digikoppeling-tst.gemeentewestland.nl

- Gemeente Westland -

Issued by KPN BV PKIoverheid Organisatie Server CA - G3

About this certificate

This digital certificate with serial number 30:a1:87:40:14:13:50:f1 was issued on by KPN B.V..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Gemeente Westland

Company registration number: 00000001812579446000
Organization: Gemeente Westland
Organization unit: ICT
State / Province: Zuid-Holland
Locality: Naaldwijk
Country: NL

KPN B.V.

Organization: KPN B.V.
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 30:a1:87:40:14:13:50:f1
Serial Number (int): 3504230694355423473
Serial Number lenght: 62 bits, 8 octets

SubjectKeyId: 1d:a9:3a:51:fa:f1:13:e4:1e:d8:c0:b0:10:ce:c5:d6:87:1f:ad:d0
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18

Fingerprint (sha1): 04:4b:ae:b9:b4:90:1b:5c:b0:43:e4:15:5f:8c:b1:f4:d8:29:e0:b2
Fingerprint (sha256): 3f:95:63:fc:b8:c1:4e:64:c7:1d:53:56:e9:ee:ef:7a:b9:10:e5:99:ad:bf:f1:33:bb:86:bc:46:2f:c7:fe:dd

Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer

Revocation information

OCSP Server: http://g3ocsp.managedpki.com
CRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl

Check the revocation status for certificate digikoppeling-tst.gemeentewestland.nl

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for digikoppeling-tst.gemeentewestland.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

digikoppeling-tst.gemeentewestland.nl

Other certificates including the domain name gemeentewestland.nl

(limited to 100 certificates)
stratech.gemeentewestland.nl
huisvuilkalender.gemeentewestland.nl
*.gemeentewestland.nl
gemeentewestland.nl
stratech.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
www.gemeentewestland.nl
afspraak.gemeentewestland.nl
apigateway.gemeentewestland.nl
digikoppeling.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
mobile.gemeentewestland.nl
www.gemeentewestland.nl
squitxo-prd.gemeentewestland.nl
intranet.gemeentewestland.nl
huisvuilkalender.gemeentewestland.nl
belastingen.gemeentewestland.nl
preproductie.gemeentewestland.nl
stratech.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
digikoppeling.gemeentewestland.nl
loket.gemeentewestland.nl
pvsor.gemeentewestland.nl
belastingen.gemeentewestland.nl
stratech.gemeentewestland.nl
sharefile.gemeentewestland.nl
digikoppeling-tst.gemeentewestland.nl
squitxo-tst.gemeentewestland.nl
acceptatie.gemeentewestland.nl
digikoppeling.gemeentewestland.nl
belastingen.gemeentewestland.nl
digikoppeling-tst.gemeentewestland.nl
gemeentewestland.nl
mijn.gemeentewestland.nl
www.gemeentewestland.nl
gemeentewestland.nl
*.gemeentewestland.nl
waarmerk.gemeentewestland.nl
acceptatie-intranet.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
basisregistraties.gemeentewestland.nl
www.gemeentewestland.nl
squitxo-prd.gemeentewestland.nl
waarmerk.gemeentewestland.nl
webmail.gemeentewestland.nl
mijn.gemeentewestland.nl
digikoppeling-tst.gemeentewestland.nl
stratech.gemeentewestland.nl
loket.gemeentewestland.nl
gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
acceptatie.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
stratech.gemeentewestland.nl
mdm.gemeentewestland.nl
gemeentewestland.nl
www.gemeentewestland.nl
intranet.gemeentewestland.nl
intranet.gemeentewestland.nl
basisregistraties.gemeentewestland.nl
squitxo-tst.gemeentewestland.nl
squitxo-prd.gemeentewestland.nl
legacy.gemeentewestland.nl
gemeentewestland.nl
digikoppeling-tst.gemeentewestland.nl
oudewebsite.gemeentewestland.nl
gemeentewestland.nl
squitxo-tst.gemeentewestland.nl
belastingbalie.gemeentewestland.nl
preproductie.gemeentewestland.nl
bestemmingsplannen.gemeentewestland.nl
loket.gemeentewestland.nl
digikoppeling.gemeentewestland.nl
westlandbudgetbeheer.gemeentewestland.nl
micollab.gemeentewestland.nl
belastingen.gemeentewestland.nl
sociaalplein.gemeentewestland.nl
apigateway2.gemeentewestland.nl
mijn.gemeentewestland.nl
remote.gemeentewestland.nl
berichtenverkeer.gemeentewestland.nl
huisvuilkalender.gemeentewestland.nl
edienstenburgerzaken.gemeentewestland.nl
westlandbudgetbeheer.gemeentewestland.nl
loket.gemeentewestland.nl
guestportal.gemeentewestland.nl
huisvuilkalender.gemeentewestland.nl
intranet.gemeentewestland.nl
loket.gemeentewestland.nl
preproductie.gemeentewestland.nl
loket.gemeentewestland.nl
belastingen.gemeentewestland.nl
*.gemeentewestland.nl
*.gemeentewestland.nl
login.gemeentewestland.nl
belastingen.gemeentewestland.nl
mijn.gemeentewestland.nl
belastingen.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
stratech.gemeentewestland.nl

