topdesk-innovatie.kpnnet.org
- Koninklijke KPN N.V. -
Issued by KPN PKIoverheid Organisatie CA - G2
About this certificate
This digital certificate with serial number 5a:80:0c:28:da:f6:c6:60 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- When the id-ad-caIssuers accessMethod is used, at least one instance SHOULD specify an accessLocation that is an HTTP or LDAP URI (RFC 5280: 4.2.2.1)
- Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization: Koninklijke KPN N.V.
State / Province:
Zuid-Holland
Locality: 's-Gravenhage
Country: NL
Locality: 's-Gravenhage
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 5a:80:0c:28:da:f6:c6:60Serial Number (int): 6521225630044309088
Serial Number lenght: 63 bits, 8 octets
SubjectKeyId: e3:26:67:16:d9:88:6e:03:10:1d:56:96:64:cf:6a:cc:d6:6c:6b:9c
AuthorityKeyId: 75:a3:4e:8f:1e:97:dd:6c:88:01:31:ef:72:21:c2:6e:60:94:7d:80
Fingerprint (sha1): a3:3e:1d:31:c4:3a:53:b7:cd:60:12:39:d5:3c:d4:69:e8:c0:ff:bd
Fingerprint (sha256): 42:8c:f2:82:8e:dd:0f:ae:ed:9b:fa:60:9a:1c:4c:2c:b3:75:4f:02:25:17:b6:57:38:9b:75:26:54:37:d6:28
Issuing Certificate URL: https://cert.managedpki.com/CAcerts/KPNPKIoverheidOrganisatieCAG2.cer
Revocation information
OCSP Server: http://g2ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNPKIoverheidOrganisatieCAG2/LatestCRL.crl
Check the revocation status for certificate topdesk-innovatie.kpnnet.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for topdesk-innovatie.kpnnet.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Email Protection
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
topdesk-innovatie.kpnnet.org
Other certificates including the domain name kpnnet.org
(limited to 100 certificates)
sentrymail.acc.kpnnet.org
bi.kpnnet.org
bi4dev.kpnnet.org
extselfsvc.kpnnet.org
bi.kpnnet.org
bprchatbot-acc.kpnnet.org
teamkpn-mobile.kpnnet.org
sharekpn.kpnnet.org
get-it.kpnnet.org
teamkpn-acc.kpnnet.org
ts.kpnnet.org
kpn-internal-wireless.kpnnet.org
kitnlams73s001.kpnnet.org
uat-sharekpn.kpnnet.org
wem-comet.kpnnet.org
KPN-PS02.kpnnet.org
zipsacc.kpnnet.org
cloudmail.kpnnet.org
cloudmail.kpnnet.org
ksp-admin-acc.kpnnet.org
sentryapp.acc.kpnnet.org
w2039.kpnnet.org
ciso-ksp.kpnnet.org
sentryapp.acc.kpnnet.org
bi4prd-web2.kpnnet.org
bi.kpnnet.org
filetrans.kpnnet.org
host-retail.kpnnet.org
TIMESHEET.KPNNET.ORG
sentrymail.kpnnet.org
FILETRANS.KPNNET.ORG
filetrans.kpnnet.org
filetrans.kpnnet.org
w2040.kpnnet.org
retailactueel-retail.kpnnet.org
iamportal.kpnnet.org
iamportaltst.kpnnet.org
password.kpnnet.org
KPN-PS02.kpnnet.org
mailercdn-teamkpn.kpnnet.org
teamkpn.kpnnet.org
teamkpn-acc.kpnnet.org
get-it.kpnnet.org
ksp-admin.kpnnet.org
zips.kpnnet.org
Extranet-uat.kpn.com
*.kpnnet.org
ksp-admin-acc.kpnnet.org
ts.kpnnet.org
Voice-of-the-Employee.kpnnet.org
*.kpnnet.org
bealert.kpnnet.org
winkeldossier-retail.kpnnet.org
bealert-acc.kpnnet.org
MAIL5.KPNNET.ORG
bodssnd.kpnnet.org
mail4.kpnnet.org
