b2bacc-connect-int.kpn.com
- Koninklijke KPN N.V. -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 08:8c:cb:d8:79:dd:31:ab was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization: Koninklijke KPN N.V.
State / Province:
Zuid-Holland
Locality: Rotterdam
Country: NL
Locality: Rotterdam
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 08:8c:cb:d8:79:dd:31:abSerial Number (int): 616091379660829099
Serial Number lenght: 60 bits, 8 octets
SubjectKeyId: 4c:23:c5:a7:d1:24:5c:ae:16:03:78:a2:5a:8c:d0:7b:43:21:d1:0f
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): 5c:08:02:83:bd:91:ba:18:b1:df:61:46:a3:5f:a9:0c:94:44:75:da
Fingerprint (sha256): 08:03:50:b8:67:25:28:4b:8e:05:43:00:ec:11:d1:da:e7:b1:34:a0:78:fa:97:f1:77:12:c5:09:a8:49:7f:e8
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate b2bacc-connect-int.kpn.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for b2bacc-connect-int.kpn.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
b2bacc-connect-int.kpn.com
Other certificates including the domain name kpn.com
(limited to 100 certificates)
sentrymail.acc.kpnnet.org
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
Certificate
The complete raw certificate details for b2bacc-connect-int.kpn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH+TCCBeGgAwIBAgIICIzL2HndMaswDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5OVFJOTC0yNzEyNDcw MTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2FuaXNhdGllIFNlcnZl ciBDQSAtIEczMB4XDTE5MDExNzA5MDAwMloXDTIxMDExNjA5MDAwMlowgZsxCzAJ BgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxEjAQBgNVBAcMCVJvdHRl cmRhbTEdMBsGA1UECgwUS29uaW5rbGlqa2UgS1BOIE4uVi4xHTAbBgNVBAUTFDAw MDAwMDAzMDIwNDUyMDAwMDAwMSMwIQYDVQQDDBpiMmJhY2MtY29ubmVjdC1pbnQu a3BuLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOrOMLKd2dp2 5lu6xFzXQwgWTEAJZaarjgOPoAhIPesbwpjCUV4hWKmh6VQONWf9jiL/C1ZyC7t2 mgglIvrvQp5q0oebNnZowGyiaBT7de3O0D9R6Wn8RxH5SXdj4lu38QU5fAF3RP5o V0qnSJfplE+uq64cF2fAdAXf5sfPpJtSPvj+a3mwPDQbHM15AwpoBMNElndoTRi+ 0RveDENb+FtoSPpVxTh4dnB/sk69s8ag5Ktnbx981WY/ssqw8686veZ0dbNxcWjw onI9rn68+nSOLJodBr/uf3k7C7J2aYuwY7nW+WiHkFLuMiOI7in9XRk2cgzODYct 55Fe6HZp+mCZS7KAe0exfZdyBv+d1KKOMg4VvlfTc6aRzW+gNvcsPIqgEnFK6+Zb mGmnuZUHL8Xn2BXRQlH8IiV715hu0YAVDUsoxy1oGV/7ZMD6ZRP5zlLn5JPMPsw4 h7v0kKXv74FN1QdaA3UngE+HYNtlEjIA/rMwjQT1tYSIzo7bge/kc50+VSX4cq4T stt+emKnSfxMDHbLo8nvO9D1VObIcebbxhvqycMbrLYu8SQtkqx1I/4pwqOQCJf8 JKPOq0MnnblK0YtXpmdyPNXk34d7jjF5gCNDi/1AUpTib1Wfhd8krmF7n8QoRWBr gEo6XSb7tHunTaLgRa3AGasUSSEUXloRAgMBAAGjggJoMIICZDCBlAYIKwYBBQUH AQEEgYcwgYQwWAYIKwYBBQUHMAKGTGh0dHA6Ly9jZXJ0Lm1hbmFnZWRwa2kuY29t