Certificate

The complete raw certificate details for digikoppeling-tst.gemeentewestland.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJ8jCCB9qgAwIBAgIIMKGHQBQTUPEwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE
BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5OVFJOTC0yNzEyNDcw
MTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2FuaXNhdGllIFNlcnZl
ciBDQSAtIEczMB4XDTE5MDIxODEzMDAwMloXDTIxMDQxMDEzMDAwMlowgbExCzAJ
BgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxEjAQBgNVBAcMCU5hYWxk
d2lqazEaMBgGA1UECgwRR2VtZWVudGUgV2VzdGxhbmQxDDAKBgNVBAsMA0lDVDEd
MBsGA1UEBRMUMDAwMDAwMDE4MTI1Nzk0NDYwMDAxLjAsBgNVBAMMJWRpZ2lrb3Bw
ZWxpbmctdHN0LmdlbWVlbnRld2VzdGxhbmQubmwwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCcpLXbEgdja5zqRalHKSdWoiR6Xppn24CfWRPOgGksk4HJ
9wcbekjjBtHmc8vQ/JqoBSRVgt/51uZwoo/O5DenX3h+LZSrWAqZbY9HDjoas7mT
r56SmCvCi1n3ifBRLhlKSCVBCj5giDeShHr6a3lCc+5BDmIaz8IYBcSIS0jTO65I
GeQnbbut3fcxcuut2PG/+EetJSfU5X98PtDcYe+3ktUgz+/K2NHvN2F3hR3ABT7s
oY71kTGMEJiCeorAI6LZthIuNKAlbznOcu8d7A2nGeFRJCJWpm9Gy45R8xQa5NKd
ogsF080GkvvDreMkXqrMwZwK3EKSZ9Mgg/ySt1oHAgMBAAGjggVLMIIFRzCBlAYI
KwYBBQUHAQEEgYcwgYQwWAYIKwYBBQUHMAKGTGh0dHA6Ly9jZXJ0Lm1hbmFnZWRw
a2kuY29tL0NBY2VydHMvS1BOQlZQS0lvdmVyaGVpZE9yZ2FuaXNhdGllU2VydmVy
Q0FHMy5jZXIwKAYIKwYBBQUHMAGGHGh0dHA6Ly9nM29jc3AubWFuYWdlZHBraS5j
b20wHQYDVR0OBBYEFB2pOlH68RPkHtjAsBDOxdaHH63QMAwGA1UdEwEB/wQCMAAw
HwYDVR0jBBgwFoAUw5qme150K4K2xnL9dE6F0pfN/RgwgbEGA1UdIASBqTCBpjCB
mQYKYIQQAYdrAQIFBjCBijA3BggrBgEFBQcCARYraHR0cHM6Ly9jZXJ0aWZpY2Fh
dC5rcG4uY29tL3BraW92ZXJoZWlkL2NwczBPBggrBgEFBQcCAjBDDEFPcCBkaXQg
Y2VydGlmaWNhYXQgaXMgaGV0IENQUyBQS0lvdmVyaGVpZCB2YW4gS1BOIHZhbiB0
b2VwYXNzaW5nLjAIBgZngQwBAgIwXgYDVR0fBFcwVTBToFGgT4ZNaHR0cDovL2Ny
bC5tYW5hZ2VkcGtpLmNvbS9LUE5CVlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVTZXJ2
ZXJDQUczL0xhdGVzdENSTC5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
CCsGAQUFBwMCBggrBgEFBQcDATAwBgNVHREEKTAngiVkaWdpa29wcGVsaW5nLXRz
dC5nZW1lZW50ZXdlc3RsYW5kLm5sMIIC6QYKKwYBBAHWeQIEAgSCAtkEggLVAtMA
dwBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWkAsSurAAAEAwBI
MEYCIQD+NVIR21W7S35WITH4Q6LqP3UJWo8YYtJAw0IJuX4YhQIhAPAGgD4q9Nj+
MamXJOkFeMGtGEIzWEdyBdM8wSHWDzwhAHYAVYHUwhaQNgFK6gubVzxT8MDkOHhw
JQgXL6OqHQcT0wwAAAFpALEsqwAABAMARzBFAiEAkQ7T+sBacuquHC3GEUkgCqMr
1WEwRL2/ZxeoTkWKyQICIHCKbCiTyKaFeH9b0zXHbpTIzkxpuK6+9aFviyfEjj3D
AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFpALEswwAABAMA
RzBFAiBjDnFiQzpXbAfa4FqJL1UVVMMMqF1ZqZMSVOBHXKJThAIhAI2zGN7tx6lH
xiMPCyZceHkKHqmNC6ONi49spGDhqSRbAHcA7ku9t3XOYLrhQmkfq+GeZqMPfl+w
ctiDAMR7iXqo/csAAAFpALErcAAABAMASDBGAiEA/8NeClNmSsGpZfQVYo9SQlod
R9BF+vDioNv8Drhkh00CIQCRiB2Pu8yHaiYAWCi8uz/MDM/Rx+yl3kiB4ZX1jnmK
lgB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABaQCxK24AAAQD
