KPNPKIoverheidServerCA2020.cer: CN=KPN PKIoverheid Server CA 2020,O=KPN B.V.,C=NL (Intermediate Certificate, Expiring 2022-12-05) detail info and audit record

Last Updated: 2023-05-06

Page content

CA Certificate Information and Audit Record

This certificate is intermediate certificate used for the issuance of other certificates.

Certificate Download URL: http://cert.managedpki.com/CAcerts/KPNPKIoverheidServerCA2020.cer (in DER format )
Serial Number : 665647295010691963802221771201985143649427249885
SHA-1 Fingerprint : 1d1923aca2ddcc12e32436388d15af3cc886f377
SHA-1 Fingerprint : 1d:19:23:ac:a2:dd:cc:12:e3:24:36:38:8d:15:af:3c:c8:86:f3:77
SHA-256 Fingerprint : 592e1a2f0a34284b0e26fcb4fed22af859848eee8822adb61b42dab47a2ffdc2
SHA-256 Fingerprint : 59:2e:1a:2f:0a:34:28:4b:0e:26:fc:b4:fe:d2:2a:f8:59:84:8e:ee:88:22:ad:b6:1b:42:da:b4:7a:2f:fd:c2
Signature Hash Algorithm : sha256
Subject : CN=KPN PKIoverheid Server CA 2020,O=KPN B.V.,C=NL
- Country Name: NL (Netherlands)
- Organization: KPN B.V.
- Common Name: KPN PKIoverheid Server CA 2020
Not Valid Before: 2020-07-29 18:23:54
Not Valid After: 2022-12-05 00:00:00
Issuer (Parent Certificate):
- Issuer Name: CN=Staat der Nederlanden Domein Server CA 2020,O=Staat der Nederlanden,C=NL
- Issuer Certificate URL: NA
Audit Record:
- Revocation Status: Not Revoked
- Certificate Policy (CP) URL: https://www.logius.nl/english/pkioverheid
- Certificate Practice Statement (CPS) URL: https://certificaat.kpn.com/files/CPS/KPN_PKIoverheid_CPS_v5.9.pdf
- Auditor: BSI
- Standard Audit URL: https://verifeyedirectoryprod.blob.core.windows.net/pas7000docs/pink_r-0047218133-000/ecertificate_-_ets_029.pdf
- Standard Audit Period Start Date: 2021.06.01
- Standard Audit Period End Date: 2022.05.31
- Standard Audit Statement Date: 2022.07.20
- Standard Audit Type: ETSI EN 319 411
- Full CRL Issued By This CA: http://crl.managedpki.com/KPNPKIoverheidServerCA2020/LatestCRL.crl
- Check its issuer’s audit information: CN=Staat der Nederlanden Domein Server CA 2020,O=Staat der Nederlanden,C=NL .

Download certificate through curl:

curl -sSL "http://cert.managedpki.com/CAcerts/KPNPKIoverheidServerCA2020.cer" --output cert.crt

Download certificate through wget:

wget -q "http://cert.managedpki.com/CAcerts/KPNPKIoverheidServerCA2020.cer" --output-document=cert.crt

CA Certificate Detail Information

Use openssl x509 to decode DER certificate to get detail information:

openssl x509 -in cert.crt -inform der -text -noout

Use openssl x509 to decode PEM certificate to get detail information:

openssl x509 -in cert.crt -inform pem -text -noout

Decoded detail certificate information:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:98:a8:33:50:21:98:5a:dd:29:45:b2:d1:59:d9:29:73:3b:da:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden Domein Server CA 2020
        Validity
            Not Before: Jul 29 18:23:54 2020 GMT
            Not After : Dec  5 00:00:00 2022 GMT
        Subject: C=NL, O=KPN B.V., CN=KPN PKIoverheid Server CA 2020
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (4096 bit)
                Modulus:
                    00:f3:6b:a2:e4:d3:1b:e7:8e:ac:75:f9:ba:52:f2:
                    e6:64:ad:04:d8:5c:04:52:41:18:5a:b6:4d:fb:be:
                    50:29:30:09:7d:9d:be:cd:18:66:05:ca:c4:6f:94:
                    fb:15:b5:02:ee:fe:d3:fc:68:8a:d1:d1:29:c4:cd:
                    0b:d0:be:72:8c:cd:4d:1f:04:4c:96:4d:09:64:81:
                    8c:ea:83:74:95:cd:86:85:c2:88:63:0f:2c:75:fb:
                    3a:d6:99:28:23:b5:5d:dd:39:85:cc:12:69:35:8a:
                    23:8f:ae:bd:82:56:11:7b:ed:e3:2e:d5:d3:36:30:
                    e5:bf:56:a4:6a:91:fa:42:94:18:7a:8a:c9:ef:d9:
                    25:54:d4:89:e2:88:bb:60:b4:b2:ff:30:a6:54:fb:
                    8d:e8:75:58:e1:cd:44:fd:bc:d8:d2:65:45:d1:42:
                    93:34:bd:47:d9:dc:6e:74:e5:7a:ef:91:fa:7c:7c:
                    5f:8c:5f:82:a1:8d:cb:69:93:fd:54:15:4c:92:52:
                    1f:6e:c0:c8:62:c7:e5:e0:2a:31:06:59:77:8a:c0:
                    4c:45:f7:16:56:7e:74:5a:3a:7d:f5:9d:85:d0:17:
                    9a:c8:bb:bf:c2:de:db:b6:7d:37:8b:f3:59:3f:c1:
                    6e:7e:c6:9e:3a:22:b7:47:81:6e:a4:6c:e6:56:c5:
                    cb:dd:9e:e3:57:d8:ac:9f:d5:85:1c:13:ad:b7:a6:
                    51:5f:99:1a:c7:bf:e8:07:60:71:f9:ac:df:0d:52:
                    08:e1:e7:b9:c6:6b:78:40:d3:12:20:3e:b3:51:8b:
                    11:ed:57:e4:ec:60:d0:49:5b:c5:d1:7f:7d:97:3d:
                    cb:cf:b9:d5:68:3a:27:4d:35:22:8e:e4:c7:4d:12:
                    42:27:c5:e7:b6:82:87:6a:76:1d:65:45:6f:3b:13:
                    5f:c0:e6:88:79:d0:6c:52:a8:ce:da:46:97:21:5f:
                    03:96:65:28:b1:39:22:c6:b4:98:4d:e3:5a:48:8e:
                    04:5b:ea:39:67:6d:fd:f4:90:d8:0d:47:8e:c0:96:
                    53:7f:eb:8a:52:ce:3f:57:63:8a:11:ef:bb:ea:c6:
                    db:dc:00:de:da:85:69:90:b2:d2:8a:cf:12:93:cc:
                    c0:e5:f6:bd:12:3a:68:f2:d2:dc:2e:48:1b:57:f8:
                    d6:60:3f:57:46:79:b4:96:06:ae:c5:f8:9d:fd:0a:
                    c6:ec:fa:93:fc:2d:6d:88:01:80:3e:46:26:ec:26:
                    da:14:cb:c2:93:0c:bc:fc:71:35:b7:62:c0:27:3a:
                    23:f7:f1:c2:13:26:f6:d2:c6:e9:b2:9c:4e:f8:40:
                    e3:c3:27:db:a7:e6:1e:5c:66:f8:c3:4c:17:ff:91:
                    bb:b0:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            Authority Information Access: 
                CA Issuers - URI:http://cert.pkioverheid.nl/DomeinServerCA2020.cer
                OCSP - URI:http://domserver2020ocsp.pkioverheid.nl

            X509v3 Subject Key Identifier: 
                08:4A:AA:BB:99:24:6F:BE:5B:07:F1:A5:8A:99:5B:2D:47:EF:B9:3C
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Authority Key Identifier: 
                keyid:5A:5D:34:25:C1:88:91:73:F9:DE:E1:0C:D5:F4:EA:18:BF:30:34:6E

