cordys-zm-value.kpn.com
- Koninklijke KPN N.V. -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 39:18:ef:91:ae:ff:94:01:c5:85:8c:92 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization: Koninklijke KPN N.V.
State / Province:
Zuid-Holland
Locality: Rotterdam
Country: NL
Locality: Rotterdam
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 39:18:ef:91:ae:ff:94:01:c5:85:8c:92Serial Number (int): 17670791112464676767586946194
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: 1a:39:3c:c6:fe:d9:fc:e5:5f:af:45:63:1c:3a:3b:48:c7:19:55:76
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): e5:9f:2f:ea:62:65:04:79:ca:a6:8a:50:d0:da:3e:40:09:a2:e2:5a
Fingerprint (sha256): 01:c1:19:4f:1f:b3:49:54:b4:54:9f:08:97:88:1c:3a:37:04:77:4b:8c:5a:1a:15:a3:92:c4:fe:18:fe:a4:eb
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate cordys-zm-value.kpn.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cordys-zm-value.kpn.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cordys-zm-value.kpn.com
Other certificates including the domain name kpn.com
(limited to 100 certificates)
sentrymail.acc.kpnnet.org
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
Certificate
The complete raw certificate details for cordys-zm-value.kpn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIZjCCBk6gAwIBAgIMORjvka7/lAHFhYySMA0GCSqGSIb3DQEBCwUAMHExCzAJ BgNVBAYTAk5MMREwDwYDVQQKDAhLUE4gQi5WLjEXMBUGA1UEYQwOTlRSTkwtMjcx MjQ3MDExNjA0BgNVBAMMLUtQTiBCViBQS0lvdmVyaGVpZCBPcmdhbmlzYXRpZSBT ZXJ2ZXIgQ0EgLSBHMzAeFw0xOTA0MDMwODIwNDZaFw0yMTA0MDIwODIwNDZaMIGY MQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMRIwEAYDVQQHDAlS b3R0ZXJkYW0xHTAbBgNVBAoMFEtvbmlua2xpamtlIEtQTiBOLlYuMR0wGwYDVQQF ExQwMDAwMDAwMzAyMDQ1MjAwMDAwMDEgMB4GA1UEAwwXY29yZHlzLXptLXZhbHVl Lmtwbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaU9vfn0se x+8y+lu3usJeriomsMw531SsxVAbg2ViTucAN927KsI8hPSTdHO6ONkZCLKf64o6 VKf0Hz5ETuxKiwFayKffskrN/6yzOtV911Tzt9/fDKmBf/NcYnYsrCyvaEt+j09k ANG5VAP/gjHcF8UfMM4vyCQ394rB5VZWvlRePXlFcEQOfpsbOPCor9EOnOoi539A DcWyiQ755v12fgrEqM8oNY33yUyVYKXDi8ZZWOxNEfmlZScKwMHeeh8fKZyrKe46 IUm2snAyP9DgBZVB9SXhn5/KDxKJRcxV1GVik6vVQ7NNRFKx7GiM8BawV9UwejuD xwkZoMItVDUDAgMBAAGjggPUMIID0DCBlAYIKwYBBQUHAQEEgYcwgYQwWAYIKwYB BQUHMAKGTGh0dHA6Ly9jZXJ0Lm1hbmFnZWRwa2kuY29tL0NBY2VydHMvS1BOQlZQ S0lvdmVyaGVpZE9yZ2FuaXNhdGllU2VydmVyQ0FHMy5jZXIwKAYIKwYBBQUHMAGG HGh0dHA6Ly9nM29jc3AubWFuYWdlZHBraS5jb20wHQYDVR0OBBYEFBo5PMb+2fzl X69FYxw6O0jHGVV2MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUw5qme150K4K2 xnL9dE6F0pfN/RgwgbEGA1UdIASBqTCBpjCBmQYKYIQQAYdrAQIFBjCBijA3Bggr BgEFBQcCARYraHR0cHM6Ly9jZXJ0aWZpY2FhdC5rcG4uY29tL3BraW92ZXJoZWlk L2NwczBPBggrBgEFBQcCAjBDDEFPcCBkaXQgY2VydGlmaWNhYXQgaXMgaGV0IENQ UyBQS0lvdmVyaGVpZCB2YW4gS1BOIHZhbiB0b2VwYXNzaW5nLjAIBgZngQwBAgIw XgYDVR0fBFcwVTBToFGgT4ZNaHR0cDovL2NybC5tYW5hZ2VkcGtpLmNvbS9LUE5C VlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVTZXJ2ZXJDQUczL0xhdGVzdENSTC5jcmww DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAi BgNVHREEGzAZghdjb3JkeXMtem0tdmFsdWUua3BuLmNvbTCCAYAGCisGAQQB1nkC BAIEggFwBIIBbAFqAHcAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMA AAFp4klUvwAABAMASDBGAiEA0SlL9wvHqYHLjDYVB+ysfDRkYxBocWxuJZ3RAXK5 ekECIQC9LfX0LupsB9xBz85b4gII1E22q4V+pZrM8Q5jCuIt7QB3AKS5CZC0GFgU h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABaeJJVL0AAAQDAEgwRgIhALeQxkoK hZ2pe6LA8HFFsBvRbhx8mcH5l1soUvoRdxZnAiEAk2++qhrCEVq7oJY4mTrfd/wv Fzps7KJbOO+FJaTUDPQAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7R hQAAAWniSVS/AAAEAwBHMEUCIAbafiNpgWVhJKJV37HvH1Ak4K3uBAJAAJIGVIe1 uCLzAiEAixP6GSi36XlXMvNbmykpjVnVvrDmLIRDK6gwcazNZwcwDQYJKoZIhvcN AQELBQADggIBAJ+I8Vczfj6N/9Lf3v1ckbDSx9xwK4P15QpL92QnozbCXpNDSDBF KBzlyHwKuPZVJ0VwVTxqxAkRcRoex/maFcfi2U1+Xz3/bICwJ4l0IsvANwyPiNNJ xsqiPiYIXZknLzDOFg60JuSDh5Q9w1lgdcE1+LOTcJ1kilpD2CN3/8OuVctNha0f