rt2-vlg-1.pmr.kpn.net
- Koninklijke KPN N.V. -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 06:3f:a5:8d:0e:c1:c6:e6:c9:83:4a:89:33:c9:11:48:e6:73:ec:32 was issued on by KPN B.V..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization: Koninklijke KPN N.V.
State / Province:
Zuid-Holland
Locality: Rotterdam
Country: NL
Locality: Rotterdam
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 06:3f:a5:8d:0e:c1:c6:e6:c9:83:4a:89:33:c9:11:48:e6:73:ec:32Serial Number (int): 35673313099058282132965808304218646981536640050
Serial Number lenght: 155 bits, 20 octets
SubjectKeyId: cb:bf:59:4f:db:ba:57:fe:a8:f3:9f:0f:ad:9a:fe:82:b2:99:f1:11
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): 63:70:e7:d6:4b:aa:6d:10:ea:e7:91:4f:29:3d:9c:b0:a2:45:65:8a
Fingerprint (sha256): 02:44:11:1d:8c:ec:0d:13:1f:5c:ca:a2:38:e2:b9:23:48:59:f9:7f:60:78:ab:0a:99:c3:fc:ea:cc:e4:63:c3
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate rt2-vlg-1.pmr.kpn.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for rt2-vlg-1.pmr.kpn.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
rt2-vlg-1.pmr.kpn.net
rt-vlg.pmr.kpn.com
rt-vlg.pmr.kpn.com
Other certificates including the domain name kpn.net
(limited to 100 certificates)
rt2-vlg-1.pmr.kpn.net
zandvoort3.ZIPB.kpn.net
texel1.zipb.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
vlissingen1.ZIPB.kpn.net
zandvoort3.zipb.kpn.net
prmnp1.pmr.kpn.net
diensten.monitoring.kpn.net
zierikzee1.zipb.kpn.net
pem.kpn.net
zandvoort3.kpn.net
tenrvlissingen1.kpn.net
webmail.kpn.net
vpnaccess.oam.kpn.net
www.kpn.net
wdaht.pmr.kpn.net
pmht.pmr.kpn.net
prmnp2.pmr.kpn.net
gemnr2.pmr.kpn.net
wopa.kpn.net
tenrzandvoort3.kpn.net
webmail.kpn.net
diensten.monitoring.kpn.net
zandvoort1.kpn.net
dot.kpn.com
asd2-vlg-1.pmr.kpn.net
vlissingen1.kpn.net
citrixportal.ttrc.oam.kpn.net
gouda0-rt.cust.kpn.net
test.diensten.monitoring.kpn.net
zandvoort3.kpn.net
www.kpn.net
zandvoort3.kpn.net
gemnp1.pmr.kpn.net
test.diensten.monitoring.kpn.net
vlissingen1.ZIPB.kpn.net
www.kpn.net
wopa.kpn.net
wopatest.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
tenrzandvoort3.zipb.kpn.net
gemnp2.pmr.kpn.net
89-163-151-197.mobile.kpn.net
gemnr1.pmr.kpn.net
prmnr1.pmr.kpn.net
www.kpn.net
www.kpn.net
www.kpn.net
aht.pmr.kpn.net
rt2-vlg-1.pmr.kpn.net
vlissingen1.zipb.kpn.net
zierikzee1.zipb.kpn.net
texel1.zipb.kpn.net
wopa.kpn.net
wopatest.kpn.net
zandvoort3.zipb.kpn.net
prmnr2.pmr.kpn.net
tenrzandvoort1.zipb.kpn.net
gst.pmr.kpn.net
gouda0-asd.cust.kpn.net
diensten.monitoring.kpn.net
clht.pmr.kpn.net
www.kpn.net
plht.pmr.kpn.net
*.pmr.kpn.net
www.kpn.net
pst.pmr.kpn.net
vpnaccess.oam.kpn.net
