sharekpn.kpnnet.org

- Koninklijke KPN N.V. -

Issued by KPN Corporate Market CSP Organisatie CA - G2

About this certificate

This digital certificate with serial number 30:57:db:e4:67:ab:de:21:00:16:2d:85:33:42:73:4a was issued on by KPN Corporate Market BV.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • The Subject Alternate Name extension MUST contain only 'dnsName' and 'ipaddress' name types. (BRs: 7.1.4.2.1)
  • Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)

Koninklijke KPN N.V.

Company registration number: 00000003020452000000
Organization: Koninklijke KPN N.V.
State / Province: Zuid-Holland
Locality: 's-Gravenhage
Country: NL

KPN Corporate Market BV

Organization: KPN Corporate Market BV
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 30:57:db:e4:67:ab:de:21:00:16:2d:85:33:42:73:4a
Serial Number (int): 64259133568177476172017345510932378442
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 59:e0:50:a4:46:80:ba:f7:7e:a0:1a:8e:84:4b:51:85:e5:9d:63:97
AuthorityKeyId: 26:d0:65:13:f1:ee:7a:6f:61:08:28:de:4d:98:07:12:48:78:b4:ef

Fingerprint (sha1): b4:db:71:0d:2e:4a:52:3e:72:e8:22:73:d5:f5:5d:01:ba:42:8d:2d
Fingerprint (sha256): 32:38:3e:0a:16:3b:f2:f0:19:52:c6:84:07:08:98:2d:a7:67:71:3f:dd:fd:88:4e:4c:63:8d:20:98:6e:4f:4d


Revocation information

OCSP Server: http://ocsp3.managedpki.com
CRL Distribution Point: http://cert.managedpki.com/crl/KPNCorporateMarketCSPOrganisatieCAG2/LatestCRL.crl

Check the revocation status for certificate sharekpn.kpnnet.org

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sharekpn.kpnnet.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sharekpn.kpnnet.org
mysite.kpnnet.org
extranet.kpnnet.org
sharepricing.kpnnet.org
clr.kpnnet.org
reporting.kpnnet.org

