vpnaccess.oam.kpn.net
- Koninklijke KPN N.V. -
Issued by KPN PKIoverheid Organisatie CA - G2
About this certificate
This digital certificate with serial number 6c:f7:9a:31:35:58:c9:22 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- When the id-ad-caIssuers accessMethod is used, at least one instance SHOULD specify an accessLocation that is an HTTP or LDAP URI (RFC 5280: 4.2.2.1)
- Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate (BRs: 7.1.2.3)
Koninklijke KPN N.V.
Company registration number:
00000003020452000000
Organization: Koninklijke KPN N.V.
Organization: Koninklijke KPN N.V.
State / Province:
Zuid-Holland
Locality: 's-Gravenhage
Country: NL
Locality: 's-Gravenhage
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 6c:f7:9a:31:35:58:c9:22Serial Number (int): 7851914011482835234
Serial Number lenght: 63 bits, 8 octets
SubjectKeyId: 3a:c0:ee:6a:aa:40:78:f1:68:5a:17:a3:e5:0a:60:9f:8d:49:3e:73
AuthorityKeyId: 75:a3:4e:8f:1e:97:dd:6c:88:01:31:ef:72:21:c2:6e:60:94:7d:80
Fingerprint (sha1): f6:c8:96:37:e5:cf:fc:fa:d2:e5:3f:37:f9:84:d7:2e:88:60:9e:7a
Fingerprint (sha256): 8b:d3:44:a6:00:51:5e:29:e3:00:48:fd:a5:74:11:2e:2f:d9:58:af:d4:2a:86:56:81:da:4c:3b:4f:32:0a:32
Issuing Certificate URL: https://cert.managedpki.com/CAcerts/KPNPKIoverheidOrganisatieCAG2.cer
Revocation information
OCSP Server: http://g2ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNPKIoverheidOrganisatieCAG2/LatestCRL.crl
Check the revocation status for certificate vpnaccess.oam.kpn.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for vpnaccess.oam.kpn.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Email Protection
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
vpnaccess.oam.kpn.net
Other certificates including the domain name kpn.net
(limited to 100 certificates)
rt2-vlg-1.pmr.kpn.net
zandvoort3.ZIPB.kpn.net
texel1.zipb.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
vlissingen1.ZIPB.kpn.net
zandvoort3.zipb.kpn.net
prmnp1.pmr.kpn.net
diensten.monitoring.kpn.net
zierikzee1.zipb.kpn.net
pem.kpn.net
zandvoort3.kpn.net
tenrvlissingen1.kpn.net
webmail.kpn.net
vpnaccess.oam.kpn.net
www.kpn.net
wdaht.pmr.kpn.net
pmht.pmr.kpn.net
prmnp2.pmr.kpn.net
gemnr2.pmr.kpn.net
wopa.kpn.net
tenrzandvoort3.kpn.net
webmail.kpn.net
diensten.monitoring.kpn.net
zandvoort1.kpn.net
dot.kpn.com
asd2-vlg-1.pmr.kpn.net
vlissingen1.kpn.net
citrixportal.ttrc.oam.kpn.net
gouda0-rt.cust.kpn.net
test.diensten.monitoring.kpn.net
zandvoort3.kpn.net
www.kpn.net
zandvoort3.kpn.net
gemnp1.pmr.kpn.net
test.diensten.monitoring.kpn.net
vlissingen1.ZIPB.kpn.net
www.kpn.net
wopa.kpn.net
wopatest.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
tenrzandvoort3.zipb.kpn.net
77-169-194-218.fixed.kpn.net
gemnp2.pmr.kpn.net
89-163-151-197.mobile.kpn.net
77-163-140-51.fixed.kpn.net
gemnr1.pmr.kpn.net
213-10-121-183.fixed.kpn.net
prmnr1.pmr.kpn.net
www.kpn.net
www.kpn.net
www.kpn.net
86-84-188-139.fixed.kpn.net
