knooppunt.dataland.nl

- DataLand B.V. -

Issued by KPN BV PKIoverheid Organisatie Server CA - G3

About this certificate

This digital certificate with serial number 29:cd:81:08:f9:c2:6e:1c:5c:0f:e6:b9:11:cf:7f:9c:0a:85:37:25 was issued on by KPN B.V..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

DataLand B.V.

Company registration number: 00000003243197400000
Organization: DataLand B.V.
Organization unit: Data-ICT
State / Province: Zuid-Holland
Locality: Gouda
Country: NL

KPN B.V.

Organization: KPN B.V.
Country: NL

This certificate has expire since

Certificate Details

Serial Number (hex): 29:cd:81:08:f9:c2:6e:1c:5c:0f:e6:b9:11:cf:7f:9c:0a:85:37:25
Serial Number (int): 238651514908607640529835448770853827899562473253
Serial Number lenght: 158 bits, 20 octets

SubjectKeyId: 75:3d:a7:1c:03:0a:9b:35:2a:9b:fb:cc:97:97:03:c7:05:5a:0f:25
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18

Fingerprint (sha1): 1d:71:84:1a:0e:3a:02:c9:97:a3:f8:ec:a9:68:d7:d9:98:26:e1:c5
Fingerprint (sha256): 7d:d7:83:89:1a:31:69:4b:9c:0e:3c:57:a9:12:c2:44:42:b3:46:b3:24:1f:57:1c:bb:85:d1:7a:bc:68:89:5f

Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer

Revocation information

OCSP Server: http://g3ocsp.managedpki.com
CRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl

Check the revocation status for certificate knooppunt.dataland.nl

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for knooppunt.dataland.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

knooppunt.dataland.nl

Other certificates including the domain name dataland.nl

(limited to 100 certificates)
knoop.dataland.nl
dataland.nl
lufo.knoop.dataland.nl
weshare365.dataland.nl
digikoppelingtest.dataland.nl
dataland.nl
knooppunt.dataland.nl
knooppunt.dataland.nl
digikoppelingtest.dataland.nl
act.dataland.nl
digikoppeling.dataland.nl
lufo.knoop.dataland.nl
services.knoop.dataland.nl
knooppunt.dataland.nl
knooppunt.dataland.nl
weshare365.dataland.nl
dataland.nl
knooptm.dataland.nl
dataland.nl
knooppunt.dataland.nl
knooppunt.dataland.nl
knooppunttest.dataland.nl
belastingenknoop.dataland.nl
belastingenknoop.dataland.nl
weshare365.dataland.nl
weshare365.dataland.nl
bghu.knoop.dataland.nl
knooppuntdemo.dataland.nl
dataland.nl
regioknoopln.dataland.nl
www.dataland.nl
dataland.nl
dataland.nl
dataland.nl
knooppuntdemo.dataland.nl
dataland.nl
knooppunttest.dataland.nl
digikoppeling.dataland.nl
rbg.knoop.dataland.nl
dataland.nl
regioknoopln.dataland.nl
knooppunt.dataland.nl
dataland.nl
knooptm.dataland.nl
knooppunt.dataland.nl
knooptest.dataland.nl

