DV SSL/TLS Certificate for mail.kiwiii.com.br

Certificate has expired

Issued by Let's Encrypt (R10)

About the mail.kiwiii.com.br DV SSL/TLS Certificate

This certificate with serial number 04:e2:01:ff:41:aa:9f:f0:7f:55:73:79:f1:32:77:41:29:76 for mail.kiwiii.com.br was issued on by Let's Encrypt.

With 3 subject alternative names, this certificate can be used to secure multiple FQDNs. This DV SSL/TLS Certificate has already expired and will cause a warning or error message. We have found some issues with the compliance of this certificate, they are be shown below. We hope this DV SSL/TLS Certificate review for mail.kiwiii.com.br provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Let's Encrypt

Organization: Let's Encrypt
Country: US

This X.509 certificate expired on

Certificate Details

Serial Number (hex): 04:e2:01:ff:41:aa:9f:f0:7f:55:73:79:f1:32:77:41:29:76
Serial Number (int): 425355613246742701350995092215433319754102
Serial Number Length: 139 bits, 18 octets

Subject Key Identifier: f2:58:32:1d:ca:b7:0d:fc:35:46:b4:86:9a:ce:44:23:c3:8c:ef:47
Authority Key Identifier: bb:bc:c3:47:a5:e4:bc:a9:c6:c3:a4:72:0c:10:8d:a2:35:e1:c8:e8

Fingerprint (SHA-1): a0:1b:15:7b:5e:ae:07:a1:bc:63:97:10:b1:17:05:94:c4:06:ed:3b
Fingerprint (SHA-256): b1:ea:d0:cf:32:24:79:b2:6b:2c:3e:e9:47:fa:e8:aa:55:d5:68:5f:71:ce:90:43:3f:8d:b9:ac:ae:9c:8f:58

Issuing Certificate URL: http://r10.i.lencr.org/

Revocation Information

OCSP Server: http://r10.o.lencr.org

Check the revocation status for certificate mail.kiwiii.com.br
3
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for mail.kiwiii.com.br

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9
CA Certificate
This is not a CA certificate