extranet-uat.kpn.com
wem-staging.kpnnet.org
filetrans.kpnnet.org
teamkpn-stats.kpnnet.org
mail1.kpnnet.org
*.kpnnet.org
teamkpn-chat.kpnnet.org
bisnd2.kpnnet.org
OAPILOT.KPNNET.ORG
portal117.kpnnet.org
KPN-PS02.kpnnet.org
PPScan.kpnnet.org
core.kpnnet.org
bisnd2.kpnnet.org
ksp-admin.kpnnet.org
sharekpn.kpnnet.org
ksp-admin.kpnnet.org
KPN-PS01.kpnnet.org
mail7.kpnnet.org
match.uat.kpnnet.org
teamkpn-mobile.kpnnet.org
extranet.kpn.com
ideedock.kpnnet.org
teamkpn-static.kpnnet.org
W2040.kpnnet.org
vpn.kpnnet.org
bealert.kpnnet.org
PROFINDER-UAT.KPNNET.ORG
bods4uat.kpnnet.org
bisnd2.kpnnet.org
mail2.kpnnet.org
extselfsvc.kpnnet.org
SENTRYAPP.KPNNET.ORG
ksp-admin-acc.kpnnet.org
test-paperlessshop-retail.kpnnet.org
adfs.kpnnet.org
topdesk-innovatie.kpnnet.org
bodsdev.kpnnet.org
uat-sharekpn.kpnnet.org
ws-mijnwerkplek.kpnnet.org
extselfsvc.kpnnet.org
*.kpnnet.org
Voice-of-the-Employee.kpnnet.org
bi.kpnnet.org
bi4dev.kpnnet.org
extselfsvc.kpnnet.org
bi.kpnnet.org
bprchatbot-acc.kpnnet.org
teamkpn-mobile.kpnnet.org
sharekpn.kpnnet.org
get-it.kpnnet.org
teamkpn-acc.kpnnet.org
ts.kpnnet.org
kpn-internal-wireless.kpnnet.org
kitnlams73s001.kpnnet.org
uat-sharekpn.kpnnet.org
wem-comet.kpnnet.org
KPN-PS02.kpnnet.org
zipsacc.kpnnet.org
cloudmail.kpnnet.org
cloudmail.kpnnet.org
ksp-admin-acc.kpnnet.org
sentryapp.acc.kpnnet.org
w2039.kpnnet.org
ciso-ksp.kpnnet.org
sentryapp.acc.kpnnet.org
bi4prd-web2.kpnnet.org
bi.kpnnet.org
filetrans.kpnnet.org
host-retail.kpnnet.org
TIMESHEET.KPNNET.ORG
sentrymail.kpnnet.org
FILETRANS.KPNNET.ORG
filetrans.kpnnet.org
filetrans.kpnnet.org
w2040.kpnnet.org
retailactueel-retail.kpnnet.org
iamportal.kpnnet.org
iamportaltst.kpnnet.org
password.kpnnet.org
KPN-PS02.kpnnet.org
mailercdn-teamkpn.kpnnet.org
teamkpn.kpnnet.org
teamkpn-acc.kpnnet.org
get-it.kpnnet.org
ksp-admin.kpnnet.org
zips.kpnnet.org
Extranet-uat.kpn.com
*.kpnnet.org
ksp-admin-acc.kpnnet.org
ts.kpnnet.org
Voice-of-the-Employee.kpnnet.org
*.kpnnet.org
bealert.kpnnet.org
winkeldossier-retail.kpnnet.org
bealert-acc.kpnnet.org
MAIL5.KPNNET.ORG
bodssnd.kpnnet.org
mail4.kpnnet.org
extranet-uat.kpn.com
wem-staging.kpnnet.org
filetrans.kpnnet.org
teamkpn-stats.kpnnet.org
mail1.kpnnet.org
*.kpnnet.org
teamkpn-chat.kpnnet.org
bisnd2.kpnnet.org
OAPILOT.KPNNET.ORG
portal117.kpnnet.org
KPN-PS02.kpnnet.org
PPScan.kpnnet.org
core.kpnnet.org
bisnd2.kpnnet.org
ksp-admin.kpnnet.org
sharekpn.kpnnet.org
ksp-admin.kpnnet.org
KPN-PS01.kpnnet.org
mail7.kpnnet.org
match.uat.kpnnet.org
teamkpn-mobile.kpnnet.org
extranet.kpn.com
ideedock.kpnnet.org
teamkpn-static.kpnnet.org
W2040.kpnnet.org
vpn.kpnnet.org
bealert.kpnnet.org
PROFINDER-UAT.KPNNET.ORG
bods4uat.kpnnet.org
bisnd2.kpnnet.org
mail2.kpnnet.org
extselfsvc.kpnnet.org
SENTRYAPP.KPNNET.ORG
ksp-admin-acc.kpnnet.org
test-paperlessshop-retail.kpnnet.org
adfs.kpnnet.org
topdesk-innovatie.kpnnet.org
bodsdev.kpnnet.org
uat-sharekpn.kpnnet.org
ws-mijnwerkplek.kpnnet.org
