query-amp-data-westus.cms.microsoft.com
- Microsoft Corporation -
Issued by Microsoft Azure RSA TLS Issuing CA 07
About this certificate
This digital certificate with serial number 33:00:28:8a:98:2a:70:2f:a5:de:ac:96:c4:00:00:00:28:8a:98 was issued on by Microsoft Corporation.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Microsoft Corporation
Organization:
Microsoft Corporation
State / Province:
WA
Locality: Redmond
Country: US
Locality: Redmond
Country: US
Microsoft Corporation
Organization:
Microsoft Corporation
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 33:00:28:8a:98:2a:70:2f:a5:de:ac:96:c4:00:00:00:28:8a:98Serial Number (int): 1137351800643291908076419165817607714037598872
Serial Number lenght: 150 bits, 19 octets
SubjectKeyId: a2:4d:4e:fe:35:65:87:f7:dd:2e:ea:26:82:5f:f9:53:64:6f:79:ce
AuthorityKeyId: ce:15:16:3b:ea:02:a3:a6:6b:da:d9:2b:fd:e5:8c:52:be:7a:50:a8
Fingerprint (sha1): 89:a5:25:84:fe:96:30:4d:27:be:02:a5:47:cc:67:8e:9d:81:b0:45
Fingerprint (sha256): 00:38:77:b0:e5:57:c8:14:e7:37:f1:33:7e:27:65:45:f4:d0:44:e9:63:ee:23:ba:08:a5:65:e4:5d:cf:d5:bf
Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007%20-%20xsign.crt
Revocation information
OCSP Server: http://oneocsp.microsoft.com/ocspCRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007.crl
Check the revocation status for certificate query-amp-data-westus.cms.microsoft.com
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for query-amp-data-westus.cms.microsoft.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
12 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
query-amp-data-westus.cms.microsoft.com
query-amp-data-westus-secondary.cms.microsoft.com
xboxcdn.query.prod.cms.msn.com
primary.query.prod.cms.msn.com
query.prod.cms.msn.com
cdn.query.prod.cms.msn.com
query-amp-data-westus-origin.cms.microsoft.com
query-amp-data-westus-secondary.cms.microsoft.com
xboxcdn.query.prod.cms.msn.com
primary.query.prod.cms.msn.com
query.prod.cms.msn.com
cdn.query.prod.cms.msn.com
query-amp-data-westus-origin.cms.microsoft.com
Other certificates including the domain name microsoft.com
(limited to 100 certificates)
ppe.gallery.expression.microsoft.com
KeyRecoveryAgent.manage-dogfood.microsoft.com
phoneregistration.gtm.corp.microsoft.com
empowerment.l2o.microsoft.com
iot.dps.mp.microsoft.com
adfutils-us.func.cp.wd.microsoft.com
gmevpn.glbdns2.microsoft.com
workflowservice-int.dps.mp.microsoft.com
FCS1.AMSU1.sconline-int.microsoft.com
azure-management.azurepilot.cp.microsoft.com
politemail4msft.cloudapp.net
msip.clientidentity.microsoft.com
app.aladdindev.microsoft.com
e.microsoft.com
exp3days.ossdatabases-test1.microsoft.com
tip2.vnet.powerplatform.microsoft.com
pitstop.microsoft.com
community-ppe.support.microsoft.com
mail.microsoft.com
solutionsauthor.partners.extranet.microsoft.com
storemanagement-int-client.microsoft.com
000dtk5o40pl2.redmond.corp.microsoft.com
*.contentexplorer.mc.microsoft.com
tip1.api.bap.microsoft.com
quote.mocksubscription.l2o.microsoft.com
tip1.api.bap.microsoft.com
supportactions-dcsteam-actions.services.microsoft.com
*.nus.onlinebackup.microsoft.com
adkaulfake131.ustcms.microsoft.com
afsppweu-cp.afs.azure.net
FCS1.DAMSUA0102.manage-dogfood.microsoft.com
listingsmanagement-int.dps.mp.microsoft.com
selync-lct.redmond.corp.microsoft.com
