data-test.gemnet.irvn.nl
- Modulaire Gemeenschappelijke regeling Rijk van Nijmegen -
Issued by KPN BV PKIoverheid Organisatie Server CA - G3
About this certificate
This digital certificate with serial number 0e:fa:db:72:f8:06:4d:b3:81:89:04:52:a7:44:e0:11:85:e2:d8:57 was issued on by KPN B.V..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Modulaire Gemeenschappelijke regeling Rijk van Nijmegen
Company registration number:
00000001854380140000
Organization: Modulaire Gemeenschappelijke regeling Rijk van Nijmegen
Organization: Modulaire Gemeenschappelijke regeling Rijk van Nijmegen
State / Province:
Gelderland
Locality: Nijmegen
Country: NL
Locality: Nijmegen
Country: NL
KPN B.V.
Organization:
KPN B.V.
Country:
NL
This certificate has expire since
Certificate Details
Serial Number (hex): 0e:fa:db:72:f8:06:4d:b3:81:89:04:52:a7:44:e0:11:85:e2:d8:57Serial Number (int): 85520173803656566308928515512277195452540180567
Serial Number lenght: 156 bits, 20 octets
SubjectKeyId: f3:cd:35:e3:8d:75:26:59:7f:b1:00:8f:a1:a9:61:66:90:2b:25:04
AuthorityKeyId: c3:9a:a6:7b:5e:74:2b:82:b6:c6:72:fd:74:4e:85:d2:97:cd:fd:18
Fingerprint (sha1): b7:24:26:0f:6c:f9:a6:dc:10:9f:4a:2c:c7:50:ea:24:2b:24:b8:be
Fingerprint (sha256): a6:92:e7:03:bd:64:fd:62:4d:01:b0:4f:b4:16:85:ad:c1:97:88:98:f6:cf:29:f3:a4:c6:5b:a0:41:bd:4e:77
Issuing Certificate URL: http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer
Revocation information
OCSP Server: http://g3ocsp.managedpki.comCRL Distribution Point: http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl
Check the revocation status for certificate data-test.gemnet.irvn.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for data-test.gemnet.irvn.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
data-test.gemnet.irvn.nl
Other certificates including the domain name irvn.nl
(limited to 100 certificates)
irvn.nl
zaaksysteem.data.irvn.nl
data.irvn.nl
govroam.irvn.nl
ftp.ggi.irvn.nl
ciscocloud.irvn.nl
eva.data.irvn.nl
irvn.nl
xs.irvn.nl
zsh.irvn.nl
djuma.data.irvn.nl
dg.irvn.nl
xs.irvn.nl
services.irvn.nl
dg.irvn.nl
mfa.irvn.nl
xs.irvn.nl
ftp.ggi.irvn.nl
support.irvn.nl
oc.irvn.nl
oc.irvn.nl
sts.irvn.nl
wizportaal.data.irvn.nl
webapps.irvn.nl
mfa.irvn.nl
autodiscover.irvn.nl
autodiscover.irvn.nl
samen.irvn.nl
login.irvn.nl
portal.irvn.nl
samen.irvn.nl
ciscocloud.irvn.nl
sts.irvn.nl
logon.irvn.nl
autodiscover.irvn.nl
wachtwoord.irvn.nl
irvn.nl
mfa.irvn.nl
govroam.irvn.nl
data.gemnet.irvn.nl
wizportaal.data.irvn.nl
portal.irvn.nl
ftp.irvn.nl
zaaksysteem.data.irvn.nl
govroam.irvn.nl
djuma.data.irvn.nl
micollab.irvn.nl
xs.irvn.nl
dg.irvn.nl
data-test.gemnet.irvn.nl
irvn.nl
autodiscover.irvn.nl