extselfsvc.kpnnet.org
*.kpnnet.org
Voice-of-the-Employee.kpnnet.org
Certificate
The complete raw certificate details for topdesk-innovatie.kpnnet.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGwjCCBKqgAwIBAgIIWoAMKNr2xmAwDQYJKoZIhvcNAQELBQAwTjELMAkGA1UE BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMSwwKgYDVQQDDCNLUE4gUEtJb3Zlcmhl aWQgT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xNjEwMTExMjUwMDlaFw0xOTEwMTEx MjUwMDlaMIGhMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMRYw FAYDVQQHDA0ncy1HcmF2ZW5oYWdlMR0wGwYDVQQKDBRLb25pbmtsaWprZSBLUE4g Ti5WLjEdMBsGA1UEBRMUMDAwMDAwMDMwMjA0NTIwMDAwMDAxJTAjBgNVBAMMHHRv cGRlc2staW5ub3ZhdGllLmtwbm5ldC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiALgzD4k6UirwipusjjUpXFZtGTB/Zdjx/yTZXZBQQyDA06oL gkKoAahK/6vWhu4vxS/AV0j7OOyG9ePErdhJIOS6FCNhp6PGV9LTTQ23/WCiVgN9 jeIRblt3IXX7rY6wmHLL12QLxVEIpfHFHEIWDv57Hkn68JOJP+Qg08q8IonglMfU EOSi+LDm8/RBn87RUGbFc1rbgGviV3JIO8NTsdkgUEoWaMvHzOWCOwsw04MMg47O aYurBsRmFsYL0m1kCgn7dHQIn8NMm4eDxkYEKXZRnddXFRJq7MJv/f1nW1BT/qog 2QayQ3i2ccKHBbQF6KBfA+eJH1Qkv9pPhUaNAgMBAAGjggJOMIICSjCBiwYIKwYB BQUHAQEEfzB9MFEGCCsGAQUFBzAChkVodHRwczovL2NlcnQubWFuYWdlZHBraS5j b20vQ0FjZXJ0cy9LUE5QS0lvdmVyaGVpZE9yZ2FuaXNhdGllQ0FHMi5jZXIwKAYI KwYBBQUHMAGGHGh0dHA6Ly9nMm9jc3AubWFuYWdlZHBraS5jb20wHQYDVR0OBBYE FOMmZxbZiG4DEB1WlmTPaszWbGucMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU daNOjx6X3WyIATHvciHCbmCUfYAwgbEGA1UdIASBqTCBpjCBmQYKYIQQAYdrAQIF BjCBijA3BggrBgEFBQcCARYraHR0cHM6Ly9jZXJ0aWZpY2FhdC5rcG4uY29tL3Br aW92ZXJoZWlkL2NwczBPBggrBgEFBQcCAjBDDEFPcCBkaXQgY2VydGlmaWNhYXQg aXMgaGV0IENQUyBQS0lvdmVyaGVpZCB2YW4gS1BOIHZhbiB0b2VwYXNzaW5nLjAI BgZngQwBAgIwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5tYW5hZ2VkcGtp LmNvbS9LUE5QS0lvdmVyaGVpZE9yZ2FuaXNhdGllQ0FHMi9MYXRlc3RDUkwuY3Js MA4GA1UdDwEB/wQEAwIFoDAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIG CCsGAQUFBwMEMCcGA1UdEQQgMB6CHHRvcGRlc2staW5ub3ZhdGllLmtwbm5ldC5v cmcwDQYJKoZIhvcNAQELBQADggIBAHndP0QZuFtte9BauPVAB67Z2ROWejVpakYg 69sBl9a4jTworxiUvi0KrAVagxavpF3kQiA54oEzprVNRWTeA6gS+YKeM5/55xpX rhL5dmbhksokuRfCSZATipCb+iX3eLn4wUgZBKh/mOHLdAcCWDQGIu8fkxrzcuLW UrKPt4zUWF7knbcu/PnZ2Wu8y16ZEuN0QQYBy8QiaW8HUQ+ugG4aUxZ7Bx58/syL Qr9Shi/v1io8inxconEwAKy0C5zgihA0x4eAMqFtNQOz4uCMt+SBjKJLJaEp+KGm xG4ztZwTlKhu+/pS6dXlhgje2YnrhoEm0UI6+vcdPBSN2ope2hOCGNPP7W2WW2kE KAwdQdFxMwZCGMXQki2mFPkf3ZtqJ2g8xkff5pdofDomOh6bya25n1haA96Nwv2s gHF2CYubBdIVNTHDVDy/B5Ev+XSBusQHfsZ6Iiql79ols9kYLBHvLs9A63IIFiAo Hf4om8EmCElO26b0CKOSImDt++JcRCaVoeomAbTMOzLyPbSnNT8HO3p7wgYzZHzy 9MJnMbCMjKEbpkzEYB3XjMYFzCt//WOL6/2zOW/FGPtLsfDWqeVPbb/UnyFDHi0L gb/jKw5TRt9NHrj/lJnKjTD9ROYDUcfbbW4bN0pM+VoPrNHlSiIdF/H/0jsK3DLh w8WcXM/a -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogC4Mw+JOlIq8IqbrI41 KVxWbRkwf2XY8f8k2V2QUEMgwNOqC4JCqAGoSv+r1obuL8UvwFdI+zjshvXjxK3Y SSDkuhQjYaejxlfS000Nt/1golYDfY3iEW5bdyF1+62OsJhyy9dkC8VRCKXxxRxC Fg7+ex5J+vCTiT/kINPKvCKJ4JTH1BDkoviw5vP0QZ/O0VBmxXNa24Br4ldySDvD