kvHsm240510011646097002.managedhsm.azure.net
- Microsoft Corporation -
Issued by Microsoft Azure RSA TLS Issuing CA 04
About this certificate
This digital certificate with serial number 33:00:45:75:61:fa:0a:82:0d:3d:ae:47:9b:00:00:00:45:75:61 was issued on by Microsoft Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Microsoft Corporation
Organization:
Microsoft Corporation
State / Province:
WA
Locality: Redmond
Country: US
Locality: Redmond
Country: US
Microsoft Corporation
Organization:
Microsoft Corporation
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 33:00:45:75:61:fa:0a:82:0d:3d:ae:47:9b:00:00:00:45:75:61Serial Number (int): 1137361640636779062016932666393716959207585121
Serial Number lenght: 150 bits, 19 octets
SubjectKeyId: a8:f1:38:ca:cc:1f:59:c6:c4:b0:ef:95:d8:57:11:b1:43:75:86:b7
AuthorityKeyId: 3b:70:d1:53:e9:76:25:9d:60:a8:ca:66:0f:c6:9b:ae:6f:54:16:6a
Fingerprint (sha1): d2:a4:14:30:d5:5e:5e:92:06:76:8a:37:40:be:eb:48:39:33:96:7a
Fingerprint (sha256): 00:41:4b:81:1f:d3:10:1b:7c:e8:3d:e6:5c:c7:d1:37:2c:55:ac:7b:56:0a:37:95:4e:a2:85:ca:0c:fb:20:56
Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2004%20-%20xsign.crt
Revocation information
OCSP Server: http://oneocsp.microsoft.com/ocspCRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2004.crl
Check the revocation status for certificate kvHsm240510011646097002.managedhsm.azure.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kvHsm240510011646097002.managedhsm.azure.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
12 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kvHsm240510011646097002.managedhsm.azure.net
*.kvHsm240510011646097002.managedhsm.azure.net
*.kvHsm240510011646097002.managedhsm.azure.net
Other certificates including the domain name azure.net
(limited to 100 certificates)
adeidentity-PN1PrdApp07.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
azattesttest.westus.cloudapp.azure.com
*.blob.core.windows.net
cp-mhsm-cus-synthetics.managedhsm.azure.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-BLAPrdHPC02.diskencryption.azure.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.file.core.windows.net
*.table.core.windows.net
*.table.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
adeidentity-DB4PrdHPC01.diskencryption.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.file.core.windows.net
PDBidDigiCertCert.managedhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
cp-mhsm-scu-synthetics.managedhsm.azure.net
*.account.core.windows.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-MWH04PrdApp14.diskencryption.azure.net
*.file.core.windows.net
*.web.core.windows.net
*.eventgrid-int.azure.net
afsppweu-cp.afs.azure.net
*.dfs.core.windows.net
b2b.azure.net
*.table.core.windows.net
*.dfs.core.windows.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.eastus.redisenterprise.cache.azure.net
*.queue.core.windows.net
mhsm-cce-synthetics.managedhsm.azure.net
adeidentity-BY4PrdDDC15.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
mhsm-cnye-synth-geo.managedhsm.azure.net
*.account.core.windows.net
mhsm-wus-synthetics.managedhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.table.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
ML1PrdApp07.prod.idns.azure.net
*.file.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
afsppjpw-dp.afs.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
afsppden-dp.afs.azure.net
*.dfs.core.windows.net
*.centraluseuap.redisenterprise.cache.azure.net
*.account.core.windows.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.dfs.core.windows.net
*.queue.core.windows.net
*.queue.core.windows.net
cp-mhsm-wus2-synthetics.managedhsm.azure.net
CHI21PrdApp01.prod.idns.azure.net
*.file.core.windows.net
cvprhkn01v.cloudvideo.azure.net
*.eastus.redisenterprise.cache.azure.net
*.file.core.windows.net
*.dfs.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.dfs.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
*.table.core.windows.net
*.blob.core.windows.net
CBN06PrdApp01.prod.idns.azure.net
*.dfs.core.windows.net
adeidentity-BL6PrdApp10.diskencryption.azure.net
*.blob.core.windows.net
MhsmKeylessPOCAME.managedhsm.azure.net
*.file.core.windows.net
kvHsm240510011646097002.managedhsm.azure.net
kvHsm240514041830028086.managedhsm.azure.net
adeidentity-AMS20PrdHPC01.diskencryption.azure.net