portfolios.officeppe.com
*.daas.microsoft.com
auth.hcs.microsoft.com
optimizer.asimov.microsoft.com
testdrive.microsoft.com
telemetry.urs.microsoft.com
identity.microsoft.com
vstfmscisext.partners.extranet.microsoft.com
mygroups.microsoft.com
code.msdn.microsoft.com
listapi-us.ppe.func.cp.wd.microsoft.com
centralus.dev.api.medeina.trafficmanager.net
config.edog.officeapps.live.com
services.awasa.microsoft.com
wus-int.GENEVA.KEYVAULT.slkv2.MICROSOFT.COM
eastus2.vnet.powerplatform.microsoft.com
fp.wd.microsoft.com
mygroups.microsoft.com
download.oemsoc.microsoft.com
msats-ppe.commerce.microsoft.com
ATPAppID.manage-selfhost.microsoft.com
edsystems.parttest.extranettest.microsoft.com
*.daas.microsoft.com
tip2.vnet.powerplatform.microsoft.com
netscan.corp.microsoft.com
api.partnercenter.microsoft.com
mail.protection.outlook.com
detego.partners.extranet.microsoft.com
settings.data.microsoft.com
sfcluster.dev.asi.microsoft.com
repos.opensource.microsoft.com
*.falconprod-sf.trafficmanager.net
OpsToolReadOnly.manage.microsoft.com
guidesideasaccess4.microsoft.com
query-amp-data-westus.cms.microsoft.com
mpn-mlxint.microsoft.com
*.redmond.corp.microsoft.com
tip2.vnet.powerplatform.microsoft.com
southeastasia.prod.api.medeina.trafficmanager.net
SpyNet2.Microsoft.com
mysignins-ppe.microsoft.com
regmgmtu1.partners.extranet.microsoft.com
soumay1.ustcms.microsoft.com
api.powerva.microsoft.com
i4.services.social.microsoft.com
msit-bcwebatmpoc-sc.cloudapp.net
noam.eersapi.teams-test.microsoft.com
CH1MBISPOWA.corp.microsoft.com
kailani10.one.microsoft.com
bmslt.partners.extranet.microsoft.com
fulfillmentquery.mcapi.commerce.microsoft.com
azuresqldataloadervcscert4.microsoft.com
testaadoutage.ustcms.microsoft.com
identity.microsoft.com
threatintel-stg.trafficmanager.net
rm2.partners.extranet.microsoft.com
preview.viewer.messaging.microsoft.com
journal.purchase.commerce.microsoft.com
debugoutputest.smltenant.microsoft.com
developertools-test.powerplatform.microsoft.com
zbcmp.pfgold.dev.ustcms.microsoft.com
tip2.vnet.powerplatform.microsoft.com
e.microsoft.com
presence.teams.microsoft.com
beijing-portal.msftvpn.ras.microsoft.com
myprofile-ppe.microsoft.com
adkaulfake050.ustcms.microsoft.com
KeyRecoveryAgent.manage-dogfood.microsoft.com
phoneregistration.gtm.corp.microsoft.com
empowerment.l2o.microsoft.com
iot.dps.mp.microsoft.com
adfutils-us.func.cp.wd.microsoft.com
gmevpn.glbdns2.microsoft.com
workflowservice-int.dps.mp.microsoft.com
FCS1.AMSU1.sconline-int.microsoft.com
azure-management.azurepilot.cp.microsoft.com
politemail4msft.cloudapp.net
msip.clientidentity.microsoft.com
app.aladdindev.microsoft.com
e.microsoft.com
exp3days.ossdatabases-test1.microsoft.com
tip2.vnet.powerplatform.microsoft.com
pitstop.microsoft.com
community-ppe.support.microsoft.com
mail.microsoft.com
solutionsauthor.partners.extranet.microsoft.com
storemanagement-int-client.microsoft.com
000dtk5o40pl2.redmond.corp.microsoft.com
*.contentexplorer.mc.microsoft.com
tip1.api.bap.microsoft.com
quote.mocksubscription.l2o.microsoft.com
tip1.api.bap.microsoft.com
supportactions-dcsteam-actions.services.microsoft.com
*.nus.onlinebackup.microsoft.com
adkaulfake131.ustcms.microsoft.com
afsppweu-cp.afs.azure.net
FCS1.DAMSUA0102.manage-dogfood.microsoft.com
listingsmanagement-int.dps.mp.microsoft.com
