san1.klmonline.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:06:85:a6:25:cb:67:b4:27:9a:f3:c6:db:82:02:36:dd:d2 was issued on by Let's Encrypt.
With 62 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=san1.klmonline.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:06:85:a6:25:cb:67:b4:27:9a:f3:c6:db:82:02:36:dd:d2Serial Number (int): 263556202008088848388331741334479819955666
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 3c:c9:1f:74:40:37:42:ae:cf:2b:2c:2c:d6:b0:e1:1f:43:15:c8:f1
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): dc:01:65:6f:08:7c:c8:bb:23:5e:7f:d1:af:05:1e:7d:3d:24:10:00
Fingerprint (sha256): 6b:25:16:56:f7:65:6b:cf:f3:c9:84:d4:5d:d3:54:1e:82:87:dc:f2:bb:b9:ee:b4:83:ca:f1:91:c7:bc:2d:a9
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate san1.klmonline.com
62
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for san1.klmonline.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
amsterdam-cms.klm.com
amsterdam.klm.com
api.campaigndesigner2.klm.com
bannerspace.klm.com
blog-origin.klm.com
blog.klm.com
brand.klm.com
bumblebee.klm.com
campaigndesigner.klm.com
campaigndesigner2.klm.com
campaigns-origin.klm.com
experience.klm.com
farefeed.klm.com
fightblue.klm.com
flightbundlebusiness.klm.com
flyresponsibly.klm.com
gamification.klm.com
groepen.klm.com
jcc.klm.com
jijenklm.nl
librodereclamaciones.klm.com
livedeals.klm.com
livedeals.klm.nl
livestreammachine.klm.com
lwcdn.klm.com
neverdone-origin.klm.com
offers.klm.com
ondernemen.klm.com
paapi.klm.com
packagedeals.klm.com
passport-cms.klm.com
passport.klm.com
paymentpa.klm.com
photocompetition.klm.com
play-cms.klm.com
play-origin.klm.com
previews.campaigndesigner2.klm.com
pricealerts.klm.com
promotions.klm.com
promotions2.klm.com
quoidenouveau.flyingblue.com
reasons.klm.com
running.klm.com
san1.klmonline.com
schiphol-service.klm.com
social-origin.klmonline.com
socialpayments.klm.com
socialtv.klm.com
surf.klm.com
sustainability.klm.com
take-me-there.klm.com
travelforcities.klm.com
travelforfood.klm.com
travelforsurf-origin.klm.com
wannagives.klm.com
wbc.klm.com
wecare.klm.com
weetenwin-cms.klm.com
weetenwin.klm.com
werelddealwekker.klm.com
winwith.klm.com
www.jijenklm.nl
amsterdam.klm.com
api.campaigndesigner2.klm.com
bannerspace.klm.com
blog-origin.klm.com
blog.klm.com
brand.klm.com
bumblebee.klm.com
campaigndesigner.klm.com
campaigndesigner2.klm.com
campaigns-origin.klm.com
experience.klm.com
farefeed.klm.com
fightblue.klm.com
flightbundlebusiness.klm.com
flyresponsibly.klm.com
gamification.klm.com
groepen.klm.com
jcc.klm.com
jijenklm.nl
librodereclamaciones.klm.com
livedeals.klm.com
livedeals.klm.nl
livestreammachine.klm.com
lwcdn.klm.com
neverdone-origin.klm.com
offers.klm.com
ondernemen.klm.com
paapi.klm.com
packagedeals.klm.com
passport-cms.klm.com
passport.klm.com
paymentpa.klm.com
photocompetition.klm.com
play-cms.klm.com
play-origin.klm.com
previews.campaigndesigner2.klm.com
pricealerts.klm.com
promotions.klm.com
promotions2.klm.com
quoidenouveau.flyingblue.com
reasons.klm.com
running.klm.com
san1.klmonline.com
schiphol-service.klm.com
social-origin.klmonline.com
socialpayments.klm.com
socialtv.klm.com
surf.klm.com
sustainability.klm.com
take-me-there.klm.com
travelforcities.klm.com
travelforfood.klm.com
travelforsurf-origin.klm.com
wannagives.klm.com
wbc.klm.com
wecare.klm.com
weetenwin-cms.klm.com
weetenwin.klm.com
werelddealwekker.klm.com
winwith.klm.com
www.jijenklm.nl
