OAPILOT.KPNNET.ORG
- Koninklijke KPN N.V. -
Issued by KPN Corporate Market CSP Organisatie CA - G2
About this certificate
This digital certificate with serial number 55:aa:21:9e:67:1d:ed:0c:87:05:a5:cf:b5:40:e8:89 was issued on by KPN Corporate Market BV.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The Subject Alternate Name extension MUST contain only 'dnsName' and 'ipaddress' name types. (BRs: 7.1.4.2.1)
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization unit: KPN IT Solutions
Organization: Koninklijke KPN N.V.
Organization unit: KPN IT Solutions
State / Province:
Zuid-Holland
Locality: 's Gravenhage
Country: NL
Locality: 's Gravenhage
Country: NL
KPN Corporate Market BV
Organization:
KPN Corporate Market BV
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 55:aa:21:9e:67:1d:ed:0c:87:05:a5:cf:b5:40:e8:89Serial Number (int): 113867751977148501944877214735704057993
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: a3:9a:af:8d:ae:60:5e:53:98:b1:76:ef:9a:2c:57:29:d9:99:ff:61
AuthorityKeyId: 26:d0:65:13:f1:ee:7a:6f:61:08:28:de:4d:98:07:12:48:78:b4:ef
Fingerprint (sha1): e4:0d:a1:6a:4c:5e:ed:be:a4:01:3a:b2:fd:c9:d5:80:33:b5:73:60
Fingerprint (sha256): 2b:cd:4d:eb:10:2c:e7:a2:1c:d7:04:f3:4a:30:35:33:fb:1e:25:d2:41:2f:73:f9:87:5a:71:dc:0c:30:38:5c
Revocation information
OCSP Server: http://ocsp3.managedpki.comCRL Distribution Point: http://cert.managedpki.com/crl/KPNCorporateMarketCSPOrganisatieCAG2/LatestCRL.crl
Check the revocation status for certificate OAPILOT.KPNNET.ORG
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for OAPILOT.KPNNET.ORG
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
OAPILOT.KPNNET.ORG
Other certificates including the domain name KPNNET.ORG
(limited to 100 certificates)
Certificate
The complete raw certificate details for OAPILOT.KPNNET.ORG in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG2DCCBMCgAwIBAgIQVaohnmcd7QyHBaXPtUDoiTANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJOTDEgMB4GA1UECgwXS1BOIENvcnBvcmF0ZSBNYXJrZXQgQlYx NTAzBgNVBAMMLEtQTiBDb3Jwb3JhdGUgTWFya2V0IENTUCBPcmdhbmlzYXRpZSBD QSAtIEcyMB4XDTE0MTExMjAwMDAwMFoXDTE3MTExMTIzNTk1OVowgbIxCzAJBgNV BAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxFjAUBgNVBAcMDSdzIEdyYXZl bmhhZ2UxHTAbBgNVBAoMFEtvbmlua2xpamtlIEtQTiBOLlYuMRkwFwYDVQQLDBBL UE4gSVQgU29sdXRpb25zMR0wGwYDVQQFExQwMDAwMDAwMzAyMDQ1MjAwMDAwMDEb MBkGA1UEAwwST0FQSUxPVC5LUE5ORVQuT1JHMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAp3Fn8eL2z0ufPrIREzrPFrhxIPt0Z7J/JnnZxKtCvNygyyVI C8I8pjb0HnY3elIhtENze/NcoErwhN28ZJFoJqrCdYtqqO0JMVqj/GMtv/9BZWK9 Q+NiA1PldHo5jp8XC7fA6c1aS0iqYu/thJVlRQOUOgOy9mqLw7qlRKblI4BkgxiM yN5CVIO3PE8jMNM8BV4U43UoqCUvNkLwwxS8fEeBUoM/yy3BfQ3ys0LxC79zj/ry 60VgXNk1R3ccTE0AycLvyFGB9sOm6GFqyPJMVd7cjXNF/O46fMssSUy/3zvSsDg+ yMSb0VpYy7lOZx8ccInxH7YIOrI+2C502XOWBQIDAQABo4ICMzCCAi8wDAYDVR0T AQH/BAIwADBiBgNVHR8EWzBZMFegVaBThlFodHRwOi8vY2VydC5tYW5hZ2VkcGtp LmNvbS9jcmwvS1BOQ29ycG9yYXRlTWFya2V0Q1NQT3JnYW5pc2F0aWVDQUcyL0xh dGVzdENSTC5jcmwwDgYDVR0PAQH/BAQDAgOoMIGnBgNVHSAEgZ8wgZwwgZkGCmCE EAGHawECBQYwgYowNwYIKwYBBQUHAgEWK2h0dHBzOi8vY2VydGlmaWNhYXQua3Bu LmNvbS9wa2lvdmVyaGVpZC9jcHMwTwYIKwYBBQUHAgIwQxpBT3AgZGl0IGNlcnRp ZmljYWF0IGlzIGhldCBDUFMgUEtJb3ZlcmhlaWQgdmFuIEtQTiB2YW4gdG9lcGFz c2luZy4wHwYDVR0jBBgwFoAUJtBlE/Huem9hCCjeTZgHEkh4tO8wHQYDVR0OBBYE FKOar42uYF5TmLF275osVynZmf9hMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjBpBgNVHREEYjBgghJPQVBJTE9ULktQTk5FVC5PUkegSgYKKwYBBAGCNxQC A6A8DDoyLjE2LjUyOC4xLjEwMDMuMS4zLjUuOS4xLjRmYjBmYTY2MWQ1OGUyMTQx NTFlZTY3NDAxM2ZmMDQ2MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0 cDovL29jc3AzLm1hbmFnZWRwa2kuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQCuAmDi goLMoYlQBTKzPW/4pOcwk0Mn9N5CmdQsxca15g70e+WvtCDsgmPx+NajRwYLtj7l UlvYXcgenDJlUq7Bhi9UpA0v/n9UVRKziFfrDP1sakRQT+fIyvyipp2T30Ituxeh +Xjf6VT+/WHhqgwpKuaOuqMVxbVIw67XtqEZABKATVmvviofaDZMMDX7RfeDXabZ kvVLbzbWgYrtNmlyX6Uu3wcBe473Efa5kqCLlx2lpceAL71KPD8jG/RtZTF/LVi3 Cy6lWQWUQeFGXxJG7lOGzeqn5nCuN4oEEZcJzzQ5x8meJfHdjQsE9Zd72gyH5up+ HrnjBclYEKIL/N1g0rpYDgFp7f14hwM4pzKKaVaBckzVn5/UixRFUnl2CZkJJfSa