gouda0-rt.cust.kpn.net
- Koninklijke KPN N.V. -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 71:70:41:cc:8d:04:3c:cd:62:eb:67:bc:09:2d:e0:0c:02:26:1b:e5 was issued on by KPN B.V..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization: Koninklijke KPN N.V.
State / Province:
Zuid-Holland
Locality: Rotterdam
Country: NL
Locality: Rotterdam
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 71:70:41:cc:8d:04:3c:cd:62:eb:67:bc:09:2d:e0:0c:02:26:1b:e5Serial Number (int): 647619372468960862127746766036459866918268312549
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 38:d7:d9:70:06:ad:4c:0d:c2:de:e3:10:91:84:fe:c5:22:04:f7:99
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): 1f:bf:fb:16:44:5f:f5:8d:4a:93:df:21:d4:68:09:44:c2:8f:61:06
Fingerprint (sha256): 47:30:0f:6d:2c:9b:68:ca:0d:8c:56:97:81:c6:cd:7f:8a:dc:d9:74:d6:f2:64:4a:7c:6f:e6:82:a2:e7:1a:cd
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate gouda0-rt.cust.kpn.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for gouda0-rt.cust.kpn.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
gouda0-rt.cust.kpn.net
gouda0.cust.kpn.net
gouda0.cust.kpn.net
Other certificates including the domain name kpn.net
(limited to 100 certificates)
rt2-vlg-1.pmr.kpn.net
zandvoort3.ZIPB.kpn.net
texel1.zipb.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
vlissingen1.ZIPB.kpn.net
zandvoort3.zipb.kpn.net
prmnp1.pmr.kpn.net
diensten.monitoring.kpn.net
zierikzee1.zipb.kpn.net
pem.kpn.net
zandvoort3.kpn.net
tenrvlissingen1.kpn.net
86-88-48-103.fixed.kpn.net
webmail.kpn.net
77-163-140-51.fixed.kpn.net
vpnaccess.oam.kpn.net
www.kpn.net
wdaht.pmr.kpn.net
pmht.pmr.kpn.net
prmnp2.pmr.kpn.net
gemnr2.pmr.kpn.net
wopa.kpn.net
tenrzandvoort3.kpn.net
webmail.kpn.net
diensten.monitoring.kpn.net
zandvoort1.kpn.net
dot.kpn.com
asd2-vlg-1.pmr.kpn.net
vlissingen1.kpn.net
citrixportal.ttrc.oam.kpn.net
gouda0-rt.cust.kpn.net
test.diensten.monitoring.kpn.net
zandvoort3.kpn.net
www.kpn.net
zandvoort3.kpn.net
gemnp1.pmr.kpn.net
test.diensten.monitoring.kpn.net
vlissingen1.ZIPB.kpn.net
www.kpn.net
wopa.kpn.net
wopatest.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
tenrzandvoort3.zipb.kpn.net
77-169-194-218.fixed.kpn.net
gemnp2.pmr.kpn.net
89-163-151-197.mobile.kpn.net
77-163-140-51.fixed.kpn.net
gemnr1.pmr.kpn.net
213-10-121-183.fixed.kpn.net
prmnr1.pmr.kpn.net
www.kpn.net
www.kpn.net
www.kpn.net
86-84-188-139.fixed.kpn.net
aht.pmr.kpn.net
rt2-vlg-1.pmr.kpn.net
vlissingen1.zipb.kpn.net
zierikzee1.zipb.kpn.net
texel1.zipb.kpn.net
wopa.kpn.net
wopatest.kpn.net
zandvoort3.zipb.kpn.net
prmnr2.pmr.kpn.net
tenrzandvoort1.zipb.kpn.net
gst.pmr.kpn.net
gouda0-asd.cust.kpn.net