selync-lct.redmond.corp.microsoft.com
portfolios.officeppe.com
*.daas.microsoft.com
auth.hcs.microsoft.com
optimizer.asimov.microsoft.com
testdrive.microsoft.com
telemetry.urs.microsoft.com
identity.microsoft.com
vstfmscisext.partners.extranet.microsoft.com
mygroups.microsoft.com
code.msdn.microsoft.com
listapi-us.ppe.func.cp.wd.microsoft.com
centralus.dev.api.medeina.trafficmanager.net
config.edog.officeapps.live.com
services.awasa.microsoft.com
wus-int.GENEVA.KEYVAULT.slkv2.MICROSOFT.COM
eastus2.vnet.powerplatform.microsoft.com
fp.wd.microsoft.com
mygroups.microsoft.com
download.oemsoc.microsoft.com
msats-ppe.commerce.microsoft.com
ATPAppID.manage-selfhost.microsoft.com
edsystems.parttest.extranettest.microsoft.com
*.daas.microsoft.com
tip2.vnet.powerplatform.microsoft.com
netscan.corp.microsoft.com
api.partnercenter.microsoft.com
mail.protection.outlook.com
detego.partners.extranet.microsoft.com
settings.data.microsoft.com
sfcluster.dev.asi.microsoft.com
repos.opensource.microsoft.com
*.falconprod-sf.trafficmanager.net
OpsToolReadOnly.manage.microsoft.com
guidesideasaccess4.microsoft.com
query-amp-data-westus.cms.microsoft.com
mpn-mlxint.microsoft.com
*.redmond.corp.microsoft.com
tip2.vnet.powerplatform.microsoft.com
southeastasia.prod.api.medeina.trafficmanager.net
SpyNet2.Microsoft.com
mysignins-ppe.microsoft.com
regmgmtu1.partners.extranet.microsoft.com
soumay1.ustcms.microsoft.com
api.powerva.microsoft.com
i4.services.social.microsoft.com
msit-bcwebatmpoc-sc.cloudapp.net
noam.eersapi.teams-test.microsoft.com
CH1MBISPOWA.corp.microsoft.com
kailani10.one.microsoft.com
bmslt.partners.extranet.microsoft.com
fulfillmentquery.mcapi.commerce.microsoft.com
azuresqldataloadervcscert4.microsoft.com
testaadoutage.ustcms.microsoft.com
identity.microsoft.com
threatintel-stg.trafficmanager.net
rm2.partners.extranet.microsoft.com
preview.viewer.messaging.microsoft.com
journal.purchase.commerce.microsoft.com
debugoutputest.smltenant.microsoft.com
developertools-test.powerplatform.microsoft.com
zbcmp.pfgold.dev.ustcms.microsoft.com
tip2.vnet.powerplatform.microsoft.com
e.microsoft.com
presence.teams.microsoft.com
beijing-portal.msftvpn.ras.microsoft.com
myprofile-ppe.microsoft.com
adkaulfake050.ustcms.microsoft.com
Certificate
The complete raw certificate details for query-amp-data-westus.cms.microsoft.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJbzCCB1egAwIBAgITMwAoipgqcC+l3qyWxAAAACiKmDANBgkqhkiG9w0BAQwF ADBdMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u MS4wLAYDVQQDEyVNaWNyb3NvZnQgQXp1cmUgUlNBIFRMUyBJc3N1aW5nIENBIDA3 MB4XDTI0MDIyOTA5NDQyM1oXDTI1MDIyMzA5NDQyM1owfjELMAkGA1UEBhMCVVMx CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv ZnQgQ29ycG9yYXRpb24xMDAuBgNVBAMTJ3F1ZXJ5LWFtcC1kYXRhLXdlc3R1cy5j bXMubWljcm9zb2Z0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB ANF88SaHtiYGgja7LK6fHUPABPW7+k2vaApmT/zF5rcqBzmuEAfFZ96erLV9oCHa WqxnMDGelPGfP49cZCJfTu/Eu1AUhePDNBcIoIgYnrBgwAhLdZ6G3e+kGBOorI6F nKs0XIW0XHnhT+9nEDFnRYwUm6wjjXHQ/fJXTvHoHeynpCe7vDSnlMA4K302PKeB sNuZAdBKUuNHa6l4gOY7cvIYkvD8LNxI4FSRxO0hS2C9sWLJuUeZ6VsFNyRABaRB zEFZPkJ3dm4WNTLhxBfkI/D2rCEt1xn0V5jRtxNnFAfg0wSYv/ZUchTmfvF5UNSk uZvYZpBvfb1iaZSSbUIGwG0CAwEAAaOCBQUwggUBMIIBfQYKKwYBBAHWeQIEAgSC AW0EggFpAWcAdgDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY30 