noriskit.nl
- NORISK IT Groep BV -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 03:ac:c8:29:9a:4d:b6:67 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
NORISK IT Groep BV
Company registration number:
00000003040736480000
Organization: NORISK IT Groep BV
Organization: NORISK IT Groep BV
State / Province:
Groningen
Locality: Groningen
Country: NL
Locality: Groningen
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ac:c8:29:9a:4d:b6:67Serial Number (int): 264806559116015207
Serial Number lenght: 58 bits, 8 octets
SubjectKeyId: dd:15:5f:c1:0d:8e:f2:6f:b5:ce:b2:67:b3:8b:99:da:5e:c8:35:41
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): 64:8c:72:21:6f:15:3c:c3:7d:3e:21:89:1c:65:32:92:61:ed:c5:5e
Fingerprint (sha256): 7b:91:39:9e:99:15:ce:87:a5:fa:d6:b1:c0:bb:26:bf:7f:eb:dd:eb:02:87:15:11:1d:2e:0b:46:5f:1d:67:ed
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate noriskit.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for noriskit.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
noriskit.nl
Other certificates including the domain name noriskit.nl
(limited to 100 certificates)
telefonie.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
telefonie.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
spindle.wikibase.nl
access.enterlync.net
telefonie.noriskit.nl
access.enterlync.net
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
telefonie.noriskit.nl
access.enterlync.net
noriskit.nl
noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
telefonie.noriskit.nl
telefonie.noriskit.nl
*.noriskit.nl
telefonie.noriskit.nl
noriskit.nl
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
mail.noriskit.nl
access.enterlync.net
access.enterlync.net
noriskit.nl
*.noriskit.nl
telefonie.noriskit.nl
spindle.wikibase.nl
noriskit.nl
noriskit.nl
noriskit.nl
*.noriskit.nl
access.enterlync.net
access.enterlync.net
*.noriskit.nl
telefonie.noriskit.nl
noriskit.nl
telefonie.noriskit.nl
access.enterlync.net
access.enterlync.net
spindle.wikibase.nl
noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
telefonie.noriskit.nl
noriskit.nl
access.enterlync.net
telefonie.noriskit.nl
noriskit.nl
access.enterlync.net
noriskit.nl
spindle.wikibase.nl
citrix.noriskit.nl
telefonie.noriskit.nl
access.enterlync.net
access.enterlync.net
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
citrix.noriskit.nl
access.enterlync.net
telefonie.noriskit.nl
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
spindle.wikibase.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
telefonie.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
spindle.wikibase.nl
access.enterlync.net
telefonie.noriskit.nl
access.enterlync.net
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
telefonie.noriskit.nl
access.enterlync.net
noriskit.nl
noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
telefonie.noriskit.nl
telefonie.noriskit.nl
*.noriskit.nl
telefonie.noriskit.nl
noriskit.nl
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
access.enterlync.net
mail.noriskit.nl
access.enterlync.net
access.enterlync.net
noriskit.nl
*.noriskit.nl
telefonie.noriskit.nl
spindle.wikibase.nl
noriskit.nl
noriskit.nl
noriskit.nl
*.noriskit.nl
access.enterlync.net
access.enterlync.net
*.noriskit.nl
telefonie.noriskit.nl
noriskit.nl
telefonie.noriskit.nl
access.enterlync.net
access.enterlync.net
spindle.wikibase.nl
noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
telefonie.noriskit.nl
noriskit.nl
access.enterlync.net
telefonie.noriskit.nl
noriskit.nl
access.enterlync.net
noriskit.nl
spindle.wikibase.nl
citrix.noriskit.nl
telefonie.noriskit.nl
access.enterlync.net
access.enterlync.net
