SENTRYAPP.KPNNET.ORG
- Koninklijke KPN N.V. -
Issued by KPN Corporate Market CSP Organisatie CA - G2
About this certificate
This digital certificate with serial number 29:30:b6:42:b3:1e:e4:d9:4c:00:60:45:f2:95:9f:b8 was issued on by KPN Corporate Market BV.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- The Subject Alternate Name extension MUST contain only 'dnsName' and 'ipaddress' name types. (BRs: 7.1.4.2.1)
- Subscriber certificate with an RSA key contains invalid key usage(s): KeyUsageKeyAgreement Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key (RFC 3279: 2.3.1)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Compliant certificates should use the utf8string encoding for explicitText (RFC 6818: 3)
- Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization unit: KPN IT Solutions
Organization: Koninklijke KPN N.V.
Organization unit: KPN IT Solutions
State / Province:
Zuid-Holland
Locality: 's-Gravenhage
Country: NL
Locality: 's-Gravenhage
Country: NL
KPN Corporate Market BV
Organization:
KPN Corporate Market BV
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 29:30:b6:42:b3:1e:e4:d9:4c:00:60:45:f2:95:9f:b8Serial Number (int): 54751274759432978301276240320411312056
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 2b:fb:3f:eb:ac:f8:35:ce:45:af:a6:95:4f:6b:d1:96:e9:d3:99:9b
AuthorityKeyId: 26:d0:65:13:f1:ee:7a:6f:61:08:28:de:4d:98:07:12:48:78:b4:ef
Fingerprint (sha1): 74:ea:e9:43:2d:05:67:e9:1b:d4:74:b6:9b:d3:e8:ea:54:7c:0b:fc
Fingerprint (sha256): 40:2f:2a:df:72:1f:bc:24:34:8f:48:6c:d6:45:72:13:62:c2:33:0f:97:28:4c:1e:60:13:30:2c:05:d5:59:64
Revocation information
OCSP Server: http://ocsp3.managedpki.comCRL Distribution Point: http://cert.managedpki.com/crl/KPNCorporateMarketCSPOrganisatieCAG2/LatestCRL.crl
Check the revocation status for certificate SENTRYAPP.KPNNET.ORG
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for SENTRYAPP.KPNNET.ORG
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Key Agreement
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
SENTRYAPP.KPNNET.ORG
Other certificates including the domain name KPNNET.ORG
(limited to 100 certificates)
Certificate
The complete raw certificate details for SENTRYAPP.KPNNET.ORG in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG3DCCBMSgAwIBAgIQKTC2QrMe5NlMAGBF8pWfuDANBgkqhkiG9w0BAQsFADBm MQswCQYDVQQGEwJOTDEgMB4GA1UECgwXS1BOIENvcnBvcmF0ZSBNYXJrZXQgQlYx NTAzBgNVBAMMLEtQTiBDb3Jwb3JhdGUgTWFya2V0IENTUCBPcmdhbmlzYXRpZSBD QSAtIEcyMB4XDTE0MTExMzAwMDAwMFoXDTE3MTExMjIzNTk1OVowgbQxCzAJBgNV BAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxFjAUBgNVBAcMDSdzLUdyYXZl bmhhZ2UxHTAbBgNVBAoMFEtvbmlua2xpamtlIEtQTiBOLlYuMRkwFwYDVQQLDBBL UE4gSVQgU29sdXRpb25zMR0wGwYDVQQFExQwMDAwMDAwMzAyMDQ1MjAwMDAwMDEd MBsGA1UEAwwUU0VOVFJZQVBQLktQTk5FVC5PUkcwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDBGeqYtSdpn1EDMTBibLLZprJ/Mjq0tPXFfRxwACsqeapm