AEgwRgIhAJ9JtRAVXm1mvznYUDeW6Ao3eP2ZYdaEONURmRjnSROMAiEA53h4ZPpZ
sJBtGUhWCmrbMm3bX4QoWfwpUxwJvL6yFDUAdgC72d+8H4pxtZOUI5eqkntHOFeV
CqtS6BqQlmQ2jh7RhQAAAWkAsStxAAAEAwBHMEUCIQCWtXcnLyG6/URUieZcwQ8H
cda9v+jnVP+bGXHFA9u+cgIgct0S1KuR/4qNhinq3dhqxpOvJtbBq3wuo5dxmAJr
JqcwDQYJKoZIhvcNAQELBQADggIBABjbX/PbFCwxBGOipcSvkcqvkMA29O5kbmZ/
9t8zJ3b1Lt7cJHFSDDjZxCzDlyBXmwVLiq/Ish6FRsoE/DIMG8S55LY1gHJTtUHc
kJRfs4j+xFe4DBlcSluTRuLBHYrVC+gJro0WUsCvczB1zplY2Fn9zei9f0v4rq6m
V8l87Hwr5y1b/y5iRPpnrT5tArzFfGtrIz1HjPFO07Ant0sQKnP71b7HKUKjp1W3
JfwXrgaob75VoGj+fh6PVAGs0xvxCs67p/EYmGWN+7+KxbFGk66wOPc+QHqXINJD
P1F/uXnRAJ45wKQb60S02ZOgIDvVVdxdWgJ6zxl2SSPviHtm3eF2Utn0LPDjYaQq
JqO8AFQQzs3CVDfyzLmJ5RS8+2IpbB4zEITQ+MGBD7NNngkhBC2m/gk46KJ9LRZK
Ee9d0wxwsVoTJPi4nAR2QSvwqsorMyvi6Rrcv108ceOpeuzpjioSsNdJj4Utjrpz
WOG3a8QIf1CkSYdCyF+VGDTwd0YZ1MHBtzqeYCsLTLttTj04fl2n/plUYtYFTNo7
KxNhj5KN+xuWaYe6YMEihSM4OJ12Jl8C4K+Ry1LDM2AxCcBdVaRyIohPO1MZsQIh
jOnpnbHhwBWmfmtP8MwV598NNtmd63Hs//+vviF6Pcd9w5hObGzGrPcPcza6w7E1
AmIpITb4
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKS12xIHY2uc6kWpRykn
VqIkel6aZ9uAn1kTzoBpLJOByfcHG3pI4wbR5nPL0PyaqAUkVYLf+dbmcKKPzuQ3
p194fi2Uq1gKmW2PRw46GrO5k6+ekpgrwotZ94nwUS4ZSkglQQo+YIg3koR6+mt5
QnPuQQ5iGs/CGAXEiEtI0zuuSBnkJ227rd33MXLrrdjxv/hHrSUn1OV/fD7Q3GHv
t5LVIM/vytjR7zdhd4UdwAU+7KGO9ZExjBCYgnqKwCOi2bYSLjSgJW85znLvHewN
pxnhUSQiVqZvRsuOUfMUGuTSnaILBdPNBpL7w63jJF6qzMGcCtxCkmfTIIP8krda
BwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3504230694355423473
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-02-18 13:00:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-10 13:00:02 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Naaldwijk'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Gemeente Westland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ICT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000001812579446000'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'digikoppeling-tst.gemeentewestland.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19774397287298937678724084599127217669047771601828430859767351740386897288896889858812432293894383174836410442420866616322337304373056084684409751814118598404928913189338972016442956604015647059020785615119259359301379920819014714227996477715667428648247374761782428542277920448071053755689281121902887422317967572877176920711269517191238955749740491358783333180690910320097403738079095920988034423678104421757960545768519105907260782237439727819595758138805140114579126246673867025192622372832134994894848579721308877855468488010308205951835223591438414659121877858537985999938130511718190272253133526603761936980487
