hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net

- Microsoft Corporation -

Issued by Microsoft Azure RSA TLS Issuing CA 03

About this certificate

This digital certificate with serial number 33:00:46:3c:65:b9:da:74:4e:e1:37:9d:b3:00:00:00:46:3c:65 was issued on by Microsoft Corporation.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 33:00:46:3c:65:b9:da:74:4e:e1:37:9d:b3:00:00:00:46:3c:65
Serial Number (int): 1137361905172617529229458613090581097411394661
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: df:5b:4c:12:72:1c:ca:64:8c:6d:13:e9:a5:aa:ea:87:28:49:bf:eb
AuthorityKeyId: fe:09:71:40:55:05:10:44:d8:a4:81:75:b8:9e:1a:e9:4a:06:88:c8

Fingerprint (sha1): 1e:fc:d1:29:4e:92:d9:f2:47:a6:c4:86:58:1f:d1:4a:f4:b9:fe:fa
Fingerprint (sha256): 00:2e:c8:d6:3b:d3:9a:7d:42:4e:8b:b8:5b:99:e0:0a:dc:77:62:9b:9a:09:2f:a7:13:cf:6c:88:85:e5:a0:8e

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2003%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2003.crl

Check the revocation status for certificate hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

12 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net

Other certificates including the domain name azure.net

(limited to 100 certificates)
adeidentity-PN1PrdApp07.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
azattesttest.westus.cloudapp.azure.com
*.blob.core.windows.net
cp-mhsm-cus-synthetics.managedhsm.azure.net
*.northcentralus.redisenterprise.cache.azure.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-BLAPrdHPC02.diskencryption.azure.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.file.core.windows.net
adeidentity-GVX01PrdGPC18.diskencryption.azure.net
cp-kmsp-cnyc-synthetics.managedhsm.azure.net
*.table.core.windows.net
*.table.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
adeidentity-DB4PrdHPC01.diskencryption.azure.net
cp-mhsm-swec-synthetics.managedhsm.azure.net
mhsm-frc-synthetics.managedhsm.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.file.core.windows.net
cp-mhsm-cus-synthetics.managedhsm.azure.net
PDBidDigiCertCert.managedhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
kvHsm240530040023513479.managedhsm.azure.net
cp-mhsm-scu-synthetics.managedhsm.azure.net
*.account.core.windows.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-MWH04PrdApp14.diskencryption.azure.net
*.file.core.windows.net
cp-mhsm-krc-synthetics.managedhsm.azure.net
YTO24PrdApp01.prod.idns.azure.net
adeidentity-MWH21PrdApp09.diskencryption.azure.net
adeidentity-BL6PrdApp07.diskencryption.azure.net
*.web.core.windows.net
*.eventgrid-int.azure.net
mhsm-sebr-synthetics.managedhsm.azure.net
adeidentity-AMS26PrdApp10.diskencryption.azure.net
afsppweu-cp.afs.azure.net
*.dfs.core.windows.net
b2b.azure.net
*.table.core.windows.net
*.dfs.core.windows.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.eastus.redisenterprise.cache.azure.net
*.queue.core.windows.net
mhsm-cce-synthetics.managedhsm.azure.net
adeidentity-BY4PrdDDC15.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
adeidentity-BN4PrdApp16.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
mhsm-cnye-synth-geo.managedhsm.azure.net
mhsm-cce-synthetics.managedhsm.azure.net
*.account.core.windows.net
adeidentity-CPT21PrdGPC03.diskencryption.azure.net
cp-mhsm-frc-synthetics.managedhsm.azure.net
*.westus.redisenterprise.cache.azure.net
mhsm-wus-synthetics.managedhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
mhsm-cce-synthetics.managedhsm.azure.net
*.centraluseuap.redisenterprise.cache.azure.net
*.table.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.northeurope.redisenterprise.cache.azure.net
cp-kmsp-qac-synthetics.managedhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
ML1PrdApp07.prod.idns.azure.net
*.file.core.windows.net
mhsm-cnyc-synthetics.managedhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
afsppjpw-dp.afs.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
afsppden-dp.afs.azure.net
ig-mhsm-krc-synthetics.managedhsm.azure.net
*.dfs.core.windows.net
mhsm-krc-synthetics.managedhsm.azure.net
*.centraluseuap.redisenterprise.cache.azure.net
*.account.core.windows.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.dfs.core.windows.net
*.queue.core.windows.net
*.queue.core.windows.net
mhsm-mys-synthetics.managedhsm.azure.net
cp-mhsm-wus2-synthetics.managedhsm.azure.net
CHI21PrdApp01.prod.idns.azure.net
*.file.core.windows.net
cp-mhsm-frc-synthetics.managedhsm.azure.net