UjGd7ek0MfgNNp2Y0bVZcEwyQFlnbJZvp4Y7nilbZuUqhz6zOpEl15l2E6iwjRtc mUxioJbSEtiM5nIVL0vhHqumgj1DUvfG+27rTbrJ160EXgLFdqkp3CBnrZhH0KPi GbepMkrzWvDV88z25hOAI0dBHqDvKMMdPupWYk8c/0q3s5EmkzbvrUW23V2A+j22 dfVq8UotkE8rYuArG5jKhGcqUg7aojxCvNWKbCkW17WZWHyG2kDjB38PJDQQQTP+ J0bD0tS5VB16PnKyYhlBS6TO16SE4deFxYkLw9ZVAgMBAAGjggI1MIICMTAMBgNV HRMBAf8EAjAAMGIGA1UdHwRbMFkwV6BVoFOGUWh0dHA6Ly9jZXJ0Lm1hbmFnZWRw a2kuY29tL2NybC9LUE5Db3Jwb3JhdGVNYXJrZXRDU1BPcmdhbmlzYXRpZUNBRzIv TGF0ZXN0Q1JMLmNybDAOBgNVHQ8BAf8EBAMCA6gwgacGA1UdIASBnzCBnDCBmQYK YIQQAYdrAQIFBjCBijA3BggrBgEFBQcCARYraHR0cHM6Ly9jZXJ0aWZpY2FhdC5r cG4uY29tL3BraW92ZXJoZWlkL2NwczBPBggrBgEFBQcCAjBDGkFPcCBkaXQgY2Vy dGlmaWNhYXQgaXMgaGV0IENQUyBQS0lvdmVyaGVpZCB2YW4gS1BOIHZhbiB0b2Vw YXNzaW5nLjAfBgNVHSMEGDAWgBQm0GUT8e56b2EIKN5NmAcSSHi07zAdBgNVHQ4E FgQUK/s/66z4Nc5Fr6aVT2vRlunTmZswHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMGsGA1UdEQRkMGKCFFNFTlRSWUFQUC5LUE5ORVQuT1JHoEoGCisGAQQB gjcUAgOgPAw6Mi4xNi41MjguMS4xMDAzLjEuMy41LjkuMS5lYmEzMDkzZjNjZWE4 NjQ1ODhhNWZmMmFiZDIzNTMxNjA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGG G2h0dHA6Ly9vY3NwMy5tYW5hZ2VkcGtpLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEA Tm/tU6J7PLw8SZbHMrYN1zflAjI+ps2bHt5L/sHnSvPat7XQR7I0AmzDg8WbxUrA fjmkoEewkqcwUMb9IhTq4GJuKdlCw9q12QEQGc2GmJhtXJCNqxkfprZmfAoMgNL0 Urc+wDk6eJf/+sEFluQyrE+NAin2YKBAHQIPagVLRwv8/Xekok3vlGsgn5J4K9Zg wKo8y4oruzCsPpgeIoI2nYprLlhWSe8/hI4iZVRzYU9bjr4EGbT+6b3J80/90JwZ pcy0HS6U9LpRpX2QHMBVL87wjnfyZv+zpP/ygozH0NSbtOphMEZ+CSybpr2Q0WPI xnzJQ6u7uuCxP9O3U7cNPGJjOZ9fcBEFnUHUAfNSjOzbAr4QCbtkMDn8VDiR31Lz nMqklmQaJjq5/EvAtTgdGhlUaqGMqdRqU2kJrE3iHueqy4gDv/KcZXelBzIo+AgV i2luuqNmX3yDwvG/fizWomz0wejWin3uSYC4xmwb1Z6sNcXU/Mi5sRVBIqS2gbww gHuxYiVavtJBp1Z9ns4Af+mb4MjMm6h4i8tFbBKSZbjf3PKOEeUFQPSAMlIWio7b J2iUustUlfu1e6cw7xpvgSUkEHNVXDif37FzrBe/VMkgdl0K6UXa8kF/f6ozcZYp U2IG5O+tVavHfzug7qyJsbJ1TyiFM67O1zKuZu3Wbh8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRnqmLUnaZ9RAzEwYmyy 2aayfzI6tLT1xX0ccAArKnmqZlIxne3pNDH4DTadmNG1WXBMMkBZZ2yWb6eGO54p W2blKoc+szqRJdeZdhOosI0bXJlMYqCW0hLYjOZyFS9L4R6rpoI9Q1L3xvtu6026 ydetBF4CxXapKdwgZ62YR9Cj4hm3qTJK81rw1fPM9uYTgCNHQR6g7yjDHT7qVmJP HP9Kt7ORJpM2761Ftt1dgPo9tnX1avFKLZBPK2LgKxuYyoRnKlIO2qI8QrzVimwp Fte1mVh8htpA4wd/DyQ0EEEz/idGw9LUuVQdej5ysmIZQUukztekhOHXhcWJC8PW VQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 54751274759432978301276240320411312056 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN Corporate Market BV' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN Corporate Market CSP Organisatie CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-11-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String ''s-Gravenhage' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN IT