*.dfs.core.windows.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
mhsm-win-synthetics.managedhsm.azure.net
*.dfs.core.windows.net
vault.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
azattesttest.westus.cloudapp.azure.com
*.blob.core.windows.net
cp-mhsm-cus-synthetics.managedhsm.azure.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-BLAPrdHPC02.diskencryption.azure.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.file.core.windows.net
*.table.core.windows.net
*.table.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
adeidentity-DB4PrdHPC01.diskencryption.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.file.core.windows.net
PDBidDigiCertCert.managedhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
cp-mhsm-scu-synthetics.managedhsm.azure.net
*.account.core.windows.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-MWH04PrdApp14.diskencryption.azure.net
*.file.core.windows.net
*.web.core.windows.net
*.eventgrid-int.azure.net
afsppweu-cp.afs.azure.net
*.dfs.core.windows.net
b2b.azure.net
*.table.core.windows.net
*.dfs.core.windows.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.eastus.redisenterprise.cache.azure.net
*.queue.core.windows.net
mhsm-cce-synthetics.managedhsm.azure.net
adeidentity-BY4PrdDDC15.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
mhsm-cnye-synth-geo.managedhsm.azure.net
*.account.core.windows.net
mhsm-wus-synthetics.managedhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.table.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
ML1PrdApp07.prod.idns.azure.net
*.file.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
afsppjpw-dp.afs.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
afsppden-dp.afs.azure.net
*.dfs.core.windows.net
*.centraluseuap.redisenterprise.cache.azure.net
*.account.core.windows.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.dfs.core.windows.net
*.queue.core.windows.net
*.queue.core.windows.net
cp-mhsm-wus2-synthetics.managedhsm.azure.net
CHI21PrdApp01.prod.idns.azure.net
*.file.core.windows.net
cvprhkn01v.cloudvideo.azure.net
*.eastus.redisenterprise.cache.azure.net
*.file.core.windows.net
*.dfs.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.dfs.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
*.table.core.windows.net
*.blob.core.windows.net
CBN06PrdApp01.prod.idns.azure.net
*.dfs.core.windows.net
adeidentity-BL6PrdApp10.diskencryption.azure.net
*.blob.core.windows.net
MhsmKeylessPOCAME.managedhsm.azure.net
*.file.core.windows.net
kvHsm240510011646097002.managedhsm.azure.net
kvHsm240514041830028086.managedhsm.azure.net
adeidentity-AMS20PrdHPC01.diskencryption.azure.net
*.dfs.core.windows.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
mhsm-win-synthetics.managedhsm.azure.net
*.dfs.core.windows.net
vault.azure.net
Certificate
The complete raw certificate details for kvHsm240510011646097002.managedhsm.azure.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHYTCCBUmgAwIBAgITMwBFdWH6CoINPa5HmwAAAEV1YTANBgkqhkiG9w0BAQwF ADBdMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u MS4wLAYDVQQDEyVNaWNyb3NvZnQgQXp1cmUgUlNBIFRMUyBJc3N1aW5nIENBIDA0 MB4XDTI0MDUxMDAxMTEzMVoXDTI1MDUwNTAxMTEzMVowgYMxCzAJBgNVBAYTAlVT MQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z b2Z0IENvcnBvcmF0aW9uMTUwMwYDVQQDEyxrdkhzbTI0MDUxMDAxMTY0NjA5NzAw Mi5tYW5hZ2VkaHNtLmF6dXJlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAOoHQ1+CfW97s6c5+p42C3hDCIY/iodb0X6Z+e1VGYx1zZwa4PR6MqzS OUCtNfOUtVjl5CFMCElxj0S4bx33rZfRcpXtvTwtapt2CBMBUmYib9GmonZy/KLH YpKeDcxOdECfb5X1SjB1lvrfcfFjDw8tHquz6BxOEmRELO/NgEMqzhvBzL2GXVG4 q1uUY8IiyqqrOcWYglQOKwmc2bQa8la/qviAA4luBSEKmZudXuNmETbJf4UHuO/i LqKwB4NkA6C35VjcF38SVoN1s/EQ8dZT02ZRNEZ6tqrEsUFvPSPt3AFOd6oozuhr cOdJOVoihckffVagerDU2f1+75BtkNsCAwEAAaOCAvEwggLtMBMGCisGAQQB1nkC BAMBAf8EAgUAMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUH AwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAMh/Da HV2ChOVpgvOnPgIBZAIBJjCBtAYIKwYBBQUHAQEEgacwgaQwcwYIKwYBBQUHMAKG Z2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0 JTIwQXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwNCUyMC0lMjB4 c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29mdC5j b20vb2NzcDAdBgNVHQ4EFgQUqPE4yswfWcbEsO+V2FcRsUN1hrcwDgYDVR0PAQH/ BAQDAgWgMGcGA1UdEQRgMF6CLGt2SHNtMjQwNTEwMDExNjQ2MDk3MDAyLm1hbmFn