Other certificates including the domain name klmonline.com
(limited to 100 certificates)
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
cmt.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
san1.klmonline.com
Certificate
The complete raw certificate details for san1.klmonline.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKdTCCCV2gAwIBAgISAwaFpiXLZ7QnmvPG24ICNt3SMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAzMjYxMjI2NDlaFw0y MDA2MjQxMjI2NDlaMB0xGzAZBgNVBAMTEnNhbjEua2xtb25saW5lLmNvbTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALscTHQ5XgrFk3h7/+rVG2mU8Oby EoU6v8xdGEWbO3bar7B4nqWUidskTGGkS9j4NrqwLNs1IuqTpt/CsZw314ZIXHcb qzEkGNOEtH27NeZ4yHO2OtYnR4NeO4kacHBZBuCe08qe0RUgZyFrHhOyYsbbV4W0 A+8Pa+bCjHo2gCOZvWQFIBdaVBCDdRCLb+851DNwxgyP6WVNSEMG1T28ifiRuFUp XQjy1XVL9tAhC9CtsSOYcgUCMwwLOAvH0Ee0wHh5QrOyu65pE6omBn4qJ1YfN8/h q6tT0KhmWLfwyC/bW8sj0FmkgQu8iTS3H5I+OdDHNbLEUW02LP8KOb7iNVECAwEA AaOCB4Awggd8MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUPMkfdEA3Qq7PKyws1rDh H0MVyPEwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUH AQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5 cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5 cHQub3JnLzCCBTQGA1UdEQSCBSswggUnghVhbXN0ZXJkYW0tY21zLmtsbS5jb22C EWFtc3RlcmRhbS5rbG0uY29tgh1hcGkuY2FtcGFpZ25kZXNpZ25lcjIua2xtLmNv bYITYmFubmVyc3BhY2Uua2xtLmNvbYITYmxvZy1vcmlnaW4ua2xtLmNvbYIMYmxv Zy5rbG0uY29tgg1icmFuZC5rbG0uY29tghFidW1ibGViZWUua2xtLmNvbYIYY2Ft cGFpZ25kZXNpZ25lci5rbG0uY29tghljYW1wYWlnbmRlc2lnbmVyMi5rbG0uY29t ghhjYW1wYWlnbnMtb3JpZ2luLmtsbS5jb22CEmV4cGVyaWVuY2Uua2xtLmNvbYIQ ZmFyZWZlZWQua2xtLmNvbYIRZmlnaHRibHVlLmtsbS5jb22CHGZsaWdodGJ1bmRs ZWJ1c2luZXNzLmtsbS5jb22CFmZseXJlc3BvbnNpYmx5LmtsbS5jb22CFGdhbWlm aWNhdGlvbi5rbG0uY29tgg9ncm9lcGVuLmtsbS5jb22CC2pjYy5rbG0uY29tggtq aWplbmtsbS5ubIIcbGlicm9kZXJlY2xhbWFjaW9uZXMua2xtLmNvbYIRbGl2ZWRl YWxzLmtsbS5jb22CEGxpdmVkZWFscy5rbG0ubmyCGWxpdmVzdHJlYW1tYWNoaW5l LmtsbS5jb22CDWx3Y2RuLmtsbS5jb22CGG5ldmVyZG9uZS1vcmlnaW4ua2xtLmNv bYIOb2ZmZXJzLmtsbS5jb22CEm9uZGVybmVtZW4ua2xtLmNvbYINcGFhcGkua2xt LmNvbYIUcGFja2FnZWRlYWxzLmtsbS5jb22CFHBhc3Nwb3J0LWNtcy5rbG0uY29t ghBwYXNzcG9ydC5rbG0uY29tghFwYXltZW50cGEua2xtLmNvbYIYcGhvdG9jb21w ZXRpdGlvbi5rbG0uY29tghBwbGF5LWNtcy5rbG0uY29tghNwbGF5LW9yaWdpbi5r bG0uY29tgiJwcmV2aWV3cy5jYW1wYWlnbmRlc2lnbmVyMi5rbG0uY29tghNwcmlj ZWFsZXJ0cy5rbG0uY29tghJwcm9tb3Rpb25zLmtsbS5jb22CE3Byb21vdGlvbnMy LmtsbS5jb22CHHF1b2lkZW5vdXZlYXUuZmx5aW5nYmx1ZS5jb22CD3JlYXNvbnMu a2xtLmNvbYIPcnVubmluZy5rbG0uY29tghJzYW4xLmtsbW9ubGluZS5jb22CGHNj aGlwaG9sLXNlcnZpY2Uua2xtLmNvbYIbc29jaWFsLW9yaWdpbi5rbG1vbmxpbmUu Y29tghZzb2NpYWxwYXltZW50cy5rbG0uY29tghBzb2NpYWx0di5rbG0uY29tggxz dXJmLmtsbS5jb22CFnN1c3RhaW5hYmlsaXR5LmtsbS5jb22CFXRha2UtbWUtdGhl cmUua2xtLmNvbYIXdHJhdmVsZm9yY2l0aWVzLmtsbS5jb22CFXRyYXZlbGZvcmZv b2Qua2xtLmNvbYIcdHJhdmVsZm9yc3VyZi1vcmlnaW4ua2xtLmNvbYISd2FubmFn aXZlcy5rbG0uY29tggt3YmMua2xtLmNvbYIOd2VjYXJlLmtsbS5jb22CFXdlZXRl bndpbi1jbXMua2xtLmNvbYIRd2VldGVud2luLmtsbS5jb22CGHdlcmVsZGRlYWx3 ZWtrZXIua2xtLmNvbYIPd2lud2l0aC5rbG0uY29tgg93d3cuamlqZW5rbG0ubmww TAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcC ARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1 BIHyAPAAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXEXBiFi AAAEAwBHMEUCIQDyuggEBE+VpvYn/AeFRhMY7CnnH7qAeMa7SU5bQ0uyUQIgP8Zs 5iaBl9m372744JLhZatuvWybIc5zwbi3ozu2Dx4AdgAHt1wb5X1o//Gwxh0jFce6 5ld8V5S3au68YToaadOiHAAAAXEXBiFnAAAEAwBHMEUCIQC3UoikrtpM8pD9D7WZ V2NsV1OUU+Lrs6lYCr5ghBFwHQIgOIiZyYOAZvdsHKSXBar9ysMbbs3EwikFQbF7 Hc89Jq0wDQYJKoZIhvcNAQELBQADggEBAHOevVI05hnNDKLYz7YU0hE4AkjtYr59 