Other certificates including the domain name kpnnet.org

(limited to 100 certificates)
sentrymail.acc.kpnnet.org
bi.kpnnet.org
bi4dev.kpnnet.org
extselfsvc.kpnnet.org
bi.kpnnet.org
bprchatbot-acc.kpnnet.org
teamkpn-mobile.kpnnet.org
sharekpn.kpnnet.org
get-it.kpnnet.org
teamkpn-acc.kpnnet.org
ts.kpnnet.org
kpn-internal-wireless.kpnnet.org
kitnlams73s001.kpnnet.org
uat-sharekpn.kpnnet.org
wem-comet.kpnnet.org
KPN-PS02.kpnnet.org
zipsacc.kpnnet.org
cloudmail.kpnnet.org
cloudmail.kpnnet.org
ksp-admin-acc.kpnnet.org
sentryapp.acc.kpnnet.org
w2039.kpnnet.org
ciso-ksp.kpnnet.org
sentryapp.acc.kpnnet.org
bi4prd-web2.kpnnet.org
bi.kpnnet.org
filetrans.kpnnet.org
host-retail.kpnnet.org
TIMESHEET.KPNNET.ORG
sentrymail.kpnnet.org
FILETRANS.KPNNET.ORG
filetrans.kpnnet.org
filetrans.kpnnet.org
w2040.kpnnet.org
retailactueel-retail.kpnnet.org
iamportal.kpnnet.org
iamportaltst.kpnnet.org
password.kpnnet.org
KPN-PS02.kpnnet.org
mailercdn-teamkpn.kpnnet.org
teamkpn.kpnnet.org
teamkpn-acc.kpnnet.org
get-it.kpnnet.org
ksp-admin.kpnnet.org
zips.kpnnet.org
Extranet-uat.kpn.com
*.kpnnet.org
ksp-admin-acc.kpnnet.org
ts.kpnnet.org
Voice-of-the-Employee.kpnnet.org
*.kpnnet.org
bealert.kpnnet.org
winkeldossier-retail.kpnnet.org
bealert-acc.kpnnet.org
MAIL5.KPNNET.ORG
bodssnd.kpnnet.org
mail4.kpnnet.org
extranet-uat.kpn.com
wem-staging.kpnnet.org
filetrans.kpnnet.org
teamkpn-stats.kpnnet.org
mail1.kpnnet.org
*.kpnnet.org
teamkpn-chat.kpnnet.org
bisnd2.kpnnet.org
OAPILOT.KPNNET.ORG
portal117.kpnnet.org
KPN-PS02.kpnnet.org
PPScan.kpnnet.org
core.kpnnet.org
bisnd2.kpnnet.org
ksp-admin.kpnnet.org
sharekpn.kpnnet.org
ksp-admin.kpnnet.org
KPN-PS01.kpnnet.org
mail7.kpnnet.org
match.uat.kpnnet.org
teamkpn-mobile.kpnnet.org
extranet.kpn.com
ideedock.kpnnet.org
teamkpn-static.kpnnet.org
W2040.kpnnet.org
vpn.kpnnet.org
bealert.kpnnet.org
PROFINDER-UAT.KPNNET.ORG
bods4uat.kpnnet.org
bisnd2.kpnnet.org
mail2.kpnnet.org
extselfsvc.kpnnet.org
SENTRYAPP.KPNNET.ORG
ksp-admin-acc.kpnnet.org
test-paperlessshop-retail.kpnnet.org
adfs.kpnnet.org
topdesk-innovatie.kpnnet.org
bodsdev.kpnnet.org
uat-sharekpn.kpnnet.org
ws-mijnwerkplek.kpnnet.org
extselfsvc.kpnnet.org
*.kpnnet.org
Voice-of-the-Employee.kpnnet.org

