www.qmatic.com
- Qmatic Holland B.V. -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 4c:f9:21:c6:b2:e7:84:87:21:89:cc:a2:14:dd:f8:ff:bb:31:21:d3 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Qmatic Holland B.V.
Company registration number:
00000003280323920000
Organization: Qmatic Holland B.V.
Organization: Qmatic Holland B.V.
State / Province:
Zuid-Holland
Locality: Katwijk
Country: NL
Locality: Katwijk
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 4c:f9:21:c6:b2:e7:84:87:21:89:cc:a2:14:dd:f8:ff:bb:31:21:d3Serial Number (int): 439439126456195019246202219418671824532130570707
Serial Number lenght: 159 bits, 20 octets
SubjectKeyId: 9c:52:90:c5:80:7d:71:a8:ae:51:69:73:03:76:f3:b3:8f:2e:05:d5
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): 8a:f3:4a:d9:e4:24:d3:aa:fd:6d:eb:a3:1f:41:39:28:0c:96:e0:2d
Fingerprint (sha256): 71:9c:5e:00:13:f9:55:19:2f:ba:54:70:3a:7f:24:de:ba:a4:ec:3e:28:17:65:63:48:db:78:be:8b:ef:48:2d
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate www.qmatic.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.qmatic.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.qmatic.com
Other certificates including the domain name qmatic.com
(limited to 100 certificates)
event.qmatic.com
s2.shared.global.fastly.net
joinus.qmatic.com
*.portal.qmatic.com
*.portal.qmatic.com
s2.shared.global.fastly.net
joinus.qmatic.com
s2.shared.global.fastly.net
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
event.qmatic.com
s2.shared.global.fastly.net
joinus.qmatic.com
joinus.qmatic.com
joinus.qmatic.com
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
event.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
joinus.qmatic.com
joinus.qmatic.com
joinus.qmatic.com
*.portal.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
lp.qmatic.com
lp.qmatic.com
s2.shared.global.fastly.net
secure0160.hubspot.com
*.qmatic.com
s2.shared.global.fastly.net
lp.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
mail.qmatic.com
secure0160.hubspot.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.qmatic.com
s2.shared.global.fastly.net
www.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
lp.qmatic.com
joinus.qmatic.com
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
event.qmatic.com
event.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
event.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
joinus.qmatic.com
*.portal.qmatic.com
*.portal.qmatic.com
s2.shared.global.fastly.net
joinus.qmatic.com
s2.shared.global.fastly.net
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
event.qmatic.com
s2.shared.global.fastly.net
joinus.qmatic.com
joinus.qmatic.com
joinus.qmatic.com
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
event.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
joinus.qmatic.com
joinus.qmatic.com
joinus.qmatic.com
*.portal.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
lp.qmatic.com
lp.qmatic.com
s2.shared.global.fastly.net
secure0160.hubspot.com
*.qmatic.com
s2.shared.global.fastly.net
lp.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
mail.qmatic.com
secure0160.hubspot.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
*.qmatic.com
s2.shared.global.fastly.net
www.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
lp.qmatic.com
joinus.qmatic.com
joinus.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
event.qmatic.com
event.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
event.qmatic.com
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
s2.shared.global.fastly.net
joinus.qmatic.com
s2.shared.global.fastly.net
Certificate
The complete raw certificate details for www.qmatic.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG7zCCBNegAwIBAgIUTPkhxrLnhIchicyiFN34/7sxIdMwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5O VFJOTC0yNzEyNDcwMTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2Fu aXNhdGllIFNlcnZlciBDQSAtIEczMB4XDTE5MDcxODE0MTAwM1oXDTIxMDcxNDE0 MTAwM1owgYwxCzAJBgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxEDAO BgNVBAcMB0thdHdpamsxHDAaBgNVBAoME1FtYXRpYyBIb2xsYW5kIEIuVi4xHTAb BgNVBAUTFDAwMDAwMDAzMjgwMzIzOTIwMDAwMRcwFQYDVQQDDA53d3cucW1hdGlj LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJLTx9hvZg7bjJGo XfJnzqeKD9dYCC8HBmCOjsrUmkzoLaVMC39qIn6ayqpUh2txegGvlSWesv2voy5q OsPgTyIbMCxjwNFLNJcq5FfZqIpWry46QPXlUpTTn5Lz6NWkAxfrXroQONvTTfg6 lQarwklLoKe8OTHIdM9IMqS8r4RlC1Aqaj/4N7bjn/UM6WTXKlAIO07cMKM7Jele l1B4oxwGAt2eiU191I3kMqGS9p1fhbhlQ1Nq8IMICspoJNISJA3IKNosR/RGCH4A 