cp-mhsm-cus-synthetics.managedhsm.azure.net

- Microsoft Corporation -

Issued by Microsoft Azure TLS Issuing CA 01

About this certificate

This digital certificate with serial number 33:00:84:bd:9e:16:51:44:4a:6e:d5:a7:dd:00:00:00:84:bd:9e was issued on by Microsoft Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 33:00:84:bd:9e:16:51:44:4a:6e:d5:a7:dd:00:00:00:84:bd:9e
Serial Number (int): 1137383174442422102720510113709646927316172190
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: a4:f7:5d:54:49:a7:8c:86:70:5a:e7:7e:12:c3:2d:07:99:5a:99:48
AuthorityKeyId: 0f:20:5d:d7:a1:57:95:db:92:cf:2b:d0:c7:c2:77:04:ce:72:80:76

Fingerprint (sha1): c7:47:aa:d0:f1:db:89:f3:95:08:c8:08:d7:92:64:ce:26:3b:af:d0
Fingerprint (sha256): 00:01:6e:42:a9:9a:d8:51:b3:b2:0d:ee:95:a4:32:d4:26:44:11:b9:2b:fa:ed:84:00:9c:ec:1f:0a:31:55:a6

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2001%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2001.crl

Check the revocation status for certificate cp-mhsm-cus-synthetics.managedhsm.azure.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cp-mhsm-cus-synthetics.managedhsm.azure.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

12 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cp-mhsm-cus-synthetics.managedhsm.azure.net
*.cp-mhsm-cus-synthetics.managedhsm.azure.net

Other certificates including the domain name azure.net

(limited to 100 certificates)
adeidentity-PN1PrdApp07.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
azattesttest.westus.cloudapp.azure.com
*.blob.core.windows.net
cp-mhsm-cus-synthetics.managedhsm.azure.net
*.northcentralus.redisenterprise.cache.azure.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-BLAPrdHPC02.diskencryption.azure.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.file.core.windows.net
adeidentity-GVX01PrdGPC18.diskencryption.azure.net
cp-kmsp-cnyc-synthetics.managedhsm.azure.net
*.table.core.windows.net
*.table.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
adeidentity-DB4PrdHPC01.diskencryption.azure.net
cp-mhsm-swec-synthetics.managedhsm.azure.net
mhsm-frc-synthetics.managedhsm.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.file.core.windows.net
cp-mhsm-cus-synthetics.managedhsm.azure.net
PDBidDigiCertCert.managedhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
kvHsm240530040023513479.managedhsm.azure.net
cp-mhsm-scu-synthetics.managedhsm.azure.net
*.account.core.windows.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-MWH04PrdApp14.diskencryption.azure.net
*.file.core.windows.net
cp-mhsm-krc-synthetics.managedhsm.azure.net
YTO24PrdApp01.prod.idns.azure.net
adeidentity-MWH21PrdApp09.diskencryption.azure.net
adeidentity-BL6PrdApp07.diskencryption.azure.net
*.web.core.windows.net
*.eventgrid-int.azure.net
mhsm-sebr-synthetics.managedhsm.azure.net
adeidentity-AMS26PrdApp10.diskencryption.azure.net
afsppweu-cp.afs.azure.net
*.dfs.core.windows.net
b2b.azure.net
*.table.core.windows.net
*.dfs.core.windows.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.eastus.redisenterprise.cache.azure.net
*.queue.core.windows.net
mhsm-cce-synthetics.managedhsm.azure.net
adeidentity-BY4PrdDDC15.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
adeidentity-BN4PrdApp16.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
mhsm-cnye-synth-geo.managedhsm.azure.net
mhsm-cce-synthetics.managedhsm.azure.net
*.account.core.windows.net
adeidentity-CPT21PrdGPC03.diskencryption.azure.net
cp-mhsm-frc-synthetics.managedhsm.azure.net
*.westus.redisenterprise.cache.azure.net
mhsm-wus-synthetics.managedhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
mhsm-cce-synthetics.managedhsm.azure.net
*.centraluseuap.redisenterprise.cache.azure.net
*.table.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.northeurope.redisenterprise.cache.azure.net
cp-kmsp-qac-synthetics.managedhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
ML1PrdApp07.prod.idns.azure.net
*.file.core.windows.net
mhsm-cnyc-synthetics.managedhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
afsppjpw-dp.afs.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
afsppden-dp.afs.azure.net
ig-mhsm-krc-synthetics.managedhsm.azure.net
*.dfs.core.windows.net
mhsm-krc-synthetics.managedhsm.azure.net
*.centraluseuap.redisenterprise.cache.azure.net
*.account.core.windows.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.dfs.core.windows.net
*.queue.core.windows.net
*.queue.core.windows.net
mhsm-mys-synthetics.managedhsm.azure.net
cp-mhsm-wus2-synthetics.managedhsm.azure.net
CHI21PrdApp01.prod.idns.azure.net
*.file.core.windows.net
cp-mhsm-frc-synthetics.managedhsm.azure.net

