www.deloitte.nl
- Deloitte Accountants -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 7e:93:32:48:59:90:89:6e was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Deloitte Accountants
Company registration number:
00000003243628530000
Organization: Deloitte Accountants
Organization unit: GSC
Organization: Deloitte Accountants
Organization unit: GSC
State / Province:
Zuid-Holland
Locality: Rotterdam
Country: NL
Locality: Rotterdam
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 7e:93:32:48:59:90:89:6eSerial Number (int): 9120688956677065070
Serial Number lenght: 63 bits, 8 octets
SubjectKeyId: bc:ae:6f:c4:a2:2f:bf:2e:5c:89:76:ba:29:a5:a0:ab:7b:44:89:17
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): 87:b8:fd:0c:3e:4a:7f:02:f4:cd:1d:50:69:11:af:12:95:c6:82:66
Fingerprint (sha256): 1f:bc:e9:34:ff:28:18:78:1b:07:4f:21:05:08:10:29:28:0a:62:26:4f:95:d1:5a:24:2d:d3:5c:e7:82:31:7f
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate www.deloitte.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.deloitte.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.deloitte.nl
Other certificates including the domain name deloitte.nl
(limited to 100 certificates)
communication-trackontrade.deloitte.nl
www.beglobal.shop
magazine.deloitte.nl
*.iapps-t.deloitte.nl
ispacemobile.deloitte.nl
getsupport-d.deloitte.nl
s4hop.sapdemo.deloitte.nl
tax-i.deloitte.nl
e.deloitte.nl
edgejourney-s.deloitte.nl
viewold.deloitte.nl
communication-test-trackontrade.deloitte.nl
4me.qa
view.deloitte.nl
secureupload.deloitte.nl
secureupload.erslab.deloitte.nl
docqminer-model-staging.clipper-nonprod.deloitte.nl
sip.deloitte.nl
wintrackertaxlegal.clipper-nonprod.deloitte.nl
*.deloitte.nl
remotevpn.deloitte.nl
view.deloitte.nl
aeoscan.deloitte.nl
usap42.us.deloitte.com
usap42.us.deloitte.com
ourbrand.deloitte
alumni.deloitte.nl
secureupload.deloitte.nl
das.deloitte.nl
xray-john-old.clipper-nonprod.deloitte.nl
communication-test-trackontrade.deloitte.nl
getsupport-s.deloitte.nl
usap42.us.deloitte.com
alumni.deloitte.nl
communication-trackontrade.deloitte.nl
ourbrand.deloitte
webmail.deloitte.nl
meet.deloitte.nl
ourbrand.deloitte
investoronboarding-d.deloitte.nl
dataplatform-t.deloitte.nl
invisionweb.deloitte.nl
fast50.deloitte.nl
remotevpn.deloitte.nl
view.deloitte.nl
meet.deloitte.nl
brainspacenew.deloitte.nl
invisionwebsso.deloitte.nl
ourbrand.deloitte
sip.deloitte.nl
annualreport.deloitte.nl
4me.com
sapclientvpn.deloitte.nl
dataplatform-d.deloitte.nl
monitor-d.drop.deloitte.nl
taxifdtst.deloitte.nl
mail.deloitte.nl
events.deloitte.nl
meet.deloitte.nl
*.iapps.deloitte.nl
www.deloitte.nl
regview-acc.clipper-nonprod.deloitte.nl
usap42.us.deloitte.com
academy.deloitte.nl
ispace.deloitte.nl
aeoscan.deloitte.nl
tax-i.deloitte.nl
mail2.deloitte.nl
oraclecloudextractor.clipper-nonprod.deloitte.nl
