bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com

- Microsoft Corporation -

Issued by Microsoft Azure TLS Issuing CA 02

About this certificate

This digital certificate with serial number 33:00:02:31:a8:7d:dc:7e:71:b6:b7:b4:a0:00:00:00:02:31:a8 was issued on Wednesday Oct 21, 2020 at 1:45AM by Microsoft Corporation.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

We have idenified some issues with this certificate:

KeyUsage [DigitalSignature DataEncipherment KeyEncipherment] (00001101) inconsistent with ExtKeyUsage serverAuth The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Microsoft Corporation

Organization: Microsoft Corporation

State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation

Country: US

This certificate has expire since Saturday Oct 16, 2021 at 1:45AM UTC

Certificate Details

Serial Number (hex): 33:00:02:31:a8:7d:dc:7e:71:b6:b7:b4:a0:00:00:00:02:31:a8
Serial Number (int): 1137338751696826058318769684066597066909036968
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: 32:15:2a:ad:b0:9a:dc:71:cf:be:4f:e0:c0:fc:d5:41:55:5b:b1:06
AuthorityKeyId: 00:ab:91:fc:21:62:26:97:9a:a8:79:1b:61:41:90:60:a9:62:67:fd

Fingerprint (sha1): 35:f0:99:bb:67:9a:55:20:52:e6:a5:76:0e:16:e8:3a:c8:3a:2c:42
Fingerprint (sha256): 00:01:05:4f:02:8e:eb:bf:78:79:a7:6c:c4:8a:cc:96:18:6b:e4:a7:90:fc:3a:10:0c:2b:87:69:47:43:91:77

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2002.crl

Check the revocation status for certificate bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication

Extensions

11 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

Fully Qualified Domain Names

bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com

bst-4823687b-a689-4148-bc4f-53212a522f0a-0.bastion.azure.com

bst-4823687b-a689-4148-bc4f-53212a522f0a-1.bastion.azure.com

bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com
bst-4823687b-a689-4148-bc4f-53212a522f0a-0.bastion.azure.com
bst-4823687b-a689-4148-bc4f-53212a522f0a-1.bastion.azure.com

Other certificates including the domain name azure.com

(limited to 100 certificates)