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
citrix.noriskit.nl
access.enterlync.net
telefonie.noriskit.nl
*.noriskit.nl
access.enterlync.net
access.enterlync.net
access.enterlync.net
spindle.wikibase.nl
access.enterlync.net
access.enterlync.net
Certificate
The complete raw certificate details for noriskit.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIvDCCBqSgAwIBAgIIA6zIKZpNtmcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UE BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5OVFJOTC0yNzEyNDcw MTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2FuaXNhdGllIFNlcnZl ciBDQSAtIEczMB4XDTE4MDExMTEwNDAwNFoXDTIxMDExMDEwNDAwNFowgYcxCzAJ BgNVBAYTAk5MMRIwEAYDVQQIDAlHcm9uaW5nZW4xEjAQBgNVBAcMCUdyb25pbmdl bjEbMBkGA1UECgwSTk9SSVNLIElUIEdyb2VwIEJWMR0wGwYDVQQFExQwMDAwMDAw MzA0MDczNjQ4MDAwMDEUMBIGA1UEAwwLbm9yaXNraXQubmwwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCGAGfL0PGYp9ehLZS3jNDpIf+A1pc6RS4lEeRQ 0H2ft2fVWgFpq9f1HO8SAcyIoLOXIUAAJj2v4/mpm25Kghhux6Oj2RQYLk2zHFFL foBQsm9wWSaJxcGQbvxbsfwF+X2mGlAvKbMtCSW8QZyF3KZ9pTmONTQemAq2gK7Q 44cTf16yX2g3BRVz0Q+oAsOOk95bWZCDNPtmlryjm6Q0kMAwDvc8Gc22FpN/ctus 0gmNpgp+4i9drZNZNuP4ot2XTphzCj49kiojJbe/P7UI7lwCIFl8IfZTQyZfLc/P 6ZbyEQmyKRIT6sAT0O4laFxtztrNXv6F4LAPgYD5jTJHjrDjAgMBAAGjggQ/MIIE OzCBlAYIKwYBBQUHAQEEgYcwgYQwWAYIKwYBBQUHMAKGTGh0dHA6Ly9jZXJ0Lm1h bmFnZWRwa2kuY29tL0NBY2VydHMvS1BOQlZQS0lvdmVyaGVpZE9yZ2FuaXNhdGll U2VydmVyQ0FHMy5jZXIwKAYIKwYBBQUHMAGGHGh0dHA6Ly9nM29jc3AubWFuYWdl ZHBraS5jb20wHQYDVR0OBBYEFN0VX8ENjvJvtc6yZ7OLmdpeyDVBMAwGA1UdEwEB /wQCMAAwHwYDVR0jBBgwFoAUw5qme150K4K2xnL9dE6F0pfN/RgwgbEGA1UdIASB qTCBpjCBmQYKYIQQAYdrAQIFBjCBijA3BggrBgEFBQcCARYraHR0cHM6Ly9jZXJ0 aWZpY2FhdC5rcG4uY29tL3BraW92ZXJoZWlkL2NwczBPBggrBgEFBQcCAjBDDEFP cCBkaXQgY2VydGlmaWNhYXQgaXMgaGV0IENQUyBQS0lvdmVyaGVpZCB2YW4gS1BO IHZhbiB0b2VwYXNzaW5nLjAIBgZngQwBAgIwXgYDVR0fBFcwVTBToFGgT4ZNaHR0 cDovL2NybC5tYW5hZ2VkcGtpLmNvbS9LUE5CVlBLSW92ZXJoZWlkT3JnYW5pc2F0 aWVTZXJ2ZXJDQUczL0xhdGVzdENSTC5jcmwwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAWBgNVHREEDzANggtub3Jpc2tpdC5u bDCCAfcGCisGAQQB1nkCBAIEggHnBIIB4wHhAHcA7ku9t3XOYLrhQmkfq+GeZqMP fl+wctiDAMR7iXqo/csAAAFg5M4xswAABAMASDBGAiEA5kUwbR5LpGby0Z2hf7/C DyWYX7CvTHZgJ7MRh8l6WgwCIQD0HtLXoEiBNTEMuUdhUkLdUJHcRBG+LzC9RO4D 0WtTqAB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABYOTOMtgA AAQDAEcwRQIhAP2AfEjAjRdRHn86YQFusdlg+A0hX3uwLwmLPNl29zcPAiAfZ5If tIyjeQlHNjt0rZxynfhyz5bKx3S6fXW/OORHhQB3ALvZ37wfinG1k5Qjl6qSe0c4 V5UKq1LoGpCWZDaOHtGFAAABYOTOM6cAAAQDAEgwRgIhAN1S0mLf85r8Hklnu2r5 GVrMSSqHoQST/8PQGwrW08IDAiEAjwPHW3Kv9S2DbGoi3O99eEuyceeYWLOU4zip BAMO8E4AdQCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWDkzjO8 AAAEAwBGMEQCIHsIPq240tbeA6BsX60gBFNi+caRtqN6/6Q7nk78/o9CAiAjo1xM nIiEFHRHBp730hs1L2aEQXdV3Z/w6VKelbEK5jANBgkqhkiG9w0BAQsFAAOCAgEA KpPBchchnWx/iiWu86kq039oNgJMXjh5OAd7N8b9ppeC4NkxfU2JikOufRDGm1mJ j8x4pmKmD+ouZouizESIkj19GniodJBPU5WN0cP7zB3bvjvx8qc4NdeRVzxqNWew /DMLxcV80M1GnN7jmhDd9Hxbxr+r3VDdZc+x0/lmJ7VafjML1vWUUHl521V+c81i nAKtf7adN5iV4HChyayRj2XWp0TPUhGPitUY0F5voGDrso2ZQM2fDEUUYqCodZ8+ IrDH7NFXz+LxA+nnho49q9dqOogaxL0Wuk1aMy4Cx+FBBpYhNV02cwJxWPM4pP1S 7F3SmVMZ47LkcqAaDs9g94vUZ+0mrUv8nhUIKUJq+3R/RAykphoNIL9dIPdG6TSQ cVNGugYGoLTzH2Ay7QISAl+RAfcSlcnGOHhdrhy24AY+eUmRHq3gEbiq+m11yhS8 kWUF6iMUtQAU4gAxjqutX8x/kbUa38ERnlViE9K330uUmZeelkdFKSqOqXpuZk2y e/UeHMt7gNE+X8NkPTDhVjen7ch9F0DUUPqEUlHIpEUOATrQ9DRKBLebDCsqFV+N nABeIiV+88V4/O1w+0AgjcfqBtxQSzmVKFyk67QbCNEcRBS3hAuZpJLJHih4Rkio QxthDPqjKS8FA3s/on0Yjo4bZrfYCN2bRlQ0xG/9Kzg= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgBny9DxmKfXoS2Ut4zQ 6SH/gNaXOkUuJRHkUNB9n7dn1VoBaavX9RzvEgHMiKCzlyFAACY9r+P5qZtuSoIY bsejo9kUGC5NsxxRS36AULJvcFkmicXBkG78W7H8Bfl9phpQLymzLQklvEGchdym