Certificate

The complete raw certificate details for hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHQTCCBSmgAwIBAgITMwBGPGW52nRO4TedswAAAEY8ZTANBgkqhkiG9w0BAQwF
ADBdMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MS4wLAYDVQQDEyVNaWNyb3NvZnQgQXp1cmUgUlNBIFRMUyBJc3N1aW5nIENBIDAz
MB4XDTI0MDUxMTE2NTIwMFoXDTI1MDUwNjE2NTIwMFowgYsxCzAJBgNVBAYTAlVT
MQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z
b2Z0IENvcnBvcmF0aW9uMT0wOwYDVQQDEzRoc20yLmplc2ltbWUtMDAxLWFrYjRi
ZGM3Z3djMmhwY2YuY2xvdWRoc20uYXp1cmUubmV0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAoWDHuPK/Uk6mQUmgSs7Tfv1YrT8aMTLQLjrPIfa8YArq
qd3n4vh652spd6g9amrnn6VjcTTAlq4RY9o3aA7vC+kqikRnqXWcOCFqPR9mjNbk
F5YFV7lTDVfe6jmyUQ5QnsQmztj40k6apGWthdAPhbtpQFl1luls84aV+2tNtHkw
CwfjIhyk5qMdMPgF2OoSm6/4bB3BwSn2USyPr/2yi6b4MkBCPUJre0hcScCu3DZ1
HpWIf6527HpVIfctfZchqxI21M44BZsqUxAqHXKUaLdEzbBb+/RWBEolJNKvEqnK
8f9ou4d9HJskmBU/CZ3zVfHUoJarZ3D39xLBdOVBPQIDAQABo4ICyTCCAsUwEwYK
KwYBBAHWeQIEAwEB/wQCBQAwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAK
BggrBgEFBQcDATA8BgkrBgEEAYI3FQcELzAtBiUrBgEEAYI3FQiHvdcbgefrRoKB
nS6O0AyH8NodXYKE5WmC86c+AgFkAgEmMIG0BggrBgEFBQcBAQSBpzCBpDBzBggr
BgEFBQcwAoZnaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9N
aWNyb3NvZnQlMjBBenVyZSUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDAz
JTIwLSUyMHhzaWduLmNydDAtBggrBgEFBQcwAYYhaHR0cDovL29uZW9jc3AubWlj
cm9zb2Z0LmNvbS9vY3NwMB0GA1UdDgQWBBTfW0wSchzKZIxtE+mlquqHKEm/6zAO
BgNVHQ8BAf8EBAMCBaAwPwYDVR0RBDgwNoI0aHNtMi5qZXNpbW1lLTAwMS1ha2I0
YmRjN2d3YzJocGNmLmNsb3VkaHNtLmF6dXJlLm5ldDAMBgNVHRMBAf8EAjAAMGoG
A1UdHwRjMGEwX6BdoFuGWWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMv
Y3JsL01pY3Jvc29mdCUyMEF6dXJlJTIwUlNBJTIwVExTJTIwSXNzdWluZyUyMENB
JTIwMDMuY3JsMGYGA1UdIARfMF0wUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUH
AgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0
b3J5Lmh0bTAIBgZngQwBAgIwHwYDVR0jBBgwFoAU/glxQFUFEETYpIF1uJ4a6UoG
iMgwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBDAUA
A4ICAQAitbx9jmbhfRfpJ7LkmQ1uKsvV+FR4+DepYY1uOvriepANH9ZM4UMCXmLx
IEImW3qDkmzj2ePMH6FdR7GAlI11gou4S5NChpjluYIutTj482URwCSEb38vFlyh
6ZhRaC6nnRqqpRgAf9bOM0cq5NzKO1zv7xsCDFeqkJmxdLn84Lyj8llFIkmc/JMs
j+JQdSzv85V2HbxKfzUY287e5sboBeciXL5gXIdQ2g5KaRt9/8OY35/PHH/KGY6h
ZmTW3+4LuLeieS3DL1A4K7sSkwlFO4lRoqIoRTM5/QAPvpbIsEw959aZ3b3JWwxC
QCPKfjLK0ix3iTzxRelxI9wYcWB+0sV8AQ6ZY+YRbBcEIkvjgrSJ0JhQefhk4n+m
tgKxZhmOm2cli6Eb55r+9Wl0J5xkE6tDFeFjtjaSrQFfDt4WKE57EXQEpfAVTHA7
0lEgeMRmPOLL0eXXtP7XEsnukqywo9G9aNzsnI2XSKU/GnCXdofMSgsopM6+wT3w
gxK5DDvj6U2SA/8Hledw2yJh1WdPDQ3qJ9K+yQ6ycfyIn+eW8Q0XJj/iXybpM6Ov
aPOLjjwZNwSLHMF9WIo8SR9Rw4d52GXg+7VP4Eq7pi2Hbj+2BeOLMjQkKlznBKGk
wtPSFte9SSd/K+KImvKb533WJG29XwRE0mfpiaG4DdPyLiqKyA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWDHuPK/Uk6mQUmgSs7T
