waarmerk.gemeentewestland.nl

- Gemeente Westland -

Issued by KPN BV PKIoverheid Organisatie Server CA - G3

About this certificate

This digital certificate with serial number 01:fc:ed:4e:a3:a8:10:33 was issued on by KPN B.V..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Gemeente Westland

Company registration number: 00000001812579446000
Organization: Gemeente Westland
State / Province: Zuid-Holland
Locality: Naaldwijk
Country: NL

KPN B.V.

Organization: KPN B.V.
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 01:fc:ed:4e:a3:a8:10:33
Serial Number (int): 143250210177945651
Serial Number lenght: 57 bits, 8 octets

SubjectKeyId: 04:75:fb:f8:42:3d:6b:8b:03:bb:a8:b6:93:00:e7:4f:3e:9a:d9:83
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18

Fingerprint (sha1): f4:32:51:db:04:65:94:bf:b0:5d:69:a9:95:dc:ed:03:2d:d8:69:f4
Fingerprint (sha256): 53:4f:39:d6:0e:38:44:05:aa:59:42:9f:d4:e3:3f:b1:59:b1:f2:ee:8c:18:b9:e0:a0:84:78:f9:d3:63:e4:7d

Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer

Revocation information

OCSP Server: http://g3ocsp.managedpki.com
CRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl

Check the revocation status for certificate waarmerk.gemeentewestland.nl

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for waarmerk.gemeentewestland.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

waarmerk.gemeentewestland.nl

Other certificates including the domain name gemeentewestland.nl

(limited to 100 certificates)
stratech.gemeentewestland.nl
huisvuilkalender.gemeentewestland.nl
*.gemeentewestland.nl
gemeentewestland.nl
stratech.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
www.gemeentewestland.nl
afspraak.gemeentewestland.nl
apigateway.gemeentewestland.nl
digikoppeling.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
mobile.gemeentewestland.nl
www.gemeentewestland.nl
squitxo-prd.gemeentewestland.nl
intranet.gemeentewestland.nl
huisvuilkalender.gemeentewestland.nl
belastingen.gemeentewestland.nl
preproductie.gemeentewestland.nl
stratech.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
digikoppeling.gemeentewestland.nl
loket.gemeentewestland.nl
pvsor.gemeentewestland.nl
belastingen.gemeentewestland.nl
stratech.gemeentewestland.nl
sharefile.gemeentewestland.nl
digikoppeling-tst.gemeentewestland.nl
squitxo-tst.gemeentewestland.nl
acceptatie.gemeentewestland.nl
digikoppeling.gemeentewestland.nl
belastingen.gemeentewestland.nl
digikoppeling-tst.gemeentewestland.nl
gemeentewestland.nl
mijn.gemeentewestland.nl
www.gemeentewestland.nl
gemeentewestland.nl
*.gemeentewestland.nl
waarmerk.gemeentewestland.nl
acceptatie-intranet.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
basisregistraties.gemeentewestland.nl
www.gemeentewestland.nl
squitxo-prd.gemeentewestland.nl
waarmerk.gemeentewestland.nl
webmail.gemeentewestland.nl
mijn.gemeentewestland.nl
digikoppeling-tst.gemeentewestland.nl
stratech.gemeentewestland.nl
loket.gemeentewestland.nl
gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
acceptatie.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
stratech.gemeentewestland.nl
mdm.gemeentewestland.nl
gemeentewestland.nl
www.gemeentewestland.nl
intranet.gemeentewestland.nl
intranet.gemeentewestland.nl
basisregistraties.gemeentewestland.nl
squitxo-tst.gemeentewestland.nl
squitxo-prd.gemeentewestland.nl
legacy.gemeentewestland.nl
gemeentewestland.nl
digikoppeling-tst.gemeentewestland.nl
oudewebsite.gemeentewestland.nl
gemeentewestland.nl
squitxo-tst.gemeentewestland.nl
belastingbalie.gemeentewestland.nl
preproductie.gemeentewestland.nl
bestemmingsplannen.gemeentewestland.nl
loket.gemeentewestland.nl
digikoppeling.gemeentewestland.nl
westlandbudgetbeheer.gemeentewestland.nl
micollab.gemeentewestland.nl
belastingen.gemeentewestland.nl
sociaalplein.gemeentewestland.nl
apigateway2.gemeentewestland.nl
mijn.gemeentewestland.nl
remote.gemeentewestland.nl
berichtenverkeer.gemeentewestland.nl
huisvuilkalender.gemeentewestland.nl
edienstenburgerzaken.gemeentewestland.nl
westlandbudgetbeheer.gemeentewestland.nl
loket.gemeentewestland.nl
guestportal.gemeentewestland.nl
huisvuilkalender.gemeentewestland.nl
intranet.gemeentewestland.nl
loket.gemeentewestland.nl
preproductie.gemeentewestland.nl
loket.gemeentewestland.nl
belastingen.gemeentewestland.nl
*.gemeentewestland.nl
*.gemeentewestland.nl
login.gemeentewestland.nl
belastingen.gemeentewestland.nl
mijn.gemeentewestland.nl
belastingen.gemeentewestland.nl
bijmijindebuurt.gemeentewestland.nl
stratech.gemeentewestland.nl