login.irvn.nl
eva.data.irvn.nl
dgtest.irvn.nl
wachtwoord.irvn.nl
autodiscover.irvn.nl
xs.irvn.nl
samen.irvn.nl
services.irvn.nl
logon.irvn.nl
xs.irvn.nl
webmail.irvn.nl
data-test.irvn.nl
ftp.irvn.nl
dgtest.irvn.nl
myprint.irvn.nl
xs.irvn.nl
zaaksysteem.data.irvn.nl
data.irvn.nl
govroam.irvn.nl
ftp.ggi.irvn.nl
ciscocloud.irvn.nl
eva.data.irvn.nl
irvn.nl
xs.irvn.nl
zsh.irvn.nl
djuma.data.irvn.nl
dg.irvn.nl
xs.irvn.nl
services.irvn.nl
dg.irvn.nl
mfa.irvn.nl
xs.irvn.nl
ftp.ggi.irvn.nl
support.irvn.nl
oc.irvn.nl
oc.irvn.nl
sts.irvn.nl
wizportaal.data.irvn.nl
webapps.irvn.nl
mfa.irvn.nl
autodiscover.irvn.nl
autodiscover.irvn.nl
samen.irvn.nl
login.irvn.nl
portal.irvn.nl
samen.irvn.nl
ciscocloud.irvn.nl
sts.irvn.nl
logon.irvn.nl
autodiscover.irvn.nl
wachtwoord.irvn.nl
irvn.nl
mfa.irvn.nl
govroam.irvn.nl
data.gemnet.irvn.nl
wizportaal.data.irvn.nl
portal.irvn.nl
ftp.irvn.nl
zaaksysteem.data.irvn.nl
govroam.irvn.nl
djuma.data.irvn.nl
micollab.irvn.nl
xs.irvn.nl
dg.irvn.nl
data-test.gemnet.irvn.nl
irvn.nl
autodiscover.irvn.nl
login.irvn.nl
eva.data.irvn.nl
dgtest.irvn.nl
wachtwoord.irvn.nl
autodiscover.irvn.nl
xs.irvn.nl
samen.irvn.nl
services.irvn.nl
logon.irvn.nl
xs.irvn.nl
webmail.irvn.nl
data-test.irvn.nl
ftp.irvn.nl
dgtest.irvn.nl
myprint.irvn.nl
xs.irvn.nl
Certificate
The complete raw certificate details for data-test.gemnet.irvn.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHJjCCBQ6gAwIBAgIUDvrbcvgGTbOBiQRSp0TgEYXi2FcwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCTkwxETAPBgNVBAoMCEtQTiBCLlYuMRcwFQYDVQRhDA5O VFJOTC0yNzEyNDcwMTE2MDQGA1UEAwwtS1BOIEJWIFBLSW92ZXJoZWlkIE9yZ2Fu aXNhdGllIFNlcnZlciBDQSAtIEczMB4XDTE5MDkxNjA4MjAwMloXDTIxMDkxNTA4 MjAwMlowgbkxCzAJBgNVBAYTAk5MMRMwEQYDVQQIDApHZWxkZXJsYW5kMREwDwYD VQQHDAhOaWptZWdlbjFAMD4GA1UECgw3TW9kdWxhaXJlIEdlbWVlbnNjaGFwcGVs aWprZSByZWdlbGluZyBSaWprIHZhbiBOaWptZWdlbjEdMBsGA1UEBRMUMDAwMDAw MDE4NTQzODAxNDAwMDAxITAfBgNVBAMMGGRhdGEtdGVzdC5nZW1uZXQuaXJ2bi5u bDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALLRbBtA2k1bG4ulMgCS MBfxWqdqeiljH3sT5bQkQnJ++suVJ1Ek3gh5ygH8TJ633iSCS5h3zBD/gqKBzkmZ 1BfV2jXHsBuhKh8mAem+zI2qxs9iGxuKV9Ajq0ow+SehfEqM08wYXoSPEdwozF+d R6+Rz0vCjXsZCTbaYvMxMgIIFcSMvzpKC5dWSb355LEZ8Us0r2nx3F8+f7dR/Qup qz9NfGbOSQXLh2ySNoy9ddGkN/YYykVbP78ejKxLBESewpziEXYLtmk4pPWuLHL1 nPUgU1dSLIjXCBuba7Aq4sWyvBvjYURogyMD3so5lUwZmrKnmUyc2bF9Jh6rT7n4 I30CAwEAAaOCAmswggJnMIGZBggrBgEFBQcBAQSBjDCBiTBdBggrBgEFBQcwAoZR aHR0cDovL2NlcnQubWFuYWdlZHBraS5jb20vQ0FjZXJ0cy9LUE5CVlBLSW92ZXJo ZWlkT3JnYW5pc2F0aWVTZXJ2ZXJDQUczLTIwMTkuY2VyMCgGCCsGAQUFBzABhhxo dHRwOi8vZzNvY3NwLm1hbmFnZWRwa2kuY29tMB0GA1UdDgQWBBTzzTXjjXUmWX+x AI+hqWFmkCslBDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFMOapntedCuCtsZy /XROhdKXzf0YMIGxBgNVHSAEgakwgaYwgZkGCmCEEAGHawECBQYwgYowNwYIKwYB BQUHAgEWK2h0dHBzOi8vY2VydGlmaWNhYXQua3BuLmNvbS9wa2lvdmVyaGVpZC9j cHMwTwYIKwYBBQUHAgIwQwxBT3AgZGl0IGNlcnRpZmljYWF0IGlzIGhldCBDUFMg UEtJb3ZlcmhlaWQgdmFuIEtQTiB2YW4gdG9lcGFzc2luZy4wCAYGZ4EMAQICMF4G A1UdHwRXMFUwU6BRoE+GTWh0dHA6Ly9jcmwubWFuYWdlZHBraS5jb20vS1BOQlZQ S0lvdmVyaGVpZE9yZ2FuaXNhdGllU2VydmVyQ0FHMy9MYXRlc3RDUkwuY3JsMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwIwYD VR0RBBwwGoIYZGF0YS10ZXN0LmdlbW5ldC5pcnZuLm5sMBMGCisGAQQB1nkCBAMB Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4ICAQBW1o+VSMaIUi0pRMzv2IK9p6YiHbgn e3PB4fUVmgcqShkuPV3YvVW6jJnFLV9yjZU7VzHSrqevr18zbzaMvacxh2ea/WDp mW55ip/hNhybnsv22Olz8kjyZu/rcKQ7n9XJQ5EJ7NX9vBNFGcoRtsHTwGHLEKIu YKfSmJVVnsjKoWBY/6xGTsLXB3kPWV96igUqo0UV+/a3IonqUaIYeK2LyjVonjGC hHA13AAzVnHqJ6fDyFKSaPTtFhNC6Qdk9hAIF5NvKD0jMrzv7HZE73VnWKIrcQVT souLpAqol0g0EJBXWkee99vM1xLexoL6TjpucweeKSFyAIFA6qHWXrGtHLWLl0aO m8SaXWp6vzFnSRRIpccSwFkCRT1vBXbEciCyiyBuU2zo5XC+lIKNqovjyKUpDAU7 amJPEfXjp4w6VyVMtB9KhJvWPTZfXDEwH0rsxnf1k7AJE45wLYiWPZjxgYZY8t+I wReOsomx7GCncwN2OTaAyXp6PqNIpyNs1NFK5rtWVKWape1rhgxBxi6AZVDSuofw 1liYGemELgGnekU7Zf6dIaAAZaXJ2DiowTvx9SyLnAEApcLSgzpzqdf+mGZQ76vy L8vgfVBk2IcOI8WCPKnl/7x/nSCBDS2281YmmUimtEhMl66lJQUFmaJz/h+hrSpI 0b7T5iJbisTxvw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstFsG0DaTVsbi6UyAJIw F/Fap2p6KWMfexPltCRCcn76y5UnUSTeCHnKAfxMnrfeJIJLmHfMEP+CooHOSZnU F9XaNcewG6EqHyYB6b7MjarGz2IbG4pX0COrSjD5J6F8SozTzBhehI8R3CjMX51H r5HPS8KNexkJNtpi8zEyAggVxIy/OkoLl1ZJvfnksRnxSzSvafHcXz5/t1H9C6mr P018Zs5JBcuHbJI2jL110aQ39hjKRVs/vx6MrEsERJ7CnOIRdgu2aTik9a4scvWc 9SBTV1IsiNcIG5trsCrixbK8G+NhRGiDIwPeyjmVTBmasqeZTJzZsX0mHqtPufgj fQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 85520173803656566308928515512277195452540180567 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN B.V.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.97 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'NTRNL-27124701' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'KPN BV PKIoverheid Organisatie Server CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-16 08:20:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-15 08:20:02 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'NL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Gelderland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Nijmegen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Modulaire Gemeenschappelijke regeling Rijk van Nijmegen' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '00000001854380140000' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'data-test.gemnet.irvn.