prexdsl-c-serviceweb.kpn.com
- Koninklijke KPN N.V. -
Issued by KPN Corporate Market CSP Organisatie CA - G2
About this certificate
This digital certificate with serial number 5f:06:2b:68:f2:8f:92:8e:a0:b1:20:35:d0:d4:88:59 was issued on by KPN Corporate Market BV.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization unit: ITNL
Organization: Koninklijke KPN N.V.
Organization unit: ITNL
State / Province:
Zuid-Holland
Locality: Den Haag
Country: NL
Locality: Den Haag
Country: NL
KPN Corporate Market BV
Organization:
KPN Corporate Market BV
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 5f:06:2b:68:f2:8f:92:8e:a0:b1:20:35:d0:d4:88:59Serial Number (int): 126308693839129016262445820735776917593
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 5e:fd:a4:30:b6:94:99:fe:19:6e:7b:64:b6:6d:cd:50:05:74:bf:2d
AuthorityKeyId: 26:d0:65:13:f1:ee:7a:6f:61:08:28:de:4d:98:07:12:48:78:b4:ef
Fingerprint (sha1): 22:be:fc:4a:06:ce:f0:6a:39:30:02:ae:8e:dc:c2:e7:ec:3e:cd:c6
Fingerprint (sha256): 01:f4:96:3b:a5:60:94:df:50:8d:7c:4b:f7:b0:f0:e8:56:a4:d9:d4:56:45:2a:93:31:f2:81:31:ec:a6:45:60
Revocation information
OCSP Server: http://ocsp3.managedpki.comCRL Distribution Point: http://cert.managedpki.com/crl/KPNCorporateMarketCSPOrganisatieCAG2/LatestCRL.crl
Check the revocation status for certificate prexdsl-c-serviceweb.kpn.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for prexdsl-c-serviceweb.kpn.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Client Authentication
Server Authentication
Email Protection
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
prexdsl-c-serviceweb.kpn.com
Other certificates including the domain name kpn.com
(limited to 100 certificates)
sentrymail.acc.kpnnet.org
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
Certificate
The complete raw certificate details for prexdsl-c-serviceweb.kpn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGmTCCBIGgAwIBAgIQXwYraPKPko6gsSA10NSIWTANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJOTDEgMB4GA1UECgwXS1BOIENvcnBvcmF0ZSBNYXJrZXQgQlYx NTAzBgNVBAMMLEtQTiBDb3Jwb3JhdGUgTWFya2V0IENTUCBPcmdhbmlzYXRpZSBD QSAtIEcyMB4XDTE1MDcyNDAwMDAwMFoXDTE4MDcyMzIzNTk1OVowgasxCzAJBgNV BAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxETAPBgNVBAcMCERlbiBIYWFn MR0wGwYDVQQKDBRLb25pbmtsaWprZSBLUE4gTi5WLjENMAsGA1UECwwESVROTDEd MBsGA1UEBRMUMDAwMDAwMDMwMjA0NTIwMDAwMDAxJTAjBgNVBAMMHHByZXhkc2wt Yy1zZXJ2aWNld2ViLmtwbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC/4HJik+Ss5fHn2ChM/r17Aho6KEWB8wRdBzFSDjToYm3BToZ40hn5TQh9 lmi6Y2Nye6IAFPkLBam+f/aiAq3Gis3kryFGK+3gM97YTXNatV/bJf1GkZwlOL/+ uwNcIk7XclMlMdWWBebFahQJt1hmqdHGT5+lctkzAsGP7iJ6nIydGnjCecrlziFF VgZTKDIPi0NEXGZ3/tTtJ1qHUBqj4CpNlCgrSJZ3qkS5WLh7QY1PDfqwH9eRLuhM 7Pl1EHeW42rnQqwnbVhTzSWZ3WI0LLlYxPZ3GBHo1nSGK8vqepSsnwpgXqZTMZ/h 59HOHnoef9N2koyHz82cJHmb/e4bAgMBAAGjggH7MIIB9zAMBgNVHRMBAf8EAjAA MGIGA1UdHwRbMFkwV6BVoFOGUWh0dHA6Ly9jZXJ0Lm1hbmFnZWRwa2kuY29tL2Ny bC9LUE5Db3Jwb3JhdGVNYXJrZXRDU1BPcmdhbmlzYXRpZUNBRzIvTGF0ZXN0Q1JM LmNybDAOBgNVHQ8BAf8EBAMCA6gwgacGA1UdIASBnzCBnDCBmQYKYIQQAYdrAQIF BjCBijA3BggrBgEFBQcCARYraHR0cHM6Ly9jZXJ0aWZpY2FhdC5rcG4uY29tL3Br aW92ZXJoZWlkL2NwczBPBggrBgEFBQcCAjBDGkFPcCBkaXQgY2VydGlmaWNhYXQg aXMgaGV0IENQUyBQS0lvdmVyaGVpZCB2YW4gS1BOIHZhbiB0b2VwYXNzaW5nLjAf BgNVHSMEGDAWgBQm0GUT8e56b2EIKN5NmAcSSHi07zAdBgNVHQ4EFgQUXv2kMLaU mf4Zbntktm3NUAV0vy0wJwYDVR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggr BgEFBQcDBDAnBgNVHREEIDAeghxwcmV4ZHNsLWMtc2VydmljZXdlYi5rcG4uY29t MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AzLm1hbmFn ZWRwa2kuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBKYWCDt0wWDnTUJoMXZ+HL6Nnm UROJF0bZXa+GsoVA1mDOtkgspX22ld+fUyCFDI+yBav67vtTO1fOxUKPOXHHBHoF hiukXVnhRQmciCr+J8aS4Kd0pW7NWMVL3Baj56OdVqCNcXCNMavc/m33/XfyRN3G O/x1j2JfdcPyXdhDFBl7hYUUVog9VoQ67tc9fXM1b3LBPRZtR+iqpA2OJSanXlvj iMWBdbIGjObkHF6XVDt5gI/SXAE1SpqzfdNZT1pX30XwkaNKz0onqoRKJhQickPG w2UMRJMR9qmUcTVcV1VP8wDzVAqOxshoWqyRH/RQUiV8ZxOdf/IDbzks671zsuBw