fv1YrT8aMTLQLjrPIfa8YArqqd3n4vh652spd6g9amrnn6VjcTTAlq4RY9o3aA7v
C+kqikRnqXWcOCFqPR9mjNbkF5YFV7lTDVfe6jmyUQ5QnsQmztj40k6apGWthdAP
hbtpQFl1luls84aV+2tNtHkwCwfjIhyk5qMdMPgF2OoSm6/4bB3BwSn2USyPr/2y
i6b4MkBCPUJre0hcScCu3DZ1HpWIf6527HpVIfctfZchqxI21M44BZsqUxAqHXKU
aLdEzbBb+/RWBEolJNKvEqnK8f9ou4d9HJskmBU/CZ3zVfHUoJarZ3D39xLBdOVB
PQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137361905172617529229458613090581097411394661
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure RSA TLS Issuing CA 03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-11 16:52:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-06 16:52:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20372091178009961221450929418634009946073073735097633909567748133715295683896194495935483165742354748677820919048157105478675154424009404572231349210949453757298311510153183900743997260326575824093095291969282357567834009839300581381948471364198796548811223293940236304605581503322155329578127574359385006062307847443715764299165106644151211079780424734181338237594449820577313660306138645784283572359733851102816758282655158993248876116555562222021973359207345538085601601450921094945544410421352000225843637675971133805177315171342006012486873587693021838367941036901054026845037430297535835433718461046628200825149
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (167 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2003%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							df5b4c12721cca648c6d13e9a5aaea872849bfeb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2003.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName fe09714055051044d8a48175b89e1ae94a0688c8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0022b5bc7d8e66e17d17e927b2e4990d6e2acbd5f85478f837a9618d6e3afae27a900d1fd64ce143025e62f12042265b7a83926ce3d9e3cc1fa15d47b180948d75828bb84b93428698e5b9822eb538f8f36511c024846f7f2f165ca1e99851682ea79d1aaaa518007fd6ce33472ae4dcca3b5cefef1b020c57aa9099b174b9fce0bca3f2594522499cfc932c8fe250752ceff395761dbc4a7f3518dbcedee6c6e805e7225cbe605c8750da0e4a691b7dffc398df9fcf1c7fca198ea16664d6dfee0bb8b7a2792dc32f50382bbb129309453b8951a2a228453339fd000fbe96c8b04c3de7d699ddbdc95b0c424023ca7e32cad22c77893cf145e97123dc1871607ed2c57c010e9963e6116c1704224be382b489d0985079f864e27fa6b602b166198e9b67258ba11be79afef56974279c6413ab4315e163b63692ad015f0ede16284e7b117404a5f0154c703bd2512078c4663ce2cbd1e5d7b4fed712c9ee92acb0a3d1bd68dcec9c8d9748a53f1a70977687cc4a0b28a4cebec13df08312b90c3be3e94d9203ff0795e770db2261d5674f0d0dea27d2bec90eb271fc889fe796f10d17263fe25f26e933a3af68f38b8e3c1937048b1cc17d588a3c491f51c38779d865e0fbb54fe04abba62d876e3fb605e38b3234242a5ce704a1a4c2d3d216d7bd49277f2be2889af29be77dd6246dbd5f0444d267e989a1b80dd3f22e2a8ac8