Subject Alternative Names

X.509 Certificate

The complete raw X.509 certificate details for mail.kiwiii.com.br in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISBOIB/0Gqn/B/VXN58TJ3QSl2MA0GCSqGSIb3DQEBCwUA
MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD
EwNSMTAwHhcNMjUwMjAzMTQzMzM3WhcNMjUwNTA0MTQzMzM2WjAdMRswGQYDVQQD
ExJtYWlsLmtpd2lpaS5jb20uYnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDpBFxA8TbDOtQLsao7El8T5j5UKv7mkRtyHqEfFxwb91Zj6YljkEGiE88H
Ux28zhM2Ln0m2cjBYt4G+CuGNpb3BBow69QQUCdzTjfF5sx5Y5N70B7KX2uFsxmr
nDUOD5JVxhmtVvvDR3XmLuvCMbwiGY2R/cNUwwwX/q7r6iPGIMgd4sctV9VXKZIm
zqAvrWFWLXALeaAb2MVowHPwJA0VIcR9wskeOmszlMc9m536S4lABkQ0mZywqYUC
jWegBarbQW91iXYehUdXYS6CYGGsg4zRvO9OFUOw069qI1sAtwno78tY1vWRZIwB
twZVV7UuUj70VLTN1y/feBepWsY7AgMBAAGjggI5MIICNTAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw
HQYDVR0OBBYEFPJYMh3Ktw38NUa0hprORCPDjO9HMB8GA1UdIwQYMBaAFLu8w0el
5LypxsOkcgwQjaI14cjoMFcGCCsGAQUFBwEBBEswSTAiBggrBgEFBQcwAYYWaHR0
cDovL3IxMC5vLmxlbmNyLm9yZzAjBggrBgEFBQcwAoYXaHR0cDovL3IxMC5pLmxl
bmNyLm9yZy8wPwYDVR0RBDgwNoINa2l3aWlpLmNvbS5icoISbWFpbC5raXdpaWku
Y29tLmJyghF3d3cua2l3aWlpLmNvbS5icjATBgNVHSAEDDAKMAgGBmeBDAECATCC
AQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2AKLjCuRF772tm3447Udnd1PXgluElNcr
XhssxLlQpEfnAAABlMxwvSMAAAQDAEcwRQIhANTZIe3aZ9LbwDaIuSlAND99l7L1
z9JYKtFpq702Q2g/AiB/0jFvV34JD7El4YTDmH9n2iTOMoC9sHDXNeitsqNFTAB3
AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABlMxwvWEAAAQDAEgw
RgIhAOtm9H3gvViT0RKfYSgwmfrxge/74Djr5YQdM1xpXcLQAiEAiRvvMJMk3f77
ztEXCioCfgDMqulHRl5i915pxUoEBzMwDQYJKoZIhvcNAQELBQADggEBAAgMbiSu
VX0RCx5B4WNqqqP9k44iGA65ijCYbSBGHpClArI43RacWGL+D+S/HXWa0hViNF34
sBRmD16FVlKulnp8L1VJNrvaOEErY8tAI9W4HTTq+My70Rav7/2qdnTpGo7n2fX/
Q/89oPxJASMcEsflEp71rG58khcyGpmupLa1PYmnncAeLKF/PgSzV/q1auNaDCpJ
viLwRhsYFLv/CcWR417n3YYZgsr2tVRlxvKNgsWhD2jUwYOVAKn9cDygcJz1/U5/
CGm/lwVooXkBe8yoE7UATYXvslndND/8fJkXwsnjymoiRZxkOIY2hr5oYIhQMcsQ
t5oJisjfelvLZ2c=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QRcQPE2wzrUC7GqOxJf
E+Y+VCr+5pEbch6hHxccG/dWY+mJY5BBohPPB1MdvM4TNi59JtnIwWLeBvgrhjaW
9wQaMOvUEFAnc043xebMeWOTe9Aeyl9rhbMZq5w1Dg+SVcYZrVb7w0d15i7rwjG8
IhmNkf3DVMMMF/6u6+ojxiDIHeLHLVfVVymSJs6gL61hVi1wC3mgG9jFaMBz8CQN
FSHEfcLJHjprM5THPZud+kuJQAZENJmcsKmFAo1noAWq20FvdYl2HoVHV2EugmBh
rIOM0bzvThVDsNOvaiNbALcJ6O/LWNb1kWSMAbcGVVe1LlI+9FS0zdcv33gXqVrG
OwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 425355613246742701350995092215433319754102
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R10'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-03 14:33:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-04 14:33:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.kiwiii.com.br'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29415675233674836813717035289446695345986182474475573458195271204613263380324708436683843181045703653482908536759968973870669909292802319194525012242236085034097577126846570828888424288507757183448501062909258785810966339738939381306506416464004372968043899437667933039129737703937848609332824823254543729574057939789635827806966595221972600270579941283734366995279722995408301709790432076254620486255585295232588070469359645012297260550868652945562296672117583694103755330573122539793068853397855511982971921205800723859494002554680680512025126209316438357841157758107607341772783804753947310034107120563974139725371
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f258321dcab70dfc3546b4869ace4423c38cef47
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName bbbcc347a5e4bca9c6c3a4720c108da235e1c8e8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r10.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kiwiii.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.kiwiii.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kiwiii.com.br'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e700000194cc70bd230000040300473045022100d4d921edda67d2dbc03688b92940343f7d97b2f5cfd2582ad169abbd3643683f02207fd2316f577e090fb125e184c3987f67da24ce3280bdb070d735e8adb2a3454c007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b0800000194cc70bd610000040300483046022100eb66f47de0bd5893d1129f61283099faf181effbe038ebe5841d335c695dc2d0022100891bef309324ddfefbced1170a2a027e00ccaae947465e62f75e69c54a040733
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00080c6e24ae557d110b1e41e1636aaaa3fd938e22180eb98a30986d20461e90a502b238dd169c5862fe0fe4bf1d759ad21562345df8b014660f5e855652ae967a7c2f554936bbda38412b63cb4023d5b81d34eaf8ccbbd116afeffdaa7674e91a8ee7d9f5ff43ff3da0fc4901231c12c7e5129ef5ac6e7c9217321a99aea4b6b53d89a79dc01e2ca17f3e04b357fab56ae35a0c2a49be22f0461b1814bbff09c591e35ee7dd861982caf6b55465c6f28d82c5a10f68d4c1839500a9fd703ca0709cf5fd4e7f0869bf970568a179017bcca813b5004d85efb259dd343ffc7c9917c2c9e3ca6a22459c6438863686be6860885031cb10b79a098ac8df7a5bcb6767