get-it.kpnnet.org
- Koninklijke KPN N.V. -
Issued by KPN PKIoverheid Organisatie CA - G2
About this certificate
This digital certificate with serial number 0c:e9:a9:52:ac:6c:38:68 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization: Koninklijke KPN N.V.
State / Province:
Zuid-Holland
Locality: Rotterdam
Country: NL
Locality: Rotterdam
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:e9:a9:52:ac:6c:38:68Serial Number (int): 930460970573903976
Serial Number lenght: 60 bits, 8 octets
SubjectKeyId: 5a:88:84:b0:c5:94:8e:99:73:60:05:81:ac:d8:06:40:79:30:63:79
AuthorityKeyId: 75:a3:4e:8f:1e:97:dd:6c:88:01:31:ef:72:21:c2:6e:60:94:7d:80
Fingerprint (sha1): 4a:39:a2:51:6b:b7:a9:0d:0a:bf:f3:ff:87:20:af:27:09:2c:6c:01
Fingerprint (sha256): 1c:b0:11:5d:af:a0:6d:40:11:78:00:9e:7d:a2:18:5c:55:55:83:a4:8c:9c:9f:3e:a2:b4:04:69:55:2b:7a:85
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNPKIoverheidOrganisatieCAG2.cer
Revocation information
OCSP Server: http://g2ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNPKIoverheidOrganisatieCAG2/LatestCRL.crl
Check the revocation status for certificate get-it.kpnnet.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for get-it.kpnnet.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
get-it.kpnnet.org
Other certificates including the domain name kpnnet.org
(limited to 100 certificates)
sentrymail.acc.kpnnet.org
bi.kpnnet.org
bi4dev.kpnnet.org
extselfsvc.kpnnet.org
bi.kpnnet.org
bprchatbot-acc.kpnnet.org
teamkpn-mobile.kpnnet.org
sharekpn.kpnnet.org
get-it.kpnnet.org
teamkpn-acc.kpnnet.org
ts.kpnnet.org
kpn-internal-wireless.kpnnet.org
kitnlams73s001.kpnnet.org
uat-sharekpn.kpnnet.org
wem-comet.kpnnet.org
KPN-PS02.kpnnet.org
zipsacc.kpnnet.org
cloudmail.kpnnet.org
cloudmail.kpnnet.org
ksp-admin-acc.kpnnet.org
sentryapp.acc.kpnnet.org
w2039.kpnnet.org
ciso-ksp.kpnnet.org
sentryapp.acc.kpnnet.org
bi4prd-web2.kpnnet.org
bi.kpnnet.org
filetrans.kpnnet.org
host-retail.kpnnet.org
TIMESHEET.KPNNET.ORG
sentrymail.kpnnet.org
FILETRANS.KPNNET.ORG
filetrans.kpnnet.org
filetrans.kpnnet.org
w2040.kpnnet.org
retailactueel-retail.kpnnet.org
iamportal.kpnnet.org
iamportaltst.kpnnet.org
password.kpnnet.org
KPN-PS02.kpnnet.org
mailercdn-teamkpn.kpnnet.org
teamkpn.kpnnet.org
teamkpn-acc.kpnnet.org
get-it.kpnnet.org
ksp-admin.kpnnet.org
zips.kpnnet.org
Extranet-uat.kpn.com
*.kpnnet.org
ksp-admin-acc.kpnnet.org
ts.kpnnet.org
Voice-of-the-Employee.kpnnet.org
*.kpnnet.org
bealert.kpnnet.org
winkeldossier-retail.kpnnet.org
bealert-acc.kpnnet.org
MAIL5.KPNNET.ORG
bodssnd.kpnnet.org
mail4.kpnnet.org
extranet-uat.kpn.com
wem-staging.kpnnet.org
filetrans.kpnnet.org
teamkpn-stats.kpnnet.org
mail1.kpnnet.org
*.kpnnet.org
teamkpn-chat.kpnnet.org
bisnd2.kpnnet.org
OAPILOT.KPNNET.ORG
portal117.kpnnet.org
KPN-PS02.kpnnet.org
PPScan.kpnnet.org
core.kpnnet.org
bisnd2.kpnnet.org
ksp-admin.kpnnet.org
sharekpn.kpnnet.org
ksp-admin.kpnnet.org
KPN-PS01.kpnnet.org
mail7.kpnnet.org
match.uat.kpnnet.org
teamkpn-mobile.kpnnet.org
extranet.kpn.com
ideedock.kpnnet.org
teamkpn-static.kpnnet.org
W2040.kpnnet.org
vpn.kpnnet.org