Solutions' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'SENTRYAPP.KPNNET.ORG' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24376772707968434365906566020462486425375325731188711070944825453080159064026706010688158904928316081195604149055043137638163202026594210243082752744943365489280049018497309322940096215995577422006426316597487620287359600233272416856465511234164835656282386640505812042471673401480245346716989944778843374168100904768296288069900975715341735222420782669608793609852936384657750948220688731959060950602643463629438676575016792972067349537732945477344788280233122051252448560609594756804853955102743479976615586811893072863805735276877560844179281177724859396886672004816382812686935942010004653142829057713952463771221 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/crl/KPNCorporateMarketCSPOrganisatieCAG2/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (5 bits) 03a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (159 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:26|false] VisibleString, ISO646String [79 112 32 100 105 116 32 99 101 114 116 105 102 105 99 97 97 116 32 105 115 32 104 101 116 32 67 80 83 32 80 75 73 111 118 101 114 104 101 105 100 32 118 97 110 32 75 80 78 32 118 97 110 32 116 111 101 112 97 115 115 105 110 103 46] . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 26d06513f1ee7a6f610828de4d9807124878b4ef . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2bfb3febacf835ce45afa6954f6bd196e9d3999b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'SENTRYAPP.KPNNET.ORG' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2.3 (universalPrincipalName) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '2.16.528.1.1003.1.3.5.9.1.eba3093f3cea864588a5ff2abd235316' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (43 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp3.managedpki.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 004e6fed53a27b3cbc3c4996c732b60dd737e502323ea6cd9b1ede4bfec1e74af3dab7b5d047b234026cc383c59bc54ac07e39a4a047b092a73050c6fd2214eae0626e29d942c3dab5d9011019cd8698986d5c908dab191fa6b6667c0a0c80d2f452b73ec0393a7897fffac10596e432ac4f8d0229f660a0401d020f6a054b470bfcfd77a4a24def946b209f92782bd660c0aa3ccb8a2bbb30ac3e981e2282369d8a6b2e585649ef3f848e22655473614f5b8ebe0419b4fee9bdc9f34ffdd09c19a5ccb41d2e94f4ba51a57d901cc0552fcef08e77f266ffb3a4fff2828cc7d0d49bb4ea6130467e092c9ba6bd90d163c8c67cc943abbbbae0b13fd3b753b70d3c6263399f5f7011059d41d401f3528cecdb02be1009bb643039fc543891df52f39ccaa496641a263ab9fc4bc0b5381d1a19546aa18ca9d46a536909ac4de21ee7aacb8803bff29c6577a5073228f808158b696ebaa3665f7c83c2f1bf7e2cd6a26cf4c1e8d68a7dee4980b8c66c1bd59eac35c5d4fcc8b9b1154122a4b681bc30807bb162255abed241a7567d9ece007fe99be0c8cc9ba8788bcb456c129265b8dfdcf28e11e50540f4803252168a8edb276894bacb5495fbb57ba730ef1a6f8125241073555c389fdfb173ac17bf54c920765d0ae945daf2417f7faa33719629536206e4efad55abc77f3ba0eeac89b1b2754f288533aeced732ae66edd66e1f