ZWRoc20uYXp1cmUubmV0gi4qLmt2SHNtMjQwNTEwMDExNjQ2MDk3MDAyLm1hbmFn ZWRoc20uYXp1cmUubmV0MAwGA1UdEwEB/wQCMAAwagYDVR0fBGMwYTBfoF2gW4ZZ aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIw QXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwNC5jcmwwZgYDVR0g BF8wXTBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5t aWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMAgGBmeBDAEC AjAfBgNVHSMEGDAWgBQ7cNFT6XYlnWCoymYPxpuub1QWajAdBgNVHSUEFjAUBggr BgEFBQcDAgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEMBQADggIBAAkQJE6rOM+cIwAn IFF1bbGRXVDy1cpp3JpFmLuSHPFwgEXO8nu0vb7+DPjHPhXQLZYukwFzmkKg26IP MnZVu7aUWAg15N2CFimoyf48ej3E+qPhRi6pRwNTfQWscdiMGIz7CDzWaSWfm83u BzuGRelO9GYBEms3xNHoUqsCgc8P33cLfnRmMoQARPwc6l16fRuTTAdFxUPLvvxg CDPqGdOlbfXfIGEMyLx5DyyJgtROBmtBMnWSC/kKnk/srtSz29duw+r9310k/9eY xEh59sEB4nu2uEY7i7RpKWs/R415kBGxKDLE5tueJxF/bSukJNGooB6p5G+YwZU3 gZSzZiyeb9VEgSfoaPNdg0DW6kn/PVoTkAySlpnJBoERGHwZtCTFkTqOVY/IBA4b yHY1XtdrsGxc/894pmD5R4rVBXCRXhyxuf8MbhdYlhneyfoyw288iqabdZ+fuLkY 4C5waypwPXj9FfuFHQDG+Uaq7r1xYqiPFyPK1hIN0rE3zBoiEfg8bf1PniMG3ueL oS1wVpyDkoD0bmWql2srKo52NBlC4iuT+kf88nZHUQTXAaE0J6AgmGbt4EdPJyqh NVOt6iIZl9DHfNKnHNvi5npxysU8wwoJlT/vL7Eesv1zwteNsgdTEVOKDqCtwlIt /SwQUNIs/vGBGArLanwRys8NpHIq -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6gdDX4J9b3uzpzn6njYL eEMIhj+Kh1vRfpn57VUZjHXNnBrg9HoyrNI5QK0185S1WOXkIUwISXGPRLhvHfet l9Fyle29PC1qm3YIEwFSZiJv0aaidnL8osdikp4NzE50QJ9vlfVKMHWW+t9x8WMP Dy0eq7PoHE4SZEQs782AQyrOG8HMvYZdUbirW5RjwiLKqqs5xZiCVA4rCZzZtBry Vr+q+IADiW4FIQqZm51e42YRNsl/hQe47+IuorAHg2QDoLflWNwXfxJWg3Wz8RDx 1lPTZlE0Rnq2qsSxQW89I+3cAU53qijO6Gtw50k5WiKFyR99VqB6sNTZ/X7vkG2Q 2wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1137361640636779062016932666393716959207585121 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure RSA TLS Issuing CA 04' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-10 01:11:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-05 01:11:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kvHsm240510011646097002.managedhsm.azure.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29543344967687194365485727901010713023878274897177488649409010127728371403147343315507872645577305035873735186599186431286149280563007215228973775896781473804546521339111308996597671846723485117795909596872905923275472310037890336980998096551006622169705495330272995533238240753675408235870032821361186118748682925400757086223245747522549198959164927587646452519584059572436026476978747863814862073194595442201821768077654545806878004474226172048749781976175348866037677038480183494002434538937603615802343939064399727806219895868609459513407315098168622113067116654427086228372984618971959868884396988120930024526043 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (167 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2004%20-%20xsign.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a8f138cacc1f59c6c4b0ef95d85711b1437586b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kvHsm240510011646097002.managedhsm.azure.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kvHsm240510011646097002.managedhsm.azure.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2004.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3b70d153e976259d60a8ca660fc69bae6f54166a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 000910244eab38cf9c2300272051756db1915d50f2d5ca69dc9a4598bb921cf1708045cef27bb4bdbefe0cf8c73e15d02d962e9301739a42a0dba20f327655bbb694580835e4dd821629a8c9fe3c7a3dc4faa3e1462ea94703537d05ac71d88c188cfb083cd669259f9bcdee073b8645e94ef46601126b37c4d1e852ab0281cf0fdf770b7e746632840044fc1cea5d7a7d1b934c0745c543cbbefc600833ea19d3a56df5df20610cc8bc790f2c8982d44e066b413275920bf90a9e4fecaed4b3dbd76ec3eafddf5d24ffd798c44879f6c101e27bb6b8463b8bb469296b3f478d799011b12832c4e6db9e27117f6d2ba424d1a8a01ea9e46f98c195378194b3662c9e6fd5448127e868f35d8340d6ea49ff3d5a13900c929699c9068111187c19b424c5913a8e558fc8040e1bc876355ed76bb06c5cffcf78a660f9478ad50570915e1cb1b9ff0c6e17589619dec9fa32c36f3c8aa69b759f9fb8b918e02e706b2a703d78fd15fb851d00c6f946aaeebd7162a88f1723cad6120dd2b137cc1a2211f83c6dfd4f9e2306dee78ba12d70569c839280f46e65aa976b2b2a8e76341942e22b93fa47fcf276475104d701a13427a0209866ede0474f272aa13553adea221997d0c77cd2a71cdbe2e67a71cac53cc30a09953fef2fb11eb2fd73c2d78db2075311538a0ea0adc2522dfd2c1050d22cfef181180acb6a7c11cacf0da4722a