Certificate

The complete raw certificate details for sharekpn.kpnnet.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHKTCCBRGgAwIBAgIQMFfb5Ger3iEAFi2FM0JzSjANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJOTDEgMB4GA1UECgwXS1BOIENvcnBvcmF0ZSBNYXJrZXQgQlYx
NTAzBgNVBAMMLEtQTiBDb3Jwb3JhdGUgTWFya2V0IENTUCBPcmdhbmlzYXRpZSBD
QSAtIEcyMB4XDTE0MTIxMTAwMDAwMFoXDTE3MTIxMDIzNTk1OVowgZgxCzAJBgNV
BAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxFjAUBgNVBAcMDSdzLUdyYXZl
bmhhZ2UxHTAbBgNVBAoMFEtvbmlua2xpamtlIEtQTiBOLlYuMR0wGwYDVQQFExQw
MDAwMDAwMzAyMDQ1MjAwMDAwMDEcMBoGA1UEAwwTc2hhcmVrcG4ua3BubmV0Lm9y
ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANc3b5Gx2IVQUuCXqSjm
wRn1PGCU5Y6Q7eGJ9ZATEMz4kUMVjsRqdQ+03wgA40606GuVPUAjl65qIzRzFkx/
PAVLXxgrfPFijoPC7N8zniDZ2E2k1XEOmELcW4UuivT4fvJPLOM+VU/NYJw5PkYT
ZP9pVRSDoWwwTi66A3h6UnECKAK+Idsej6nTxfXebCumZ4HMy/QG1R+7tGc7dpgP
Pj65kfmXcH1MguVa0weLi0jp6C7u/XeG6QE/96jOATQgJARGFBgbQ3I2+psRYId5
+LL9SX0DSIUkVP/Wo8WCY4FVcfu/OyZk3VOoa2ftCwDT90J6feVDDwnErXBsYC/J
gnsCAwEAAaOCAp4wggKaMAwGA1UdEwEB/wQCMAAwYgYDVR0fBFswWTBXoFWgU4ZR
aHR0cDovL2NlcnQubWFuYWdlZHBraS5jb20vY3JsL0tQTkNvcnBvcmF0ZU1hcmtl
dENTUE9yZ2FuaXNhdGllQ0FHMi9MYXRlc3RDUkwuY3JsMA4GA1UdDwEB/wQEAwID
qDCBpwYDVR0gBIGfMIGcMIGZBgpghBABh2sBAgUGMIGKMDcGCCsGAQUFBwIBFito
dHRwczovL2NlcnRpZmljYWF0Lmtwbi5jb20vcGtpb3ZlcmhlaWQvY3BzME8GCCsG
AQUFBwICMEMaQU9wIGRpdCBjZXJ0aWZpY2FhdCBpcyBoZXQgQ1BTIFBLSW92ZXJo
ZWlkIHZhbiBLUE4gdmFuIHRvZXBhc3NpbmcuMB8GA1UdIwQYMBaAFCbQZRPx7npv
YQgo3k2YBxJIeLTvMB0GA1UdDgQWBBRZ4FCkRoC6936gGo6ES1GF5Z1jlzAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwgdMGA1UdEQSByzCByIITc2hhcmVr
cG4ua3BubmV0Lm9yZ6BKBgorBgEEAYI3FAIDoDwMOjIuMTYuNTI4LjEuMTAwMy4x
LjMuNS45LjEuNjM1ZWQ2MjIyMmQzZGNjNTIzZjZjNmNjNzU1NmE1MTWCEW15c2l0
ZS5rcG5uZXQub3JnghNleHRyYW5ldC5rcG5uZXQub3JnghdzaGFyZXByaWNpbmcu
a3BubmV0Lm9yZ4IOY2xyLmtwbm5ldC5vcmeCFHJlcG9ydGluZy5rcG5uZXQub3Jn
MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AzLm1hbmFn
ZWRwa2kuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQAYxBa4l42WRa7mve43iPJDIbX3
zzvC3jVxrbaUhONNtSMXc7nw3qSp0XsmYeSTiZHaO0rxeXXeHfnY9BgLMT33Mhwf
dkJTss4CLuwfaIYHB+vsSlhT7FXe2WZAMk2f411Dlwa55IaIDuoSyH+tAxhsaFTI
WWmmm3n5J6M3N3/PP34zuDnbmfmWUvbIxcnqgkRa+LwdZqrvAGXw+/omOIXmsrdh
MdSfK/jYVKFEPuO1RRLOGb9I76o+U+qvXC2vs89BEJFHJWufn/pESnEzLnwf8iWs
KGFSa5WZzM5ZeKJnZMQALRVclEWm6/NuqywxvIA7wMIBRzRbtZBPUQHird1sRvFW
PQbJ5DgagpWFxuL91s0iIVe3ppZNLopj+6pU5WpNo1an/X2DRpZ1sVbVcgD3Dj/P
gbJTTso2uIb5wwfJzMZ3s3jzbx+AL+iFJII/dyn9TkG2bs58JUZuVszL8G/PZfot
+cKEcyib0j/BqaEp4g/oUP9Lf5NZucxi0dDC/MtcaXDvloiSaCGdK3PRLaD+dOet
t3xaGNPx8ubPV6K1NNu9efQL7byXez/Lh7Kkewk6D7A0wEZhz8Dl+1EzrYx2nK9i
iot6YdqlNL6jvlopwOYFvA5gMmKsVaCwgAifjgyiHFmilRfuxaz5LRLXiKz5NAfW
q7uUdsfnyzWrUCm+zA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zdvkbHYhVBS4JepKObB
GfU8YJTljpDt4Yn1kBMQzPiRQxWOxGp1D7TfCADjTrToa5U9QCOXrmojNHMWTH88
BUtfGCt88WKOg8Ls3zOeINnYTaTVcQ6YQtxbhS6K9Ph+8k8s4z5VT81gnDk+RhNk
/2lVFIOhbDBOLroDeHpScQIoAr4h2x6PqdPF9d5sK6ZngczL9AbVH7u0Zzt2mA8+
PrmR+ZdwfUyC5VrTB4uLSOnoLu79d4bpAT/3qM4BNCAkBEYUGBtDcjb6mxFgh3n4
sv1JfQNIhSRU/9ajxYJjgVVx+787JmTdU6hrZ+0LANP3Qnp95UMPCcStcGxgL8mC
ewIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 64259133568177476172017345510932378442