aht.pmr.kpn.net
rt2-vlg-1.pmr.kpn.net
vlissingen1.zipb.kpn.net
zierikzee1.zipb.kpn.net
texel1.zipb.kpn.net
wopa.kpn.net
wopatest.kpn.net
zandvoort3.zipb.kpn.net
prmnr2.pmr.kpn.net
tenrzandvoort1.zipb.kpn.net
gst.pmr.kpn.net
gouda0-asd.cust.kpn.net
diensten.monitoring.kpn.net
clht.pmr.kpn.net
www.kpn.net
plht.pmr.kpn.net
*.pmr.kpn.net
www.kpn.net
pst.pmr.kpn.net
vpnaccess.oam.kpn.net
wopa.kpn.net
citrixportal.oam.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
groningen1-rt.cust.kpn.net
vlissingen1.kpn.net
vpnaccess.oam.kpn.net
diensten.monitoring.kpn.net
tenrtexel1.zipb.kpn.net
texel1.zipb.kpn.net
test.diensten.monitoring.kpn.net
tenrzandvoort1.kpn.net
vlissingen1.kpn.net
avds.monitoring.kpn.net
zierikzee1.zipb.kpn.net
groningen1-asd.cust.kpn.net
cri.pmr.kpn.net
sntpf.pmr.kpn.net
wopa.kpn.net
texel1.zipb.kpn.net
*.pem.kpn.net
citrixportal.mobidata.kpn.net
zandvoort3.ZIPB.kpn.net
texel1.zipb.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
vlissingen1.ZIPB.kpn.net
zandvoort3.zipb.kpn.net
prmnp1.pmr.kpn.net
diensten.monitoring.kpn.net
zierikzee1.zipb.kpn.net
pem.kpn.net
zandvoort3.kpn.net
tenrvlissingen1.kpn.net
webmail.kpn.net
vpnaccess.oam.kpn.net
www.kpn.net
wdaht.pmr.kpn.net
pmht.pmr.kpn.net
prmnp2.pmr.kpn.net
gemnr2.pmr.kpn.net
wopa.kpn.net
tenrzandvoort3.kpn.net
webmail.kpn.net
diensten.monitoring.kpn.net
zandvoort1.kpn.net
dot.kpn.com
asd2-vlg-1.pmr.kpn.net
vlissingen1.kpn.net
citrixportal.ttrc.oam.kpn.net
gouda0-rt.cust.kpn.net
test.diensten.monitoring.kpn.net
zandvoort3.kpn.net
www.kpn.net
zandvoort3.kpn.net
gemnp1.pmr.kpn.net
test.diensten.monitoring.kpn.net
vlissingen1.ZIPB.kpn.net
www.kpn.net
wopa.kpn.net
wopatest.kpn.net
texel1.zipb.kpn.net
wopatest.kpn.net
tenrzandvoort3.zipb.kpn.net
77-169-194-218.fixed.kpn.net
gemnp2.pmr.kpn.net
89-163-151-197.mobile.kpn.net
77-163-140-51.fixed.kpn.net
gemnr1.pmr.kpn.net
213-10-121-183.fixed.kpn.net
prmnr1.pmr.kpn.net
www.kpn.net
www.kpn.net
www.kpn.net
86-84-188-139.fixed.kpn.net
aht.pmr.kpn.net
rt2-vlg-1.pmr.kpn.net
vlissingen1.zipb.kpn.net
zierikzee1.zipb.kpn.net
texel1.zipb.kpn.net
wopa.kpn.net
wopatest.kpn.net
zandvoort3.zipb.kpn.net
prmnr2.pmr.kpn.net
tenrzandvoort1.zipb.kpn.net
gst.pmr.kpn.net
gouda0-asd.cust.kpn.net
diensten.monitoring.kpn.net
clht.pmr.kpn.net
www.kpn.net
plht.pmr.kpn.net
*.pmr.kpn.net
www.kpn.net
pst.pmr.kpn.net
vpnaccess.oam.kpn.net
wopa.kpn.net
citrixportal.oam.kpn.net
www.kpn.net
test.diensten.monitoring.kpn.net
www.kpn.net
groningen1-rt.cust.kpn.net
vlissingen1.kpn.net
vpnaccess.oam.kpn.net
diensten.monitoring.kpn.net
tenrtexel1.zipb.kpn.net
texel1.zipb.kpn.net
test.diensten.monitoring.kpn.net
tenrzandvoort1.kpn.net
vlissingen1.kpn.net
avds.monitoring.kpn.net
zierikzee1.zipb.kpn.net
groningen1-asd.cust.kpn.net
cri.pmr.kpn.net
sntpf.pmr.kpn.net
wopa.kpn.net
texel1.zipb.kpn.net
*.pem.kpn.net
citrixportal.mobidata.kpn.net
Certificate
