saml.eid.kpn.com
- KPN B.V. -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 16:ff:bc:1b:43:d7:a2:aa was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
KPN B.V.
Company registration number:
00000003271247010000
Organization: KPN B.V.
Organization: KPN B.V.
State / Province:
Zuid-Holland
Locality: Rotterdam
Country: NL
Locality: Rotterdam
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 16:ff:bc:1b:43:d7:a2:aaSerial Number (int): 1657250013183976106
Serial Number lenght: 61 bits, 8 octets
SubjectKeyId: a8:de:a4:e5:aa:4d:57:7e:a1:6a:66:e1:01:16:05:71:85:e0:2f:e9
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): 1e:4a:fb:65:f8:b5:17:d2:a3:6e:3c:2c:27:b8:bf:42:2c:62:1f:10
Fingerprint (sha256): 03:44:85:dc:55:08:6a:d1:81:6a:a6:17:27:2b:2a:2e:b0:5a:42:5f:0e:70:1b:f8:ed:0c:17:f1:b1:82:34:c9
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate saml.eid.kpn.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for saml.eid.kpn.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
saml.eid.kpn.com
Other certificates including the domain name kpn.com
(limited to 100 certificates)
sentrymail.acc.kpnnet.org
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
Certificate
The complete raw certificate details for saml.eid.kpn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG2TCCBMGgAwIBAgIIFv+8G0PXoqowDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5OVFJOTC0yNzEyNDcw MTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2FuaXNhdGllIFNlcnZl ciBDQSAtIEczMB4XDTE4MTIxMjE0MjAwMloXDTIwMTIxMTE0MjAwMlowgYUxCzAJ BgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxEjAQBgNVBAcMCVJvdHRl cmRhbTERMA8GA1UECgwIS1BOIEIuVi4xHTAbBgNVBAUTFDAwMDAwMDAzMjcxMjQ3 MDEwMDAwMRkwFwYDVQQDDBBzYW1sLmVpZC5rcG4uY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA1/bi6CtQn6CMfRLSOVw5lkHMppZlAhVY8dgQ3DFv 4B1Ao+TsVjdHXSj69oHsIesWjmhXjbnNyQLV8Yjv5ILhY2AYBIdEmmKqMEL7pmy5 xsDRUZGNQ8FChZHAsImLwZFNqee/6Lhz/7eR9/gbABAJFDRGA7YJK2wGoI7Ky28p N8aDU/fnMU0JAFRiFxBmRg18Ye5662oYZ6gy+88mrF4GnObvNPF5mrtB2NhB1kLV cEiDLUv5nyXa91nTiOHKfcaU60zv4w66Zr3FJN3SGzfc/lifv68J/xxSzpVkU1By sKk2dJWunJNpa8+GmLoil6uNa+gakHpKuo2up4qHGu+7ewIDAQABo4ICXjCCAlow gZQGCCsGAQUFBwEBBIGHMIGEMFgGCCsGAQUFBzAChkxodHRwOi8vY2VydC5tYW5h Z2VkcGtpLmNvbS9DQWNlcnRzL0tQTkJWUEtJb3ZlcmhlaWRPcmdhbmlzYXRpZVNl cnZlckNBRzMuY2VyMCgGCCsGAQUFBzABhhxodHRwOi8vZzNvY3NwLm1hbmFnZWRw a2kuY29tMB0GA1UdDgQWBBSo3qTlqk1XfqFqZuEBFgVxheAv6TAMBgNVHRMBAf8E AjAAMB8GA1UdIwQYMBaAFMOapntedCuCtsZy/XROhdKXzf0YMIGxBgNVHSAEgakw gaYwgZkGCmCEEAGHawECBQYwgYowNwYIKwYBBQUHAgEWK2h0dHBzOi8vY2VydGlm aWNhYXQua3BuLmNvbS9wa2lvdmVyaGVpZC9jcHMwTwYIKwYBBQUHAgIwQwxBT3Ag ZGl0IGNlcnRpZmljYWF0IGlzIGhldCBDUFMgUEtJb3ZlcmhlaWQgdmFuIEtQTiB2 YW4gdG9lcGFzc2luZy4wCAYGZ4EMAQICMF4GA1UdHwRXMFUwU6BRoE+GTWh0dHA6 Ly9jcmwubWFuYWdlZHBraS5jb20vS1BOQlZQS0lvdmVyaGVpZE9yZ2FuaXNhdGll U2VydmVyQ0FHMy9MYXRlc3RDUkwuY3JsMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwGwYDVR0RBBQwEoIQc2FtbC5laWQua3Bu LmNvbTATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAgEAl4kt gnQKquwPoFYsKcfqNQq/AeNT+SrwmhTsvuHw71A2j7/hU3RiIIgQPEpLDCoOaFcc sRtGt2YT2xaliOa0annVEqiS+d3FQBrJwn30TlV61PtMp5VELWBdbZP1wjyiTJi9 +pVK+11usRYlKlLn4s7uRhvyU5fE8KhTVImpCq2xg4j2+jvYZJXwVCGmNiaUenFt