beijing-portal.msftvpn.ras.microsoft.com
- Microsoft Corporation -
Issued by Microsoft Azure TLS Issuing CA 02
About this certificate
This digital certificate with serial number 33:00:c6:dc:fc:48:b5:ec:84:c6:00:21:9f:00:00:00:c6:dc:fc was issued on by Microsoft Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Microsoft Corporation
Organization:
Microsoft Corporation
State / Province:
WA
Locality: Redmond
Country: US
Locality: Redmond
Country: US
Microsoft Corporation
Organization:
Microsoft Corporation
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 33:00:c6:dc:fc:48:b5:ec:84:c6:00:21:9f:00:00:00:c6:dc:fcSerial Number (int): 1137405674773804754054209540433035481521249532
Serial Number lenght: 150 bits, 19 octets
SubjectKeyId: 79:f9:29:f5:a7:aa:f1:69:05:b6:be:56:e1:6f:a9:4c:9a:ad:a9:d6
AuthorityKeyId: 00:ab:91:fc:21:62:26:97:9a:a8:79:1b:61:41:90:60:a9:62:67:fd
Fingerprint (sha1): b1:e6:5a:2a:b2:2c:a4:4c:65:91:bc:5d:cd:ac:87:aa:91:9a:a2:b5
Fingerprint (sha256): 00:4c:ea:54:52:dc:da:c7:2e:db:97:85:ce:03:10:28:f4:ef:52:55:f6:af:30:5f:0a:25:93:19:03:a0:ea:5b
Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-%20xsign.crt
Revocation information
OCSP Server: http://oneocsp.microsoft.com/ocspCRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2002.crl
Check the revocation status for certificate beijing-portal.msftvpn.ras.microsoft.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for beijing-portal.msftvpn.ras.microsoft.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
12 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
beijing-portal.msftvpn.ras.microsoft.com
msftvpn.ras.microsoft.com
msftvpn.ras.microsoft.com
Other certificates including the domain name microsoft.com
(limited to 100 certificates)
ppe.gallery.expression.microsoft.com
KeyRecoveryAgent.manage-dogfood.microsoft.com
phoneregistration.gtm.corp.microsoft.com
iot.dps.mp.microsoft.com
gmevpn.glbdns2.microsoft.com
workflowservice-int.dps.mp.microsoft.com
FCS1.AMSU1.sconline-int.microsoft.com
azure-management.azurepilot.cp.microsoft.com
politemail4msft.cloudapp.net
app.aladdindev.microsoft.com
e.microsoft.com
exp3days.ossdatabases-test1.microsoft.com
tip2.vnet.powerplatform.microsoft.com
pitstop.microsoft.com
mail.microsoft.com
solutionsauthor.partners.extranet.microsoft.com
storemanagement-int-client.microsoft.com
000dtk5o40pl2.redmond.corp.microsoft.com
*.contentexplorer.mc.microsoft.com
tip1.api.bap.microsoft.com
quote.mocksubscription.l2o.microsoft.com
tip1.api.bap.microsoft.com
supportactions-dcsteam-actions.services.microsoft.com
*.nus.onlinebackup.microsoft.com
adkaulfake131.ustcms.microsoft.com
afsppweu-cp.afs.azure.net
FCS1.DAMSUA0102.manage-dogfood.microsoft.com
listingsmanagement-int.dps.mp.microsoft.com
selync-lct.redmond.corp.microsoft.com
portfolios.officeppe.com
*.daas.microsoft.com
auth.hcs.microsoft.com
optimizer.asimov.microsoft.com
testdrive.microsoft.com
telemetry.urs.microsoft.com
identity.microsoft.com