Certificate

The complete raw certificate details for waarmerk.gemeentewestland.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII3zCCBsegAwIBAgIIAfztTqOoEDMwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE
BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5OVFJOTC0yNzEyNDcw
MTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2FuaXNhdGllIFNlcnZl
ciBDQSAtIEczMB4XDTE4MTExNDEwMTAxMVoXDTIwMTAyNzEwMTAxMVowgZoxCzAJ
BgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxEjAQBgNVBAcMCU5hYWxk
d2lqazEaMBgGA1UECgwRR2VtZWVudGUgV2VzdGxhbmQxHTAbBgNVBAUTFDAwMDAw
MDAxODEyNTc5NDQ2MDAwMSUwIwYDVQQDDBx3YWFybWVyay5nZW1lZW50ZXdlc3Rs
YW5kLm5sMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OPi48sV2rmL
UFhfFxLnY91kfzBEBRBAKxBsxVpiVn6JP36lzATNi9c4zUhkHa2fw9Rans2ZJysS
XBoSmSscyPDzbr/ZeEtP5ShwUckILoW4PtDaQiYCwfQeqZTGqUd6NMwTA4GKeZoW
2AnUp8FfRQT+6XP/hrHhG+qrdWpMhaXuw5G8YgU07WedxC4MMshYcnyipMaqhgRF
D9pbSdA/uH+zUKcQFKeZWm3u/Ld8TT047sHYMITu/Ut842nh9DbBWfzgCTn7kJEd
HYh2eeSMDYJ/NAEq/Knh8egEi0CdDJEXGJUqnILlZnBbE4V6wh4VqyyQDy4Wy0/J
rSaLjMOPeQIDAQABo4IETzCCBEswgZQGCCsGAQUFBwEBBIGHMIGEMFgGCCsGAQUF
BzAChkxodHRwOi8vY2VydC5tYW5hZ2VkcGtpLmNvbS9DQWNlcnRzL0tQTkJWUEtJ
b3ZlcmhlaWRPcmdhbmlzYXRpZVNlcnZlckNBRzMuY2VyMCgGCCsGAQUFBzABhhxo
dHRwOi8vZzNvY3NwLm1hbmFnZWRwa2kuY29tMB0GA1UdDgQWBBQEdfv4Qj1riwO7
qLaTAOdPPprZgzAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFMOapntedCuCtsZy
/XROhdKXzf0YMIGxBgNVHSAEgakwgaYwgZkGCmCEEAGHawECBQYwgYowNwYIKwYB
BQUHAgEWK2h0dHBzOi8vY2VydGlmaWNhYXQua3BuLmNvbS9wa2lvdmVyaGVpZC9j
cHMwTwYIKwYBBQUHAgIwQwxBT3AgZGl0IGNlcnRpZmljYWF0IGlzIGhldCBDUFMg
UEtJb3ZlcmhlaWQgdmFuIEtQTiB2YW4gdG9lcGFzc2luZy4wCAYGZ4EMAQICMF4G
A1UdHwRXMFUwU6BRoE+GTWh0dHA6Ly9jcmwubWFuYWdlZHBraS5jb20vS1BOQlZQ
S0lvdmVyaGVpZE9yZ2FuaXNhdGllU2VydmVyQ0FHMy9MYXRlc3RDUkwuY3JsMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwJwYD
VR0RBCAwHoIcd2Fhcm1lcmsuZ2VtZWVudGV3ZXN0bGFuZC5ubDCCAfYGCisGAQQB
1nkCBAIEggHmBIIB4gHgAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo
/csAAAFnEbMyHAAABAMARzBFAiAQ/oMfPmb+SYCrpYmAJz2riyXYWeXTWSYl2QQT
oKL04wIhAJ4wPaIfGb5SGWguMeE3/q04+K+Hh0F6yE5fSM7X6i7qAHcAVYHUwhaQ
NgFK6gubVzxT8MDkOHhwJQgXL6OqHQcT0wwAAAFnEbMyQgAABAMASDBGAiEAxNkG
UQfExcGFLgY4cWuRTmzYQdvALNUNxQEcTyTezSACIQDO+bSMKHNlnFmWHeC7mQWx
nMQ9EuL+BYqG4346KvzPWQB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaO
HtGFAAABZxGzNIgAAAQDAEcwRQIgbmz5IKB/0G5YBe9N4G1B08QUg+avrMSuBLO1