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1da93a51faf113e41ed8c0b010cec5d6871fadd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'digikoppeling-tst.gemeentewestland.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (729 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (725 bytes)
							02d30077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016900b12bab0000040300483046022100fe355211db55bb4b7e562131f843a2ea3f75095a8f1862d240c34209b97e1885022100f006803e2af4d8fe31a99724e90578c1ad18423358477205d33cc121d60f3c210076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016900b12cab0000040300473045022100910ed3fac05a72eaae1c2dc61149200aa32bd5613044bdbf6717a84e458ac9020220708a6c2893c8a685787f5bd335c76e94c8ce4c69b8aebef5a16f8b27c48e3dc30076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016900b12cc300000403004730450220630e7162433a576c07dae05a892f551554c30ca85d59a9931254e0475ca253840221008db318deedc7a947c6230f0b265c78790a1ea98d0ba38d8b8f6ca460e1a9245b007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016900b12b700000040300483046022100ffc35e0a53664ac1a965f415628f52425a1d47d045faf0e2a0dbfc0eb864874d02210091881d8fbbcc876a26005828bcbb3fcc0ccfd1c7eca5de4881e195f58e798a96007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016900b12b6e00000403004830460221009f49b510155e6d66bf39d8503796e80a3778fd9961d68438d5119918e749138c022100e7787864fa59b0906d1948560a6adb326ddb5f842859fc29531c09bcbeb21435007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016900b12b71000004030047304502210096b577272f21bafd445489e65cc10f0771d6bdbfe8e754ff9b1971c503dbbe72022072dd12d4ab91ff8a8d8629eaddd86ac693af26d6c1ab7c2ea3977198026b26a7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0018db5ff3db142c310463a2a5c4af91caaf90c036f4ee646e667ff6df332776f52ededc2471520c38d9c42cc39720579b054b8aafc8b21e8546ca04fc320c1bc4b9e4b635807253b541dc90945fb388fec457b80c195c4a5b9346e2c11d8ad50be809ae8d1652c0af733075ce9958d859fdcde8bd7f4bf8aeaea657c97cec7c2be72d5bff2e6244fa67ad3e6d02bcc57c6b6b233d478cf14ed3b027b74b102a73fbd5bec72942a3a755b725fc17ae06a86fbe55a068fe7e1e8f5401acd31bf10acebba7f11898658dfbbf8ac5b14693aeb038f73e407a9720d2433f517fb979d1009e39c0a41beb44b4d993a0203bd555dc5d5a027acf19764923ef887b66dde17652d9f42cf0e361a42a26a3bc005410cecdc25437f2ccb989e514bcfb62296c1e331084d0f8c1810fb34d9e0921042da6fe0938e8a27d2d164a11ef5dd30c70b15a1324f8b89c0476412bf0aaca2b332be2e91adcbf5d3c71e3a97aece98e2a12b0d7498f852d8eba7358e1b76bc4087f50a4498742c85f951834f0774619d4c1c1b73a9e602b0b4cbb6d4e3d387e5da7fe995462d6054cda3b2b13618f928dfb1b966987ba60c122852338389d76265f02e0af91cb52c333603109c05d55a47222884f3b5319b102218ce9e99db1e1c015a67e6b4ff0cc15e7df0d36d99deb71ecffffafbe217a3dc77dc3984e6c6cc6acf70f7336bac3b1350262292136f8