vstfmscisext.partners.extranet.microsoft.com
mygroups.microsoft.com
code.msdn.microsoft.com
config.edog.officeapps.live.com
services.awasa.microsoft.com
wus-int.GENEVA.KEYVAULT.slkv2.MICROSOFT.COM
eastus2.vnet.powerplatform.microsoft.com
fp.wd.microsoft.com
mygroups.microsoft.com
download.oemsoc.microsoft.com
msats-ppe.commerce.microsoft.com
ATPAppID.manage-selfhost.microsoft.com
edsystems.parttest.extranettest.microsoft.com
*.daas.microsoft.com
tip2.vnet.powerplatform.microsoft.com
netscan.corp.microsoft.com
mail.protection.outlook.com
detego.partners.extranet.microsoft.com
settings.data.microsoft.com
sfcluster.dev.asi.microsoft.com
*.falconprod-sf.trafficmanager.net
OpsToolReadOnly.manage.microsoft.com
guidesideasaccess4.microsoft.com
mpn-mlxint.microsoft.com
*.redmond.corp.microsoft.com
tip2.vnet.powerplatform.microsoft.com
SpyNet2.Microsoft.com
mysignins-ppe.microsoft.com
regmgmtu1.partners.extranet.microsoft.com
soumay1.ustcms.microsoft.com
i4.services.social.microsoft.com
msit-bcwebatmpoc-sc.cloudapp.net
CH1MBISPOWA.corp.microsoft.com
kailani10.one.microsoft.com
bmslt.partners.extranet.microsoft.com
fulfillmentquery.mcapi.commerce.microsoft.com
azuresqldataloadervcscert4.microsoft.com
testaadoutage.ustcms.microsoft.com
identity.microsoft.com
threatintel-stg.trafficmanager.net
rm2.partners.extranet.microsoft.com
preview.viewer.messaging.microsoft.com
debugoutputest.smltenant.microsoft.com
developertools-test.powerplatform.microsoft.com
zbcmp.pfgold.dev.ustcms.microsoft.com
tip2.vnet.powerplatform.microsoft.com
e.microsoft.com
presence.teams.microsoft.com
beijing-portal.msftvpn.ras.microsoft.com
myprofile-ppe.microsoft.com
adkaulfake050.ustcms.microsoft.com
*.redmond.corp.microsoft.com
home.diagnostics.support.microsoft.com
fasttrack.microsoft.com
pas.windows.net
social.technet.microsoft.com
adkaulfake038.ustcms.microsoft.com
licensing.powerplatform.microsoft.com
alerts.serviceshub.microsoft.com
adkaulfake010.ustcms.microsoft.com
appmanagement.activedirectory.microsoft.com
*.acs.voiceapps.infra.teams.microsoft.com
techprofile.microsoft.com
noam.eersapi.teams.microsoft.com
KeyRecoveryAgent.manage-dogfood.microsoft.com
phoneregistration.gtm.corp.microsoft.com
iot.dps.mp.microsoft.com
gmevpn.glbdns2.microsoft.com
workflowservice-int.dps.mp.microsoft.com
FCS1.AMSU1.sconline-int.microsoft.com
azure-management.azurepilot.cp.microsoft.com
politemail4msft.cloudapp.net
app.aladdindev.microsoft.com
e.microsoft.com
exp3days.ossdatabases-test1.microsoft.com
tip2.vnet.powerplatform.microsoft.com
pitstop.microsoft.com
mail.microsoft.com
solutionsauthor.partners.extranet.microsoft.com
storemanagement-int-client.microsoft.com
000dtk5o40pl2.redmond.corp.microsoft.com
*.contentexplorer.mc.microsoft.com
tip1.api.bap.microsoft.com
quote.mocksubscription.l2o.microsoft.com
tip1.api.bap.microsoft.com
supportactions-dcsteam-actions.services.microsoft.com
*.nus.onlinebackup.microsoft.com
adkaulfake131.ustcms.microsoft.com
afsppweu-cp.afs.azure.net