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22573688264502849237774098015066006560568192861563529831208395804756717202611171262003460373691578251685932757231111848606339854976670219578768969189968483048993136084285066898851182057054856755338610903943647973782944380209361366480641018022301380662548926854191480863172058534045772910589410808916364948915150566096406985235285419889797618206326129264780162014575804320050485901672203616486929257605319355440348579352995996352496741415940088978332721301370053269999086395532399742927853871997251597000899535836955318480133297649325326105526659569421169012807344099299159838106037664128151949797093557703990801081213 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.managedpki.com/CAcerts/KPNBVPKIoverheidOrganisatieServerCAG3-2019.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://g3ocsp.managedpki.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f3cd35e38d7526597fb1008fa1a96166902b2504 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c39aa67b5e742b82b6c672fd744e85d297cdfd18 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.528.1.1003.1.2.5.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://certificaat.kpn.com/pkioverheid/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Op dit certificaat is het CPS PKIoverheid van KPN van toepassing.' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (87 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.managedpki.com/KPNBVPKIoverheidOrganisatieServerCAG3/LatestCRL.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data-test.gemnet.irvn.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 0056d68f9548c688522d2944ccefd882bda7a6221db8277b73c1e1f5159a072a4a192e3d5dd8bd55ba8c99c52d5f728d953b5731d2aea7afaf5f336f368cbda73187679afd60e9996e798a9fe1361c9b9ecbf6d8e973f248f266efeb70a43b9fd5c9439109ecd5fdbc134519ca11b6c1d3c061cb10a22e60a7d29895559ec8caa16058ffac464ec2d707790f595f7a8a052aa34515fbf6b72289ea51a21878ad8bca35689e3182847035dc00335671ea27a7c3c8529268f4ed161342e90764f6100817936f283d2332bcefec7644ef756758a22b710553b28b8ba40aa89748341090575a479ef7dbccd712dec682fa4e3a6e73079e292172008140eaa1d65eb1ad1cb58b97468e9bc49a5d6a7abf3167491448a5c712c05902453d6f0576c47220b28b206e536ce8e570be94828daa8be3c8a5290c053b6a624f11f5e3a78c3a57254cb41f4a849bd63d365f5c31301f4aecc677f593b009138e702d88963d98f1818658f2df88c1178eb289b1ec60a7730376393680c97a7a3ea348a7236cd4d14ae6bb5654a59aa5ed6b860c41c62e806550d2ba87f0d6589819e9842e01a77a453b65fe9d21a00065a5c9d838a8c13bf1f52c8b9c0100a5c2d2833a73a9d7fe986650efabf22fcbe07d5064d8870e23c5823ca9e5ffbc7f9d20810d2db6f356269948a6b4484c97aea525050599a273fe1fa1ad2a48d1bed3e6225b8ac4f1bf