adfs.nza.nl
- De Nederlandse Zorgautoriteit (NZa) -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 22:c7:0e:93:7a:27:8b:f7:ef:bc:c2:99:cb:5d:90:84:83:84:bd:37 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
De Nederlandse Zorgautoriteit (NZa)
Company registration number:
00000003525031430000
Organization: De Nederlandse Zorgautoriteit (NZa)
Organization: De Nederlandse Zorgautoriteit (NZa)
State / Province:
Utrecht
Locality: Utrecht
Country: NL
Locality: Utrecht
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 22:c7:0e:93:7a:27:8b:f7:ef:bc:c2:99:cb:5d:90:84:83:84:bd:37Serial Number (int): 198544804258400273812228439386798724759417044279
Serial Number lenght: 158 bits, 20 octets
SubjectKeyId: 2d:b3:13:7b:6d:cb:b2:17:0d:f3:bc:a4:38:ea:70:80:f2:0f:fd:f0
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): 61:9f:22:33:cc:26:a5:38:6a:90:b7:75:c9:dd:60:ea:bb:2a:e3:24
Fingerprint (sha256): 28:ee:4b:fb:78:9b:e9:57:ae:70:d2:1c:ed:a7:87:6b:f6:a4:33:cd:2b:43:a6:34:be:da:58:b1:0b:0f:4f:71
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate adfs.nza.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for adfs.nza.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
adfs.nza.nl
Other certificates including the domain name nza.nl
(limited to 100 certificates)
www.nza.nl
zorgproducten-test.nza.nl
customerportal.uk.rlb.com
www.werkenmetdbcs.nza.nl
systems.squaredup.com
dbcregels.nza.nl
adfs.nza.nl
praatmee.nza.nl
zorgproducten-test.nza.nl
*.nza.nl
hub.theriderfirm.cc
dbcregels.nza.nl
nza-portaal1.nza.nl
servicedesk.esmsglobal.com
nzarpsamd001.nza.nl
nzarpsamd001.nza.nl
service.littlegarth.org
nza-form6.nza.nl
www.nza.nl
leren.nza.nl
dkdlmodel.nza.nl
zorgvraagtypering.nza.nl
nza-form5.nza.nl
uitwisselportaal.nza.nl
zorgproducten-test.nza.nl
customerportal.uk.rlb.com
hybrid.nza.nl
tarievenzoekerzorgprestatiemodel.nza.nl
dkdlmodel.nza.nl
support.homeinstead.ie
zorgvraagtypering-test.nza.nl
dbcregels.nza.nl
meldingsformulier.nza.nl
nzarpsamd001.nza.nl
nzarpsamd001.nza.nl
dbcregels.nza.nl
zorgclustertool-test.nza.nl
nzarpsamd002.nza.nl
nzarpsamd001.nza.nl
zorgproducten.nza.nl
www.nza.nl
zorgproducten-test.nza.nl
support.homeinstead.ie
service.littlegarth.org
soporte.martinezabolafio.com
zorgproducten-test.nza.nl
zorgproducten-test.nza.nl
nza.nl
servicedesk.coram.eu
uitwisselportaal.nza.nl
zorgcijfers.nza.nl
sd.srk-zuerich.ch
zorgproducten.nza.nl
login.nza.nl
nza-form2.nza.nl
mijn-accp.nza.nl
helpdesk.sunlight.gr
support.brill.com
portal.nza.nl
www.werkenmetdbcs.nza.nl
dbcregels.nza.nl
support.homeinstead.ie
nzarpsamd001.nza.nl
leren.nza.nl
helpdesk.itwfasteners.com
dbcregels.nza.nl
nzarpsamd002.nza.nl
mijn-accp.nza.nl
nzarpsamd002.nza.nl