n1bSVTUCIQCvrI1qLmb9DxlsanvLJPleTlh8BZcEgkfhUOhg4KRH9QB1AKS5CZC0
GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZxGzNNMAAAQDAEYwRAIgE++L
WFj8+Ppm37p4VoVVzaKIKpRJkKAbuHcaRzxIgzYCIH0/BG7wGQkzVe2FZy5ZhcC/
9SNHaGjL/d22JgpwSkJcMA0GCSqGSIb3DQEBCwUAA4ICAQB0+Rmnjn5RgGdcgIvB
QJkO4pZjwSAb5uSURd3D+mnm3Vs/DeHq+qu0Ptc1y4wetXT+Kt8/Sjnp83e1BJ8F
ehTWI6+lLZc1gqReHp2Ey94Tno5PZd2r8lhdccaRvnqzxXEEMXgfFUKx/YO4TVmL
b37JaT9MBgD63ybGIL9jiXMRSls1IB75FgHEAXjZVG+nF8Unirprfeqh00pocMou
DLPXDKoUJEEzJSyGwa58kerkguXsbx1ExzJMdxnylSzhSoTxkDMaRP572OoFO9+2
PDaqOIE/WhOSg/x9WBIO3uo0hMmyKJPD/vfD3h7hPSHL4qSkF0QMEXcJMZ+yiPEx
N6DMF14OI1OYLdBZYxeA1W2Q6FirlbFL8kE/D0BgnGw96d9T4KXbUvnyOvmpYqV4
i8gAdUm2aMZTA5uKoycCNz0U4r3i1RF2LGcBxh/xyWj2y7jMa4AqKpS9s4I3t9Qr
42KSVbaVF3RwWZepfHzdg/2Gjs5ZJlegIYlMS4rEEQpl+EH8/GZ+pyLFdNXsjGIC
B3afvlrAcuukar54eTjYCcPqU3gscsZgTO3PC68yFo0oRQ84LQOkECvpHJPxA0kY
dcugWQFMb9oEbMC05lUGDMsBfdYvMg+Rz626PKGxGmCFX75Ru8elnVDvR9/93cW5
ncEpLcNXEl1v4KSun6U5yxT5Qg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OPi48sV2rmLUFhfFxLn
Y91kfzBEBRBAKxBsxVpiVn6JP36lzATNi9c4zUhkHa2fw9Rans2ZJysSXBoSmSsc
yPDzbr/ZeEtP5ShwUckILoW4PtDaQiYCwfQeqZTGqUd6NMwTA4GKeZoW2AnUp8Ff
RQT+6XP/hrHhG+qrdWpMhaXuw5G8YgU07WedxC4MMshYcnyipMaqhgRFD9pbSdA/
uH+zUKcQFKeZWm3u/Ld8TT047sHYMITu/Ut842nh9DbBWfzgCTn7kJEdHYh2eeSM
DYJ/NAEq/Knh8egEi0CdDJEXGJUqnILlZnBbE4V6wh4VqyyQDy4Wy0/JrSaLjMOP
eQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 143250210177945651
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-14 10:10:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-27 10:10:11 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Naaldwijk'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Gemeente Westland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000001812579446000'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'waarmerk.gemeentewestland.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26874895569860302782245877006446279116717654255879349169078352048613504546370098326706558513475357992719892053702620999345151707131193130366095637456454633777792351060950960705785051676111468636625103869389023513883158384964056503905650764025605854006169123937558118111570220946946909363593382298795393015142871674733838327949640599107155088184424769414971291568399875472454147516340217350778653787249568891443645025434855364304874020264615992718930244896936693726445125577295181838820475349113769243762022194452617454803173271501527007318765213140831327704306216687340538977097595145341943891628159136354582713831289
