nestor.com.tw
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 07:2c:22:8a:b8:74:3b:3c:8a:85:72:f8:2f:18:84:a1 was issued on by Amazon.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=nestor.com.tw
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 07:2c:22:8a:b8:74:3b:3c:8a:85:72:f8:2f:18:84:a1Serial Number (int): 9533757624768651589866427296727467169
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 31:9a:7a:b4:27:87:2f:f9:83:c6:df:58:22:01:2a:9f:ab:f4:40:2f
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 27:e6:71:ad:77:8b:c0:df:9e:dd:22:17:fe:42:86:e4:ff:f3:96:96
Fingerprint (sha256): e4:9e:9a:13:29:13:de:1e:02:45:bc:f0:4e:5f:20:a5:95:ff:4e:d4:11:c1:14:d0:4a:c4:79:e8:8c:ec:d8:c5
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate nestor.com.tw
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nestor.com.tw
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nestor.com.tw
Other certificates including the domain name nestor.com.tw
(limited to 100 certificates)
backstage.nestor.com.tw
www.nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
nestor.com.tw
backstage.nestor.com.tw
nestor.com.tw
nestor.com.tw
backstage.nestor.com.tw
www.nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
nestor.com.tw
nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
nestor.com.tw
www.nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
nestor.com.tw
backstage.nestor.com.tw
nestor.com.tw
nestor.com.tw
backstage.nestor.com.tw
www.nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
nestor.com.tw
nestor.com.tw
www.nestor.com.tw
nestor.com.tw
nestor.com.tw
nestor.com.tw
Certificate
The complete raw certificate details for nestor.com.tw in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEWTCCA0GgAwIBAgIQBywiirh0OzyKhXL4LxiEoTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIyMTIwMTAwMDAwMFoXDTIzMTIzMDIzNTk1OVowGDEW MBQGA1UEAxMNbmVzdG9yLmNvbS50dzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAJAjZU+ncUz2Ayjts9+lbWZ3I52+wdlQzMsRdQ4Lfpja7W1btMw6Jif4 5BIkTSL46mYOX6oBxvVYDc0yZaatIf/621nZKOeblJmNsZSIHdal0kYRHUPX0E9o s1iw5tql0T7qNMbkbfhi5PBSGKkWjLMCiszakRe5uaO5AsoH9OgZYYMo2JzkLLJF FnlW8Y02nqk22ehgyBjNuSCY7jlBZidujLw3d4aBOwEKJ1CJSH2zixaWzOfrs1t0 0i1Rwv/WJ3rBXeDsDHqnThApPG+Lgkpp0LMmO/v3uk8khBiEFbJNbOaK+xNkWRmU 8qmChSB4aZcwBbqJYdXodTiwuh0Snw0CAwEAAaOCAXkwggF1MB8GA1UdIwQYMBaA FMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBQxmnq0J4cv+YPG31giASqf q/RALzAYBgNVHREEETAPgg1uZXN0b3IuY29tLnR3MA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYq aHR0cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0 cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRw Oi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/ BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXbTG j0+9WbQE3eXcQiyW6voKUm1QKJ8WH5ryuccMvp1O9ypaaFZ4b4hTEJSDVR5fkHrK MCAqsFC6HP6fFyj4dws1nYEgC+VBZn01PGp2QYbzNHtkZeSq/uDEpb9Rz+r97Crh cZj25P2YacSFYwvH5PI78E1mp9Z5FTecHr6YDuUB7yg8ywVmfXvHpJdCpy5xnSqY oNKVvZQ6YZUpbXSYHug/xP54sCn0Ga20wn9ksASGhMeS6ahpjcSDa5JLhlsUinmi DswU2ULno68nYCNEcAqdOIt8T4Viw3pPnUROwGPabotyLkHFvFxN1TMdqSPAvzaL tdTcAYlMGc8AksSpZg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCNlT6dxTPYDKO2z36Vt Zncjnb7B2VDMyxF1Dgt+mNrtbVu0zDomJ/jkEiRNIvjqZg5fqgHG9VgNzTJlpq0h //rbWdko55uUmY2xlIgd1qXSRhEdQ9fQT2izWLDm2qXRPuo0xuRt+GLk8FIYqRaM swKKzNqRF7m5o7kCygf06BlhgyjYnOQsskUWeVbxjTaeqTbZ6GDIGM25IJjuOUFm J26MvDd3hoE7AQonUIlIfbOLFpbM5+uzW3TSLVHC/9YnesFd4OwMeqdOECk8b4uC SmnQsyY7+/e6TySEGIQVsk1s5or7E2RZGZTyqYKFIHhplzAFuolh1eh1OLC6HRKf DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9533757624768651589866427296727467169 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nestor.com.tw' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18195770208328148862837240406328898820637284496522322291747286931329041790704106426785106645218722529923568226506125652763213929828351096248076467740296155205015800988495330220377167632607267396709897962209722267086697331035651661636544933316157933471509692645088185533454541993159095013404407048449550490453165218060158837855854906311402629792342362336270012157669948357367614413348005690440427729495118464841072885936196087540559708974870907200626327682765253794089037009314057141685360035334946154451592964598825013891652144906272259434400741385758860048361224516248547822547419185507717825168229405473443784335117 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 319a7ab427872ff983c6df5822012a9fabf4402f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nestor.com.tw' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005db4c68f4fbd59b404dde5dc422c96eafa0a526d50289f161f9af2b9c70cbe9d4ef72a5a6856786f8853109483551e5f907aca30202ab050ba1cfe9f1728f8770b359d81200be541667d353c6a764186f3347b6465e4aafee0c4a5bf51cfeafdec2ae17198f6e4fd9869c485630bc7e4f23bf04d66a7d67915379c1ebe980ee501ef283ccb05667d7bc7a49742a72e719d2a98a0d295bd943a6195296d74981ee83fc4fe78b029f419adb4c27f64b0048684c792e9a8698dc4836b924b865b148a79a20ecc14d942e7a3af27602344700a9d388b7c4f8562c37a4f9d444ec063da6e8b722e41c5bc5c4dd5331da923c0bf368bb5d4dc01894c19cf0092c4a966