diensten.monitoring.kpn.net
clht.pmr.kpn.net
www.kpn.net
plht.pmr.kpn.net
*.pmr.kpn.net
www.kpn.net
pst.pmr.kpn.net
vpnaccess.oam.kpn.net
wopa.kpn.net
citrixportal.oam.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
groningen1-rt.cust.kpn.net
vlissingen1.kpn.net
vpnaccess.oam.kpn.net
diensten.monitoring.kpn.net
tenrtexel1.zipb.kpn.net
texel1.zipb.kpn.net
test.diensten.monitoring.kpn.net
tenrzandvoort1.kpn.net
vlissingen1.kpn.net
avds.monitoring.kpn.net
zierikzee1.zipb.kpn.net
groningen1-asd.cust.kpn.net
cri.pmr.kpn.net
sntpf.pmr.kpn.net
wopa.kpn.net
texel1.zipb.kpn.net
zandvoort3.ZIPB.kpn.net
texel1.zipb.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
vlissingen1.ZIPB.kpn.net
zandvoort3.zipb.kpn.net
prmnp1.pmr.kpn.net
diensten.monitoring.kpn.net
zierikzee1.zipb.kpn.net
pem.kpn.net
zandvoort3.kpn.net
tenrvlissingen1.kpn.net
86-88-48-103.fixed.kpn.net
webmail.kpn.net
77-163-140-51.fixed.kpn.net
vpnaccess.oam.kpn.net
www.kpn.net
wdaht.pmr.kpn.net
pmht.pmr.kpn.net
prmnp2.pmr.kpn.net
gemnr2.pmr.kpn.net
wopa.kpn.net
tenrzandvoort3.kpn.net
webmail.kpn.net
diensten.monitoring.kpn.net
zandvoort1.kpn.net
dot.kpn.com
asd2-vlg-1.pmr.kpn.net
vlissingen1.kpn.net
citrixportal.ttrc.oam.kpn.net
gouda0-rt.cust.kpn.net
test.diensten.monitoring.kpn.net
zandvoort3.kpn.net
www.kpn.net
zandvoort3.kpn.net
gemnp1.pmr.kpn.net
test.diensten.monitoring.kpn.net
vlissingen1.ZIPB.kpn.net
www.kpn.net
wopa.kpn.net
wopatest.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
tenrzandvoort3.zipb.kpn.net
77-169-194-218.fixed.kpn.net
gemnp2.pmr.kpn.net
89-163-151-197.mobile.kpn.net
77-163-140-51.fixed.kpn.net
gemnr1.pmr.kpn.net
213-10-121-183.fixed.kpn.net
prmnr1.pmr.kpn.net
www.kpn.net
www.kpn.net
www.kpn.net
86-84-188-139.fixed.kpn.net
aht.pmr.kpn.net
rt2-vlg-1.pmr.kpn.net
vlissingen1.zipb.kpn.net
zierikzee1.zipb.kpn.net
texel1.zipb.kpn.net
wopa.kpn.net
wopatest.kpn.net
zandvoort3.zipb.kpn.net
prmnr2.pmr.kpn.net
tenrzandvoort1.zipb.kpn.net
gst.pmr.kpn.net
gouda0-asd.cust.kpn.net
diensten.monitoring.kpn.net
clht.pmr.kpn.net
www.kpn.net
plht.pmr.kpn.net
*.pmr.kpn.net
www.kpn.net
pst.pmr.kpn.net
vpnaccess.oam.kpn.net
wopa.kpn.net
citrixportal.oam.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
groningen1-rt.cust.kpn.net
vlissingen1.kpn.net
vpnaccess.oam.kpn.net
diensten.monitoring.kpn.net
tenrtexel1.zipb.kpn.net
texel1.zipb.kpn.net
test.diensten.monitoring.kpn.net
tenrzandvoort1.kpn.net
vlissingen1.kpn.net
avds.monitoring.kpn.net
zierikzee1.zipb.kpn.net
groningen1-asd.cust.kpn.net
cri.pmr.kpn.net
sntpf.pmr.kpn.net
wopa.kpn.net
texel1.zipb.kpn.net
Certificate
