CQ1PrdApp02.prod.idns.azure.net

Issued by Microsoft IT TLS CA 4

About this certificate

This digital certificate with serial number 16:00:04:75:aa:2e:dd:ca:b0:f0:6f:43:fc:00:00:00:04:75:aa was issued on by Microsoft Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)

Certificate Subject

CN=CQ1PrdApp02.prod.idns.azure.net

Microsoft Corporation

Organization: Microsoft Corporation
Organization unit: Microsoft IT
State / Province: Washington
Locality: Redmond
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 16:00:04:75:aa:2e:dd:ca:b0:f0:6f:43:fc:00:00:00:04:75:aa
Serial Number (int): 490617911900457928649279459957563864182453674
Serial Number lenght: 149 bits, 19 octets

SubjectKeyId: 02:e6:27:45:da:07:8b:4e:47:74:d2:1a:da:5e:d7:de:fa:99:87:89
AuthorityKeyId: 7a:7b:8c:c1:cf:e7:a0:ca:1c:d4:6b:fa:fb:e1:33:c3:0f:1a:a2:9d

Fingerprint (sha1): 86:d1:c3:61:3f:8d:4d:22:33:c4:b5:98:7f:a3:a9:0b:da:cc:a1:1c
Fingerprint (sha256): 00:d6:9d:c2:ec:61:d4:83:7e:c5:87:2c:36:6a:64:5e:88:91:52:22:45:8e:1b:93:4b:cc:f9:a8:23:c0:87:52

Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%204.crt

Revocation information

OCSP Server: http://ocsp.msocsp.com
CRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%204.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%204.crl

Check the revocation status for certificate CQ1PrdApp02.prod.idns.azure.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for CQ1PrdApp02.prod.idns.azure.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

11 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.prod.rcp.privatedns.trafficmanager.net
CQ1PrdApp02.prod.idns.azure.net

Other certificates including the domain name azure.net

(limited to 100 certificates)
adeidentity-PN1PrdApp07.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
azattesttest.westus.cloudapp.azure.com
*.blob.core.windows.net
cp-mhsm-cus-synthetics.managedhsm.azure.net
*.northcentralus.redisenterprise.cache.azure.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-BLAPrdHPC02.diskencryption.azure.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.file.core.windows.net
adeidentity-GVX01PrdGPC18.diskencryption.azure.net
cp-kmsp-cnyc-synthetics.managedhsm.azure.net
*.table.core.windows.net
*.table.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
adeidentity-DB4PrdHPC01.diskencryption.azure.net
cp-mhsm-swec-synthetics.managedhsm.azure.net
mhsm-frc-synthetics.managedhsm.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.file.core.windows.net
cp-mhsm-cus-synthetics.managedhsm.azure.net
PDBidDigiCertCert.managedhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
kvHsm240530040023513479.managedhsm.azure.net
cp-mhsm-scu-synthetics.managedhsm.azure.net
*.account.core.windows.net
*.eastus2.redisenterprise.cache.azure.net
adeidentity-MWH04PrdApp14.diskencryption.azure.net
*.file.core.windows.net
cp-mhsm-krc-synthetics.managedhsm.azure.net
YTO24PrdApp01.prod.idns.azure.net
adeidentity-MWH21PrdApp09.diskencryption.azure.net
adeidentity-BL6PrdApp07.diskencryption.azure.net
*.web.core.windows.net
*.eventgrid-int.azure.net
mhsm-sebr-synthetics.managedhsm.azure.net
adeidentity-AMS26PrdApp10.diskencryption.azure.net
afsppweu-cp.afs.azure.net
*.dfs.core.windows.net
b2b.azure.net
*.table.core.windows.net
*.dfs.core.windows.net
*.blob.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.eastus.redisenterprise.cache.azure.net
*.queue.core.windows.net
mhsm-cce-synthetics.managedhsm.azure.net
adeidentity-BY4PrdDDC15.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
adeidentity-BN4PrdApp16.diskencryption.azure.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
mhsm-cnye-synth-geo.managedhsm.azure.net
mhsm-cce-synthetics.managedhsm.azure.net
*.account.core.windows.net
adeidentity-CPT21PrdGPC03.diskencryption.azure.net
cp-mhsm-frc-synthetics.managedhsm.azure.net
*.westus.redisenterprise.cache.azure.net
mhsm-wus-synthetics.managedhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
hsm2.mytestchsmpool1118-hccwg7c4a9dzdja3.cloudhsm.azure.net
mhsm-cce-synthetics.managedhsm.azure.net
*.centraluseuap.redisenterprise.cache.azure.net
*.table.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.northeurope.redisenterprise.cache.azure.net
cp-kmsp-qac-synthetics.managedhsm.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
ML1PrdApp07.prod.idns.azure.net
*.file.core.windows.net
mhsm-cnyc-synthetics.managedhsm.azure.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.queue.core.windows.net
hsm1.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.blob.core.windows.net
afsppjpw-dp.afs.azure.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
afsppden-dp.afs.azure.net
ig-mhsm-krc-synthetics.managedhsm.azure.net
*.dfs.core.windows.net
mhsm-krc-synthetics.managedhsm.azure.net
*.centraluseuap.redisenterprise.cache.azure.net
*.account.core.windows.net
hsm2.jesimme-001-akb4bdc7gwc2hpcf.cloudhsm.azure.net
*.dfs.core.windows.net
*.queue.core.windows.net
*.queue.core.windows.net
mhsm-mys-synthetics.managedhsm.azure.net
cp-mhsm-wus2-synthetics.managedhsm.azure.net
CHI21PrdApp01.prod.idns.azure.net
*.file.core.windows.net
cp-mhsm-frc-synthetics.managedhsm.azure.net