I7Ai+/2RDKFH072PcMlfTTVX6e2mqJVjp8j9JwLYorxb14AXByRnoAIwxqrUjEDP W9z/eSSQK4KBkZcUpzbI/m18qPjmiEfRuJ6PS3TKKq6TDJQqfQiPPw80yFV9Vkp8 eP9G9NWz3hVi6jfWP24LSI6m/ziZBhN75ZqTM3B9p1qKVp3tiw1FlRBRd+j0IMxE pGfm+sKVUS5jjL+kYOLv2iWD96qSFzXBUcU0kngxsVCrPySR3mVPgcb3aFsZVm2m Gepnu/TwrWN1zhRk7+AChaxaJUi5fIV95lykQg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3Fn8eL2z0ufPrIREzrP FrhxIPt0Z7J/JnnZxKtCvNygyyVIC8I8pjb0HnY3elIhtENze/NcoErwhN28ZJFo JqrCdYtqqO0JMVqj/GMtv/9BZWK9Q+NiA1PldHo5jp8XC7fA6c1aS0iqYu/thJVl RQOUOgOy9mqLw7qlRKblI4BkgxiMyN5CVIO3PE8jMNM8BV4U43UoqCUvNkLwwxS8 fEeBUoM/yy3BfQ3ys0LxC79zj/ry60VgXNk1R3ccTE0AycLvyFGB9sOm6GFqyPJM Vd7cjXNF/O46fMssSUy/3zvSsDg+yMSb0VpYy7lOZx8ccInxH7YIOrI+2C502XOW BQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 113867751977148501944877214735704057993 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN Corporate Market BV' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN Corporate Market CSP Organisatie CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-11-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-11 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String ''s Gravenhage' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN IT Solutions' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'OAPILOT.KPNNET.ORG' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21137719529279713101629767258956329477842480945949819263130895560711042126335423532771690932042473675838462461954055608592069529094895124891557771820054947801245049449972656563373325009379091957994543060239289215921520073283865962033388577023092164325694850940757289385749970962033547064658276511625808271604041364519415362905747759428337289907601956548848961491533030433492318913452870139560300713149821165099915940727510143636273721786848614739379601100327981040946685887401225294220449160922520274823829577442661826139440747469988878560810707086279960766098911267867376991908784753685013091539386898337487633225221 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/crl/KPNCorporateMarketCSPOrganisatieCAG2/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (159 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [79 112 32 100 105 116 32 99 101 114 116 105 102 105 99 97 97 116 32 105 115 32 104 101 116 32 67 80 83 32 80 75 73 111 118 101 114 104 101 105 100 32 118 97 110 32 75 80 78 32 118 97 110 32 116 111 101 112 97 115 115 105 110 103 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26d06513f1ee7a6f610828de4d9807124878b4ef . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a39aaf8dae605e5398b176ef9a2c5729d999ff61 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (98 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'OAPILOT.KPNNET.ORG' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2.3 (universalPrincipalName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '2.16.528.1.1003.1.3.5.9.1.4fb0fa661d58e214151ee674013ff046' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp3.managedpki.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00ae0260e28282cca189500532b33d6ff8a4e730934327f4de4299d42cc5c6b5e60ef47be5afb420ec8263f1f8d6a347060bb63ee5525bd85dc81e9c326552aec1862f54a40d2ffe7f545512b38857eb0cfd6c6a44504fe7c8cafca2a69d93df422dbb17a1f978dfe954fefd61e1aa0c292ae68ebaa315c5b548c3aed7b6a1190012804d59afbe2a1f68364c3035fb45f7835da6d992f54b6f36d6818aed3669725fa52edf07017b8ef711f6b992a08b971da5a5c7802fbd4a3c3f231bf46d65317f2d58b70b2ea559059441e1465f1246ee5386cdeaa7e670ae378a04119709cf3439c7c99e25f1dd8d0b04f5977bda0c87e6ea7e1eb9e305c95810a20bfcdd60d2ba580e0169edfd78870338a7328a695681724cd59f9fd48b144552797609990925f49a23b022fbfd910ca147d3bd8f70c95f4d3557e9eda6a89563a7c8fd2702d8a2bc5bd78017072467a00230c6aad48c40cf5bdcff7924902b8281919714a736c8fe6d7ca8f8e68847d1b89e8f4b74ca2aae930c942a7d088f3f0f34c8557d564a7c78ff46f4d5b3de1562ea37d63f6e0b488ea6ff389906137be59a9333707da75a8a569ded8b0d4595105177e8f420cc44a467e6fac295512e638cbfa460e2efda2583f7aa921735c151c534927831b150ab3f2491de654f81c6f7685b19566da619ea67bbf4f0ad6375ce1464efe00285ac5a2548b97c857de65ca442