UbQjnI7RS2iV+cQ3nWniPv2z/kGzE2qkbbP90eeA9S3q0o6fjPC+hb2uUe9y/WIj wXbVvH5uFOQeQsTPTU8wCADg0C21GID6987d75hvxLq6bvQTtVp3gXg+e669o95p MBga/KygFxv3CaRXO57Ybvfh/xyoRo90GL/0/7oTK5c643+D5Vr9tSXGB1lXGp5F f8HS7WZFZXwEPvVXNWE2UBqflQSYe8GjY2I66krtW1wDo4T/JAQDAOOyioiLwulA X2FUyR+GzdHhKcuy4hMXB5FsjyFZP8b/f+ujoPjPLfDUuQC5HOONPybZPj180V+p Sy/58BNCt5t5PM2riOST+1g7GrBItT3kISL/Vd26hDhWkLugNTqGIaL+0II6gOty NCRiwvklMDLoftXC/zMoxBrw2CtkUmegm2WFMlkfWJk40pAGoTj8Ooy8qutbP/D8 iC0vXUi2q68PSpyfGQbmxnhqWu7fRDRA9UTQhgU= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/bi6CtQn6CMfRLSOVw5 lkHMppZlAhVY8dgQ3DFv4B1Ao+TsVjdHXSj69oHsIesWjmhXjbnNyQLV8Yjv5ILh Y2AYBIdEmmKqMEL7pmy5xsDRUZGNQ8FChZHAsImLwZFNqee/6Lhz/7eR9/gbABAJ FDRGA7YJK2wGoI7Ky28pN8aDU/fnMU0JAFRiFxBmRg18Ye5662oYZ6gy+88mrF4G nObvNPF5mrtB2NhB1kLVcEiDLUv5nyXa91nTiOHKfcaU60zv4w66Zr3FJN3SGzfc /lifv68J/xxSzpVkU1BysKk2dJWunJNpa8+GmLoil6uNa+gakHpKuo2up4qHGu+7 ewIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1657250013183976106 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-12 14:20:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-11 14:20:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rotterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003271247010000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'saml.eid.kpn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27262979766881129073813868580939152890336922862176643142992895613297240896660641920275089272725894378794606813512764553606886586859286418161161051423723847496179391308973751498262931644992666360087696074399991134289199693505004654230429670884990188084480196927634862678197553508883307120956950038728252240562468940753255549450578363959728448882490139287156112681959300639422311757171484168353218137496404727244677986762986806702374099699643980231801605716172341332245707662750870659682936172512335709951336299615158362914464027186918459089617477787544823347463113686038819842558694145665354394180649317316265589586811 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a8dea4e5aa4d577ea16a66e10116057185e02fe9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saml.eid.kpn.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0097892d82740aaaec0fa0562c29c7ea350abf01e353f92af09a14ecbee1f0ef50368fbfe15374622088103c4a4b0c2a0e68571cb11b46b76613db16a588e6b46a79d512a892f9ddc5401ac9c27df44e557ad4fb4ca795442d605d6d93f5c23ca24c98bdfa954afb5d6eb116252a52e7e2ceee461bf25397c4f0a8535489a90aadb18388f6fa3bd86495f05421a63626947a716d51b4239c8ed14b6895f9c4379d69e23efdb3fe41b3136aa46db3fdd1e780f52dead28e9f8cf0be85bdae51ef72fd6223c176d5bc7e6e14e41e42c4cf4d4f300800e0d02db51880faf7ceddef986fc4baba6ef413b55a7781783e7baebda3de6930181afcaca0171bf709a4573b9ed86ef7e1ff1ca8468f7418bff4ffba132b973ae37f83e55afdb525c60759571a9e457fc1d2ed6645657c043ef557356136501a9f9504987bc1a363623aea4aed5b5c03a384ff24040300e3b28a888bc2e9405f6154c91f86cdd1e129cbb2e2131707916c8f21593fc6ff7feba3a0f8cf2df0d4b900b91ce38d3f26d93e3d7cd15fa94b2ff9f01342b79b793ccdab88e493fb583b1ab048b53de42122ff55ddba84385690bba0353a8621a2fed0823a80eb72342462c2f9253032e87ed5c2ff3328c41af0d82b645267a09b658532591f589938d29006a138fc3a8cbcaaeb5b3ff0fc882d2f5d48b6abaf0f4a9c9f1906e6c6786a5aeedf443440f544d08605