wopa.kpn.net
citrixportal.oam.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
groningen1-rt.cust.kpn.net
vlissingen1.kpn.net
vpnaccess.oam.kpn.net
diensten.monitoring.kpn.net
tenrtexel1.zipb.kpn.net
texel1.zipb.kpn.net
test.diensten.monitoring.kpn.net
tenrzandvoort1.kpn.net
vlissingen1.kpn.net
avds.monitoring.kpn.net
zierikzee1.zipb.kpn.net
groningen1-asd.cust.kpn.net
cri.pmr.kpn.net
sntpf.pmr.kpn.net
wopa.kpn.net
texel1.zipb.kpn.net
*.pem.kpn.net
citrixportal.mobidata.kpn.net
citrixportal.oam.kpn.net
3pvpn.oam.kpn.net
vpnaccess.oam.kpn.net
*.mcmws.pmrtest.kpn.net
zandvoort3.ZIPB.kpn.net
texel1.zipb.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
vlissingen1.ZIPB.kpn.net
zandvoort3.zipb.kpn.net
prmnp1.pmr.kpn.net
diensten.monitoring.kpn.net
zierikzee1.zipb.kpn.net
pem.kpn.net
zandvoort3.kpn.net
tenrvlissingen1.kpn.net
webmail.kpn.net
vpnaccess.oam.kpn.net
www.kpn.net
wdaht.pmr.kpn.net
pmht.pmr.kpn.net
prmnp2.pmr.kpn.net
gemnr2.pmr.kpn.net
wopa.kpn.net
tenrzandvoort3.kpn.net
webmail.kpn.net
diensten.monitoring.kpn.net
zandvoort1.kpn.net
dot.kpn.com
asd2-vlg-1.pmr.kpn.net
vlissingen1.kpn.net
citrixportal.ttrc.oam.kpn.net
gouda0-rt.cust.kpn.net
test.diensten.monitoring.kpn.net
zandvoort3.kpn.net
www.kpn.net
zandvoort3.kpn.net
gemnp1.pmr.kpn.net
test.diensten.monitoring.kpn.net
vlissingen1.ZIPB.kpn.net
www.kpn.net
wopa.kpn.net
wopatest.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
tenrzandvoort3.zipb.kpn.net
gemnp2.pmr.kpn.net
89-163-151-197.mobile.kpn.net
gemnr1.pmr.kpn.net
prmnr1.pmr.kpn.net
www.kpn.net
www.kpn.net
www.kpn.net
aht.pmr.kpn.net
rt2-vlg-1.pmr.kpn.net
vlissingen1.zipb.kpn.net
zierikzee1.zipb.kpn.net
texel1.zipb.kpn.net
wopa.kpn.net
wopatest.kpn.net
zandvoort3.zipb.kpn.net
prmnr2.pmr.kpn.net
tenrzandvoort1.zipb.kpn.net
gst.pmr.kpn.net
gouda0-asd.cust.kpn.net
diensten.monitoring.kpn.net
clht.pmr.kpn.net
www.kpn.net
plht.pmr.kpn.net
*.pmr.kpn.net
www.kpn.net
pst.pmr.kpn.net
vpnaccess.oam.kpn.net
wopa.kpn.net
citrixportal.oam.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
groningen1-rt.cust.kpn.net
vlissingen1.kpn.net
vpnaccess.oam.kpn.net
diensten.monitoring.kpn.net
tenrtexel1.zipb.kpn.net
texel1.zipb.kpn.net
test.diensten.monitoring.kpn.net
tenrzandvoort1.kpn.net
vlissingen1.kpn.net
avds.monitoring.kpn.net
zierikzee1.zipb.kpn.net
groningen1-asd.cust.kpn.net
cri.pmr.kpn.net
sntpf.pmr.kpn.net
wopa.kpn.net
texel1.zipb.kpn.net
*.pem.kpn.net
citrixportal.mobidata.kpn.net
citrixportal.oam.kpn.net
3pvpn.oam.kpn.net
vpnaccess.oam.kpn.net
*.mcmws.pmrtest.kpn.net
Certificate