The complete raw certificate details for vpnaccess.oam.kpn.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGtDCCBJygAwIBAgIIbPeaMTVYySIwDQYJKoZIhvcNAQELBQAwTjELMAkGA1UE BhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMSwwKgYDVQQDDCNLUE4gUEtJb3Zlcmhl aWQgT3JnYW5pc2F0aWUgQ0EgLSBHMjAeFw0xNjEwMDQwODQwMTVaFw0xOTEwMDQw ODQwMTVaMIGaMQswCQYDVQQGEwJOTDEVMBMGA1UECAwMWnVpZC1Ib2xsYW5kMRYw FAYDVQQHDA0ncy1HcmF2ZW5oYWdlMR0wGwYDVQQKDBRLb25pbmtsaWprZSBLUE4g Ti5WLjEdMBsGA1UEBRMUMDAwMDAwMDMwMjA0NTIwMDAwMDAxHjAcBgNVBAMMFXZw bmFjY2Vzcy5vYW0ua3BuLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQ8TbboTXRyyfuQi42fBi0RJ8EF1L9m8QDSLAciIpDZjyhYarV91FqEXU/2 LBWz0pXWhZ0yhKeulCmIu4hlTW0oxdyrSXNKU4huz80uFggFfWw1yf+WCbhc2fsu uO1E6jfcTgQcZ2sGAs5beQwepgJyDIk4fH3SFcEXFPSiYB7oaf56yvzS7XrPls0W EWhlUka2YH+m27HWZQm0Su8ZncpJJKylO3cZV+GcLfU8518Qmv1bamikHHPcpbNO FzQRU9DK4LIgOGOsBKTD9Rh2Vtm/KPwhwBHaKeh9I/J4ZboIi5KqvmenCeCE9hov +lVh3CGVn5l7taqFXux4efc+k/ECAwEAAaOCAkcwggJDMIGLBggrBgEFBQcBAQR/ MH0wUQYIKwYBBQUHMAKGRWh0dHBzOi8vY2VydC5tYW5hZ2VkcGtpLmNvbS9DQWNl cnRzL0tQTlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVDQUcyLmNlcjAoBggrBgEFBQcw AYYcaHR0cDovL2cyb2NzcC5tYW5hZ2VkcGtpLmNvbTAdBgNVHQ4EFgQUOsDuaqpA ePFoWhej5Qpgn41JPnMwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR1o06PHpfd bIgBMe9yIcJuYJR9gDCBsQYDVR0gBIGpMIGmMIGZBgpghBABh2sBAgUGMIGKMDcG CCsGAQUFBwIBFitodHRwczovL2NlcnRpZmljYWF0Lmtwbi5jb20vcGtpb3Zlcmhl aWQvY3BzME8GCCsGAQUFBwICMEMMQU9wIGRpdCBjZXJ0aWZpY2FhdCBpcyBoZXQg Q1BTIFBLSW92ZXJoZWlkIHZhbiBLUE4gdmFuIHRvZXBhc3NpbmcuMAgGBmeBDAEC AjBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1hbmFnZWRwa2kuY29tL0tQ TlBLSW92ZXJoZWlkT3JnYW5pc2F0aWVDQUcyL0xhdGVzdENSTC5jcmwwDgYDVR0P AQH/BAQDAgWgMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUH AwQwIAYDVR0RBBkwF4IVdnBuYWNjZXNzLm9hbS5rcG4ubmV0MA0GCSqGSIb3DQEB CwUAA4ICAQBjMqct3u9rxIgQc/aj+tQNNpRxiQ0q9V+IaNXYgDleMAW34lUMKD1b /hBC23MD8KVh8NIiYrLm0uUE9zmXB7BBlviewhY9e/mDds0ThvKah6sBUKGESd/f tnR6Z7Caw6dS1dBHHhTcbqD7gsERYh/8x5GDOP+Fjd6bmmsbQhjQnU6H0EkOlmNp vJFlPNOMczpcBp7wOSE6tpg1tGkpysIRSDGuHL8+yele66o/MKp9VcvrceNWDqJ9 MciRSeDEEZci4YH6tZNj9fTrJdIShqsQMy42AZhFk0r1FKV+alhNRWsi9W1OnU6T 2SlZuHzbPKQ+zyJ23/kfnuxiI3HJrUwzb45aMas/xH+bIM2+DGRAX5ZrHhlpBFzw 0p0Ke+JnBk8JkPMXyrMn5PM4Rej/BGYE2v2uME4YMkrUMD/4ueQgAWOvkRMPJb7W 3kBo6kH5HMGYDkO8XioyI8ZOD7Ryqyflua1m6ZJZ1NSLQKTUpmeB2VC7fqWCVOuA m53H0hSBq1MDCSGoEy+14xFcH+v64i3G7LOyjENWvS4xKkO7oDrIO0rL4pUlsrX5 j95rXI1m/Tcp/vgs1YeZ0vxZUhyHKA6p+WuRofSdBRfl1i1sj9gcbC74j9vyHz+o yk5cbloEw0sSPIGeXeSPXn7lQ6FDSuCbJthvOE+m4WcXTCGHeim65A== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDxNtuhNdHLJ+5CLjZ8G LREnwQXUv2bxANIsByIikNmPKFhqtX3UWoRdT/YsFbPSldaFnTKEp66UKYi7iGVN bSjF3KtJc0pTiG7PzS4WCAV9bDXJ/5YJuFzZ+y647UTqN9xOBBxnawYCzlt5DB6m AnIMiTh8fdIVwRcU9KJgHuhp/nrK/NLtes+WzRYRaGVSRrZgf6bbsdZlCbRK7xmd ykkkrKU7dxlX4Zwt9TznXxCa/VtqaKQcc9yls04XNBFT0MrgsiA4Y6wEpMP1GHZW 2b8o/CHAEdop6H0j8nhlugiLkqq+Z6cJ4IT2Gi/6VWHcIZWfmXu1qoVe7Hh59z6T 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7851914011482835234 