            X509v3 Certificate Policies: 
                Policy: 2.16.528.1.1003.1.2.5.8
                Policy: 2.16.528.1.1003.1.2.5.9
                  CPS: https://cps.pkioverheid.nl
                Policy: 2.23.140.1.2.2

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.pkioverheid.nl/DomeinServerCA2020LatestCRL.crl

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, TLS Web Server Authentication
    Signature Algorithm: sha256WithRSAEncryption
         98:56:f5:6b:bb:92:3b:7f:40:54:bf:f1:5d:0d:26:30:53:fa:
         23:dd:0e:9e:f4:1f:37:72:1e:73:0b:6f:05:ae:96:bb:85:dd:
         c3:4d:8b:e4:95:e4:38:77:b8:30:e9:af:2b:70:e6:81:e1:61:
         31:40:86:bb:7d:c6:84:0d:28:bf:65:88:a7:1b:a1:1e:12:0a:
         15:de:94:d7:02:74:2d:d0:2a:28:d1:58:ba:dc:79:63:cb:69:
         d9:a0:0d:8c:0c:c6:c2:64:39:06:b2:59:d9:10:ef:fc:87:6c:
         5d:ce:af:c9:63:19:2a:5b:e0:80:4d:46:98:34:a7:7e:c4:ca:
         87:98:e8:5f:91:ac:67:5c:92:8c:18:7e:c2:ad:4e:4a:fc:70:
         7c:4c:95:bf:28:a9:1a:03:22:d7:d6:3b:99:ff:1f:98:84:44:
         92:f0:7b:69:e8:31:3f:4a:6e:7a:2a:37:1f:16:4b:b7:54:c8:
         97:48:18:0f:81:0f:3b:69:e0:e9:a2:32:4b:ad:8e:65:27:ea:
         81:54:93:4c:18:c0:77:a3:7c:dc:9a:01:d0:4b:4f:fe:00:e0:
         10:68:27:20:2a:45:72:a2:e2:0b:66:2e:81:9a:12:b0:a3:48:
         4f:70:eb:3f:60:f2:0a:ad:bc:1a:ad:71:24:09:f0:5b:6b:dd:
         28:c1:51:62:e8:01:fb:c8:ab:25:3e:b9:2f:bf:9b:6e:7e:41:
         0d:1f:97:63:da:94:a1:dd:e3:98:8f:03:0b:de:a4:7a:a1:5d:
         da:d6:13:96:71:a2:b3:9e:0d:93:17:82:42:6a:54:47:78:50:
         49:f0:67:8a:00:95:f0:05:88:a4:12:e4:35:1c:43:4a:6e:05:
         43:b3:b5:cc:03:01:58:13:24:b9:d6:23:3e:de:3a:ef:79:6a:
         7b:4e:79:5e:67:8f:27:ea:a5:be:49:46:40:fe:51:ec:e4:9e:
         e4:c8:8f:26:4c:1e:02:73:0f:79:37:0d:f9:bb:24:12:b9:4a:
         dc:8d:be:4c:63:a1:30:01:9b:b8:50:48:a2:f7:99:6a:9b:0a:
         b5:09:dc:68:1c:d5:cf:bc:45:88:cd:87:ed:8e:03:c8:35:b9:
         5d:00:2b:4c:c7:10:97:13:46:71:57:5c:95:a1:a3:f7:d9:36:
         88:af:ce:cd:9d:f8:5e:76:99:e9:95:c4:3f:36:6a:59:92:c7:
         30:28:9a:63:e9:25:07:f7:09:95:b8:7b:9a:6b:c0:e6:ac:d3:
         f4:92:7e:59:9a:f7:5b:dc:4f:ec:5d:4a:fd:87:7f:e2:33:ec:
         90:70:18:72:99:f7:78:1f:e9:09:be:a9:8e:97:ad:97:d9:25:
         24:ce:0a:7b:fd:12:e7:a6

CA Certificate in PEM Format

Use openssl x509 to convert certificate from DER format to PEM format:

openssl x509 -in cert.crt -inform der

Converted PEM format certificate:

Decode PEM Certificate online

Download PEM Certificate

Also see Top 1 Millions Domains CA Certificate List