nzarpsamd001.nza.nl
dbcregels.nza.nl
wireless.nza.nl
nza-portaal1.nza.nl
zorgproducten-test.nza.nl
zorgcijfers.nza.nl
uitwisselportaal.nza.nl
nza-form1.nza.nl
zorgproducten.nza.nl
nzarpsamd002.nza.nl
dbcregels.nza.nl
www.werkenmetdbcs.nza.nl
zorgproductenviewer.nza.nl
adfs.nza.nl
mta-sts.nza.nl
acceptatie.crm.nza.nl
owa.nza.nl
zorgclustertool.nza.nl
adfs.nza.nl
l1.platformrijksoverheid.nl
werkenbijde.nza.nl
ithelpdesk.koinly.io
nzarpsamd002.nza.nl
nieuwmodelggzfz.nza.nl
aanvragen.nza.nl
customerportal.uk.rlb.com
nzarpsamd001.nza.nl
nza-form3.nza.nl
l1.platformrijksoverheid.nl
helpdesk.sunlight.gr
wachttijden.nza.nl
zorgproducten-test.nza.nl
customerportal.uk.rlb.com
www.werkenmetdbcs.nza.nl
systems.squaredup.com
dbcregels.nza.nl
adfs.nza.nl
praatmee.nza.nl
zorgproducten-test.nza.nl
*.nza.nl
hub.theriderfirm.cc
dbcregels.nza.nl
nza-portaal1.nza.nl
servicedesk.esmsglobal.com
nzarpsamd001.nza.nl
nzarpsamd001.nza.nl
service.littlegarth.org
nza-form6.nza.nl
www.nza.nl
leren.nza.nl
dkdlmodel.nza.nl
zorgvraagtypering.nza.nl
nza-form5.nza.nl
uitwisselportaal.nza.nl
zorgproducten-test.nza.nl
customerportal.uk.rlb.com
hybrid.nza.nl
tarievenzoekerzorgprestatiemodel.nza.nl
dkdlmodel.nza.nl
support.homeinstead.ie
zorgvraagtypering-test.nza.nl
dbcregels.nza.nl
meldingsformulier.nza.nl
nzarpsamd001.nza.nl
nzarpsamd001.nza.nl
dbcregels.nza.nl
zorgclustertool-test.nza.nl
nzarpsamd002.nza.nl
nzarpsamd001.nza.nl
zorgproducten.nza.nl
www.nza.nl
zorgproducten-test.nza.nl
support.homeinstead.ie
service.littlegarth.org
soporte.martinezabolafio.com
zorgproducten-test.nza.nl
zorgproducten-test.nza.nl
nza.nl
servicedesk.coram.eu
uitwisselportaal.nza.nl
zorgcijfers.nza.nl
sd.srk-zuerich.ch
zorgproducten.nza.nl
login.nza.nl
nza-form2.nza.nl
mijn-accp.nza.nl
helpdesk.sunlight.gr
support.brill.com
portal.nza.nl
www.werkenmetdbcs.nza.nl
dbcregels.nza.nl
support.homeinstead.ie
nzarpsamd001.nza.nl
leren.nza.nl
helpdesk.itwfasteners.com
dbcregels.nza.nl
nzarpsamd002.nza.nl
mijn-accp.nza.nl
nzarpsamd002.nza.nl
nzarpsamd001.nza.nl
dbcregels.nza.nl
wireless.nza.nl
nza-portaal1.nza.nl
zorgproducten-test.nza.nl
zorgcijfers.nza.nl
uitwisselportaal.nza.nl
nza-form1.nza.nl
zorgproducten.nza.nl
nzarpsamd002.nza.nl
dbcregels.nza.nl
www.werkenmetdbcs.nza.nl
zorgproductenviewer.nza.nl
adfs.nza.nl
mta-sts.nza.nl
acceptatie.crm.nza.nl
owa.nza.nl
zorgclustertool.nza.nl
adfs.nza.nl
l1.platformrijksoverheid.nl
werkenbijde.nza.nl
ithelpdesk.koinly.io
nzarpsamd002.nza.nl
nieuwmodelggzfz.nza.nl
aanvragen.nza.nl
customerportal.uk.rlb.com
nzarpsamd001.nza.nl
nza-form3.nza.nl
l1.platformrijksoverheid.nl
helpdesk.sunlight.gr
wachttijden.nza.nl
Certificate