The complete raw certificate details for gouda0-rt.cust.kpn.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHFzCCBP+gAwIBAgIUcXBBzI0EPM1i62e8CS3gDAImG+UwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5O VFJOTC0yNzEyNDcwMTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2Fu aXNhdGllIFNlcnZlciBDQSAtIEczMB4XDTE5MTAyODEwNTAxMFoXDTIxMTAyNzEw NTAxMFowgZcxCzAJBgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxEjAQ BgNVBAcMCVJvdHRlcmRhbTEdMBsGA1UECgwUS29uaW5rbGlqa2UgS1BOIE4uVi4x HTAbBgNVBAUTFDAwMDAwMDAzMDIwNDUyMDAwMDAwMR8wHQYDVQQDDBZnb3VkYTAt cnQuY3VzdC5rcG4ubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA tEMH5o9xQTXLxQqXuFYtpmlSGetLE+wKibroKXhweGG9+LhPESlw+nvgQ044LSa9 e0ztgm8pHNI53CfJXsuVKwrlcmiOPRhxHaS1QxflN7SIdx8pnszdNRqF1lOaPYCk e4uGmKMyrr4O7Qbg70cGlqzmwUQfECGg9VqftJnsx2ci/at0UNoxLAhh6Mv0buJJ iXUJwjhFR/Nn8GNFbilkzVYL5YazsHJgF3BsUDI94iGyyV31C8RblrAAXmTaM6ed R+dwt4cr3LSPwv+1VshmrHkLbMLILJOs25p3jxoQFYh3MKerU7hALDdRxhtt/P1k g/0ZoQEdom2ZIX6abjbIlQIDAQABo4ICfjCCAnowgZkGCCsGAQUFBwEBBIGMMIGJ MF0GCCsGAQUFBzAChlFodHRwOi8vY2VydC5tYW5hZ2VkcGtpLmNvbS9DQWNlcnRz L0tQTkJWUEtJb3ZlcmhlaWRPcmdhbmlzYXRpZVNlcnZlckNBRzMtMjAxOS5jZXIw KAYIKwYBBQUHMAGGHGh0dHA6Ly9nM29jc3AubWFuYWdlZHBraS5jb20wHQYDVR0O BBYEFDjX2XAGrUwNwt7jEJGE/sUiBPeZMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgw FoAUw5qme150K4K2xnL9dE6F0pfN/RgwgbEGA1UdIASBqTCBpjCBmQYKYIQQAYdr AQIFBjCBijA3BggrBgEFBQcCARYraHR0cHM6Ly9jZXJ0aWZpY2FhdC5rcG4uY29t L3BraW92ZXJoZWlkL2NwczBPBggrBgEFBQcCAjBDDEFPcCBkaXQgY2VydGlmaWNh YXQgaXMgaGV0IENQUyBQS0lvdmVyaGVpZCB2YW4gS1BOIHZhbiB0b2VwYXNzaW5n LjAIBgZngQwBAgIwXgYDVR0fBFcwVTBToFGgT4ZNaHR0cDovL2NybC5tYW5hZ2Vk cGtpLmNvbS9LUE5CVlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVTZXJ2ZXJDQUczL0xh dGVzdENSTC5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDATA2BgNVHREELzAtghZnb3VkYTAtcnQuY3VzdC5rcG4ubmV0ghNn b3VkYTAuY3VzdC5rcG4ubmV0MBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3 DQEBCwUAA4ICAQDDhe/boo2oTHLZi3/8moqSNXZmrku+WwC/nXtFrrrC98HCQ2wO dDP7b2yBeBWGDXwsSwfoy6sKnxdhk+4cf5MQ0KS1UbH3yRueiLHzofbYWSyJ8eWI 5K6rOkawTpPLLfoN6S4eZ77w4doU3bI9d9PJiAz76+od+IqKsuicfc0k3brBFYzi nuFBiWNkLrQRsPqWb29q2nlLeTZveTbVj4s8sYrqCYy4Am2jdapku1/dTd0nslUu Qg+UdNQ0yAypfXe/ZtM3XPZ/wCRh96CMr8dIjNknGByTdXXM1kZU33Y2fnRMZge/ vvCBhoal7AkEPgh6ufuiZqx7HFdRiIxfzJW9rJUQZxvMmMgLm74ENX/Df0HJ/yJR MIhyrM1ez/H5TLBx9l4HdmyaS+Spo8I3ZObu4wJe/HsQH7PXUr0mi7NWwLb7W629 NLEk2KTQqg2zd2VRbjNIBicmvL/mTmktPDwXQWYZIjjbPnLXmVpJcaPeq2BH8lnk NjQPVay6U22U+TedWgmFsp2TIWWnRl2Z1nc3iM8ndRLKZUnZLXFYTgPjQwIW7I3x 2tLvjIXYxSyyoavIjoeSL01T4f+gb7hGYojN4EpYRGAJRb4a3v41nH+piB1885rE jA4Rdsmzl3EK6jzuWcnCMuIzP61jTpIjBqRScRfIrmLJVWbTJAjQ0qpfFw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEMH5o9xQTXLxQqXuFYt