bealert.kpnnet.org
PROFINDER-UAT.KPNNET.ORG
bods4uat.kpnnet.org
bisnd2.kpnnet.org
mail2.kpnnet.org
extselfsvc.kpnnet.org
SENTRYAPP.KPNNET.ORG
ksp-admin-acc.kpnnet.org
test-paperlessshop-retail.kpnnet.org
adfs.kpnnet.org
topdesk-innovatie.kpnnet.org
bodsdev.kpnnet.org
uat-sharekpn.kpnnet.org
ws-mijnwerkplek.kpnnet.org
extselfsvc.kpnnet.org
*.kpnnet.org
Voice-of-the-Employee.kpnnet.org
bi.kpnnet.org
bi4dev.kpnnet.org
extselfsvc.kpnnet.org
bi.kpnnet.org
bprchatbot-acc.kpnnet.org
teamkpn-mobile.kpnnet.org
sharekpn.kpnnet.org
get-it.kpnnet.org
teamkpn-acc.kpnnet.org
ts.kpnnet.org
kpn-internal-wireless.kpnnet.org
kitnlams73s001.kpnnet.org
uat-sharekpn.kpnnet.org
wem-comet.kpnnet.org
KPN-PS02.kpnnet.org
zipsacc.kpnnet.org
cloudmail.kpnnet.org
cloudmail.kpnnet.org
ksp-admin-acc.kpnnet.org
sentryapp.acc.kpnnet.org
w2039.kpnnet.org
ciso-ksp.kpnnet.org
sentryapp.acc.kpnnet.org
bi4prd-web2.kpnnet.org
bi.kpnnet.org
filetrans.kpnnet.org
host-retail.kpnnet.org
TIMESHEET.KPNNET.ORG
sentrymail.kpnnet.org
FILETRANS.KPNNET.ORG
filetrans.kpnnet.org
filetrans.kpnnet.org
w2040.kpnnet.org
retailactueel-retail.kpnnet.org
iamportal.kpnnet.org
iamportaltst.kpnnet.org
password.kpnnet.org
KPN-PS02.kpnnet.org
mailercdn-teamkpn.kpnnet.org
teamkpn.kpnnet.org
teamkpn-acc.kpnnet.org
get-it.kpnnet.org
ksp-admin.kpnnet.org
zips.kpnnet.org
Extranet-uat.kpn.com
*.kpnnet.org
ksp-admin-acc.kpnnet.org
ts.kpnnet.org
Voice-of-the-Employee.kpnnet.org
*.kpnnet.org
bealert.kpnnet.org
winkeldossier-retail.kpnnet.org
bealert-acc.kpnnet.org
MAIL5.KPNNET.ORG
bodssnd.kpnnet.org
mail4.kpnnet.org
extranet-uat.kpn.com
wem-staging.kpnnet.org
filetrans.kpnnet.org
teamkpn-stats.kpnnet.org
mail1.kpnnet.org
*.kpnnet.org
teamkpn-chat.kpnnet.org
bisnd2.kpnnet.org
OAPILOT.KPNNET.ORG
portal117.kpnnet.org
KPN-PS02.kpnnet.org
PPScan.kpnnet.org
core.kpnnet.org
bisnd2.kpnnet.org
ksp-admin.kpnnet.org
sharekpn.kpnnet.org
ksp-admin.kpnnet.org
KPN-PS01.kpnnet.org
mail7.kpnnet.org
match.uat.kpnnet.org
teamkpn-mobile.kpnnet.org
extranet.kpn.com
ideedock.kpnnet.org
teamkpn-static.kpnnet.org
W2040.kpnnet.org
vpn.kpnnet.org
bealert.kpnnet.org
PROFINDER-UAT.KPNNET.ORG
bods4uat.kpnnet.org
bisnd2.kpnnet.org
mail2.kpnnet.org
extselfsvc.kpnnet.org
SENTRYAPP.KPNNET.ORG
ksp-admin-acc.kpnnet.org
test-paperlessshop-retail.kpnnet.org
adfs.kpnnet.org
topdesk-innovatie.kpnnet.org
bodsdev.kpnnet.org
uat-sharekpn.kpnnet.org
ws-mijnwerkplek.kpnnet.org
extselfsvc.kpnnet.org
*.kpnnet.org
Voice-of-the-Employee.kpnnet.org
Certificate
The complete raw certificate details for get-it.kpnnet.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIHzCCBgegAwIBAgIIDOmpUqxsOGgwDQYJKoZIhvcNAQELBQAwTjELMAkGA1UE BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMSwwKgYDVQQDDCNLUE4gUEtJb3Zlcmhl aWQgT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xODEwMTIxMzQwMDJaFw0xOTEwMTIx MzQwMDJaMIGSMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMRIw EAYDVQQHDAlSb3R0ZXJkYW0xHTAbBgNVBAoMFEtvbmlua2xpamtlIEtQTiBOLlYu MR0wGwYDVQQFExQwMDAwMDAwMzAyMDQ1MjAwMDAwMDEaMBgGA1UEAwwRZ2V0LWl0 Lmtwbm5ldC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGOu2z