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN Corporate Market BV'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN Corporate Market CSP Organisatie CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-12-11 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-10 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String ''s-Gravenhage'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'sharekpn.kpnnet.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27168571987845923118092175488145789817906834994020728113505110782282531659339228987095208927139021559506947676142001220018441168208147036064605096993800245275088683604632474936811932143202590010557657665032012526727224890449178337713022987765579851771773770163050002360586410368924455759685577091755078332929819706780824432943230194642332718353324754740298501961510551749692005970159744611753202276179420166832250019166104083879952551580302351152137929439614370097184822363273389615645170347020630964621254539797454410651312107796798635973115405541919446467857616123342440667646525605328227518529651635811543826399867
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/crl/KPNCorporateMarketCSPOrganisatieCAG2/LatestCRL.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits)
							03a8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (159 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [79 112 32 100 105 116 32 99 101 114 116 105 102 105 99 97 97 116 32 105 115 32 104 101 116 32 67 80 83 32 80 75 73 111 118 101 114 104 101 105 100 32 118 97 110 32 75 80 78 32 118 97 110 32 116 111 101 112 97 115 115 105 110 103 46]
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26d06513f1ee7a6f610828de4d9807124878b4ef
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							59e050a44680baf77ea01a8e844b5185e59d6397
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (203 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sharekpn.kpnnet.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2.3 (universalPrincipalName)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '2.16.528.1.1003.1.3.5.9.1.635ed62222d3dcc523f6c6cc7556a515'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mysite.kpnnet.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extranet.kpnnet.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sharepricing.kpnnet.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clr.kpnnet.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'reporting.kpnnet.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp3.managedpki.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0018c416b8978d9645aee6bdee3788f24321b5f7cf3bc2de3571adb69484e34db5231773b9f0dea4a9d17b2661e4938991da3b4af17975de1df9d8f4180b313df7321c1f764253b2ce022eec1f68860707ebec4a5853ec55ded96640324d9fe35d439706b9e486880eea12c87fad03186c6854c85969a69b79f927a337377fcf3f7e33b839db99f99652f6c8c5c9ea82445af8bc1d66aaef0065f0fbfa263885e6b2b76131d49f2bf8d854a1443ee3b54512ce19bf48efaa3e53eaaf5c2dafb3cf41109147256b9f9ffa444a71332e7c1ff225ac2861526b9599ccce5978a26764c4002d155c9445a6ebf36eab2c31bc803bc0c20147345bb5904f5101e2addd6c46f1563d06c9e4381a829585c6e2fdd6cd222157b7a6964d2e8a63fbaa54e56a4da356a7fd7d83469675b156d57200f70e3fcf81b2534eca36b886f9c307c9ccc677b378f36f1f802fe88524823f7729fd4e41b66ece7c25466e56cccbf06fcf65fa2df9c28473289bd23fc1a9a129e20fe850ff4b7f9359b9cc62d1d0c2fccb5c6970ef96889268219d2b73d12da0fe74e7adb77c5a18d3f1f2e6cf57a2b534dbbd79f40bedbc977b3fcb87b2a47b093a0fb034c04661cfc0e5fb5133ad8c769caf628a8b7a61daa534bea3be5a29c0e605bc0e603262ac55a0b080089f8e0ca21c59a29517eec5acf92d12d788acf93407d6abbb9476c7e7cb35ab5029becc