SWLDAAAEAwBHMEUCIQDC6GxhLvCL+MO+5HCsjeKj5/xK9b7E7qqBVB2/AhfLnAIg RcEHYm95Pq1vRiFMTNsJgEUIUXysNCRmuJ5/lXj9VbkAdgB9WR4S4XgqexxhZ3xe /fjQh1wUoE6VnrkDL9kOjC55uAAAAY30SWObAAAEAwBHMEUCIEsEWqBiR6NSP1Bb FH51D1oq7K75XOmYO4Ts4uuyt9FWAiEAteItS5RvjgyxDnbR66s0Dc8w73OREKr3 x6V8TQtiH5AAdQBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAAAY30 SWOXAAAEAwBGMEQCIGS6Hv6ERFJnP+X5Aq1T85WYc1QZd3GfIQx/+fw8566JAiBw RYgujBe9eSKI5/UyQPbSmtwFCWVpM6tGKPQPLNnEajAnBgkrBgEEAYI3FQoEGjAY MAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQB gjcVCIe91xuB5+tGgoGdLo7QDIfw2h1dgoTlaYLzpz4CAWQCASYwgbQGCCsGAQUF BwEBBIGnMIGkMHMGCCsGAQUFBzAChmdodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20v cGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMEF6dXJlJTIwUlNBJTIwVExTJTIwSXNz dWluZyUyMENBJTIwMDclMjAtJTIweHNpZ24uY3J0MC0GCCsGAQUFBzABhiFodHRw Oi8vb25lb2NzcC5taWNyb3NvZnQuY29tL29jc3AwHQYDVR0OBBYEFKJNTv41ZYf3 3S7qJoJf+VNkb3nOMA4GA1UdDwEB/wQEAwIFoDCCAQ0GA1UdEQSCAQQwggEAgidx dWVyeS1hbXAtZGF0YS13ZXN0dXMuY21zLm1pY3Jvc29mdC5jb22CMXF1ZXJ5LWFt cC1kYXRhLXdlc3R1cy1zZWNvbmRhcnkuY21zLm1pY3Jvc29mdC5jb22CHnhib3hj ZG4ucXVlcnkucHJvZC5jbXMubXNuLmNvbYIecHJpbWFyeS5xdWVyeS5wcm9kLmNt cy5tc24uY29tghZxdWVyeS5wcm9kLmNtcy5tc24uY29tghpjZG4ucXVlcnkucHJv ZC5jbXMubXNuLmNvbYIucXVlcnktYW1wLWRhdGEtd2VzdHVzLW9yaWdpbi5jbXMu bWljcm9zb2Z0LmNvbTAMBgNVHRMBAf8EAjAAMGoGA1UdHwRjMGEwX6BdoFuGWWh0 dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMEF6 dXJlJTIwUlNBJTIwVExTJTIwSXNzdWluZyUyMENBJTIwMDcuY3JsMGYGA1UdIARf MF0wUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWlj cm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTAIBgZngQwBAgIw HwYDVR0jBBgwFoAUzhUWO+oCo6Zr2tkr/eWMUr56UKgwHQYDVR0lBBYwFAYIKwYB BQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBDAUAA4ICAQBeLqCN2gty7elAOJ6+ Gk6IIEUCbcGYNR0Mp34bPA12fHMj2W1XA/2D+8wlVZp3vskwSrkMZECmEYIwP04q 9wdZPTzns6Ab2NHjuQi4c7YosbHdpZsRo1Y+X6iIXBXlcwkLRrvaXFQdDg+E2Hf+ oGJ5kyhGpvkayKKmsyH0vEHoyIlsNFNXZaFCXq7DHKxKL9kEOpLvC5KUWJ1wQ23J vG7enbITww++Vs/Wjr4Fe6lJBrSGOGQ1fdXpUrQJpEwH1x1Jb8yXGzSH2LCxHbjI hjIvfZeXIPOhp29K7j7zsXrRhtGhY1x4TEWef5516Lyz3y3hyAGPRoTzhVelVYmS E9beRYyWt1GhHpU6/4FBnoP9Pz9KcF2l31Fu/4YawHKO3i9ZbgFiwOVXA3+0E+A0 sihkdbenM2cn8QZf3d3mgitxFZG5KzRjvQDVW9Aq4Wc86RDFi8ye9n3vBLzZagrN CqHAU+f8lOvdV99M1YYKhwK7Q15a9rnjN+iIKsJCCjySRB/MI1DFwZAcA1PAbZYe iVUmyVrpwW5i9mfuFobtPmEbUpS0TIzp2rP8QO31uGNmZ0ijj+zBReEUM4HqiCw3 cSOdlnVNI+z+EPsinwUEO9xEr+N5hhwslH598sF7qck7RCIJbdXCsHm960yhNvRr 9zHz7VKa+5L14dGKhsFmzGGReQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XzxJoe2JgaCNrssrp8d Q8AE9bv6Ta9oCmZP/MXmtyoHOa4QB8Vn3p6stX2gIdparGcwMZ6U8Z8/j1xkIl9O 78S7UBSF48M0FwigiBiesGDACEt1nobd76QYE6isjoWcqzRchbRceeFP72cQMWdF jBSbrCONcdD98ldO8egd7KekJ7u8NKeUwDgrfTY8p4Gw25kB0EpS40drqXiA5jty 8hiS8Pws3EjgVJHE7SFLYL2xYsm5R5npWwU3JEAFpEHMQVk+Qnd2bhY1MuHEF+Qj 8PasIS3XGfRXmNG3E2cUB+DTBJi/9lRyFOZ+8XlQ1KS5m9hmkG99vWJplJJtQgbA bQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1137351800643291908076419165817607714037598872 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure RSA TLS Issuing CA 07' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-29 09:44:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-23 09:44:23 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'query-amp-data-westus.cms.microsoft.