*.iapps-s.deloitte.nl
roulette-dev.deloitte.nl
www.deloitte.nl
*.4me.qa
tendertracker.clipper-nonprod.deloitte.nl
4me.qa
academy.deloitte.nl
confirmit.deloitte.nl
usap42.us.deloitte.com
*.clipper-audit-nonprod.deloitte.nl
communication-trackontrade.deloitte.nl
tax-i-d.deloitte.nl
secureupload.deloitte.nl
4me.qa
4me.qa
usap41.us.deloitte.com
oraclecloudextractor.clipper-nonprod.deloitte.nl
regminer-acc-admin.clipper-nonprod.deloitte.nl
dkmt.deloitte.nl
alumni.deloitte.nl
webapps.deloitte.nl
sts.deloitte.nl
sso.deloitte.nl
rb-client-impact.deloitte.nl
meet.deloitte.nl
usap42.us.deloitte.com
monitor-d.drop.deloitte.nl
sip.deloitte.nl
mail2.deloitte.nl
publications.deloitte.nl
communication-test-trackontrade.deloitte.nl
www.beglobal.shop
magazine.deloitte.nl
*.iapps-t.deloitte.nl
ispacemobile.deloitte.nl
getsupport-d.deloitte.nl
s4hop.sapdemo.deloitte.nl
tax-i.deloitte.nl
e.deloitte.nl
edgejourney-s.deloitte.nl
viewold.deloitte.nl
communication-test-trackontrade.deloitte.nl
4me.qa
view.deloitte.nl
secureupload.deloitte.nl
secureupload.erslab.deloitte.nl
docqminer-model-staging.clipper-nonprod.deloitte.nl
sip.deloitte.nl
wintrackertaxlegal.clipper-nonprod.deloitte.nl
*.deloitte.nl
remotevpn.deloitte.nl
view.deloitte.nl
aeoscan.deloitte.nl
usap42.us.deloitte.com
usap42.us.deloitte.com
ourbrand.deloitte
alumni.deloitte.nl
secureupload.deloitte.nl
das.deloitte.nl
xray-john-old.clipper-nonprod.deloitte.nl
communication-test-trackontrade.deloitte.nl
getsupport-s.deloitte.nl
usap42.us.deloitte.com
alumni.deloitte.nl
communication-trackontrade.deloitte.nl
ourbrand.deloitte
webmail.deloitte.nl
meet.deloitte.nl
ourbrand.deloitte
investoronboarding-d.deloitte.nl
dataplatform-t.deloitte.nl
invisionweb.deloitte.nl
fast50.deloitte.nl
remotevpn.deloitte.nl
view.deloitte.nl
meet.deloitte.nl
brainspacenew.deloitte.nl
invisionwebsso.deloitte.nl
ourbrand.deloitte
sip.deloitte.nl
annualreport.deloitte.nl
4me.com
sapclientvpn.deloitte.nl
dataplatform-d.deloitte.nl
monitor-d.drop.deloitte.nl
taxifdtst.deloitte.nl
mail.deloitte.nl
events.deloitte.nl
meet.deloitte.nl
*.iapps.deloitte.nl
www.deloitte.nl
regview-acc.clipper-nonprod.deloitte.nl
usap42.us.deloitte.com
academy.deloitte.nl
ispace.deloitte.nl
aeoscan.deloitte.nl
tax-i.deloitte.nl
mail2.deloitte.nl
oraclecloudextractor.clipper-nonprod.deloitte.nl
*.iapps-s.deloitte.nl
roulette-dev.deloitte.nl
www.deloitte.nl
*.4me.qa
tendertracker.clipper-nonprod.deloitte.nl
4me.qa
academy.deloitte.nl
confirmit.deloitte.nl
usap42.us.deloitte.com
*.clipper-audit-nonprod.deloitte.nl
communication-trackontrade.deloitte.nl
tax-i-d.deloitte.nl
secureupload.deloitte.nl
4me.qa
4me.qa
usap41.us.deloitte.com
oraclecloudextractor.clipper-nonprod.deloitte.nl
regminer-acc-admin.clipper-nonprod.deloitte.nl
dkmt.deloitte.nl
alumni.deloitte.nl
webapps.deloitte.nl