Certificate

The complete raw certificate details for cp-mhsm-cus-synthetics.managedhsm.azure.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHTjCCBTagAwIBAgITMwCEvZ4WUURKbtWn3QAAAIS9njANBgkqhkiG9w0BAQwF
ADBZMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MSowKAYDVQQDEyFNaWNyb3NvZnQgQXp1cmUgVExTIElzc3VpbmcgQ0EgMDEwHhcN
MjMwMTA2MDQ1OTE3WhcNMjQwMTAxMDQ1OTE3WjCBgjELMAkGA1UEBhMCVVMxCzAJ
BgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQg
Q29ycG9yYXRpb24xNDAyBgNVBAMTK2NwLW1oc20tY3VzLXN5bnRoZXRpY3MubWFu
YWdlZGhzbS5henVyZS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQChC8JbbZdl/xRMBr7shJcjlNPaMVm/SIvEdkhkjCUO+sQAVRiFT6OlsWmtcPe2
haVK6anuxRN//b0pPWHkqWAIoIMYkgUAYg2WURVQpeMMw9sqBsO3d/9Gk2IgSdpb
Pp9MtYA8MQK3wmOeluXpTc2B0bljRxtRHvT97vbB4ryat9HEW5MGmXNhUaoBiwrA
BoeMuhraMmX+TaRhVzkY39E38Dyg/QvFL7LOHV6vO3Q7x3N328YR7E6c9d7OLgPw
QshXMfvtjL9XvxORHMzxe13Rc+Ew2MEGIbEQPJ5BuZB55HbgnsXzppXn/RBchq41
hs63KkOGJYH7cNkLxpRPwhCfAgMBAAGjggLjMIIC3zATBgorBgEEAdZ5AgQDAQH/
BAIFADAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMDwG
CSsGAQQBgjcVBwQvMC0GJSsGAQQBgjcVCIe91xuB5+tGgoGdLo7QDIfw2h1dgoTl
aYLzpz4CAWQCASUwga4GCCsGAQUFBwEBBIGhMIGeMG0GCCsGAQUFBzAChmFodHRw
Oi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMEF6
dXJlJTIwVExTJTIwSXNzdWluZyUyMENBJTIwMDElMjAtJTIweHNpZ24uY3J0MC0G
CCsGAQUFBzABhiFodHRwOi8vb25lb2NzcC5taWNyb3NvZnQuY29tL29jc3AwHQYD
VR0OBBYEFKT3XVRJp4yGcFrnfhLDLQeZWplIMA4GA1UdDwEB/wQEAwIEsDBlBgNV
HREEXjBcgitjcC1taHNtLWN1cy1zeW50aGV0aWNzLm1hbmFnZWRoc20uYXp1cmUu
bmV0gi0qLmNwLW1oc20tY3VzLXN5bnRoZXRpY3MubWFuYWdlZGhzbS5henVyZS5u
ZXQwDAYDVR0TAQH/BAIwADBkBgNVHR8EXTBbMFmgV6BVhlNodHRwOi8vd3d3Lm1p
Y3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFRMUyUy
MElzc3VpbmclMjBDQSUyMDAxLmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30B
ATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3Bz
L0RvY3MvUmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFA8gXdeh
V5Xbks8r0MfCdwTOcoB2MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAN
BgkqhkiG9w0BAQwFAAOCAgEAKmQaA6kTxvV19Zro9tziBBJFg5ihK9W2PYncMgyr
BnGC+KIJ0sexSRy4AHmd0GQgCqkl//pVb9Cg61s8Hwjlo66whKdRE1CTJMPPadp8
6MiBX/uSe1LbcdWKMPHDQpu5TkQXvDhHiF7TCfm7yfiUxxJ15j1EEcogjJPBiNz4
qUy5VdoiqXSELUr01JoHEYlxgmTQKZ+/ujCZKiAcbkiDl8LhIC26scCgoSNmhw+p
NtZsR4LHPEU0o/hFTQFCqNRzD116+Fv1lSQTcBIK/R3F3+k2OI58GTpTvqfXoAE2
DkD1kYMDqqtxSCw2uUFphOjYFM3KSjabZoa5tJ0lVZ7u1KttKkiFQExsBrQdLzNa
KnDf28BjaLLEO7BGQt+1GgPyIMKmnex3JgOHEphYdI5hhmCRDRquwmbQfX83TC9u
+ctpzwkhTABdPrZUOUGaY0b28UJfaV2yO2szJENI/qhrcslif9SMrWB5sk5M2lhp
RjhRs1CBM7xGSLDFLC6Fxh27/aeBo+qpd4JTgxMrk0ClLngnhI3/0lsbVX5rAl03
DBH4WDpmST3Wz6S92I5FOlUZdka1ut/33PpE2sD8+XvuvAi0LmU1YFXnr/TISrtU
2CANtgmTZ+AeE4VZ3QFqI5M30nlABGBNZIH4jlkbI2qk8kD+M5ZfUJK3rT1dFLkh
TGo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQvCW22XZf8UTAa+7ISX
I5TT2jFZv0iLxHZIZIwlDvrEAFUYhU+jpbFprXD3toWlSump7sUTf/29KT1h5Klg
CKCDGJIFAGINllEVUKXjDMPbKgbDt3f/RpNiIEnaWz6fTLWAPDECt8Jjnpbl6U3N