OQQz2pyWWx8wOJUdfMsiuIuYPcLfyWh34Zo6a4zXpt/9GS5pTfk8xo3kIUPuN9ab kwq19S59eZhUhIDgEoaWN9l2W5MV3hN/8HONZDMKUbTc4CsM5zKZq2QC/caFqpBT K/JePJAlAL0LspWT18bJkMu/P78545AcOc9aQJA8/zEhAS852O442+Bi4tknh9rd pwIAnTY4rtUqcxBpAGhcOn8/X4t80MrcroynzhzVBGwNJZNCKbqGQHrZsJn2SQZ+ XCM8w97cJGb7LYHOK39/R8OPtRD/Zxy3+iTw3GHx427/Pn8EpkXO59QKLCN/3Ufm wkS64SShGESkyIaNQg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+ByYpPkrOXx59goTP69 ewIaOihFgfMEXQcxUg406GJtwU6GeNIZ+U0IfZZoumNjcnuiABT5CwWpvn/2ogKt xorN5K8hRivt4DPe2E1zWrVf2yX9RpGcJTi//rsDXCJO13JTJTHVlgXmxWoUCbdY ZqnRxk+fpXLZMwLBj+4iepyMnRp4wnnK5c4hRVYGUygyD4tDRFxmd/7U7Sdah1Aa o+AqTZQoK0iWd6pEuVi4e0GNTw36sB/XkS7oTOz5dRB3luNq50KsJ21YU80lmd1i NCy5WMT2dxgR6NZ0hivL6nqUrJ8KYF6mUzGf4efRzh56Hn/TdpKMh8/NnCR5m/3u GwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 126308693839129016262445820735776917593 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN Corporate Market BV' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN Corporate Market CSP Organisatie CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-07-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-23 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Den Haag' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ITNL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'prexdsl-c-serviceweb.kpn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24222195098877599957131507932318488299331650975973029987283065928929741573946911890776168856640892592446809175594988514676485688109399702237161957069366515758222671224561904007906274886216318110947939645743623339894051340762409480543149909604782902324268922763389625909697765736101814317773129895284950656337755112234463828490248901406124696386533999965744537956806453725075859109545714042179793805627898183321457448106086088409689946765836711444826554097673305459279862003197336789054376957514156028247879858724764880367229616628343954279424266355926418274697179381902530828372244323661264772994431638787231915568667 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/crl/KPNCorporateMarketCSPOrganisatieCAG2/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (159 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [79 112 32 100 105 116 32 99 101 114 116 105 102 105 99 97 97 116 32 105 115 32 104 101 116 32 67 80 83 32 80 75 73 111 118 101 114 104 101 105 100 32 118 97 110 32 75 80 78 32 118 97 110 32 116 111 101 112 97 115 115 105 110 103 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26d06513f1ee7a6f610828de4d9807124878b4ef . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5efda430b69499fe196e7b64b66dcd500574bf2d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.4 (emailProtection) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prexdsl-c-serviceweb.kpn.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp3.managedpki.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 004a616083b74c160e74d426831767e1cbe8d9e65113891746d95daf86b28540d660ceb6482ca57db695df9f5320850c8fb205abfaeefb533b57cec5428f3971c7047a05862ba45d59e145099c882afe27c692e0a774a56ecd58c54bdc16a3e7a39d56a08d71708d31abdcfe6df7fd77f244ddc63bfc758f625f75c3f25dd84314197b85851456883d56843aeed73d7d73356f72c13d166d47e8aaa40d8e2526a75e5be388c58175b2068ce6e41c5e97543b79808fd25c01354a9ab37dd3594f5a57df45f091a34acf4a27aa844a2614227243c6c3650c449311f6a99471355c57554ff300f3540a8ec6c8685aac911ff45052257c67139d7ff2036f392cebbd73b2e070390433da9c965b1f3038951d7ccb22b88b983dc2dfc96877e19a3a6b8cd7a6dffd192e694df93cc68de42143ee37d69b930ab5f52e7d7998548480e012869637d9765b9315de137ff0738d64330a51b4dce02b0ce73299ab6402fdc685aa90532bf25e3c902500bd0bb29593d7c6c990cbbf3fbf39e3901c39cf5a40903cff3121012f39d8ee38dbe062e2d92787dadda702009d3638aed52a73106900685c3a7f3f5f8b7cd0cadcae8ca7ce1cd5046c0d25934229ba86407ad9b099f649067e5c233cc3dedc2466fb2d81ce2b7f7f47c38fb510ff671cb7fa24f0dc61f1e36eff3e7f04a645cee7d40a2c237fdd47e6c244bae124a11844a4c8868d42