FCS1.DAMSUA0102.manage-dogfood.microsoft.com
listingsmanagement-int.dps.mp.microsoft.com
selync-lct.redmond.corp.microsoft.com
portfolios.officeppe.com
*.daas.microsoft.com
auth.hcs.microsoft.com
optimizer.asimov.microsoft.com
testdrive.microsoft.com
telemetry.urs.microsoft.com
identity.microsoft.com
vstfmscisext.partners.extranet.microsoft.com
mygroups.microsoft.com
code.msdn.microsoft.com
config.edog.officeapps.live.com
services.awasa.microsoft.com
wus-int.GENEVA.KEYVAULT.slkv2.MICROSOFT.COM
eastus2.vnet.powerplatform.microsoft.com
fp.wd.microsoft.com
mygroups.microsoft.com
download.oemsoc.microsoft.com
msats-ppe.commerce.microsoft.com
ATPAppID.manage-selfhost.microsoft.com
edsystems.parttest.extranettest.microsoft.com
*.daas.microsoft.com
tip2.vnet.powerplatform.microsoft.com
netscan.corp.microsoft.com
mail.protection.outlook.com
detego.partners.extranet.microsoft.com
settings.data.microsoft.com
sfcluster.dev.asi.microsoft.com
*.falconprod-sf.trafficmanager.net
OpsToolReadOnly.manage.microsoft.com
guidesideasaccess4.microsoft.com
mpn-mlxint.microsoft.com
*.redmond.corp.microsoft.com
tip2.vnet.powerplatform.microsoft.com
SpyNet2.Microsoft.com
mysignins-ppe.microsoft.com
regmgmtu1.partners.extranet.microsoft.com
soumay1.ustcms.microsoft.com
i4.services.social.microsoft.com
msit-bcwebatmpoc-sc.cloudapp.net
CH1MBISPOWA.corp.microsoft.com
kailani10.one.microsoft.com
bmslt.partners.extranet.microsoft.com
fulfillmentquery.mcapi.commerce.microsoft.com
azuresqldataloadervcscert4.microsoft.com
testaadoutage.ustcms.microsoft.com
identity.microsoft.com
threatintel-stg.trafficmanager.net
rm2.partners.extranet.microsoft.com
preview.viewer.messaging.microsoft.com
debugoutputest.smltenant.microsoft.com
developertools-test.powerplatform.microsoft.com
zbcmp.pfgold.dev.ustcms.microsoft.com
tip2.vnet.powerplatform.microsoft.com
e.microsoft.com
presence.teams.microsoft.com
beijing-portal.msftvpn.ras.microsoft.com
myprofile-ppe.microsoft.com
adkaulfake050.ustcms.microsoft.com
*.redmond.corp.microsoft.com
home.diagnostics.support.microsoft.com
fasttrack.microsoft.com
pas.windows.net
social.technet.microsoft.com
adkaulfake038.ustcms.microsoft.com
licensing.powerplatform.microsoft.com
alerts.serviceshub.microsoft.com
adkaulfake010.ustcms.microsoft.com
appmanagement.activedirectory.microsoft.com
*.acs.voiceapps.infra.teams.microsoft.com
techprofile.microsoft.com
noam.eersapi.teams.microsoft.com
Certificate
The complete raw certificate details for beijing-portal.msftvpn.ras.microsoft.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIojCCBoqgAwIBAgITMwDG3PxIteyExgAhnwAAAMbc/DANBgkqhkiG9w0BAQwF ADBZMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u MSowKAYDVQQDEyFNaWNyb3NvZnQgQXp1cmUgVExTIElzc3VpbmcgQ0EgMDIwHhcN MjMwODE4MTk0MDEzWhcNMjQwNjI3MjM1OTU5WjB/MQswCQYDVQQGEwJVUzELMAkG A1UECBMCV0ExEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD b3Jwb3JhdGlvbjExMC8GA1UEAxMoYmVpamluZy1wb3J0YWwubXNmdHZwbi5yYXMu bWljcm9zb2Z0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9B