The complete raw certificate details for rt2-vlg-1.pmr.kpn.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHFDCCBPygAwIBAgIUBj+ljQ7BxubJg0qJM8kRSOZz7DIwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5O VFJOTC0yNzEyNDcwMTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2Fu aXNhdGllIFNlcnZlciBDQSAtIEczMB4XDTIwMDExNjE0NTAyMVoXDTIxMDExNTE0 NTAyMVowgZYxCzAJBgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxEjAQ BgNVBAcMCVJvdHRlcmRhbTEdMBsGA1UECgwUS29uaW5rbGlqa2UgS1BOIE4uVi4x HTAbBgNVBAUTFDAwMDAwMDAzMDIwNDUyMDAwMDAwMR4wHAYDVQQDDBVydDItdmxn LTEucG1yLmtwbi5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6 lfNNtkFXTsNYxVAVXTu57kgEN65ZOmkMSO2Q0JavcjybATedT7SYxY3xTKwxynWY cvwDWkmuDCqZck6a7c5h8j0GXBmM+p3wQJYj5KXcP2Au22n1El8XgaUZ3JUa4YKO w7XL1sXn83HIeI2DlYIgH4Sy17fuW4F/HJKJr4ZOuC10E3pAi2Rem6dSzjImaW62 I/s71UmxaOQny1sM7DMMt2xoRIiWRdGSi7zITRb5ll+DcioLrIrk6SiSR4ePtXbC 22ZD4o/nd4OgArF8np/4EbATCurcwiLCyf4U5fOLim5FRK0YW6qGMdkpXUi1r3iP Cv4VNJMXl1Yj7YkmxKINAgMBAAGjggJ8MIICeDAMBgNVHRMBAf8EAjAAMB8GA1Ud IwQYMBaAFMOapntedCuCtsZy/XROhdKXzf0YMIGZBggrBgEFBQcBAQSBjDCBiTBd BggrBgEFBQcwAoZRaHR0cDovL2NlcnQubWFuYWdlZHBraS5jb20vQ0FjZXJ0cy9L UE5CVlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVTZXJ2ZXJDQUczLTIwMTkuY2VyMCgG CCsGAQUFBzABhhxodHRwOi8vZzNvY3NwLm1hbmFnZWRwa2kuY29tMDQGA1UdEQQt MCuCFXJ0Mi12bGctMS5wbXIua3BuLm5ldIIScnQtdmxnLnBtci5rcG4uY29tMIGx BgNVHSAEgakwgaYwgZkGCmCEEAGHawECBQYwgYowNwYIKwYBBQUHAgEWK2h0dHBz Oi8vY2VydGlmaWNhYXQua3BuLmNvbS9wa2lvdmVyaGVpZC9jcHMwTwYIKwYBBQUH AgIwQwxBT3AgZGl0IGNlcnRpZmljYWF0IGlzIGhldCBDUFMgUEtJb3ZlcmhlaWQg dmFuIEtQTiB2YW4gdG9lcGFzc2luZy4wCAYGZ4EMAQICMB0GA1UdJQQWMBQGCCsG AQUFBwMCBggrBgEFBQcDATBeBgNVHR8EVzBVMFOgUaBPhk1odHRwOi8vY3JsLm1h bmFnZWRwa2kuY29tL0tQTkJWUEtJb3ZlcmhlaWRPcmdhbmlzYXRpZVNlcnZlckNB RzMvTGF0ZXN0Q1JMLmNybDAdBgNVHQ4EFgQUy79ZT9u6V/6o858PrZr+grKZ8REw DgYDVR0PAQH/BAQDAgWgMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEB CwUAA4ICAQAkOdJxOuNTeiRWJmEmxGAtJ9KZD+nlkUedCzuysWw35b6znBRMijmj sEhAELB332jqGy2W8cRT8KRJddxRHHSPnwlPch8q9V/ST8FLjXOD/0cLWywm/Zru 6bRC+u6sBwHPsGKQBNFkMPV6jzIYRHO1yl4sMyt5GQ65+oaYPGongI9Ln8smLOfZ OCwidccZ1X/KztPP0JIxFTnSxIQPRInTgbzdj3cA8xl6U7L9Rwcmxkzl7d7L8o7q DmUMZFJLIHiK5pmCP/hYe8dm0XD7BKNxpbB+2cygchjmoX3ffquc5BsrN2LAORTP /z2m/A2nGfE5CK82/KdksIry5MOMBE2xNazr6hyJEHR74yij8L/Sw9JQHeNRroDc BNuGiMVOk8C6comKRqueYyclJVGIrOSUVPaSoK7hxqmJIMxw8S9IkYqOKB03w8Tp nPtc+9fzg2slpqXz49nXpEkyLbdvZ7N6f/nE74SVZIk5jTYBYuwKxopJDQKqEa1p wZBz68mbHXRs0H+8swSsOcGhkfYJcDfW30kCueKX9E557WLnwcwXP3YhCTQ7qg8P /fgInMrInC9gNsrxH+jR3c+fdqhenEnoPBXlmFr8w6cBRtjxImnsLq+ZqlO2+rCo EqYCCTI653335+c9Es2OHSnyrIV3pxqp5QhQoMLH45Tq7nAHPQ9YyA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupXzTbZBV07DWMVQFV07 ue5IBDeuWTppDEjtkNCWr3I8mwE3nU+0mMWN8UysMcp1mHL8A1pJrgwqmXJOmu3O