnzzCtGE/RQ58Qb TNoEA5z8tQmjr2dAthZs/dyKzaoV0lXUb4Sz+Gk+it2gosWti1wob7tlC93GEbNn CcPrfUVYL5dPhqr3bZs+orZNGrNf+uFzwbpxKamVJBZ6ozHq0Cv8s020elhi6s9V ZnbO0Nxd7Kk3L98zh0znR0r2MmoD5B1EbUwTbi7jbBG3Fs0TTeJxO4SvDinBiOk9 AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 337281823780291976604148298665039660178327 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-26 07:47:51 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-24 07:47:50 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nestoria.com.br' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24352093651128600342008112504651486296553678168618726700229249942280166162843890594686761624348648446406486070860240972309621941189593621446330156878278702736522104465852284238514815478838754517935649913472587972567447867160491746722959775854403589325724737036200503363024968520735913608983963977548456330246571015648836268283311708600305309543860403056094906791947913592873197395654636480985495536808125510489919425966266055552399212438379371433829233067548960806669892953377515096715282507080242009487037173349259831341660547772961378891912378640960974475496103653140799105699953643619881797667143906879237547179267 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 516f65f9e8e35138c5be024ca1e807ba6c129aa3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.nestoria.com.br' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nestoria.com.br' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rss.nestoria.com.br' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 's.nestoria.com.br' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'share.nestoria.com.br' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nestoria.com.br' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000188f6e34d050000040300483046022100987dc5f7821ee5325b0d414d1bce96c74cd701a04750ce362e0b2553c1db90dc022100a8161cdf19b671cb45a51c73ea4e2eb0b43c284d79e00151659f9ce7e39e99d0007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000188f6e34d060000040300473045022100f5d0f981db3788f97c72f24644cc495a4aa3aaa5f96c5d2b85df9779f3bf6492022004310d54a9fea25bac143407332dbcd02a12614e72df89950c27449e018139fa . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00736d07bcbc71eebf4125e43b25e50dbd56c8dacfb3eeff203528af1ab587345a9de9552a50e903efaa6fb743eaa96587fbb6ad0c487f32876157792be4e2890006139d686cb85dde78ea1fa8a9221fbdd21553a2211839958a8fdaed213b9eae89cac0c1522e39e1fbf91f563f4619c2e0835032cec13515929bb5e71f6e6b9aa14d20bb3c61b66c56ab0846e996805c84e47c16a0976ccdf6eda9f25d8a6ebef2727a33a258b4f1dfa5716266dbdb42f7417d6552ab906602a4f4f0c2adb6284db69f586146cdf8f3eb9f3cd94e18b050282e9fedd9051f1b45e2d20dcd876d3aee58cf05ba1a14c815f451d6002e45385d6c5db00e7e2f81fca11ec43f94d3