insider.kia.com

Issued by R3

About this certificate

This digital certificate with serial number 04:55:a7:b0:63:64:78:7e:55:27:e7:25:5c:24:6b:41:46:76 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=insider.kia.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:55:a7:b0:63:64:78:7e:55:27:e7:25:5c:24:6b:41:46:76
Serial Number (int): 377596041850782597002230865252809869182582
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 3d:4d:b6:08:ff:29:e1:a7:0d:3e:93:58:f0:b3:1d:09:50:e2:05:90
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 27:e1:af:c3:86:c2:5f:c9:5b:16:61:0d:71:de:68:cd:c9:d5:88:8b
Fingerprint (sha256): 0b:b2:2a:ed:a0:d7:f6:f6:0a:02:92:a5:c7:86:fc:78:ad:26:0b:e2:12:cd:b0:41:89:2a:52:3b:e7:5b:f1:a7

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate insider.kia.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for insider.kia.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

insider.kia.com

Other certificates including the domain name kia.com

(limited to 100 certificates)
ev9in.worldwide.kia.com
dashportal.hyundai.com
stg.cn-ccapi.hyundai.com
msos.kia.com
web1.prod.kia.us
ev9kr.worldwide.kia.com
adm.kia.com
ssl.ipaper.io
red.kia.com
dsoha2iqis.kia.com
ssl1.ipaper.io
ev9na-stg.worldwide.kia.com
ssl1.ipaper.io
dcmpass.hyundai.com
kevent.kia.com
press.accept.eu.kia.com
kcvg.kia.com
kdp.kia.com
prd.eu-ccapi.hyundai.com
mtalk.hyundai.com
ssl.ipaper.io
flex.kia.com
ksw.kia.co.kr
stg.cn-ccapi.hyundai.com
web.icps.kia.com
*.kia.com
mykia-quz.kia.com
prd.eu-ccapi.hyundai.com
adbsmetrics.kia.com
*.kia.com
*.hyundai.com
ssl1.ipaper.io
adplanner.kia.com
ssl1.ipaper.io
csr.kia.com
ci.kia.com
mobileautoq.kia.com
peardev3-eu.kia.com
ssl1.ipaper.io
ver-bluelinkmobile.hyundai.com
*.hyundai.com
eshop.kia.com
ephoto.kia.com
web1.prod.kia.us
kiaadmin.kia.com
prestudio-europe.kia.com
pr.kia.com
used-uk.kia.com
origin-military.kr.kia.com
san-4-s50.tlsprovisioning.exacttarget.com
www.kia.com
ssl1.ipaper.io
tstkgss.kia.com
eshop.kia.com
org1-www.kia.com
neuwagen.kia.com
org2-www.kia.com
stg.ind.hyundai.com
ev9in-stg.worldwide.kia.com
sip.kia.com
emss.kia.com
ws.eu.kia.com
insider.kia.com
*.kia.com
staging-press.kia.com
gpms.kia.com
career.kia.com
ckd.hmc.co.kr
dealership.kia.com
outlook.hmc.co.kr
pr.kia.com
ssl1.ipaper.io
dev.gbps.kia.com
domain.kia.com
api.kiavr.co
flex.kia.com
api.red.kia.com
eu-www.kia.com
ws.accept.eu.kia.com
ev9eu.worldwide.kia.com
wrms.kia.com
tkdcs.kia.com
ssl1.ipaper.io
csr.kia.com
ssl1.ipaper.io
sni.cloudflaressl.com
ssl.ipaper.io
mcrms.kia.com
api-kr.kia.com
csr.kia.com
*.kia.com
ssl.ipaper.io
preprod-eu-press.kia.com
eu-www.kia.com
cloud.eu.connect.kia.com
*.members.kia.com
view.eu.connect.kia.com
adplanner.kia.com
*.designmagazine.kia.com
api.red.kia.com