Certificate

The complete raw certificate details for knooppunt.dataland.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHCDCCBPCgAwIBAgIUKc2BCPnCbhxcD+a5Ec9/nAqFNyUwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5O
VFJOTC0yNzEyNDcwMTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2Fu
aXNhdGllIFNlcnZlciBDQSAtIEczMB4XDTE5MDYxOTE0MzAyNVoXDTIwMTIxNDEy
MjAwNFowgZ4xCzAJBgNVBAYTAk5MMRUwEwYDVQQIDAxadWlkLUhvbGxhbmQxDjAM
BgNVBAcMBUdvdWRhMRYwFAYDVQQKDA1EYXRhTGFuZCBCLlYuMREwDwYDVQQLDAhE
YXRhLUlDVDEdMBsGA1UEBRMUMDAwMDAwMDMyNDMxOTc0MDAwMDAxHjAcBgNVBAMM
FWtub29wcHVudC5kYXRhbGFuZC5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAN0WzYIID5SZwg9y43YUCdMHK5pKJiqlvM7r2ZPXv+8Bo0PUNA/QieYs
ZYN0dFHdbTO7mAiLr2qZ1AuyEYLLYrda8WcoU2dzSUKzzrG96aQiD4YYkCilUDOt
sJb43WKhXfEg5XLKzViZwgOigXNXBhTpS4A024uIg9ub4NeXl6sSVWolLh+M3sIO
Ougy5ifLfPDdsrCghMGp4hIp8x+PDlfgrZd5TBwZ11bhB02hYnLAgnXvG+vKIoK8
aMgqz1tX1eDrcIl00LwIjBminYSb84eA98PF7mUjGHmj2CCku0a5s3hjUthqO1kW
JN/geUmfVzADlScQu+5b1nL0/hF15RcCAwEAAaOCAmgwggJkMIGZBggrBgEFBQcB
AQSBjDCBiTBdBggrBgEFBQcwAoZRaHR0cDovL2NlcnQubWFuYWdlZHBraS5jb20v
Q0FjZXJ0cy9LUE5CVlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVTZXJ2ZXJDQUczLTIw
MTkuY2VyMCgGCCsGAQUFBzABhhxodHRwOi8vZzNvY3NwLm1hbmFnZWRwa2kuY29t
MB0GA1UdDgQWBBR1PaccAwqbNSqb+8yXlwPHBVoPJTAMBgNVHRMBAf8EAjAAMB8G
A1UdIwQYMBaAFMOapntedCuCtsZy/XROhdKXzf0YMIGxBgNVHSAEgakwgaYwgZkG
CmCEEAGHawECBQYwgYowNwYIKwYBBQUHAgEWK2h0dHBzOi8vY2VydGlmaWNhYXQu
a3BuLmNvbS9wa2lvdmVyaGVpZC9jcHMwTwYIKwYBBQUHAgIwQwxBT3AgZGl0IGNl
cnRpZmljYWF0IGlzIGhldCBDUFMgUEtJb3ZlcmhlaWQgdmFuIEtQTiB2YW4gdG9l
cGFzc2luZy4wCAYGZ4EMAQICMF4GA1UdHwRXMFUwU6BRoE+GTWh0dHA6Ly9jcmwu
bWFuYWdlZHBraS5jb20vS1BOQlZQS0lvdmVyaGVpZE9yZ2FuaXNhdGllU2VydmVy
Q0FHMy9MYXRlc3RDUkwuY3JsMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAgYIKwYBBQUHAwEwIAYDVR0RBBkwF4IVa25vb3BwdW50LmRhdGFsYW5k
Lm5sMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQAylZsB
EqS5NzULh4/iRJFOdRXHdTwL4O1/KP8XyuwwoFhyacJTvnT7ye8KGOvEASozbOJg
q2vzD3ka+KhrGAzhYLMMpfLN4VSrjapf9rCXcIqVFoq/7EadLFEQKcfCVXJNypfK
FgyGonBG3ckJTHvlwp5AzZQ9xX4dSA9SiiuIT8mqqn4Noqxb5XEwQkTI1YsTwWR6
o1M/AMSkuKFyXt+YOvuh4n+fQPEEOiIWRFmRbAtDCxfQ+l0Urigh7H96Qh/8+Kuh
+5/NJi49hZVCZ4iU/Q9tLE89vBwG4hrFAl+hZZWKXoWttriQbqvYTPbKitxaMEHX
uM6mL6RdICCBCGPb1SeajtW3g6ew+nWCO7yym3+RnVCvAdwdsAckKjWg2roYx8m7
CBRFplYiAEetXVpap4S+mFqNSIvyhMRigJDDL0TOS/mSyNFjXz7WKSLxwXRk4tCg
yZ++pQlnbMMKMP7bkZ+CHQFit/U4StIIniy+U1XmD0zZgt1glOz+GuUtOxwdWFNo
FBuQB9AXUOyCEhY9wdsS3ZdiweKGg4VXuqGGyg2Byoloou+SR/y5e4+6E2rDAlvj
+Y46ZL1vOy76+nV30y8rY1vmXDg67kPcTN6o+Qy1Gxnm5tW9fg+4AeNDeR+LRtXc
Y6UfUik8NehUUITue5x7qrojXOVwo4TyeYl1gg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RbNgggPlJnCD3LjdhQJ
0wcrmkomKqW8zuvZk9e/7wGjQ9Q0D9CJ5ixlg3R0Ud1tM7uYCIuvapnUC7IRgsti