YfI9BlwZjPqd8ECWI+Sl3D9gLttp9RJfF4GlGdyVGuGCjsO1y9bF5/NxyHiNg5WC IB+Este37luBfxySia+GTrgtdBN6QItkXpunUs4yJmlutiP7O9VJsWjkJ8tbDOwz DLdsaESIlkXRkou8yE0W+ZZfg3IqC6yK5OkokkeHj7V2wttmQ+KP53eDoAKxfJ6f +BGwEwrq3MIiwsn+FOXzi4puRUStGFuqhjHZKV1Ita94jwr+FTSTF5dWI+2JJsSi DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 35673313099058282132965808304218646981536640050 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-16 14:50:21 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-15 14:50:21 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rotterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'rt2-vlg-1.pmr.kpn.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23554268024070132147390613467749051045946891861493282493267183174043624022602720699071501121695480055916783815945075004680484406625199196151672122453332682146966155967758818841959991775693915892751678830860086670888528172399308994644000417852695881284478658719978695408292770187241885901203731113468657421844622165836506187363748191599569941670934098938543408401051000084490255603919008730792997850132796705936285359686988394054252979278695518480378302263724205998125339315458146018275740017134684310127705626283717328291891660979867925054204479761028217066464036183021965376045903652682575201693340131160141550887437 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rt2-vlg-1.pmr.kpn.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rt-vlg.pmr.kpn.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cbbf594fdbba57fea8f39f0fad9afe82b299f111 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 002439d2713ae3537a2456266126c4602d27d2990fe9e591479d0b3bb2b16c37e5beb39c144c8a39a3b0484010b077df68ea1b2d96f1c453f0a44975dc511c748f9f094f721f2af55fd24fc14b8d7383ff470b5b2c26fd9aeee9b442faeeac0701cfb0629004d16430f57a8f32184473b5ca5e2c332b79190eb9fa86983c6a27808f4b9fcb262ce7d9382c2275c719d57fcaced3cfd092311539d2c4840f4489d381bcdd8f7700f3197a53b2fd470726c64ce5eddecbf28eea0e650c64524b20788ae699823ff8587bc766d170fb04a371a5b07ed9cca07218e6a17ddf7eab9ce41b2b3762c03914cfff3da6fc0da719f13908af36fca764b08af2e4c38c044db135acebea1c8910747be328a3f0bfd2c3d2501de351ae80dc04db8688c54e93c0ba72898a46ab9e632725255188ace49454f692a0aee1c6a98920cc70f12f48918a8e281d37c3c4e99cfb5cfbd7f3836b25a6a5f3e3d9d7a449322db76f67b37a7ff9c4ef84956489398d360162ec0ac68a490d02aa11ad69c19073ebc99b1d746cd07fbcb304ac39c1a191f6097037d6df4902b9e297f44e79ed62e7c1cc173f762109343baa0f0ffdf8089ccac89c2f6036caf11fe8d1ddcf9f76a85e9c49e83c15e5985afcc3a70146d8f12269ec2eaf99aa53b6fab0a812a60209323ae77df7e7e73d12cd8e1d29f2ac8577a71aa9e50850a0c2c7e394eaee70073d0f58c8