faU5jjU0HpgKtoCu0OOHE39esl9oNwUVc9EPqALDjpPeW1mQgzT7Zpa8o5ukNJDA MA73PBnNthaTf3LbrNIJjaYKfuIvXa2TWTbj+KLdl06Ycwo+PZIqIyW3vz+1CO5c AiBZfCH2U0MmXy3Pz+mW8hEJsikSE+rAE9DuJWhcbc7azV7+heCwD4GA+Y0yR46w 4wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 264806559116015207 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-01-11 10:40:04 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-01-10 10:40:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Groningen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Groningen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NORISK IT Groep BV' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003040736480000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'noriskit.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16916132802141902725121868809775634031821598832210502047559713980206945577236161432060340330444912666341010742240419975859420160522826063630248675626276768449761107822095287716527761700686188813218254073272296695585157544204816102562717515396895891050192139754938978086842075531587978832135676276481547595985618588490671302460511081751925174133379590444248234384282197241302519110927473846003548704668646391056520555309182378324936344703227886474146920769022579773510093414115697516721485466324064066588686457533613850710523453165614342547481836238142985206761438450572554800662051532467154715138060428752145729106147 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (135 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) dd155fc10d8ef26fb5ceb267b38b99da5ec83541 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'noriskit.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) 01e1007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb00000160e4ce31b30000040300483046022100e645306d1e4ba466f2d19da17fbfc20f25985fb0af4c766027b31187c97a5a0c022100f41ed2d7a0488135310cb947615242dd5091dc4411be2f30bd44ee03d16b53a80076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000160e4ce32d80000040300473045022100fd807c48c08d17511e7f3a61016eb1d960f80d215f7bb02f098b3cd976f7370f02201f67921fb48ca3790947363b74ad9c729df872cf96cac774ba7d75bf38e44785007700bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000160e4ce33a70000040300483046022100dd52d262dff39afc1e4967bb6af9195acc492a87a10493ffc3d01b0ad6d3c2030221008f03c75b72aff52d836c6a22dcef7d784bb271e79858b394e338a904030ef04e007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000160e4ce33bc000004030046304402207b083eadb8d2d6de03a06c5fad20045362f9c691b6a37affa43b9e4efcfe8f42022023a35c4c9c8884147447069ef7d21b352f6684417755dd9ff0e9529e95b10ae6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 002a93c17217219d6c7f8a25aef3a92ad37f6836024c5e387938077b37c6fda69782e0d9317d4d898a43ae7d10c69b59898fcc78a662a60fea2e668ba2cc4488923d7d1a78a874904f53958dd1c3fbcc1ddbbe3bf1f2a73835d791573c6a3567b0fc330bc5c57cd0cd469cdee39a10ddf47c5bc6bfabdd50dd65cfb1d3f96627b55a7e330bd6f594507979db557e73cd629c02ad7fb69d379895e070a1c9ac918f65d6a744cf52118f8ad518d05e6fa060ebb28d9940cd9f0c451462a0a8759f3e22b0c7ecd157cfe2f103e9e7868e3dabd76a3a881ac4bd16ba4d5a332e02c7e141069621355d3673027158f338a4fd52ec5dd2995319e3b2e472a01a0ecf60f78bd467ed26ad4bfc9e150829426afb747f440ca4a61a0d20bf5d20f746e93490715346ba0606a0b4f31f6032ed0212025f9101f71295c9c638785dae1cb6e0063e7949911eade011b8aafa6d75ca14bc916505ea2314b50014e200318eabad5fcc7f91b51adfc1119e556213d2b7df4b9499979e964745292a8ea97a6e664db27bf51e1ccb7b80d13e5fc3643d30e15637a7edc87d1740d450fa845251c8a4450e013ad0f4344a04b79b0c2b2a155f8d9c005e22257ef3c578fced70fb40208dc7ea06dc504b3995285ca4ebb41b08d11c4414b7840b99a492c91e28784648a8431b610cfaa3292f05037b3fa27d188e8e1b66b7d808dd9b465434c46ffd2b38