U7HZIFBKFmjLx8zlgjsLMNODDIOOzmmLqwbEZhbGC9JtZAoJ+3R0CJ/DTJuHg8ZG BCl2UZ3XVxUSauzCb/39Z1tQU/6qINkGskN4tnHChwW0BeigXwPniR9UJL/aT4VG jQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6521225630044309088 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN PKIoverheid Organisatie CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-11 12:50:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-11 12:50:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String ''s-Gravenhage' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'topdesk-innovatie.kpnnet.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20450960217536733666089701275381132985356962711165734314963318961557623849453102492838192232702009719884834203343862908062749584073364939174946593338663004788893655167706245720099727428477266535832270141620210330860240272581349189517739295001730872533569540679608336772498534987076312505946381441992653289138032581277630556491158731887946802917630951672522336130073679749849274641718921258060620022256487757824504499236576396824656300874978145294681529556159369924233723740709914077413374500443370757673232510872490134967329098476512631334851355956849432927884165741519005077431372035084801864179962381067470118405773 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'https://cert.managedpki.com/CAcerts/KPNPKIoverheidOrganisatieCAG2.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g2ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e3266716d9886e03101d569664cf6accd66c6b9c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 75a34e8f1e97dd6c880131ef7221c26e60947d80 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNPKIoverheidOrganisatieCAG2/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.4 (emailProtection) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'topdesk-innovatie.kpnnet.org' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0079dd3f4419b85b6d7bd05ab8f54007aed9d913967a35696a4620ebdb0197d6b88d3c28af1894be2d0aac055a8316afa45de4422039e28133a6b54d4564de03a812f9829e339ff9e71a57ae12f97666e192ca24b917c24990138a909bfa25f778b9f8c1481904a87f98e1cb74070258340622ef1f931af372e2d652b28fb78cd4585ee49db72efcf9d9d96bbccb5e9912e374410601cbc422696f07510fae806e1a53167b071e7cfecc8b42bf52862fefd62a3c8a7c5ca2713000acb40b9ce08a1034c7878032a16d3503b3e2e08cb7e4818ca24b25a129f8a1a6c46e33b59c1394a86efbfa52e9d5e58608ded989eb868126d1423afaf71d3c148dda8a5eda138218d3cfed6d965b6904280c1d41d17133064218c5d0922da614f91fdd9b6a27683cc647dfe697687c3a263a1e9bc9adb99f585a03de8dc2fdac807176098b9b05d2153531c3543cbf07912ff97481bac4077ec67a222aa5efda25b3d9182c11ef2ecf40eb72081620281dfe289bc12608494edba6f408a3922260edfbe25c442695a1ea2601b4cc3b32f23db4a7353f073b7a7bc20633647cf2f4c26731b08c8ca11ba64cc4601dd78cc605cc2b7ffd638bebfdb3396fc518fb4bb1f0d6a9e54f6dbfd49f21431e2d0b81bfe32b0e5346df4d1eb8ff9499ca8d30fd44e60351c7db6d6e1b374a4cf95a0facd1e54a221d17f1ffd23b0adc32e1c3c59c5ccfda