The complete raw certificate details for adfs.nza.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG9DCCBNygAwIBAgIUIscOk3oni/fvvMKZy12QhIOEvTcwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5O VFJOTC0yNzEyNDcwMTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2Fu aXNhdGllIFNlcnZlciBDQSAtIEczMB4XDTIwMDYyMjExMTAzNloXDTIxMDYyMjEx MTAzNlowgZQxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0MRAwDgYDVQQH DAdVdHJlY2h0MSwwKgYDVQQKDCNEZSBOZWRlcmxhbmRzZSBab3JnYXV0b3JpdGVp dCAoTlphKTEdMBsGA1UEBRMUMDAwMDAwMDM1MjUwMzE0MzAwMDAxFDASBgNVBAMM C2FkZnMubnphLm5sMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscqi H50tmuRK6dgqQTDUs4PO5Zgh7GVvShBNQu+kiEdxIb0UlpInRXbbOiQw/SSAyeQQ D8klTi/sBqFlxX4aELQxPtzeXaQl5ViselZFeyM8Qxl5z+9Yjh1HvLnE8ujZkCOv WK13dy1dJXB8iW23e8nCo1h7EaLVLrufShZxiox9JGS4FsIgbz8OdBG9iY9JE5r7 jaZmIaPjnjdgXZYnOvpJOgUlVTRQH9xlcsI0bLA8cpALR+GW4MEi1c65yVRQ3w35 ja2pk6MCfZbwdAh6ZwpNpZurzTtJb8l4ag3iR3MPQKxLq6mimCKxipJ7wLm3xcza LZ8A+i7X2Zi3f620NQIDAQABo4ICXjCCAlowDAYDVR0TAQH/BAIwADAfBgNVHSME GDAWgBTDmqZ7XnQrgrbGcv10ToXSl839GDCBmQYIKwYBBQUHAQEEgYwwgYkwXQYI KwYBBQUHMAKGUWh0dHA6Ly9jZXJ0Lm1hbmFnZWRwa2kuY29tL0NBY2VydHMvS1BO QlZQS0lvdmVyaGVpZE9yZ2FuaXNhdGllU2VydmVyQ0FHMy0yMDE5LmNlcjAoBggr BgEFBQcwAYYcaHR0cDovL2czb2NzcC5tYW5hZ2VkcGtpLmNvbTAWBgNVHREEDzAN ggthZGZzLm56YS5ubDCBsQYDVR0gBIGpMIGmMIGZBgpghBABh2sBAgUGMIGKMDcG CCsGAQUFBwIBFitodHRwczovL2NlcnRpZmljYWF0Lmtwbi5jb20vcGtpb3Zlcmhl aWQvY3BzME8GCCsGAQUFBwICMEMMQU9wIGRpdCBjZXJ0aWZpY2FhdCBpcyBoZXQg Q1BTIFBLSW92ZXJoZWlkIHZhbiBLUE4gdmFuIHRvZXBhc3NpbmcuMAgGBmeBDAEC AjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwXgYDVR0fBFcwVTBToFGg T4ZNaHR0cDovL2NybC5tYW5hZ2VkcGtpLmNvbS9LUE5CVlBLSW92ZXJoZWlkT3Jn YW5pc2F0aWVTZXJ2ZXJDQUczL0xhdGVzdENSTC5jcmwwHQYDVR0OBBYEFC2zE3tt y7IXDfO8pDjqcIDyD/3wMA4GA1UdDwEB/wQEAwIFoDATBgorBgEEAdZ5AgQDAQH/ BAIFADANBgkqhkiG9w0BAQsFAAOCAgEAVTn/qopzE7h+jtMGfx4vn4WsgjyKj5qq Rj1GcfTYiel9mLFUsaV2Tvi+Lo+2v17kO1KaUryPGmsXwUFny8DiOx2fTBWrcnDr d2TuPfb7rNnq250rPjm1aPW5DyY0UOvHJDqAZS0JiyY/K3yGtQOX0xgHl7gtjG7S vGW1E/wVKXt+P8/btaez1mvnAY2L1hEzQ6DiKag3wV8alP4UoJcwnGPai+P3FhA6 IUr1g+rJcn8xUmI9tGxVkM7TF2x7jmuOiuvcKN8ZqfILAFrlSabNysiMh0RvtaIW Z2YD94RecVbXOqaIGEffJ/rDZVltZ6FNHIYUMWgsnGXsHtiRkzdQlAEEdZQT3Xdu ayAMQT142oegiwLYZTWsfxvFqeVs3+/ML9F91FnB3vT1nSC6j39K1kRt3O+8E+YN pAhiZa9qjS61ApJqgZPUUGMNHbwE3HfVx3vIKQqz7f7YS9+SmEM/sB+8zoihwZNY f6Ys5QRw4t/pkNBbUxHxqP4xDuHkQbhaTXr+8IKqOUwaZ+p6TcdipLnYcmHh2Kjy QX4HA58RCiqkXevah5UyQrALGNVeM6U5vhutp/VvGFlMuH3BxayD3DEQD4SxmMag ggFM+EYzxA4kyXU4P75pEkoMG5+9MyQnIgA/w5I1xekd1twscpMIeWfloWhUuUna TxI/AXAXan8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscqiH50tmuRK6dgqQTDU s4PO5Zgh7GVvShBNQu+kiEdxIb0UlpInRXbbOiQw/SSAyeQQD8klTi/sBqFlxX4a ELQxPtzeXaQl5ViselZFeyM8Qxl5z+9Yjh1HvLnE8ujZkCOvWK13dy1dJXB8iW23 