gdG5Y0cbUR70/e72weK8mrfRxFuTBplzYVGqAYsKwAaHjLoa2jJl/k2kYVc5GN/R
N/A8oP0LxS+yzh1erzt0O8dzd9vGEexOnPXezi4D8ELIVzH77Yy/V78TkRzM8Xtd
0XPhMNjBBiGxEDyeQbmQeeR24J7F86aV5/0QXIauNYbOtypDhiWB+3DZC8aUT8IQ
nwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137383174442422102720510113709646927316172190
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure TLS Issuing CA 01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-06 04:59:17 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-01 04:59:17 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cp-mhsm-cus-synthetics.managedhsm.azure.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20330165780913917879582774515899423585608337535026491356501120898870357445207159527394666316969937017432757081256378479204232465244608177403244577298268999404458076132706818364140271860776755101379039305810355452927549509458290553044939161300322567051112764338710326692637025814543445835202680300088350463990254415535034244734913882180953367072787385325280290128338604785239506451428632230833121576323223309378706018995898739630273569252389668677462303095012328756459707174112518543563669788370825949505721270715031160650261896166283997270575649220082086205719397280472897634705546111438664650485474285712484079898783
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 37
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2001%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a4f75d5449a78c86705ae77e12c32d07995a9948
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (94 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cp-mhsm-cus-synthetics.managedhsm.azure.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cp-mhsm-cus-synthetics.managedhsm.azure.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2001.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f205dd7a15795db92cf2bd0c7c27704ce728076
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		002a641a03a913c6f575f59ae8f6dce20412458398a12bd5b63d89dc320cab067182f8a209d2c7b1491cb800799dd064200aa925fffa556fd0a0eb5b3c1f08e5a3aeb084a75113509324c3cf69da7ce8c8815ffb927b52db71d58a30f1c3429bb94e4417bc3847885ed309f9bbc9f894c71275e63d4411ca208c93c188dcf8a94cb955da22a974842d4af4d49a071189718264d0299fbfba30992a201c6e488397c2e1202dbab1c0a0a12366870fa936d66c4782c73c4534a3f8454d0142a8d4730f5d7af85bf595241370120afd1dc5dfe936388e7c193a53bea7d7a001360e40f5918303aaab71482c36b9416984e8d814cdca4a369b6686b9b49d25559eeed4ab6d2a4885404c6c06b41d2f335a2a70dfdbc06368b2c43bb04642dfb51a03f220c2a69dec77260387129858748e618660910d1aaec266d07d7f374c2f6ef9cb69cf09214c005d3eb65439419a6346f6f1425f695db23b6b33244348fea86b72c9627fd48cad6079b24e4cda5869463851b3508133bc4648b0c52c2e85c61dbbfda781a3eaa977825383132b9340a52e7827848dffd25b1b557e6b025d370c11f8583a66493dd6cfa4bdd88e453a55197646b5badff7dcfa44dac0fcf97beebc08b42e65356055e7aff4c84abb54d8200db6099367e01e138559dd016a239337d2794004604d6481f88e591b236aa4f240fe33965f5092b7ad3d5d14b9214c6a