pmlSGetLE+wKibroKXhweGG9+LhPESlw+nvgQ044LSa9e0ztgm8pHNI53CfJXsuV KwrlcmiOPRhxHaS1QxflN7SIdx8pnszdNRqF1lOaPYCke4uGmKMyrr4O7Qbg70cG lqzmwUQfECGg9VqftJnsx2ci/at0UNoxLAhh6Mv0buJJiXUJwjhFR/Nn8GNFbilk zVYL5YazsHJgF3BsUDI94iGyyV31C8RblrAAXmTaM6edR+dwt4cr3LSPwv+1Vshm rHkLbMLILJOs25p3jxoQFYh3MKerU7hALDdRxhtt/P1kg/0ZoQEdom2ZIX6abjbI lQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 647619372468960862127746766036459866918268312549 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-28 10:50:10 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-27 10:50:10 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Rotterdam' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'gouda0-rt.cust.kpn.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22755949043799681874274804359451052847510526199173559281152306954168028290703265863311502030635223862872311227490988710517316233459247029579525731076636925629085247858204764217812218597988565531517050354363055226730344732983281850882994295759928297559124506600307918268244719269253107120446616540672418436323213017839376676486415546436859515859853666766930723551948222914867737386046770120997352870271951198153556629321679624628743457775295428236141944902945149097021750293217105682606806035323084317900933747767781419395786620922903088257043650349090457256715675971296636661408769219640830209300952533624794740344981 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 38d7d97006ad4c0dc2dee3109184fec52204f799 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gouda0-rt.cust.kpn.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gouda0.cust.kpn.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00c385efdba28da84c72d98b7ffc9a8a92357666ae4bbe5b00bf9d7b45aebac2f7c1c2436c0e7433fb6f6c817815860d7c2c4b07e8cbab0a9f176193ee1c7f9310d0a4b551b1f7c91b9e88b1f3a1f6d8592c89f1e588e4aeab3a46b04e93cb2dfa0de92e1e67bef0e1da14ddb23d77d3c9880cfbebea1df88a8ab2e89c7dcd24ddbac1158ce29ee1418963642eb411b0fa966f6f6ada794b79366f7936d58f8b3cb18aea098cb8026da375aa64bb5fdd4ddd27b2552e420f9474d434c80ca97d77bf66d3375cf67fc02461f7a08cafc7488cd927181c937575ccd64654df76367e744c6607bfbef0818686a5ec09043e087ab9fba266ac7b1c5751888c5fcc95bdac9510671bcc98c80b9bbe04357fc37f41c9ff2251308872accd5ecff1f94cb071f65e07766c9a4be4a9a3c23764e6eee3025efc7b101fb3d752bd268bb356c0b6fb5badbd34b124d8a4d0aa0db37765516e3348062726bcbfe64e692d3c3c174166192238db3e72d7995a4971a3deab6047f259e436340f55acba536d94f9379d5a0985b29d932165a7465d99d6773788cf277512ca6549d92d71584e03e3430216ec8df1dad2ef8c85d8c52cb2a1abc88e87922f4d53e1ffa06fb8466288cde04a5844600945be1adefe359c7fa9881d7cf39ac48c0e1176c9b397710aea3cee59c9c232e2333fad634e922306a4527117c8ae62c95566d32408d0d2aa5f17