sts.deloitte.nl
sso.deloitte.nl
rb-client-impact.deloitte.nl
meet.deloitte.nl
usap42.us.deloitte.com
monitor-d.drop.deloitte.nl
sip.deloitte.nl
mail2.deloitte.nl
publications.deloitte.nl
communication-test-trackontrade.deloitte.nl
Certificate
The complete raw certificate details for www.deloitte.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG8TCCBNmgAwIBAgIIfpMySFmQiW4wDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5OVFJOTC0yNzEyNDcw MTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2FuaXNhdGllIFNlcnZl ciBDQSAtIEczMB4XDTE4MTAyMjA4MDAwMloXDTIwMTAyMTA4MDAwMlowgZ4xCzAJ BgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxEjAQBgNVBAcMCVJvdHRl cmRhbTEdMBsGA1UECgwURGVsb2l0dGUgQWNjb3VudGFudHMxDDAKBgNVBAsMA0dT QzEdMBsGA1UEBRMUMDAwMDAwMDMyNDM2Mjg1MzAwMDAxGDAWBgNVBAMMD3d3dy5k ZWxvaXR0ZS5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ8idIpr MybDFqIwezhEb4xsphdfYvslGgX9y8Kr5btZlBLA9GT2Frt+8ZVwDfqsJExCHtqp CHcmsIb6b4vAVgZf/M0JV/xDtJOWh2fgr0wYw8itv4+dZtLl6+ReGnK3+jVen6Vw Bl27heHkOqDATJZv1GWqQmmpEKCeQdItPNCVjjm7Abrbsmqx3w0yF/7Aezw+PE5E +z7JGzaAU+3Lk2AQ58xXdvwHbI+D+LpUbucfAerqIrOcoQB6f1wGHLhfWpnErZXX 8d9q78QhiJYsHD8lEcIttubGfa1wT7vzMlETW3MXoxec32lMhQ2EToPlwAs61EV8 NJYxKpLYfRiMD4kCAwEAAaOCAl0wggJZMIGUBggrBgEFBQcBAQSBhzCBhDBYBggr BgEFBQcwAoZMaHR0cDovL2NlcnQubWFuYWdlZHBraS5jb20vQ0FjZXJ0cy9LUE5C VlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVTZXJ2ZXJDQUczLmNlcjAoBggrBgEFBQcw AYYcaHR0cDovL2czb2NzcC5tYW5hZ2VkcGtpLmNvbTAdBgNVHQ4EFgQUvK5vxKIv vy5ciXa6KaWgq3tEiRcwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTDmqZ7XnQr grbGcv10ToXSl839GDCBsQYDVR0gBIGpMIGmMIGZBgpghBABh2sBAgUGMIGKMDcG CCsGAQUFBwIBFitodHRwczovL2NlcnRpZmljYWF0Lmtwbi5jb20vcGtpb3Zlcmhl aWQvY3BzME8GCCsGAQUFBwICMEMMQU9wIGRpdCBjZXJ0aWZpY2FhdCBpcyBoZXQg Q1BTIFBLSW92ZXJoZWlkIHZhbiBLUE4gdmFuIHRvZXBhc3NpbmcuMAgGBmeBDAEC AjBeBgNVHR8EVzBVMFOgUaBPhk1odHRwOi8vY3JsLm1hbmFnZWRwa2kuY29tL0tQ TkJWUEtJb3ZlcmhlaWRPcmdhbmlzYXRpZVNlcnZlckNBRzMvTGF0ZXN0Q1JMLmNy bDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB MBoGA1UdEQQTMBGCD3d3dy5kZWxvaXR0ZS5ubDATBgorBgEEAdZ5AgQDAQH/BAIF ADANBgkqhkiG9w0BAQsFAAOCAgEAjTYyhVbSAe4qObAiZkof6rmFPmSUt/CI+qW9 UZbrtMgL8yFu3KdBjtylE2kNO7mJyxAMRaC1SuWQIAlYvjA9yjP/2AdcAWt5+PQz E/RgLHe2LEPQzKkjx96+DD0Rn3Jf4yKyggKHq2ifSkZBL5aWWDnvNBNmb90JIxdK CUsE5m/SzqLSeATTYsSwQyuvnebhvRyCloNkbl/DzFEQqEsc+6zMxUZQzTsqYnTX Gl3uNoOf+UfAQKrSHG4bYmUkONwv/DA0mVG2NXH/76T0ElpvXFE8wJK/H3behiSp yW7BV0aii3/ECJAdjop6GeoSes1QQkGGLb3bAW+mNG2sscFOkjhBzARCJAmwfxVm BaMG8guUKZD70l4qwUqMlITNfS2z89j/Ed5X9jeivICf3xAUlsv4ezqs6lEo8q9q kdQm/ICFQeSiQ1ibqn0fInvUB3eo8ZUDpvMhR4oXHBJfFEoeLMvafz6M0RGIRLRf 7ORbki9U9EkToejrt5tHt+Yp2w8Tu9zPSWqn6GviAyA2ltz/5L/bGtzKzhmeZD5S rfSSpC9YRxHeX3w22JNC0htGKxRo8YZRIIxX4cNmj+ljSF0/DfemtjR+EcbP34OO VIh0bGK1vodjoZjgm40ClsvbkQyJnuxgQ+R+qjJtv2lx8ORrUb94aaJDcoftboO3 