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26445416931513601144597514140877926591347782023646627199526656072919385390377362951387998471463262209683940955380809070862333150214145295291751919138536445515842603018616678130259245311656493968069768808726625335034402052469618866029439827472069599462466359687272206434395916306683381033448554469485148423755542827439666785960400156657102524669669883113739101925892986952653658061787488368381088502381438255982852583076008310890906016936512784684984346851016063611956459996436232192912353523927062409012649688141682278248584827967717762139570779852788627464383138992092026305927276617403820399426926102688061712679021 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018df44962c30000040300473045022100c2e86c612ef08bf8c3bee470ac8de2a3e7fc4af5bec4eeaa81541dbf0217cb9c022045c107626f793ead6f46214c4cdb09804508517cac342466b89e7f9578fd55b90076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018df449639b000004030047304502204b045aa06247a3523f505b147e750f5a2aecaef95ce9983b84ece2ebb2b7d156022100b5e22d4b946f8e0cb10e76d1ebab340dcf30ef739110aaf7c7a57c4d0b621f900075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018df44963970000040300463044022064ba1efe844452673fe5f902ad53f3959873541977719f210c7ff9fc3ce7ae8902207045882e8c17bd792288e7f53240f6d29adc0509656933ab4628f40f2cd9c46a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (167 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007%20-%20xsign.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a24d4efe356587f7dd2eea26825ff953646f79ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (260 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'query-amp-data-westus.cms.microsoft.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'query-amp-data-westus-secondary.cms.microsoft.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'xboxcdn.query.prod.cms.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'primary.query.prod.cms.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'query.prod.cms.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.query.prod.cms.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'query-amp-data-westus-origin.cms.microsoft.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ce15163bea02a3a66bdad92bfde58c52be7a50a8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 005e2ea08dda0b72ede940389ebe1a4e882045026dc198351d0ca77e1b3c0d767c7323d96d5703fd83fbcc25559a77bec9304ab90c6440a61182303f4e2af707593d3ce7b3a01bd8d1e3b908b873b628b1b1dda59b11a3563e5fa8885c15e573090b46bbda5c541d0e0f84d877fea06279932846a6f91ac8a2a6b321f4bc41e8c8896c34535765a1425eaec31cac4a2fd9043a92ef0b9294589d70436dc9bc6ede9db213c30fbe56cfd68ebe057ba94906b4863864357dd5e952b409a44c07d71d496fcc971b3487d8b0b11db8c886322f7d979720f3a1a76f4aee3ef3b17ad186d1a1635c784c459e7f9e75e8bcb3df2de1c8018f4684f38557a555899213d6de458c96b751a11e953aff81419e83fd3f3f4a705da5df516eff861ac0728ede2f596e0162c0e557037fb413e034b2286475b7a7336727f1065fdddde6822b711591b92b3463bd00d55bd02ae1673ce910c58bcc9ef67def04bcd96a0acd0aa1c053e7fc94ebdd57df4cd5860a8702bb435e5af6b9e337e8882ac2420a3c92441fcc2350c5c1901c0353c06d961e895526c95ae9c16e62f667ee1686ed3e611b5294b44c8ce9dab3fc40edf5b863666748a38fecc145e1143381ea882c3771239d96754d23ecfe10fb229f05043bdc44afe379861c2c947e7df2c17ba9c93b4422096dd5c2b079bdeb4ca136f46bf731f3ed529afb92f5e1d18a86c166cc619179