secure.bronckhorst.nl

- Gemeente Bronckhorst -

Issued by Getronics CSP Organisatie CA - G2

About this certificate

This digital certificate with serial number 6a:cf:fc:17:b7:b9:bc:81:30:92:89:61:e1:70:b1:6b was issued on by Getronics Nederland BV.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)

Gemeente Bronckhorst

Organization: Gemeente Bronckhorst
State / Province: Gelderland
Locality: Bronckhorst
Country: NL

Getronics Nederland BV

Organization: Getronics Nederland BV
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 6a:cf:fc:17:b7:b9:bc:81:30:92:89:61:e1:70:b1:6b
Serial Number (int): 141978086049245948157899590378395316587
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: b3:95:51:a9:a2:d5:fc:82:49:c8:f1:20:3b:7f:e7:06:c8:cc:cb:8b
AuthorityKeyId: 38:b2:85:e6:ad:f8:a6:d0:41:58:5b:78:6f:dc:d5:b8:44:76:c5:7b

Fingerprint (sha1): 78:6e:01:51:75:86:c8:51:46:76:3e:5f:e2:fe:14:ef:90:91:0a:53
Fingerprint (sha256): 3c:d3:8e:59:fa:64:4a:fc:fc:fd:b2:0d:b9:5d:bb:cc:05:75:32:63:cb:62:f7:6a:a7:c7:6a:f0:4d:1a:3c:88


Revocation information

OCSP Server: http://ocsp.managedpki.com
CRL Distribution Point: http://cert.managedpki.com/pkioverheid/crl/GetronicsCSPOrganisatieCAG2/LatestCRL.crl

Check the revocation status for certificate secure.bronckhorst.nl

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for secure.bronckhorst.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment
Key Agreement

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

secure.bronckhorst.nl

Other certificates including the domain name bronckhorst.nl

(limited to 100 certificates)
meldingen.bronckhorst.nl
*.bronckhorst.nl
extranet.bronckhorst.nl
digikoppeling.bronckhorst.nl
duo.bronckhorst.nl
exchange.bronckhorst.nl
simsite.bronckhorst.nl
exchange.bronckhorst.nl
bronckhorst.nl
mijn.bronckhorst.nl
duo.bronckhorst.nl
mijninkomen.bronckhorst.nl
mijn.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
sync.bronckhorst.nl
extranet.bronckhorst.nl
intranet.bronckhorst.nl
mohis.bronckhorst.nl
certdurp.bronckhorst.nl
intranet.bronckhorst.nl
kennisbank.bronckhorst.nl
vrijwilligerswerk.bronckhorst.nl
thuiswerken2.bronckhorst.nl
personeelshandboek.bronckhorst.nl
bronckhorst.nl
iparticipatie.bronckhorst.nl
test-mijninkomen.bronckhorst.nl
brk.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
simsite.bronckhorst.nl
secure.bronckhorst.nl
mijn.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
duo.bronckhorst.nl
felix.bronckhorst.nl
simsite.bronckhorst.nl
personeelshandboek.bronckhorst.nl
vrijwilligerswerk.bronckhorst.nl
intranet.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
vrijwilligerswerk.bronckhorst.nl
webmail.bronckhorst.nl
test-mijninkomen.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
waarmerk.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
enserinck.bronckhorst.nl
gbav.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
extranet.bronckhorst.nl
afspraken.bronckhorst.nl
vrijwilligerswerk.bronckhorst.nl
intranet.bronckhorst.nl
gbav.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
begraafplaatsreservering.bronckhorst.nl
test-ipa.bronckhorst.nl
intranet.bronckhorst.nl
ibzpink.bronckhorst.nl
intranet.bronckhorst.nl
simsite.bronckhorst.nl
intranet.bronckhorst.nl
exchange.bronckhorst.nl
wkpb.bronckhorst.nl
*.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
extranet.bronckhorst.nl
secure.bronckhorst.nl
waarmerk.bronckhorst.nl
kennisbank.bronckhorst.nl
vrijwilligerswerk.bronckhorst.nl
*.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
digikoppeling.bronckhorst.nl
g-rooster.bronckhorst.nl
extranet.bronckhorst.nl
simsite.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
mijn.bronckhorst.nl
simsite.bronckhorst.nl
enterpriseenrollment.bronckhorst.nl
simsite.bronckhorst.nl
intranet.bronckhorst.nl
cloudadapter.bronckhorst.nl
www.bronckhorst.nl
exchange.bronckhorst.nl
afspraken.bronckhorst.nl
izaaksuite.bronckhorst.nl
simcms.bronckhorst.nl
wkpb.bronckhorst.nl
www.bronckhorst.nl
mdm-sentry.bronckhorst.nl
test-mijninkomen.bronckhorst.nl
thuiswerken.bronckhorst.nl
mijninkomen.bronckhorst.nl
www.bronckhorst.nl
bronckhorst.nl
www.bronckhorst.nl

