lottee2e2-tst-new.kpn.com
- Koninklijke KPN N.V. -
Issued by KPN PKIoverheid Organisatie CA - G2
About this certificate
This digital certificate with serial number 6d:cf:6f:d5:b2:4a:7c:81 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization: Koninklijke KPN N.V.
State / Province:
Zuid-Holland
Locality: 's-Gravenhage
Country: NL
Locality: 's-Gravenhage
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 6d:cf:6f:d5:b2:4a:7c:81Serial Number (int): 7912666033923193985
Serial Number lenght: 63 bits, 8 octets
SubjectKeyId: 20:b0:c1:f1:ac:3b:22:93:21:c5:bf:3a:ef:9d:3b:26:1a:06:a2:53
AuthorityKeyId: 75:a3:4e:8f:1e:97:dd:6c:88:01:31:ef:72:21:c2:6e:60:94:7d:80
Fingerprint (sha1): 7b:7a:cb:f4:59:a5:76:c8:4d:cd:f4:37:89:42:41:57:8b:f1:15:fa
Fingerprint (sha256): 08:05:27:8b:49:14:aa:67:a1:d6:74:1a:98:dc:f1:d1:6c:02:60:8e:b7:fb:e0:b2:5b:7b:4e:fa:64:a8:fe:23
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNPKIoverheidOrganisatieCAG2.cer
Revocation information
OCSP Server: http://g2ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNPKIoverheidOrganisatieCAG2/LatestCRL.crl
Check the revocation status for certificate lottee2e2-tst-new.kpn.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lottee2e2-tst-new.kpn.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Email Protection
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lottee2e2-tst-new.kpn.com
Other certificates including the domain name kpn.com
(limited to 100 certificates)
sentrymail.acc.kpnnet.org
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
api-stg.kpn.com
shop.kpn.com
aditum.kpn.com
status.digital.kpn.com
lotte.kpn.com
*.mcmws.pmr.kpn.com
admin.dsh-dev.dsh.np.aws.kpn.com
api.cloudcontrol.kpn.com
lotteschedulee2e2-tst-new.kpn.com
*.mcmws.pmr.kpn.com
zakelijk.kpn.com
transfer-datalab.kpn.com
cordys-zm-value.kpn.com
prexdsl-c-serviceweb.kpn.com
portal.sap-hosting.kpn.com
mcpms.pmrtest.kpn.com
mosaic.generictaskservice.tst.kpn.com
*.3xoc.infrastructure-testing.np.aws.kpn.com
rt2-vlg-1.pmr.kpn.net
0122016378.StichtingKentalis.client.mvr.kpn.com
cloudkleinzakelijk.kpn.com
secure04.lithium.com
ws.kpn.com
files.cloudcontrol.kpn.com
service.kpn.com
design.kpn.com
nieuwbouwportaal.kpn.com
aditum.kpn.com
zakelijke-community.kpn.com
*.cqbmrv.infrastructure-testing.np.aws.kpn.com
b2bacc-connect-int.kpn.com
saml.eid.kpn.com
*.hwm44g.infrastructure-testing.np.aws.kpn.com
aas.tv.kpn.com
wsipuat4.kpn.com
cordys-zm-value-acc.kpn.com
account.online.kpn.com
kpnassistent.kpn.com
*.hibwy1.infrastructure-testing.np.aws.kpn.com
frea-test.kpn.com
businesspartner-ppd-s.kpn.com
*.mcmws.pmrtest.kpn.com
store.online-demo.kpn.com
inloggen.acc.kpn.com
zakelijk.kpn.com
x.acc.kpn.com
monteurstool.kpn.com
lottedev2-tst.kpn.com
login.kpn.com