5s1oyXMpXhT6N2fdXxR5CXk8j6F0Osz3mz1zEZy3snWAykL/vgYD4HSwScBAuhHs ZVIGcQUCAwEAAaOCAmEwggJdMIGZBggrBgEFBQcBAQSBjDCBiTBdBggrBgEFBQcw AoZRaHR0cDovL2NlcnQubWFuYWdlZHBraS5jb20vQ0FjZXJ0cy9LUE5CVlBLSW92 ZXJoZWlkT3JnYW5pc2F0aWVTZXJ2ZXJDQUczLTIwMTkuY2VyMCgGCCsGAQUFBzAB hhxodHRwOi8vZzNvY3NwLm1hbmFnZWRwa2kuY29tMB0GA1UdDgQWBBScUpDFgH1x qK5RaXMDdvOzjy4F1TAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFMOapntedCuC tsZy/XROhdKXzf0YMIGxBgNVHSAEgakwgaYwgZkGCmCEEAGHawECBQYwgYowNwYI KwYBBQUHAgEWK2h0dHBzOi8vY2VydGlmaWNhYXQua3BuLmNvbS9wa2lvdmVyaGVp ZC9jcHMwTwYIKwYBBQUHAgIwQwxBT3AgZGl0IGNlcnRpZmljYWF0IGlzIGhldCBD UFMgUEtJb3ZlcmhlaWQgdmFuIEtQTiB2YW4gdG9lcGFzc2luZy4wCAYGZ4EMAQIC MF4GA1UdHwRXMFUwU6BRoE+GTWh0dHA6Ly9jcmwubWFuYWdlZHBraS5jb20vS1BO QlZQS0lvdmVyaGVpZE9yZ2FuaXNhdGllU2VydmVyQ0FHMy9MYXRlc3RDUkwuY3Js MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw GQYDVR0RBBIwEIIOd3d3LnFtYXRpYy5jb20wEwYKKwYBBAHWeQIEAwEB/wQCBQAw DQYJKoZIhvcNAQELBQADggIBABp9xj3aLZ6o6XG3lCNxW/dyFWdAOsrxZKugoHwM +SWEJme5LFu6E3d4ZO9r6MdIfQOaOS92Z1FtlN1lIRCoQYCgSAzINhNw6kAuV6SO EogH+sslFMEu3GmWfDNNbvdNvfkdKq5iFiu2FB2XDM2CuJigDLBZnd4HfhAoCWph 9CUuO997CT96hK5iTFfFpFJwjTgwaz/VzTDw/Sz3kUQze6h671uWxZM7902exvwS RlFLwg5VXBPfxCVeAb9epXKCOr41mKU8dEDzixPA7JxNFRXSDRCU+Nuos4ZRte/K nsMMG+p53SrZqjIv7g7C5RjYA1zn5dH9RJpL5D4OEVmfk0LoAJ+OkFZK0xm/GXMU W5WL9DAqzGWumV5mV6Rz7Ovti5DIadgSzWggB0c4mvFsz6qUfNoHH/64lXYw7fK8 lJuDrKNSRoSlkFjI2nR64ObZuXUSKOxeXTaW+9Z6z077a7igA7E7wGz4ihT5FKrg WbjUhTpFYhzkz3zP6xL2c+lbXCOcMglawkmNGKsc69xLYMTRGGn1gRhSkCngoQ3D y1FN1sQBldraZlYWlHAwQmezglWm0pppiLyd59Ic61XR2D3rqUUru58xEvlvCP1+ sZCCc/rn1EgOnWG5JWUwByV6ensdwX4QXQWwT54JJiAf9Nx2jlnVm+ZuEI9e+44g pUTp -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktPH2G9mDtuMkahd8mfO p4oP11gILwcGYI6OytSaTOgtpUwLf2oifprKqlSHa3F6Aa+VJZ6y/a+jLmo6w+BP IhswLGPA0Us0lyrkV9moilavLjpA9eVSlNOfkvPo1aQDF+teuhA429NN+DqVBqvC SUugp7w5Mch0z0gypLyvhGULUCpqP/g3tuOf9QzpZNcqUAg7Ttwwozsl6V6XUHij HAYC3Z6JTX3UjeQyoZL2nV+FuGVDU2rwgwgKymgk0hIkDcgo2ixH9EYIfgDmzWjJ cyleFPo3Z91fFHkJeTyPoXQ6zPebPXMRnLeydYDKQv++BgPgdLBJwEC6EexlUgZx BQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 439439126456195019246202219418671824532130570707 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-18 14:10:03 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-14 14:10:03 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Katwijk' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Qmatic Holland B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003280323920000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.qmatic.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18535225453997892206488182120928044486986916150067408725139124682200055807988861081233618840275201934959836387996280996754378730128836270491168544444095951315512793638433454465034789531438351986921133650811816856301496243173679997760046951975161114204063415489384371285092757026547328087786462766391263528004457424258026251138062904021514942984316290726781421543843961367412508188573065791535340537017733556713027492918412768747662891391191361440129125301785857763215034932860106804717056562742448166254700381864692912174448229850246734437755089863457707859462802485586250904197646276510213598927432557748864357396741 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9c5290c5807d71a8ae5169730376f3b38f2e05d5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.qmatic.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 001a7dc63dda2d9ea8e971b79423715bf7721567403acaf164aba0a07c0cf925842667b92c5bba13777864ef6be8c7487d039a392f7667516d94dd652110a84180a0480cc8361370ea402e57a48e128807facb2514c12edc69967c334d6ef74dbdf91d2aae62162bb6141d970ccd82b898a00cb0599dde077e1028096a61f4252e3bdf7b093f7a84ae624c57c5a452708d38306b3fd5cd30f0fd2cf79144337ba87aef5b96c5933bf74d9ec6fc1246514bc20e555c13dfc4255e01bf5ea572823abe3598a53c7440f38b13c0ec9c4d1515d20d1094f8dba8b38651b5efca9ec30c1bea79dd2ad9aa322fee0ec2e518d8035ce7e5d1fd449a4be43e0e11599f9342e8009f8e90564ad319bf1973145b958bf4302acc65ae995e6657a473ecebed8b90c869d812cd68200747389af16ccfaa947cda071ffeb8957630edf2bc949b83aca3524684a59058c8da747ae0e6d9b9751228ec5e5d3696fbd67acf4efb6bb8a003b13bc06cf88a14f914aae059b8d4853a45621ce4cf7ccfeb12f673e95b5c239c32095ac2498d18ab1cebdc4b60c4d11869f58118529029e0a10dc3cb514dd6c40195dada6656169470304267b38255a6d29a6988bc9de7d21ceb55d1d83deba9452bbb9f3112f96f08fd7eb1908273fae7d4480e9d61b925653007257a7a7b1dc17e105d05b04f9e0926201ff4dc768e59d59be66e108f5efb8e20a544e9