Certificate

The complete raw certificate details for secure.bronckhorst.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGnDCCBISgAwIBAgIQas/8F7e5vIEwkolh4XCxazANBgkqhkiG9w0BAQsFADBa
MQswCQYDVQQGEwJOTDEfMB0GA1UECgwWR2V0cm9uaWNzIE5lZGVybGFuZCBCVjEq
MCgGA1UEAwwhR2V0cm9uaWNzIENTUCBPcmdhbmlzYXRpZSBDQSAtIEcyMB4XDTEx
MDgwMjAwMDAwMFoXDTE0MDgwMTIzNTk1OVowdzELMAkGA1UEBhMCTkwxEzARBgNV
BAgMCkdlbGRlcmxhbmQxFDASBgNVBAcMC0Jyb25ja2hvcnN0MR0wGwYDVQQKDBRH
ZW1lZW50ZSBCcm9uY2tob3JzdDEeMBwGA1UEAwwVc2VjdXJlLmJyb25ja2hvcnN0
Lm5sMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oxz3IQ/c/Z01SiR
gILD8pTxJdupTavwVFBWgB2eLgSAelREPdcXkRonBnmGnoWq5Zfw/1CbOYCTwr/H
aT2RlDdNZBXYgNDxf1drymOPthti8eObjCX0pTkZb7e8B3cg7AjZ8cKujK1HgeoF
DvuyUVj3itpx1IS6VkR6c0oqodvoZzXM8TNl6IIxt60sYDri1AgiKTj0u9YZmi46
ibhReUOejEhmzMvsNM1AjVKF5QXq8HP6n9x7jXEqyGWiRnbKzm8whCrcm9zP+uEq
ryqevou6K4FaKzw143FIEduWBFprA/Y3EFeKV3J3JJepbI2OxQHKb3dr8xI5bvs1
nDZtRQIDAQABo4ICPzCCAjswDAYDVR0TAQH/BAIwADBlBgNVHR8EXjBcMFqgWKBW
hlRodHRwOi8vY2VydC5tYW5hZ2VkcGtpLmNvbS9wa2lvdmVyaGVpZC9jcmwvR2V0
cm9uaWNzQ1NQT3JnYW5pc2F0aWVDQUcyL0xhdGVzdENSTC5jcmwwDgYDVR0PAQH/
BAQDAgOoMIGuBgNVHSAEgaYwgaMwgaAGCmCEEAGHawECBQYwgZEwOAYIKwYBBQUH
AgEWLGh0dHBzOi8vd3d3LnBraS5nZXRyb25pY3MubmwvcGtpb3ZlcmhlaWQvY3Bz
MFUGCCsGAQUFBwICMEkaR09wIGRpdCBjZXJ0aWZpY2FhdCBpcyBoZXQgQ1BTIFBL
SW92ZXJoZWlkIHZhbiBHZXRyb25pY3MgdmFuIHRvZXBhc3NpbmcuMB8GA1UdIwQY
MBaAFDiyheat+KbQQVhbeG/c1bhEdsV7MB0GA1UdDgQWBBSzlVGpotX8gknI8SA7
f+cGyMzLizAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwbAYDVR0RBGUw
Y4IVc2VjdXJlLmJyb25ja2hvcnN0Lm5soEoGCisGAQQBgjcUAgOgPAw6Mi4xNi41
MjguMS4xMDAzLjEuMy41LjQuMS41Y2ZjZmQ5N2JiNGRmOGE0OGI0YTA3MTM1MTcx
NDYyNDA2BggrBgEFBQcBAQQqMCgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLm1h
bmFnZWRwa2kuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQAMJT2vI7ouIxMDBrO2Llc4
j1h87v+s6e5ar+Ypf+9x80mQEq60jj9yhBVDlXcvprR40X79H5nEV09eRZUCWDzS
NFgxwHy0eq2BeQgHDfGS1F6OJMoQriafus1nT9CwUnDwdVNtCFiZVH1i17IVy6rv
7gMyEz+Tqf+u+z+gQd0BGVMzOzySmnKRTZ3T29ATVwsMKMy0XtA8k0qR3v1ErAC2
Qg1zPRTEYV53k7sLJ1U6w2kSNxjy4bO+2X2Dwh/8QMtCKuCmdFJeY18kaImljEqg
G0Frf6PAxg+9vUY1Nc2xdAXaBN6Ft8jVk65jYTcu01Wylp+5eP+JzARC8vL4a3Pl
DFPF8m0NvoLFhPvqJ4l1QLaYX97DQd2AD25uCb+wL+NHUiHYx+HDD8CD50phajH9
gPG8Cgo19R+IwBC8ps2hXN5P1yzMrx5LAELPSf6sgYBZWiAkaqNwZH6qIVgR0whT
FzAzMroQFYkI8tyijwyHXgPfb50DT8e7LgPf7RMJpI8tY+XFT09KQ8yv6dKWJGds
E9EuIbSE28nznW3usrmzwp9+WUypC6mi+P778badRu73gtcPDq3r0G8R/mb7PJu1
NKip0cFA8xLTt3QoRKpTpuuD5YHDYZmwdbs2KqmaV9kDIImxn+zacqSCXcm/yKKg
rUCqjg6tImWA3DxyysC13g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oxz3IQ/c/Z01SiRgILD
8pTxJdupTavwVFBWgB2eLgSAelREPdcXkRonBnmGnoWq5Zfw/1CbOYCTwr/HaT2R
lDdNZBXYgNDxf1drymOPthti8eObjCX0pTkZb7e8B3cg7AjZ8cKujK1HgeoFDvuy
UVj3itpx1IS6VkR6c0oqodvoZzXM8TNl6IIxt60sYDri1AgiKTj0u9YZmi46ibhR
eUOejEhmzMvsNM1AjVKF5QXq8HP6n9x7jXEqyGWiRnbKzm8whCrcm9zP+uEqryqe
vou6K4FaKzw143FIEduWBFprA/Y3EFeKV3J3JJepbI2OxQHKb3dr8xI5bvs1nDZt
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 141978086049245948157899590378395316587