bst-0da1f7ef-eb0c-4ebb-90f9-0c5dff1df8c9.bastion.azure.com
616e0066-e1b7-4e92-accc-d23e3fa9d0aa.vpn.azure.com
328b0075-be99-4efd-a5be-0b07047167ca.vpn.azure.com
5c80002b-0e2c-4fca-9e78-a86aa4e5c7df.vpn.azure.com
80010069-5293-446d-89e0-64506fa8db5b.vpn.azure.com
c6e222ef-103f-44ab-a441-c56232ca20c5.vpn.azure.com
c87b0035-b2d9-4748-8af2-5b3ac23fd197.vpn.azure.com
9cfdb7d4-462e-4e0d-8f77-853b94705ac6.vpn.azure.com
a49a0079-bb98-43e7-804b-f179a5e1040f.vpn.azure.com
6cf9006b-907c-4f79-bb90-032b8e4371d5.vpn.azure.com
7fa4cddc-15de-4d49-b6ad-9e1e3f1ee1d5.vpn.azure.com
sbz69c3d01cb6d2.westus2.atlas.cloudapp.azure.com
5989843f-6b45-41a2-bc53-024489b30a95.vpn.azure.com
b61411060466.database.stage.azure.com
cfcf6917-08f4-4253-8b7f-8d1c6913e774.vpn.azure.com
696cd017-3769-4fba-8509-f329818a584a.vpn.azure.com
3f598758-b0a3-433d-a7f1-312dc7965ee0.vpn.azure.com
c79a0068-315c-47ba-ac61-a6ffc24f56c9.vpn.azure.com
230f9610-a7ed-457c-a6ae-71239b0e5b2a.vpn.azure.com
39c6002a-1bfb-419f-b7fb-82e262bd57a9.vpn.azure.com
96e1349a-7a57-4cb8-905b-da56d6cd35e7.vpn.azure.com
sbz54c457201fd8.westus2.atlas.cloudapp.azure.com
eaeab58a0e4a.database.azure.com
apihubclientcert-westcentralus-2020.logic.azure.com
bst-022c9bf9-045e-4634-8da9-3edde3309a01.bastion.azure.com
azattesttest.westus.cloudapp.azure.com
80044883-54a9-4aea-ada6-5f02010db1a9.vpn.azure.com
65b5f4f0-344d-4e4c-8a6a-6f22eef89d61.vpn.azure.com
postgres.cf5100c08346.database.azure.com
60da0062-9ff3-44a9-8c18-b408bfa87ff1.vpn.azure.com
sbz1579791e1e74.westus2.atlas.cloudapp.azure.com
sbzcjn4kglhyoit.westus2.atlas.cloudapp.azure.com
0710c5b2-5504-4d52-90d2-8296f9479c9d.vpn.azure.com
62120077-29c8-467c-a681-706ad959b0b1.vpn.azure.com
5fdc0032-7127-4fa3-bb4f-5d7f9757c245.vpn.azure.com
db8f18f9-f170-4712-981d-bb2b038f78f3.vpn.azure.com
4fe1006f-0e69-4850-adaa-989460c4866d.vpn.azure.com
bst-b76319f9-f5a0-49a1-88c8-b1843edf38fd.bastion.azure.com
ae7e0077-2475-4bb3-a208-eb752afcecf9.vpn.azure.com
18ec006f-aa42-4ab5-94fc-9a6191e1dc43.vpn.azure.com
e4a2b4db-42c5-49d8-bb87-5849963406b8.vpn.azure.com
bst-6742d83e-607b-4fd1-ab62-cf06903e3e94.bastion.azure.com
bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com
e0c380de0d6c.database.azure.com
5025e17e-1d8e-4d3f-888a-e2305a0ccf47.vpn.azure.com
25710069-6200-4f13-b34c-41d92c725ac2.vpn.azure.com
cssgelyylocmnma.westus2.atlas.cloudapp.azure.com
csszyqmqgzkpsqi.westus2.atlas.cloudapp.azure.com
citus.bc1a21bc-b05f-469d-817f-f34ce6b129d8.sg.azure.com
713e0a1b-e71a-47b3-88a6-aa60890e0adc.vpn.azure.com
7b315d4f-c3d4-4d92-a8c8-8d9bf0318092.vpn.azure.com
febdf21b87d9.database.azure.com
62ab0075-ab11-4df8-bb6f-57e12aa103ff.vpn.azure.com
5739c7d9-e7a7-4327-b3e0-942f538f9ce6.vpn.azure.com
bst-b0d49f35-624b-4e99-985f-94c65f5ed64b.bastion.azure.com
a51f0069-1c8b-43ad-965c-79d0fee97bf2.vpn.azure.com
bst-33c68bcb-1359-443a-b8d9-99ada94590b7.bastion.azure.com
a9430075-36b6-4e41-a097-fec0044d0b5d.vpn.azure.com
9fc20069-c8ba-4702-be5f-1c416ad72eb6.vpn.azure.com
2ae8a753-20df-49b9-8d8d-ece8cf166905.vpn.azure.com
948c0075-1dc1-451b-bb61-4dbace2f71e3.vpn.azure.com
0be6a714-9852-4cd2-ba91-ee4617d90dd9.vpn.azure.com
3ed4078a-6425-47ea-9882-93c9bf288c93.vpn.azure.com
a885e547cdbe.database.azure.com
4d520064-2eb2-457a-963a-7953085d86aa.vpn.azure.com
postgres.9a002c78-168d-46e8-b8ed-9ce76af787e8.sg.azure.com
craigofnz-2k16-01.australiasoutheast.cloudapp.azure.com
bst-f6efc151-119c-4d2b-bb1a-98e3a53d88bf.bastion.azure.com
bst-4979674e-1000-4c59-b522-c49a93565f19.bastion.azure.com
7fdb00ac-18ac-41b8-adb9-8bce9ae498c4.vpn.azure.com
faa07176-cce5-43e4-8ff5-2575ad6fd64d.vpn.azure.com
bst-b40d45ea-3643-4daa-9cc3-012698829069.bastion.azure.com
363e002a-95aa-4e5c-85e2-6ca9065dd267.vpn.azure.com
71a90031-8935-466c-991e-601dd073c305.vpn.azure.com
bst-ae8cf4f9-7374-484e-accb-7619a2d5cabc.bastion.azure.com
aabd007c-dc68-43ef-bde8-96e31c8526c8.vpn.azure.com
9b2510c9-eef5-4d00-81b8-c0912af4631f.vpn.azure.com
3cbd0078-ef2c-4d5c-81e7-38e870f2f6a6.vpn.azure.com
9a1e0031-c385-4293-a3ab-ebc4295142f9.vpn.azure.com
e12ca812-d77d-485f-93c5-a9cf2d8e0720.vpn.azure.com
f27f0031-432c-42db-bea3-1985ef79a5e4.vpn.azure.com
f721e8e6c572.database.azure.com
50440075-fe18-41f3-88e4-04793fd7b74e.vpn.azure.com
e5718eba-31fa-44c0-8022-78fb1787a617.vpn.azure.com
a27892874b4b.database.azure.com
56ae0062-bacc-4565-b418-d3b3b7c5327d.vpn.azure.com
ff1ea731-5cf9-44f4-a8e1-72fbe0fba1d1.vpn.azure.com
d9645c46-d24b-40c2-9695-e4ae97cf2358.vpn.azure.com
6e434790-5a04-46d1-8b78-638d85b3a4fc.vpn.azure.com
tr354.australiaeast1-a.control.database.windows.net
f54f6a1f-1951-42bd-9b2d-f34975c9aca5.vpn.azure.com
1a910077-727c-401f-9c5b-791db4598033.vpn.azure.com
fadc0e47-4099-4210-a91b-82892c84d73a.vpn.azure.com
70247f7a-ada6-46f6-8915-1c435b95f825.vpn.azure.com
e5a793cfc0a1.database.azure.com
3b08006f-ad06-4f3b-91d6-b85b922d640a.vpn.azure.com
ad320ca5-71af-4486-8045-f03cc1c10829.vpn.azure.com
b7e7ffa3-6867-487c-abb8-c8600653e8bb.prodbvt.vpn.azure.com
8b5c0062-9e1b-4b8d-82d1-489ca9b533d2.vpn.azure.com
sbz1e2f700da148.westus.atlas.cloudapp.azure.com