gTkGESqQ4fr86pcsLzcciQCBC5DtTqR9OWKRqhsFCKAzFLguSoc4MQ1A5jOf1d7X 9WFc4SIljbQ768f40cxkvO++9jUFxUozAPAXAqJHGrWw5mDmj+gEHtJlF6YQt8d0 EOt4mIsb9yrtfu9dcQTuwFADBW9DIQe26asBeBQhqLLqE0QYFlduCD6bjXuKXR8u cVyKqBq9/MjQ2Ly7g/cOwJMf1I7wl0DX42pq0Z+JC7kXrN+9oc4Hmac/bA62q2pz 5He0NZdceoIsmMBdcp742AE/iYTzEzvPoZF4PfhvcwU47GMU6TmmWSEtbioJXHNK oPc3OF/akgxSIusJAgMBAAGjggO6MIIDtjCBigYIKwYBBQUHAQEEfjB8MFAGCCsG AQUFBzAChkRodHRwOi8vY2VydC5tYW5hZ2VkcGtpLmNvbS9DQWNlcnRzL0tQTlBL SW92ZXJoZWlkT3JnYW5pc2F0aWVDQUcyLmNlcjAoBggrBgEFBQcwAYYcaHR0cDov L2cyb2NzcC5tYW5hZ2VkcGtpLmNvbTAdBgNVHQ4EFgQUWoiEsMWUjplzYAWBrNgG QHkwY3kwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR1o06PHpfdbIgBMe9yIcJu YJR9gDCBsQYDVR0gBIGpMIGmMIGZBgpghBABh2sBAgUGMIGKMDcGCCsGAQUFBwIB FitodHRwczovL2NlcnRpZmljYWF0Lmtwbi5jb20vcGtpb3ZlcmhlaWQvY3BzME8G CCsGAQUFBwICMEMMQU9wIGRpdCBjZXJ0aWZpY2FhdCBpcyBoZXQgQ1BTIFBLSW92 ZXJoZWlkIHZhbiBLUE4gdmFuIHRvZXBhc3NpbmcuMAgGBmeBDAECAjBWBgNVHR8E TzBNMEugSaBHhkVodHRwOi8vY3JsLm1hbmFnZWRwa2kuY29tL0tQTlBLSW92ZXJo ZWlkT3JnYW5pc2F0aWVDQUcyL0xhdGVzdENSTC5jcmwwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAcBgNVHREEFTATghFnZXQt aXQua3BubmV0Lm9yZzCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYA7ku9t3XO YLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFmaIFuLAAABAMARzBFAiAz4UIN JjE5FHOtMkT0dyjgd3flNftGZmQPH63i1qB6pQIhALeTWvdAnuyOsd2eMfsH7iMG bAL/qiFW64P7/uoTKPrMAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT 0wwAAAFmaIFvQwAABAMARzBFAiA7QXwY/ErJum90D/r8baqyfE+V29FZvJNiPYiu T6OH/QIhAN0q4qDA9cuAWocMpseuhaK7m+BmFHWZVQa9IgENZaAlAHYApLkJkLQY WBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFmaIFwgQAABAMARzBFAiAscddo 9THXB5zRNIt38Ke56bRhUvsuT8vh7cgperjxIwIhANujmO6qWQCtr2FK1A1EYgmG Ceqo+RrR6wDNGxl/jMtSMA0GCSqGSIb3DQEBCwUAA4ICAQAdoLo0KFwm+fWGcyzE GkmJigv5+PgorjRwRc+OodxGIX1zPKtjvETN7W+RKoGYrUDqD+2/whkP22BZjj73 d47ZGZTJ2vcVEp9TsfVL6rtvp5s7oN4m4BhMDZrQ9u0APn0fF/Naz/QOmkdwJu+d fMwOzLicqCYnOX7NkbJdXR/B3C4VWYAxXeaZIdR2PHygjIZIKYVDAOqREqNe+h0j 0ZdGctC/29vQdxkA4/PNZOAb3ag//HMt9Z5FEqIZss2tFyu+ssKSPPa6/BQngZ6d AnrIEdP8cbCg8AqxRJcDSgZuUi1yPha2H5N30CV9SRxwI7QLNEwBs6liiyvElenB 0H48Lw69/dXyECkIUZl8rdqtl1JCUh1Hxl9iDuyMKfxzy7fSdZ7QXKIA0iH+SSZj PI89GaqpNUk9A6fIsGVPKxzpP+RnB9BZC/6eH1szOKtuRS1GqYGfk2WYZWAtgUsw QY+VLyXpcNmezHOzFKX7D1o0dxzd2S616byvi6P0Xm0nBDs7+bUq5rRti6Fcg+Kp W0ToS9kvBrOaN+QVb6L7+zem5pymDbMqy6M/OnU9ypgGeWwLz6ELp1UYHnWzJLay 5ml0tCBXYHeSIeYwqH9iSF1QBJ7SqRCcFkAZ9+kl/6B9bXVWA07dX2Nv/fS7Iysc Go03nxVPxCZarodRig+YBJ7zJA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjrts4E5BhEqkOH6/OqX LC83HIkAgQuQ7U6kfTlikaobBQigMxS4LkqHODENQOYzn9Xe1/VhXOEiJY20O+vH +NHMZLzvvvY1BcVKMwDwFwKiRxq1sOZg5o/oBB7SZRemELfHdBDreJiLG/cq7X7v XXEE7sBQAwVvQyEHtumrAXgUIaiy6hNEGBZXbgg+m417il0fLnFciqgavfzI0Ni8 u4P3DsCTH9SO8JdA1+NqatGfiQu5F6zfvaHOB5mnP2wOtqtqc+R3tDWXXHqCLJjA XXKe+NgBP4mE8xM7z6GReD34b3MFOOxjFOk5plkhLW4qCVxzSqD3Nzhf2pIMUiLr CQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 930460970573903976 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN PKIoverheid Organisatie CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-12 13:40:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-12 13:40:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rotterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'get-it.kpnnet.