t1rxZyhTZ3NJQrPOsb3ppCIPhhiQKKVQM62wlvjdYqFd8SDlcsrNWJnCA6KBc1cG
FOlLgDTbi4iD25vg15eXqxJVaiUuH4zewg466DLmJ8t88N2ysKCEwaniEinzH48O
V+Ctl3lMHBnXVuEHTaFicsCCde8b68oigrxoyCrPW1fV4OtwiXTQvAiMGaKdhJvz
h4D3w8XuZSMYeaPYIKS7RrmzeGNS2Go7WRYk3+B5SZ9XMAOVJxC77lvWcvT+EXXl
FwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 238651514908607640529835448770853827899562473253
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-19 14:30:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-12-14 12:20:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Gouda'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'DataLand B.V.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Data-ICT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003243197400000'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'knooppunt.dataland.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27909909860191266733819988894921255105318676691444199458676996090765390393553538526196205158113768815090710086136309526988126250808101957045169299375644780757831251010040554663476279975881600475456745295052539480681990292138915924582356036247552396992906926638046224248895060007609180913104903944607480384554447751806769188757927524508541171083447298473583421803732949256947310383690550152359325410940872912980274638962600289182582773135407288235931997858930077457275328057385524274308778588380457067701421335832544340544465354371899650630732307034230716026510268159138279155424264432512126846347001677560783817794839
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							753da71c030a9b352a9bfbcc979703c7055a0f25
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'knooppunt.dataland.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0032959b0112a4b937350b878fe244914e7515c7753c0be0ed7f28ff17caec30a0587269c253be74fbc9ef0a18ebc4012a336ce260ab6bf30f791af8a86b180ce160b30ca5f2cde154ab8daa5ff6b097708a95168abfec469d2c511029c7c255724dca97ca160c86a27046ddc9094c7be5c29e40cd943dc57e1d480f528a2b884fc9aaaa7e0da2ac5be571304244c8d58b13c1647aa3533f00c4a4b8a1725edf983afba1e27f9f40f1043a22164459916c0b430b17d0fa5d14ae2821ec7f7a421ffcf8aba1fb9fcd262e3d859542678894fd0f6d2c4f3dbc1c06e21ac5025fa165958a5e85adb6b8906eabd84cf6ca8adc5a3041d7b8cea62fa45d2020810863dbd5279a8ed5b783a7b0fa75823bbcb29b7f919d50af01dc1db007242a35a0daba18c7c9bb081445a656220047ad5d5a5aa784be985a8d488bf284c4628090c32f44ce4bf992c8d1635f3ed62922f1c17464e2d0a0c99fbea509676cc30a30fedb919f821d0162b7f5384ad2089e2cbe5355e60f4cd982dd6094ecfe1ae52d3b1c1d585368141b9007d01750ec8212163dc1db12dd9762c1e286838557baa186ca0d81ca8968a2ef9247fcb97b8fba136ac3025be3f98e3a64bd6f3b2efafa7577d32f2b635be65c383aee43dc4cdea8f90cb51b19e6e6d5bd7e0fb801e343791f8b46d5dc63a51f52293c35e8545084ee7b9c7baaba235ce570a384f279897582