Certificate

The complete raw certificate details for bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com in PEM and ASN.1 format.

Certificate (PEM)

Public Key (PEM)

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137338751696826058318769684066597066909036968
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure TLS Issuing CA 02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-10-21 01:45:31 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-16 01:45:31 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24698047540164115424368291455867828409185211465715856823959362807260133805094255737822008330320815149560530395318094300211178972901429629566545758606193925141376788323468049986508173226526826020527947609423392479644574605659190791859995808378299644915292377627811270848048818114340449302682785587837131453239932472918421066662603948453767854426920632930367243075708828987171554668519481629037586911448393455384321940801986728084025523818516750872484678766878791484933550270272763365410284100749654700051665912255066207909211634109831728639559271107709555416867730492824468806316857350069812601478868127758123220336089
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (14 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.2977488.11009781
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							32152aadb09adc71cfbe4fe0c0fcd541555bb106
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (187 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bst-4823687b-a689-4148-bc4f-53212a522f0a.bastion.azure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bst-4823687b-a689-4148-bc4f-53212a522f0a-0.bastion.azure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bst-4823687b-a689-4148-bc4f-53212a522f0a-1.bastion.azure.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2002.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 00ab91fc216226979aa8791b61419060a96267fd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00594d70fcdf0400649a16ae08f39924f7e9e8a3e7d4c5704fa5a54efdbe39ec2bfcd69ffb0340dd4319324cf581173319092cca8f6490ef3386aa0bfdb546f094a1dd3bd5fd71f76586553d81fc6b9ef347b4a4594c4725f92179088d4afcc072c0a20cf52cd43b845575634cd0742fecf86023e50dc364d79f6df28ece1d4f333eea837c23e5f561c0ebe6c985b7db01b2b5aa2978eea5c18d626995c32e5e1b388cce5e93547405267923735c749a058d9cb8bc541208c95d19edede0be48d3caf0744800645272c25ad0ed26a1b73c50e78588a25fbdc70e3750dc4e1322eb58cadd10030cb1aecb699eafb7f519c4b1ad71c435e5ab5fa97c3d27721dc61ea9e26b4ebe0ad6e045bfe4f9725ec1aab183e630a734ddc4a5f10586a7ac62be1a90432b7ae948c7d613ec890d04a00ba53250b6b72282b287b3f2fccedfcdca17c86c25a979f956799deb021387055f20e2e2e241f328559f7f1602b88e9e9e44003f743f2da0be582f79b23996247b74abd24bc2cc35f383e604d992d0e2d3f90c6fae3709a75b31b996edf438dcf863fe8cbce26fbdaa6188317b6ad1b3406a218c60035f991dd88c9fb380b9610816158752cb1b0fb0fd9553a0089e21906b969d3c3eadc91c91ccf3f3f813a897f803fbca43e531de13a818b35ee4b019039d9041b3783367bfd797e31eb09297f0437ac45a394af2ee4cd8c8666003cb