Certificate

The complete raw certificate details for insider.kia.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgISBFWnsGNkeH5VJ+clXCRrQUZ2MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMTYwNTIwMDhaFw0yNDAxMTQwNTIwMDdaMBoxGDAWBgNVBAMT
D2luc2lkZXIua2lhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANB+DHMNfFiY4fGjqI7WIAYCu0OMzCHTLLbVg4DNuR4r/GTck7XLZwdc5hYV1kTY
CWBeW7dfFQsjeGs9NM90bNz/qSYJZLosrhtPE6LSaWvPCzxSXzbvOJoG/8mhyimC
z/5jtGawt6ZHwI6X2IL0bAIa9JjwQ4KtLrr/xg5CSAk2cgMS4dVld5VIwVBUyu2X
QZC2zDpKjpGIhhe7uNsLHrFygy8A8xXyb5N8zarG+YxT74/ARVNP8ARpViFHKC1H
7EST+rxnfSOzGGfYYCBpbQO9ncpNonQxPnPKKGJRvtqHZBwHbfUdtgsbgyRHU85L
3IU3b/C875jlPIWk6SMnKaUCAwEAAaOCAhAwggIMMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUPU22CP8p4acNPpNY8LMdCVDiBZAwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wGgYDVR0RBBMwEYIPaW5zaWRlci5raWEuY29tMBMGA1UdIAQMMAowCAYGZ4EM
AQIBMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAO1N3dT4tuYBOizBbBv5AO2fY
T8P0x70ADS1yb+H61BcAAAGLNyRRKgAABAMARjBEAiBviBAGvn8MSzv4bUCT1Pgb
YP66D7rAZAyQeHYGFqS9aAIgSPGA6ZnGHiIDpAHF4I2XSvWbY8JsssLmpiYh1vBz
Fl0AdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYs3JFExAAAE
AwBHMEUCIQCNv+PppnUoQopXsJwcstigN3nZ65b/uvP4D07xVPkP+wIgJNfRdlo6
NqiOAlstPgCxBZ8e1u1YknefV9PTgBoyE90wDQYJKoZIhvcNAQELBQADggEBAARN
nmv5FDoZ8EMpW01+oZB9UqBg400yRthc1D+hF7Vnr01YQReEMVVmXLENwrnBn3Zw
DJwUxDwPzF2bDwMJm/vwthLrNnLLkBUFTCkEgqupH1uG5GIy4rtbeaqsF6xDmxoh
CQJzdKk2cVTqn+SIopTt2QWe4J66Py3tItHJZN38+KFb95ZC+NLUqGy0LuMH3fyc
l3KUVvfdxZdFANzgOr9NbRzkSpVTKjEGFXO8oTyg6udAKi73mU3Zs1qAAR2AMp+Y
uy3lu9dDkuwlVCPQeNDk2G01HuYaFhBzVcA9TrQK0/KIPuToqt+2/zgIRX2FHUVz
PDT+z4mWSIx3fY6TCI8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H4Mcw18WJjh8aOojtYg
BgK7Q4zMIdMsttWDgM25Hiv8ZNyTtctnB1zmFhXWRNgJYF5bt18VCyN4az00z3Rs
3P+pJglkuiyuG08TotJpa88LPFJfNu84mgb/yaHKKYLP/mO0ZrC3pkfAjpfYgvRs
Ahr0mPBDgq0uuv/GDkJICTZyAxLh1WV3lUjBUFTK7ZdBkLbMOkqOkYiGF7u42wse
sXKDLwDzFfJvk3zNqsb5jFPvj8BFU0/wBGlWIUcoLUfsRJP6vGd9I7MYZ9hgIGlt
A72dyk2idDE+c8ooYlG+2odkHAdt9R22CxuDJEdTzkvchTdv8LzvmOU8haTpIycp
pQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 377596041850782597002230865252809869182582
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-16 05:20:08 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-14 05:20:07 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'insider.kia.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26319724329290827199608829946855887988561208888932414568106709002926004409278884657922140428173529619527701490487203337966051611934904001399573687658811031378698989993691719428545909206408244685791645923694016489143032768724879158325182991185778012818352143141582014395826680197131714233992895773794575629361579611212064344411852494018552121095227068594863798896979452671241016192846420078594977899514895942718331048451614671979979148417144502730484060232125318815990304396900817358535851207396609960981828153651245948818758284839742733049129353158900878157286867682760318642211071473760874015499462706762001024493989
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3d4db608ff29e1a70d3e9358f0b31d0950e20590
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'insider.kia.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b3724512a000004030046304402206f881006be7f0c4b3bf86d4093d4f81b60feba0fbac0640c9078760616a4bd68022048f180e999c61e2203a401c5e08d974af59b63c26cb2c2e6a62621d6f073165d007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b3724513100000403004730450221008dbfe3e9a67528428a57b09c1cb2d8a03779d9eb96ffbaf3f80f4ef154f90ffb022024d7d1765a3a36a88e025b2d3e00b1059f1ed6ed5892779f57d3d3801a3213dd
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00044d9e6bf9143a19f043295b4d7ea1907d52a060e34d3246d85cd43fa117b567af4d584117843155665cb10dc2b9c19f76700c9c14c43c0fcc5d9b0f03099bfbf0b612eb3672cb9015054c290482aba91f5b86e46232e2bb5b79aaac17ac439b1a2109027374a9367154ea9fe488a294edd9059ee09eba3f2ded22d1c964ddfcf8a15bf79642f8d2d4a86cb42ee307ddfc9c97729456f7ddc5974500dce03abf4d6d1ce44a95532a31061573bca13ca0eae7402a2ef7994dd9b35a80011d80329f98bb2de5bbd74392ec255423d078d0e4d86d351ee61a16107355c03d4eb40ad3f2883ee4e8aadfb6ff3808457d851d45733c34fecf8996488c777d8e93088f