L0NBY2VydHMvS1BOQlZQS0lvdmVyaGVpZE9yZ2FuaXNhdGllU2VydmVyQ0FHMy5j ZXIwKAYIKwYBBQUHMAGGHGh0dHA6Ly9nM29jc3AubWFuYWdlZHBraS5jb20wHQYD VR0OBBYEFEwjxafRJFyuFgN4olqM0HtDIdEPMAwGA1UdEwEB/wQCMAAwHwYDVR0j BBgwFoAUw5qme150K4K2xnL9dE6F0pfN/RgwgbEGA1UdIASBqTCBpjCBmQYKYIQQ AYdrAQIFBjCBijA3BggrBgEFBQcCARYraHR0cHM6Ly9jZXJ0aWZpY2FhdC5rcG4u Y29tL3BraW92ZXJoZWlkL2NwczBPBggrBgEFBQcCAjBDDEFPcCBkaXQgY2VydGlm aWNhYXQgaXMgaGV0IENQUyBQS0lvdmVyaGVpZCB2YW4gS1BOIHZhbiB0b2VwYXNz aW5nLjAIBgZngQwBAgIwXgYDVR0fBFcwVTBToFGgT4ZNaHR0cDovL2NybC5tYW5h Z2VkcGtpLmNvbS9LUE5CVlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVTZXJ2ZXJDQUcz L0xhdGVzdENSTC5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF BwMCBggrBgEFBQcDATAlBgNVHREEHjAcghpiMmJhY2MtY29ubmVjdC1pbnQua3Bu LmNvbTATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAgEAEDB0 7sqHLqT5V25nPDjkrgVfsyuwlThNXoEGbOahPuMrYIrk7idEOmJyKJhEzmFSg7Nz g92oyj5pEGJteKW2nm3sqyZZhiYsFNzfz+wktfq+lsxoP+Vq/mzyIvRf2X+RdB5Y DLauE/uLWpPT7MYSb5MmNqXOgQk99V/02dQoiikqvnnybWwUdFUUGeIp+YQW1UqI XzDGKOm+2V2+vAdGdC+K+GUtqVpUTx65CxkuzYwuHE6Z4WclopmLG/R/cKK9j+zH As8+c5phKIjv8ztLpzujLKVSAZApnHlT0cCb+XLji1PLC/mcYW3MelZ0n5eA67ZS 5aGGJlPr3cKc4oLKWYurhNBorM9PB/IqvIZWGkUybmqBWkSyVPF8VwKd7hUPppDX 5mPP8JdflSi9gYce8SliCaebrw/a2Dt2SzYDw/PXJPqHIb0DO4SkiTny9b15SY4x bQPGImCiAnVUpFXMwfT2cPMQXVWrNP7utnINNZsWNEZrOEpOagyPJ2BEvrm75+p7 5MeeA0wuDpEZs7Yp/70vRbX68m1z1SSXlCU2B1MTVjuZREQAZ9j0lQZ145PS144u AglPrFERa1gFNbYA+V4vuWv7fg3+TVfk0BMFMv/jfHmzmeIIkytfon9DvDwZ+aHm ajiHvW1b9cTSLJh3n6QgoiI5DqYjrVIAJXI/QDw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6s4wsp3Z2nbmW7rEXNdD CBZMQAllpquOA4+gCEg96xvCmMJRXiFYqaHpVA41Z/2OIv8LVnILu3aaCCUi+u9C nmrSh5s2dmjAbKJoFPt17c7QP1HpafxHEflJd2PiW7fxBTl8AXdE/mhXSqdIl+mU T66rrhwXZ8B0Bd/mx8+km1I++P5rebA8NBsczXkDCmgEw0SWd2hNGL7RG94MQ1v4 W2hI+lXFOHh2cH+yTr2zxqDkq2dvH3zVZj+yyrDzrzq95nR1s3FxaPCicj2ufrz6 dI4smh0Gv+5/eTsLsnZpi7Bjudb5aIeQUu4yI4juKf1dGTZyDM4Nhy3nkV7odmn6 YJlLsoB7R7F9l3IG/53Uoo4yDhW+V9NzppHNb6A29yw8iqAScUrr5luYaae5lQcv xefYFdFCUfwiJXvXmG7RgBUNSyjHLWgZX/tkwPplE/nOUufkk8w+zDiHu/SQpe/v gU3VB1oDdSeAT4dg22USMgD+szCNBPW1hIjOjtuB7+RznT5VJfhyrhOy2356YqdJ /EwMdsujye870PVU5shx5tvGG+rJwxusti7xJC2SrHUj/inCo5AIl/wko86rQyed uUrRi1emZ3I81eTfh3uOMXmAI0OL/UBSlOJvVZ+F3ySuYXufxChFYGuASjpdJvu0 e6dNouBFrcAZqxRJIRReWhECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 616091379660829099 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-17 09:00:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-16 09:00:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rotterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'b2bacc-connect-int.kpn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 