dT7m0zia/8TBwU0rQh8ldsYZFP5yyUsedu1abuI+Pmk7ZyQvq+tT+u304nw8cMTW I709JqQLOpUKEPVlbziD/IGKNRc6IWyf5KWLxa5La8Z446sTJrwBv0M9YOpQP8Up hwDPaAwy1JXwwT63vuh9nSzIReIVo+drhmiTE7vxKDip0hOHPhX4kNhqQJbPyqJA AnaYeiSYoRQrwOotjI+QI6p7KAulOiC5yXlr9bcoJpDw61Qjo6Yq1laPqjh1PVfh KinUqzTenEKTY5KV26IbQ/xgqsopgWmeQwPbHQmeUJXD8uFTTzee/7xYD4o3vu5L YrF5By5AA8afnfb6TiUCAwEAAaOCBDswggQ3MIIBgAYKKwYBBAHWeQIEAgSCAXAE ggFsAWoAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYoKMs4N AAAEAwBIMEYCIQD+J4cdnc+arImEkvxxi1Pf9WFvYbWGiC8Hj1qo/AHMJgIhAP7R +07iZOldvLZQ13gvoblInA1TdIPteq7JiBWPhlFqAHYASLDja9qmRzQP5WoC+p0w 6xxSActW3SyB2bu/qznYhHMAAAGKCjLOGgAABAMARzBFAiEA6fVaNkz0H+MLHnPK Rx2KDFzmPe/QCKGWIz3XYPlk/LYCICVvLkO+p6XQDYB/NyGJh9ZWTt2X6Y13MR/2 LpQ8DlrBAHcA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGKCjLO JAAABAMASDBGAiEAs7oXt27ll6vSAVXfMn+wlkN1aHoS6nqGgVzSpFT6mykCIQC2 nh3dAngBhcP2s78Tg6Gpyb0TJvKny/5tMgFz8Vff4TAnBgkrBgEEAYI3FQoEGjAY MAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQB gjcVCIe91xuB5+tGgoGdLo7QDIfw2h1dgoTlaYLzpz4CAWQCASYwga4GCCsGAQUF BwEBBIGhMIGeMG0GCCsGAQUFBzAChmFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20v cGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMEF6dXJlJTIwVExTJTIwSXNzdWluZyUy MENBJTIwMDIlMjAtJTIweHNpZ24uY3J0MC0GCCsGAQUFBzABhiFodHRwOi8vb25l b2NzcC5taWNyb3NvZnQuY29tL29jc3AwHQYDVR0OBBYEFHn5KfWnqvFpBba+VuFv qUyaranWMA4GA1UdDwEB/wQEAwIFoDBOBgNVHREERzBFgihiZWlqaW5nLXBvcnRh bC5tc2Z0dnBuLnJhcy5taWNyb3NvZnQuY29tghltc2Z0dnBuLnJhcy5taWNyb3Nv ZnQuY29tMAwGA1UdEwEB/wQCMAAwZAYDVR0fBF0wWzBZoFegVYZTaHR0cDovL3d3 dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwQXp1cmUlMjBU TFMlMjBJc3N1aW5nJTIwQ0ElMjAwMi5jcmwwZgYDVR0gBF8wXTBRBgwrBgEEAYI3 TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3Br aW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMAgGBmeBDAECAjAfBgNVHSMEGDAWgBQA q5H8IWIml5qoeRthQZBgqWJn/TAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH AwEwDQYJKoZIhvcNAQEMBQADggIBAAgfwDUg6fVtcdfiHIMCmnrUYRQwBwO4oipc L7eaZqjQk2GFA/djOTIlgZJ5Fz8qemub6Gxp80Pl6pYe69vJYGYCd4IoZlyd4Has O0/bXMgoKXAHH0vLpaua0X/L+7tBOrL5Ico9b2pDL6GA85GzCnCSEMzcA2uSupjV LNq23NKGXeMbHvRqwuMJkd4Zo0HvYwj15Vlru+4p7jOX6q1bvFS288mrZ8gVrTI8 LikjOUmlI6Z3a/8dWLdLrMlyyA33GiMMXfCuh0mbuaHw+ljAl2h7z2xvYOJnd3FG C2Tt6uZGsaPv2EFSGuQuBqt0W5Qf5yDvVze6eBVM3AkE2kyHivOP26OrWBeR//4F oMs52vRusShxZGSq7lerlDO7K07DcqnBuAmDG/eTLtoImzL++lP/vJJwqgh04AwU t8cfxxdDCnxRv4RprjXPup4frvPt34WRtYQ/VSKaFLGr6pTZe1AkKPShONOaMlU7 AWmnn+6o1S8oIkRRDPK5t+TSU3uI9i3Ta5Vc9MV7+HEiSUCYx3r27cQmrYS4mV8o A4knzbXrxbAaEYPHiE/JN/qXeA40fUxYmcY3YphoNR1BQdpH9I7GzqlvlPap1AYo Gw1l1yRVVxX0RreNvTFdtgb77Fq26jUPB/MIqyjQYx2eeG3u8oIOXpn8yuJ1DLue naUhs+BS -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0F1PubTOJr/xMHBTStC HyV2xhkU/nLJSx527Vpu4j4+aTtnJC+r61P67fTifDxwxNYjvT0mpAs6lQoQ9WVv OIP8gYo1FzohbJ/kpYvFrktrxnjjqxMmvAG/Qz1g6lA/xSmHAM9oDDLUlfDBPre+ 6H2dLMhF4hWj52uGaJMTu/EoOKnSE4c+FfiQ2GpAls/KokACdph6JJihFCvA6i2M j5AjqnsoC6U6ILnJeWv1tygmkPDrVCOjpirWVo+qOHU9V+EqKdSrNN6cQpNjkpXb ohtD/GCqyimBaZ5DA9sdCZ5QlcPy4VNPN57/vFgPije+7ktisXkHLkADxp+d9vpO JQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1137405674773804754054209540433035481521249532 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure TLS Issuing CA 02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-18 19:40:13 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'beijing-portal.msftvpn.ras.microsoft.