zPrzYht6BG7VSjB53MMfz6SfW4aYRX3E7t3qq4GT82EQhB1pL0nzENEHvuDgWu7R 1ReoNySotLES6nkDxXmFhcV3HLklcmpKRtarN4DHEM5F2yQ9+yG1akfDU8gmSJAQ Dq2xescRvwtkNWEktA4gjeolrfwrLlQSJhC/BHistiYfL4ez+0/4XIugpNVVtm5S 0vut+55xZMZ68Ct0a2LZ3kGYvdZZ++K824J90Ed22KdDHWQenHKTPwsGNcIGBIqw yH06UDfmYFxrfKIZ+6PKMHI+6yxAnKsyoRrQ3Z0ZsmdLSlXXKf8b1PM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxxMdDleCsWTeHv/6tUb aZTw5vIShTq/zF0YRZs7dtqvsHiepZSJ2yRMYaRL2Pg2urAs2zUi6pOm38KxnDfX hkhcdxurMSQY04S0fbs15njIc7Y61idHg147iRpwcFkG4J7Typ7RFSBnIWseE7Ji xttXhbQD7w9r5sKMejaAI5m9ZAUgF1pUEIN1EItv7znUM3DGDI/pZU1IQwbVPbyJ +JG4VSldCPLVdUv20CEL0K2xI5hyBQIzDAs4C8fQR7TAeHlCs7K7rmkTqiYGfion Vh83z+Grq1PQqGZYt/DIL9tbyyPQWaSBC7yJNLcfkj450Mc1ssRRbTYs/wo5vuI1 UQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 263556202008088848388331741334479819955666 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-26 12:26:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-24 12:26:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'san1.klmonline.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23620517612292634676070428618058863575729841764362392378162794849894873847495732710760218919824377455820925405442671512002582510879860238391944221617227388037269844197126922792330202696952347645080526148335953588516419477659965933007573790496688672404135917544506181963984441431401143613521610911527734274988454953541706068788645864581713244230651875761912572497256470556562401039147979390047439050958340678569669551420665371135637869253109886257645076836516891945520424110982869392750498462904319524436903681818626109261349767491009582988878719580825509280591662541836158780778156221043178480398761778999500472464721 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3cc91f74403742aecf2b2c2cd6b0e11f4315c8f1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1323 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amsterdam-cms.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amsterdam.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.campaigndesigner2.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bannerspace.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog-origin.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brand.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bumblebee.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'campaigndesigner.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'campaigndesigner2.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'campaigns-origin.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'experience.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'farefeed.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fightblue.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flightbundlebusiness.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flyresponsibly.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gamification.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'groepen.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jcc.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jijenklm.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'librodereclamaciones.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'livedeals.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'livedeals.klm.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'livestreammachine.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lwcdn.