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0475fbf8423d6b8b03bba8b69300e74f3e9ad983
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waarmerk.gemeentewestland.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (482 bytes)
							01e0007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016711b3321c0000040300473045022010fe831f3e66fe4980aba58980273dab8b25d859e5d3592625d90413a0a2f4e30221009e303da21f19be5219682e31e137fead38f8af8787417ac84e5f48ced7ea2eea0077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000016711b332420000040300483046022100c4d9065107c4c5c1852e0638716b914e6cd841dbc02cd50dc5011c4f24decd20022100cef9b48c2873659c59961de0bb9905b19cc43d12e2fe058a86e37e3a2afccf59007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016711b33488000004030047304502206e6cf920a07fd06e5805ef4de06d41d3c41483e6afacc4ae04b3b59f56d25535022100afac8d6a2e66fd0f196c6a7bcb24f95e4e587c0597048247e150e860e0a447f5007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016711b334d30000040300463044022013ef8b5858fcf8fa66dfba78568555cda2882a944990a01bb8771a473c48833602207d3f046ef019093355ed85672e5985c0bff523476868cbfdddb6260a704a425c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0074f919a78e7e5180675c808bc140990ee29663c1201be6e49445ddc3fa69e6dd5b3f0de1eafaabb43ed735cb8c1eb574fe2adf3f4a39e9f377b5049f057a14d623afa52d973582a45e1e9d84cbde139e8e4f65ddabf2585d71c691be7ab3c5710431781f1542b1fd83b84d598b6f7ec9693f4c0600fadf26c620bf638973114a5b35201ef91601c40178d9546fa717c5278aba6b7deaa1d34a6870ca2e0cb3d70caa14244133252c86c1ae7c91eae482e5ec6f1d44c7324c7719f2952ce14a84f190331a44fe7bd8ea053bdfb63c36aa38813f5a139283fc7d58120edeea3484c9b22893c3fef7c3de1ee13d21cbe2a4a417440c117709319fb288f13137a0cc175e0e2353982dd059631780d56d90e858ab95b14bf2413f0f40609c6c3de9df53e0a5db52f9f23af9a962a5788bc8007549b668c653039b8aa32702373d14e2bde2d511762c6701c61ff1c968f6cbb8cc6b802a2a94bdb38237b7d42be3629255b6951774705997a97c7cdd83fd868ece592657a021894c4b8ac4110a65f841fcfc667ea722c574d5ec8c620207769fbe5ac072eba46abe787938d809c3ea53782c72c6604cedcf0baf32168d28450f382d03a4102be91c93f103491875cba059014c6fda046cc0b4e655060ccb017dd62f320f91cfadba3ca1b11a60855fbe51bbc7a59d50ef47dffdddc5b99dc1292dc357125d6fe0a4ae9fa539cb14f942