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24143794786943116678000819399989095505367710663650368290370462200576573846987662538191158521599590567790916971083629686562313367187827469460405354535342684805331420041457445402605985935938759572842444007214653658941624064983956299714395465420370542804949325420169707485981158241003705990201965531205526024029571366695824592584497927905640714662879992651337014149036936992861604491465305168910613878930456272487740207528565818240472362853013332283712578548355691199206587550446417227183408959524178089940307466104480078174402310564862567642715763978206893142063709591086692936888922926213818935422155521015074038369829 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN asn1: syntax error: invalid boolean false . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:28|false] . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:0|false] reserved for BER . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:0|false] reserved for BER . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-%20xsign.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 79f929f5a7aaf16905b6be56e16fa94c9aada9d6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beijing-portal.msftvpn.ras.microsoft.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'msftvpn.ras.microsoft.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2002.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 00ab91fc216226979aa8791b61419060a96267fd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00081fc03520e9f56d71d7e21c83029a7ad46114300703b8a22a5c2fb79a66a8d093618503f763393225819279173f2a7a6b9be86c69f343e5ea961eebdbc9606602778228665c9de076ac3b4fdb5cc8282970071f4bcba5ab9ad17fcbfbbb413ab2f921ca3d6f6a432fa180f391b30a709210ccdc036b92ba98d52cdab6dcd2865de31b1ef46ac2e30991de19a341ef6308f5e5596bbbee29ee3397eaad5bbc54b6f3c9ab67c815ad323c2e29233949a523a6776bff1d58b74bacc972c80df71a230c5df0ae87499bb9a1f0fa58c097687bcf6c6f60e2677771460b64edeae646b1a3efd841521ae42e06ab745b941fe720ef5737ba78154cdc0904da4c878af38fdba3ab581791fffe05a0cb39daf46eb128716464aaee57ab9433bb2b4ec372a9c1b809831bf7932eda089b32fefa53ffbc9270aa0874e00c14b7c71fc717430a7c51bf8469ae35cfba9e1faef3eddf8591b5843f55229a14b1abea94d97b502428f4a138d39a32553b0169a79feea8d52f282244510cf2b9b7e4d2537b88f62dd36b955cf4c57bf87122494098c77af6edc426ad84b8995f28038927cdb5ebc5b01a1183c7884fc937fa97780e347d4c5899c637629868351d4141da47f48ec6cea96f94f6a9d406281b0d65d724555715f446b78dbd315db606fbec5ab6ea350f07f308ab28d0631d9e786deef2820e5e99fccae2750cbb9e9da521b3e052