gNzTcmI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyJ0imszJsMWojB7OERv jGymF19i+yUaBf3Lwqvlu1mUEsD0ZPYWu37xlXAN+qwkTEIe2qkIdyawhvpvi8BW Bl/8zQlX/EO0k5aHZ+CvTBjDyK2/j51m0uXr5F4acrf6NV6fpXAGXbuF4eQ6oMBM lm/UZapCaakQoJ5B0i080JWOObsButuyarHfDTIX/sB7PD48TkT7PskbNoBT7cuT YBDnzFd2/Adsj4P4ulRu5x8B6uois5yhAHp/XAYcuF9amcStldfx32rvxCGIliwc PyURwi225sZ9rXBPu/MyURNbcxejF5zfaUyFDYROg+XACzrURXw0ljEqkth9GIwP iQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9120688956677065070 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-22 08:00:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-21 08:00:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rotterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Deloitte Accountants' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'GSC' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003243628530000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.deloitte.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20088881000263566658272241111089875490240506776450277231367822431438739533182695875094667960242571379218544469075036030946054246982832010423551857573253237527560119996209099612801729898676762555693324275460811330405964614857509623427435887826639535453754441986790002494753410909872948683515419578637137163206423731716447008362818771749374351057882922748090519274927873103243466631340346934473827345794851942693913398850214724965410377762227199341076490198385876049194216718896150971546252811208355561629586571412640006174721869841895478083777991381478247366282735787328057636877969704380025357225602371883976547372937 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bcae6fc4a22fbf2e5c8976ba29a5a0ab7b448917 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.deloitte.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 008d36328556d201ee2a39b022664a1feab9853e6494b7f088faa5bd5196ebb4c80bf3216edca7418edca513690d3bb989cb100c45a0b54ae590200958be303dca33ffd8075c016b79f8f43313f4602c77b62c43d0cca923c7debe0c3d119f725fe322b2820287ab689f4a46412f96965839ef3413666fdd0923174a094b04e66fd2cea2d27804d362c4b0432baf9de6e1bd1c829683646e5fc3cc5110a84b1cfbacccc54650cd3b2a6274d71a5dee36839ff947c040aad21c6e1b62652438dc2ffc30349951b63571ffefa4f4125a6f5c513cc092bf1f76de8624a9c96ec15746a28b7fc408901d8e8a7a19ea127acd504241862dbddb016fa6346dacb1c14e923841cc04422409b07f156605a306f20b942990fbd25e2ac14a8c9484cd7d2db3f3d8ff11de57f637a2bc809fdf101496cbf87b3aacea5128f2af6a91d426fc808541e4a243589baa7d1f227bd40777a8f19503a6f321478a171c125f144a1e2ccbda7f3e8cd1118844b45fece45b922f54f44913a1e8ebb79b47b7e629db0f13bbdccf496aa7e86be203203696dcffe4bfdb1adccace199e643e52adf492a42f584711de5f7c36d89342d21b462b1468f18651208c57e1c3668fe963485d3f0df7a6b6347e11c6cfdf838e5488746c62b5be8763a198e09b8d0296cbdb910c899eec6043e47eaa326dbf6971f0e46b51bf7869a2437287ed6e83b780dcd37262