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Getronics Nederland BV'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Getronics CSP Organisatie CA - G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2011-08-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-08-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Gelderland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Bronckhorst'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Gemeente Bronckhorst'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'secure.bronckhorst.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29104069892496211041445616064465826891504140152659605766293741652180720463343895854036525102485149272486676460933016016003101946018108291333595767835987154994878675571437034186510547815480737705308200946504009512259228851903919966105115314212285457802475474029545544357977278873509999560364744513970193169515629118030700046336748961587911284005798668488861617938669684204311955130326566174544860053555912986465989980604361005936194465074090907090582200553084962332666876015412464193845918528305855123873843052200309497214835058744635000371295921407964211407307456815070705956451411585347909052486177371672601351843141
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/pkioverheid/crl/GetronicsCSPOrganisatieCAG2/LatestCRL.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits)
							03a8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (166 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.pki.getronics.nl/pkioverheid/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [79 112 32 100 105 116 32 99 101 114 116 105 102 105 99 97 97 116 32 105 115 32 104 101 116 32 67 80 83 32 80 75 73 111 118 101 114 104 101 105 100 32 118 97 110 32 71 101 116 114 111 110 105 99 115 32 118 97 110 32 116 111 101 112 97 115 115 105 110 103 46]
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 38b285e6adf8a6d041585b786fdcd5b84476c57b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b39551a9a2d5fc8249c8f1203b7fe706c8cccb8b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (101 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.bronckhorst.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2.3 (universalPrincipalName)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '2.16.528.1.1003.1.3.5.4.1.5cfcfd97bb4df8a48b4a071351714624'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (42 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.managedpki.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		000c253daf23ba2e23130306b3b62e57388f587ceefface9ee5aafe6297fef71f3499012aeb48e3f7284154395772fa6b478d17efd1f99c4574f5e459502583cd2345831c07cb47aad817908070df192d45e8e24ca10ae269fbacd674fd0b05270f075536d085899547d62d7b215cbaaefee0332133f93a9ffaefb3fa041dd011953333b3c929a72914d9dd3dbd013570b0c28ccb45ed03c934a91defd44ac00b6420d733d14c4615e7793bb0b27553ac369123718f2e1b3bed97d83c21ffc40cb422ae0a674525e635f246889a58c4aa01b416b7fa3c0c60fbdbd463535cdb17405da04de85b7c8d593ae6361372ed355b2969fb978ff89cc0442f2f2f86b73e50c53c5f26d0dbe82c584fbea27897540b6985fdec341dd800f6e6e09bfb02fe3475221d8c7e1c30fc083e74a616a31fd80f1bc0a0a35f51f88c010bca6cda15cde4fd72cccaf1e4b0042cf49feac8180595a20246aa370647eaa215811d3085317303332ba10158908f2dca28f0c875e03df6f9d034fc7bb2e03dfed1309a48f2d63e5c54f4f4a43ccafe9d29624676c13d12e21b484dbc9f39d6deeb2b9b3c29f7e594ca90ba9a2f8fefbf1b69d46eef782d70f0eadebd06f11fe66fb3c9bb534a8a9d1c140f312d3b7742844aa53a6eb83e581c36199b075bb362aa99a57d9032089b19fecda72a4825dc9bfc8a2a0ad40aa8e0ead226580dc3c72cac0b5de