*.rzr3o1.infrastructure-testing.np.aws.kpn.com
zeus-prd.kpn.com
eventgateway.acc.kpn.com
*.c6tnfz.infrastructure-testing.np.aws.kpn.com
*.nl9s.infrastructure-testing.np.aws.kpn.com
LotteSimulation.kpn.com
atvorder.kpn.com
lotte.kpn.com
uwv.portal.soc.kpn.com
serviscopeapi.kpn.com
secure08.lithium.com
vm4.kpn.com
prexdsl.kpn.com
if.auraportal.kpn.com
w5031.kpn.com
mobielbeheer.kpn.com
*.vre7br.infrastructure-testing.np.aws.kpn.com
secure08.lithium.com
*.jhlv.infrastructure-testing.np.aws.kpn.com
marketing.kpn.com
b2bpoc-connect-portal.kpn.com
b2b-portal.sympac.kpn.com
*.fiw8vk.infrastructure-testing.np.aws.kpn.com
sip.kpn.com
bpapi.kpn.com
www.kpn.com
cloudkleinzakelijk.kpn.com
mcpms.pmr.kpn.com
login.wifi.kpn.com
mosaic.generictaskservice.acc.kpn.com
b2bacc-connect-portal.kpn.com
test.kpn.com
pah1.mvr.kpn.com
ws.api.kpn.com
*.mcmws.pmrtest.kpn.com
b2bpoc-connect.kpn.com
*.prd.cdn.bcms.kpn.com
b2bacc-connect-int.kpn.com
lottee2e2-tst-new.kpn.com
LotteScheduleE2E2.tst.kpn.com
sni.kpn.com
eherkenning.kpn.com
*.prd.cdn.bcms.kpn.com
remotesupport.kpn.com
b2b-portal.sympac.kpn.com
vpnportal-internal.kpn.com
wsipprod.kpn.com
*.nghf0k.infrastructure-testing.np.aws.kpn.com
ddci.kpn.com
vcds.stb.acc.tv.kpn.com
Certificate
The complete raw certificate details for lottee2e2-tst-new.kpn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIPTCCBiWgAwIBAgIIbc9v1bJKfIEwDQYJKoZIhvcNAQELBQAwTjELMAkGA1UE BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMSwwKgYDVQQDDCNLUE4gUEtJb3Zlcmhl aWQgT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xODAyMDExMjEwMTRaFw0yMDAyMDEx MjEwMTRaMIGeMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMRYw FAYDVQQHDA0ncy1HcmF2ZW5oYWdlMR0wGwYDVQQKDBRLb25pbmtsaWprZSBLUE4g Ti5WLjEdMBsGA1UEBRMUMDAwMDAwMDMwMjA0NTIwMDAwMDAxIjAgBgNVBAMMGWxv dHRlZTJlMi10c3QtbmV3Lmtwbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDaTudrAhpRWI6Rb8+rU9dSondxyiPawus1BHU8c3/zyXXU4NVhqJmi wT5JBcnpYmD8kQ4HGLsi8Wi1hydRX4WIU3PTF0rR6xUrwbvVHWujLcoMRvXaIt6w aGujdVD5uQ2Dxoqn9o5zHfHlnTo0+51iDJY7U9ARuxu/6ZRp4nDagKzUq4ZkdrnR zS0NOEYkjuMDTGavrBvr7jUXdGaJGqYabIo5yV6WRmogZU+FARFizqy9F/Px74e7 FMR1LfVPitIF4pNQTwsYbAsaJMLdmr8akK9Eh/cDS3LDFvIDXnzxGtZqE3+5w5Y5 Efop0IXJrACkEiVIegXdAAXNALIVgkr1AgMBAAGjggPMMIIDyDCBigYIKwYBBQUH AQEEfjB8MFAGCCsGAQUFBzAChkRodHRwOi8vY2VydC5tYW5hZ2VkcGtpLmNvbS9D QWNlcnRzL0tQTlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVDQUcyLmNlcjAoBggrBgEF BQcwAYYcaHR0cDovL2cyb2NzcC5tYW5hZ2VkcGtpLmNvbTAdBgNVHQ4EFgQUILDB 8aw7IpMhxb867507JhoGolMwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR1o06P HpfdbIgBMe9yIcJuYJR9gDCBsQYDVR0gBIGpMIGmMIGZBgpghBABh2sBAgUGMIGK MDcGCCsGAQUFBwIBFitodHRwczovL2NlcnRpZmljYWF0Lmtwbi5jb20vcGtpb3Zl cmhlaWQvY3BzME8GCCsGAQUFBwICMEMMQU9wIGRpdCBjZXJ0aWZpY2FhdCBpcyBo