957922581956690519802215561851308801319887418290551080195657628553373077921737706776644167291127269421759018479311431751613629714676857972517116832246031416878928981149076444254320688732671803617675118090231581531749269314690233086938373652050721802087206584726988472305140890729968373537428890782329867813130173594672409399624717760616677280976460585030013178765546622723558736724067347522701596302405039071887670402218719497121461093792936732750324364828473919535708960252759504396968075808814248529851186969053727402804165726465538592195367254401086848000087172156195192187470273781279120945228527962128642999669265468403539792126855940698281712532931944931380094541116438083074937299864698745060368438965013924482341547072400859408648442519217911495657567290330566131210466124684255921393337008299821457339846912463420208902863640212469191645952451889296708440860941671250693269038137905186629387824486242895558612186528811897147697839414924646353744309951101494438838927624043254638937607958997347612816632038494646377463174028001780330445866794857647713775760691610864280798221827123226421598910539195468826556132655154371758724922106615756350467246144377857582633501517984638634223386161715387593383417965384505804654215322129 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4c23c5a7d1245cae160378a25a8cd07b4321d10f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b2bacc-connect-int.kpn.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00103074eeca872ea4f9576e673c38e4ae055fb32bb095384d5e81066ce6a13ee32b608ae4ee27443a6272289844ce615283b37383dda8ca3e6910626d78a5b69e6decab265986262c14dcdfcfec24b5fabe96cc683fe56afe6cf222f45fd97f91741e580cb6ae13fb8b5a93d3ecc6126f932636a5ce81093df55ff4d9d4288a292abe79f26d6c1474551419e229f98416d54a885f30c628e9bed95dbebc0746742f8af8652da95a544f1eb90b192ecd8c2e1c4e99e16725a2998b1bf47f70a2bd8fecc702cf3e739a612888eff33b4ba73ba32ca5520190299c7953d1c09bf972e38b53cb0bf99c616dcc7a56749f9780ebb652e5a1862653ebddc29ce282ca598bab84d068accf4f07f22abc86561a45326e6a815a44b254f17c57029dee150fa690d7e663cff0975f9528bd81871ef1296209a79baf0fdad83b764b3603c3f3d724fa8721bd033b84a48939f2f5bd79498e316d03c62260a2027554a455ccc1f4f670f3105d55ab34feeeb6720d359b1634466b384a4e6a0c8f276044beb9bbe7ea7be4c79e034c2e0e9119b3b629ffbd2f45b5faf26d73d52497942536075313563b9944440067d8f4950675e393d2d78e2e02094fac51116b580535b600f95e2fb96bfb7e0dfe4d57e4d0130532ffe37c79b399e208932b5fa27f43bc3c19f9a1e66a3887bd6d5bf5c4d22c98779fa420a222390ea623ad520025723f403c