mcyxcVs7yItFnZsBxas/e5rq/3jXwUoQ4mpp0Y7FHz/ZfQUI8xwU4i7dlpsgWfi0 HGs5iXAZcVc/OKpV/X2z+Fawg6Wzewvqd6MBRZSPmieJ6KWKz2WcFPthW5TZs2Tb so58m93MO4DP7XI+fLqwjySDbOwjC70tE4Lyr+c2NGT87IpbXS89w8mgXCEeLozH XWVt2p3QihdMejgX5I/aU0G4oaFfusa7q3bFeT8fhJWn+b7eu0b3EsXLO2PXMsv/ SJFunJUFI9wO/10RuCtDuwQC0/SrgCeXu9JOfW/6LVZiOGqis5JF+JhNNCPTJ8dN mk7fKnf0IIy4ImNglIsrbIzH2uaDqVVP25jaDoMFprWKT5hv90XzJtL9ff4GneS+ UwJAUS3Y79QZyNZgIOuvGygxnvdUbiayvaS9df8VSmBt4h3xwHkgwmtSN6odrnPr t/UJQWAV4Jf/f04727xC97KAwsnCHUAs36Id6h8ZmzUCvQT6BAchCm60 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lPb359LHsfvMvpbt7rC Xq4qJrDMOd9UrMVQG4NlYk7nADfduyrCPIT0k3RzujjZGQiyn+uKOlSn9B8+RE7s SosBWsin37JKzf+sszrVfddU87ff3wypgX/zXGJ2LKwsr2hLfo9PZADRuVQD/4Ix 3BfFHzDOL8gkN/eKweVWVr5UXj15RXBEDn6bGzjwqK/RDpzqIud/QA3FsokO+eb9 dn4KxKjPKDWN98lMlWClw4vGWVjsTRH5pWUnCsDB3nofHymcqynuOiFJtrJwMj/Q 4AWVQfUl4Z+fyg8SiUXMVdRlYpOr1UOzTURSsexojPAWsFfVMHo7g8cJGaDCLVQ1 AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17670791112464676767586946194 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-03 08:20:46 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-02 08:20:46 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rotterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'cordys-zm-value.kpn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27561302838022880850149703256485844884619880639466563069312607496553236733417864055927005990352559755183245744656072379767143294360186182485064784147802459135409730300008073832978449214174464140114422562310404807568572103353935876031927708030081988460217126879627468131466204954959964110188153188794542148278804734353220617989981209040540396075516574850073972119745976295842448154410517204883331129524847300400726488421612996942111563005919146794327964990490426380048680299777369185988881298452095758608809599995728125135058050726474976424743802710406746159229697960090635766698258944808245467060612238041815419467011 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1a393cc6fed9fce55faf45631c3a3b48c7195576 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cordys-zm-value.kpn.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000169e24954bf0000040300483046022100d1294bf70bc7a981cb8c361507ecac7c3464631068716c6e259dd10172b97a41022100bd2df5f42eea6c07dc41cfce5be20208d44db6ab857ea59accf10e630ae22ded007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000169e24954bd0000040300483046022100b790c64a0a859da97ba2c0f07145b01bd16e1c7c99c1f9975b2852fa11771667022100936fbeaa1ac2115abba09638993adf77fc2f173a6ceca25b38ef8525a4d40cf4007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000169e24954bf0000040300473045022006da7e236981656124a255dfb1ef1f5024e0adee0402400092065487b5b822f30221008b13fa1928b7e9795732f35b9b29298d59d5beb0e62c84432ba83071accd6707 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 009f88f157337e3e8dffd2dfdefd5c91b0d2c7dc702b83f5e50a4bf76427a336c25e9343483045281ce5c87c0ab8f655274570553c6ac40911711a1ec7f99a15c7e2d94d7e5f3dff6c80b027897422cbc0370c8f88d349c6caa23e26085d99272f30ce160eb426e48387943dc3596075c135f8b393709d648a5a43d82377ffc3ae55cb4d85ad1f99ccb1715b3bc88b459d9b01c5ab3f7b9aeaff78d7c14a10e26a69d18ec51f3fd97d0508f31c14e22edd969b2059f8b41c6b3989701971573f38aa55fd7db3f856b083a5b37b0bea77a30145948f9a2789e8a58acf659c14fb615b94d9b364dbb28e7c9bddcc3b80cfed723e7cbab08f24836cec230bbd2d1382f2afe7363464fcec8a5b5d2f3dc3c9a05c211e2e8cc75d656dda9dd08a174c7a3817e48fda5341b8a1a15fbac6bbab76c5793f1f8495a7f9bedebb46f712c5cb3b63d732cbff48916e9c950523dc0eff5d11b82b43bb0402d3f4ab802797bbd24e7d6ffa2d5662386aa2b39245f8984d3423d327c74d9a4edf2a77f4208cb8226360948b2b6c8cc7dae683a9554fdb98da0e8305a6b58a4f986ff745f326d2fd7dfe069de4be530240512dd8efd419c8d66020ebaf1b28319ef7546e26b2bda4bd75ff154a606de21df1c07920c26b5237aa1dae73ebb7f509416015e097ff7f4e3bdbbc42f7b280c2c9c21d402cdfa21dea1f199b3502bd04fa0407210a6eb4