ZXQgQ1BTIFBLSW92ZXJoZWlkIHZhbiBLUE4gdmFuIHRvZXBhc3NpbmcuMAgGBmeB DAECAjBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1hbmFnZWRwa2kuY29t L0tQTlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVDQUcyL0xhdGVzdENSTC5jcmwwDgYD VR0PAQH/BAQDAgWgMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYB BQUHAwEwJAYDVR0RBB0wG4IZbG90dGVlMmUyLXRzdC1uZXcua3BuLmNvbTCCAX4G CisGAQQB1nkCBAIEggFuBIIBagFoAHUA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiD AMR7iXqo/csAAAFhUUZNBwAABAMARjBEAiAyX1iV2GCotLOLvl31vfm+dNroCwBx GShvbUBhXxH/VQIgW43CmSuk4PSLwSsANmEd+jU2Airjd1slYvAem/Vs1g4AdgBV gdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAWFRRk0qAAAEAwBHMEUC IQDB+xfcjcvScCAEekPSfpc9GbemSixRh9dxKMpxgy7mcwIgNC8BU4s1iog/K+jo 7JpiK1PGPTINB5THe37NErbLcGcAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jj d80OyA3cEAAAAWFRRlACAAAEAwBIMEYCIQDp7PLGTX370Ib9YsKVSskEUBwU+Cpf WVtuL8QgkguqyQIhAOUqRuobba2SJOt30v0sGUMMy0UGVlLBa+/nVm4NIpWlMA0G CSqGSIb3DQEBCwUAA4ICAQAt04zht3WYAoXnWrZVi4mXt0uYysEJE0eU4mOyrYjD ukCXWYSiyBtNS+6bgDnXQrGW7+o7h0K0Rj7zbOOqH2wSXVpQlsxbL6kmDeWbCkKr t2cSji0b657M3XmvmHZR6/c9kkUwjgBGfJy+d4WamHt09AT/fe696ANQPjiutWeR hvhSOEH9boLMHh1oPYLLCER54qFsECDMMNqF50+N2z5Qlrbx8mTts1qlwaAGpUS1 vC6NaqLgbJwWx+u8hvBwXagyzCffYf2p12XOw+g20fvjopIgmfhyl+yNMg+91Nce UPRLsqli1iDLFl+6oUvCdqHXIrZLEhLqJtpiDswdtuBRHY7s9smqwL8OeOMSVuu9 ZlKjuJjQEXoroFvojxZAS1bSkNi4srAZ5SCpgrF7wfvQtiGZQA+9+rF3QGJvCYkO C5ziLgbQGcMZxJCa59yh76Ge3COO51ZKEydg2VN1O+vqS+z9H8Hk0bg9odk8Ukfl TwEzsBNB0knFbT2tphzaZPh43uNgSnfmWUkwrEXsLlrPoff7iehsFRSwAVbZgKGx TjWqQtJTVUQbjT3cVzwAdG6WfyIZ095Bh5sw7UQHsg8RkOaQ7llrmXp5iRIQLlpk nuwIqpayuVsH3h/aoB4CvosT4TUPZPYa8ys7E1zUnEXOpZp51v5VRUPILvkP2Zfv hQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k7nawIaUViOkW/Pq1PX UqJ3ccoj2sLrNQR1PHN/88l11ODVYaiZosE+SQXJ6WJg/JEOBxi7IvFotYcnUV+F iFNz0xdK0esVK8G71R1roy3KDEb12iLesGhro3VQ+bkNg8aKp/aOcx3x5Z06NPud YgyWO1PQEbsbv+mUaeJw2oCs1KuGZHa50c0tDThGJI7jA0xmr6wb6+41F3RmiRqm GmyKOclelkZqIGVPhQERYs6svRfz8e+HuxTEdS31T4rSBeKTUE8LGGwLGiTC3Zq/ GpCvRIf3A0tywxbyA1588RrWahN/ucOWORH6KdCFyawApBIlSHoF3QAFzQCyFYJK 9QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7912666033923193985 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN PKIoverheid Organisatie CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-02-01 12:10:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-01 12:10:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String ''s-Gravenhage' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'lottee2e2-tst-new.kpn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27558859483603685832515227317927529305634971819883738794450180298774117406739910579140439996846028139967228486426385599383616219964736364005111092219698820635796869445342617754692703289484248389077229344007139976115143114100777640077731058423122680568543425226743078109351847789189159083465922313122326120534546358600412621739355226020342325020460954529681808023404913783304144371091720961872413448922098776978805487285164370442333195301731075935587014903420767609558128023102413603530635628918011310877471066615818012705982421534175879647798562291167096053986241897469684534873298649211264592639188770907168121703157 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNPKIoverheidOrganisatieCAG2.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g2ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 20b0c1f1ac3b229321c5bf3aef9d3b261a06a253 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 75a34e8f1e97dd6c880131ef7221c26e60947d80 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNPKIoverheidOrganisatieCAG2/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.4 (emailProtection) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lottee2e2-tst-new.kpn.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007500ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016151464d0700000403004630440220325f5895d860a8b4b38bbe5df5bdf9be74dae80b007119286f6d40615f11ff5502205b8dc2992ba4e0f48bc12b0036611dfa3536022ae3775b2562f01e9bf56cd60e0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016151464d2a0000040300473045022100c1fb17dc8dcbd27020047a43d27e973d19b7a64a2c5187d77128ca71832ee6730220342f01538b358a883f2be8e8ec9a622b53c63d320d0794c77b7ecd12b6cb7067007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000161514650020000040300483046022100e9ecf2c64d7dfbd086fd62c2954ac904501c14f82a5f595b6e2fc420920baac9022100e52a46ea1b6dad9224eb77d2fd2c19430ccb45065652c16befe7566e0d2295a5 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 002dd38ce1b775980285e75ab6558b8997b74b98cac109134794e263b2ad88c3ba40975984a2c81b4d4bee9b8039d742b196efea3b8742b4463ef36ce3aa1f6c125d5a5096cc5b2fa9260de59b0a42abb767128e2d1beb9eccdd79af987651ebf73d9245308e00467c9cbe77859a987b74f404ff7deebde803503e38aeb5679186f8523841fd6e82cc1e1d683d82cb084479e2a16c1020cc30da85e74f8ddb3e5096b6f1f264edb35aa5c1a006a544b5bc2e8d6aa2e06c9c16c7ebbc86f0705da832cc27df61fda9d765cec3e836d1fbe3a2922099f87297ec8d320fbdd4d71e50f44bb2a962d620cb165fbaa14bc276a1d722b64b1212ea26da620ecc1db6e0511d8eecf6c9aac0bf0e78e31256ebbd6652a3b898d0117a2ba05be88f16404b56d290d8b8b2b019e520a982b17bc1fbd0b62199400fbdfab17740626f09890e0b9ce22e06d019c319c4909ae7dca1efa19edc238ee7564a132760d953753bebea4becfd1fc1e4d1b83da1d93c5247e54f0133b01341d249c56d3dada61cda64f878dee3604a77e6594930ac45ec2e5acfa1f7fb89e86c1514b00156d980a1b14e35aa42d25355441b8d3ddc573c00746e967f2219d3de41879b30ed4407b20f1190e690ee596b997a798912102e5a649eec08aa96b2b95b07de1fdaa01e02be8b13e1350f64f61af32b3b135cd49c45cea59a79d6fe554543c82ef90fd997ef85