e8nCo1h7EaLVLrufShZxiox9JGS4FsIgbz8OdBG9iY9JE5r7jaZmIaPjnjdgXZYn OvpJOgUlVTRQH9xlcsI0bLA8cpALR+GW4MEi1c65yVRQ3w35ja2pk6MCfZbwdAh6 ZwpNpZurzTtJb8l4ag3iR3MPQKxLq6mimCKxipJ7wLm3xczaLZ8A+i7X2Zi3f620 NQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 198544804258400273812228439386798724759417044279 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-22 11:10:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-06-22 11:10:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Utrecht' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Utrecht' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'De Nederlandse Zorgautoriteit (NZa)' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003525031430000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'adfs.nza.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22444102180854596490761242292913185745112894628673260514938538831392439646259271408184478772848673080387862946404814127662278945602815687389296614498517683412326232315718162747701395677481001283972612379551207501283059868192590008228445341144119862279172400168565233106454574729340257972722482931450133751965667499947144709828732988244040026078937923908375480930714802144781284359178616736471932583364283766694376565552189042038331156625663608659945168621540412853248265392678607808987610990146849799003806339003054290679664669963348296602650499994598518623398117415589011286799753926565600461197225870286711214158901 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adfs.nza.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2db3137b6dcbb2170df3bca438ea7080f20ffdf0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 005539ffaa8a7313b87e8ed3067f1e2f9f85ac823c8a8f9aaa463d4671f4d889e97d98b154b1a5764ef8be2e8fb6bf5ee43b529a52bc8f1a6b17c14167cbc0e23b1d9f4c15ab7270eb7764ee3df6fbacd9eadb9d2b3e39b568f5b90f263450ebc7243a80652d098b263f2b7c86b50397d3180797b82d8c6ed2bc65b513fc15297b7e3fcfdbb5a7b3d66be7018d8bd6113343a0e229a837c15f1a94fe14a097309c63da8be3f716103a214af583eac9727f3152623db46c5590ced3176c7b8e6b8e8aebdc28df19a9f20b005ae549a6cdcac88c87446fb5a216676603f7845e7156d73aa6881847df27fac365596d67a14d1c861431682c9c65ec1ed891933750940104759413dd776e6b200c413d78da87a08b02d86535ac7f1bc5a9e56cdfefcc2fd17dd459c1def4f59d20ba8f7f4ad6446ddcefbc13e60da4086265af6a8d2eb502926a8193d450630d1dbc04dc77d5c77bc8290ab3edfed84bdf9298433fb01fbcce88a1c193587fa62ce50470e2dfe990d05b5311f1a8fe310ee1e441b85a4d7afef082aa394c1a67ea7a4dc762a4b9d87261e1d8a8f2417e07039f110a2aa45debda87953242b00b18d55e33a539be1bada7f56f18594cb87dc1c5ac83dc31100f84b198c6a082014cf84633c40e24c975383fbe69124a0c1b9fbd33242722003fc39235c5e91dd6dc2c7293087967e5a16854b949da4f123f0170176a7f