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN PKIoverheid Organisatie CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-04 08:40:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-04 08:40:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Zuid-Holland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String ''s-Gravenhage' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Koninklijke KPN N.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000003020452000000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'vpnaccess.oam.kpn.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22752631693646065240265135759983277198374104328319658066459529788044872654708407609833071906810599398601004249713138721534672900648570382899842823679098525276256077233671790110502026615154476316440309063351350223702664877134820567736427441231284467238306729086492996812922671675274843096151756573323284503498586256808322815273333524624583164183140254879135329484410449186258891728100909837938555612975062620778565982670119939217832879517797992985451107653418890136106568858796139919251009615936409812042518387438860264777645892417494358636204349335115798705981130683865549754238347732680125857168313535210619175605233 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'https://cert.managedpki.com/CAcerts/KPNPKIoverheidOrganisatieCAG2.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g2ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3ac0ee6aaa4078f1685a17a3e50a609f8d493e73 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 75a34e8f1e97dd6c880131ef7221c26e60947d80 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNPKIoverheidOrganisatieCAG2/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.4 (emailProtection) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpnaccess.oam.kpn.net' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 006332a72ddeef6bc4881073f6a3fad40d369471890d2af55f8868d5d880395e3005b7e2550c283d5bfe1042db7303f0a561f0d22262b2e6d2e504f7399707b04196f89ec2163d7bf98376cd1386f29a87ab0150a18449dfdfb6747a67b09ac3a752d5d0471e14dc6ea0fb82c111621ffcc7918338ff858dde9b9a6b1b4218d09d4e87d0490e966369bc91653cd38c733a5c069ef039213ab69835b46929cac2114831ae1cbf3ec9e95eebaa3f30aa7d55cbeb71e3560ea27d31c89149e0c4119722e181fab59363f5f4eb25d21286ab10332e36019845934af514a57e6a584d456b22f56d4e9d4e93d92959b87cdb3ca43ecf2276dff91f9eec622371c9ad4c336f8e5a31ab3fc47f9b20cdbe0c64405f966b1e1969045cf0d29d0a7be267064f0990f317cab327e4f33845e8ff046604dafdae304e18324ad4303ff8b9e4200163af91130f25bed6de4068ea41f91cc1980e43bc5e2a3223c64e0fb472ab27e5b9ad66e99259d4d48b40a4d4a66781d950bb7ea58254eb809b9dc7d21481ab53030921a8132fb5e3115c1febfae22dc6ecb3b28c4356bd2e312a43bba03ac83b4acbe29525b2b5f98fde6b5c8d66fd3729fef82cd58799d2fc59521c87280ea9f96b91a1f49d0517e5d62d6c8fd81c6c2ef88fdbf21f3fa8ca4e5c6e5a04c34b123c819e5de48f5e7ee543a1434ae09b26d86f384fa6e167174c21877a29bae4