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25024243119661401892563805355656148405032250469225797070162023109535276480349586898836716346706746626676818175430138397026059767446371851965383386735097025604987068187542812952353308627130615632810075753749011270146897582334098244959895319185578094746795891733312422328040418615267591341456371865086421361153363653187165358934463877133474307326314067413024710101466343192240657197405912933941436961244294003027423605691344158031214448477603248314790090594194813661771358751540157557558682752949845953824524577291291748684542616164894015009412568808224762179111185206049811177886152168832974639537456273845167484758793 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNPKIoverheidOrganisatieCAG2.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g2ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5a8884b0c5948e9973600581acd8064079306379 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 75a34e8f1e97dd6c880131ef7221c26e60947d80 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNPKIoverheidOrganisatieCAG2/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'get-it.kpnnet.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016668816e2c0000040300473045022033e1420d2631391473ad3244f47728e07777e535fb4666640f1fade2d6a07aa5022100b7935af7409eec8eb1dd9e31fb07ee23066c02ffaa2156eb83fbfeea1328facc0076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016668816f43000004030047304502203b417c18fc4ac9ba6f740ffafc6daab27c4f95dbd159bc93623d88ae4fa387fd022100dd2ae2a0c0f5cb805a870ca6c7ae85a2bb9be0661475995506bd22010d65a025007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016668817081000004030047304502202c71d768f531d7079cd1348b77f0a7b9e9b46152fb2e4fcbe1edc8297ab8f123022100dba398eeaa5900adaf614ad40d4462098609eaa8f91ad1eb00cd1b197f8ccb52 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 001da0ba34285c26f9f586732cc41a49898a0bf9f8f828ae347045cf8ea1dc46217d733cab63bc44cded6f912a8198ad40ea0fedbfc2190fdb60598e3ef7778ed91994c9daf715129f53b1f54beabb6fa79b3ba0de26e0184c0d9ad0f6ed003e7d1f17f35acff40e9a477026ef9d7ccc0eccb89ca82627397ecd91b25d5d1fc1dc2e155980315de69921d4763c7ca08c864829854300ea9112a35efa1d23d1974672d0bfdbdbd0771900e3f3cd64e01bdda83ffc732df59e4512a219b2cdad172bbeb2c2923cf6bafc1427819e9d027ac811d3fc71b0a0f00ab14497034a066e522d723e16b61f9377d0257d491c7023b40b344c01b3a9628b2bc495e9c1d07e3c2f0ebdfdd5f210290851997caddaad975242521d47c65f620eec8c29fc73cbb7d2759ed05ca200d221fe4926633c8f3d19aaa935493d03a7c8b0654f2b1ce93fe46707d0590bfe9e1f5b3338ab6e452d46a9819f93659865602d814b30418f952f25e970d99ecc73b314a5fb0f5a34771cddd92eb5e9bcaf8ba3f45e6d27043b3bf9b52ae6b46d8ba15c83e2a95b44e84bd92f06b39a37e4156fa2fbfb37a6e69ca60db32acba33f3a753dca9806796c0bcfa10ba755181e75b324b6b2e66974b4205760779221e630a87f62485d50049ed2a9109c164019f7e925ffa07d6d7556034edd5f636ffdf4bb232b1c1a8d379f154fc4265aae87518a0f98049ef324