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'neverdone-origin.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'offers.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ondernemen.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paapi.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'packagedeals.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'passport-cms.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'passport.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paymentpa.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photocompetition.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'play-cms.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'play-origin.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'previews.campaigndesigner2.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pricealerts.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'promotions.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'promotions2.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'quoidenouveau.flyingblue.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'reasons.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'running.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'san1.klmonline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'schiphol-service.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'social-origin.klmonline.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'socialpayments.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'socialtv.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'surf.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sustainability.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'take-me-there.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'travelforcities.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'travelforfood.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'travelforsurf-origin.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wannagives.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wbc.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wecare.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'weetenwin-cms.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'weetenwin.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'werelddealwekker.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'winwith.klm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jijenklm.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000171170621620000040300473045022100f2ba0804044f95a6f627fc0785461318ec29e71fba8078c6bb494e5b434bb25102203fc66ce6268197d9b7ef6ef8e092e165ab6ebd6c9b21ce73c1b8b7a33bb60f1e00760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c00000171170621670000040300473045022100b75288a4aeda4cf290fd0fb59957636c57539453e2ebb3a9580abe608411701d0220388899c9838066f76c1ca49705aafdcac31b6ecdc4c2290541b17b1dcf3d26ad . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00739ebd5234e619cd0ca2d8cfb614d211380248ed62be7dccfaf3621b7a046ed54a3079dcc31fcfa49f5b8698457dc4eeddeaab8193f36110841d692f49f310d107bee0e05aeed1d517a83724a8b4b112ea7903c5798585c5771cb925726a4a46d6ab3780c710ce45db243dfb21b56a47c353c8264890100eadb17ac711bf0b64356124b40e208dea25adfc2b2e54122610bf0478acb6261f2f87b3fb4ff85c8ba0a4d555b66e52d2fbadfb9e7164c67af02b746b62d9de4198bdd659fbe2bcdb827dd04776d8a7431d641e9c72933f0b0635c206048ab0c87d3a5037e6605c6b7ca219fba3ca30723eeb2c409cab32a11ad0dd9d19b2674b4a55d729ff1bd4f3