Certificate

The complete raw certificate details for CQ1PrdApp02.prod.idns.azure.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII9TCCBt2gAwIBAgITFgAEdaou3cqw8G9D/AAAAAR1qjANBgkqhkiG9w0BAQsF
ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT
B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE
CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDQw
HhcNMTkwMzIwMDAwNzE5WhcNMjEwMzIwMDAwNzE5WjAqMSgwJgYDVQQDEx9DUTFQ
cmRBcHAwMi5wcm9kLmlkbnMuYXp1cmUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqsVqD/rnjKH3vuOqWnDdJRvfjrHf9Ie4Qbw0djLlgehBlNwP
wj5rHv9nD4pBYVGF+L8XpzuKQopUZwBE74WABRDY2gIRdEw0ZyMuQS87YPPhmK/y
YKeyUwzZ7F35tsEWxyJyxn8YbluUxagyD+wrQYbEZB+gm9hd6zPzetlpOhDdLDRU
g890qXCixog3fXsR6fWtcacYO4nammsHUFfJQ3MwqdkceIvKjtJjbZOPe6NEfesA
Rx1VQu/dtJURHCA1I71LBNOt9KYVrmICRhXEP2CVOYRQnn7+gVN55af60pdGVlEW
wZmlcDLf7X/U4lbpqLtOSMkQukBlyaLYD0FDywIDAQABo4IEsDCCBKwwggH3Bgor
BgEEAdZ5AgQCBIIB5wSCAeMB4QB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCW
ZDaOHtGFAAABaZh1rg4AAAQDAEcwRQIhAMv38+CVPUkmLRFUdi0w0w3Sy+lTS7J/
p6fGXm+o6zHvAiAgbuMsWeGx88dlofcFdXxF84ef9lxLddUhP8H1oSAebwB2AKS5
CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABaZh1rg0AAAQDAEcwRQIh
ALvBJnu9wnsDZ+648P/af3sz9q/sj0fj0X0MAD+r/RsqAiBDfvS7ryctLAbZ/b0i
00SzhLeIIP41is7WKEN7rhlNtAB2AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+j
qh0HE9MMAAABaZh1r3AAAAQDAEcwRQIgEM61OBkAvZ1kMrQC9g09wBMCeo+CGXgX
Ywt5X6dJ/vMCIQDmDYIqgoHk8Rbvr380m0tXVw8jFt/HU9Z0O9o6rI3blgB3AESU
ZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/TM5a1toGoAAABaZh1rg4AAAQDAEgwRgIh
AJP2jIUdtCqasL/FaEzMkIHazQ8zAvj5is4Eqlxa2PO8AiEA6Oht9uup6KaU3SzE
p63prvBj4H8jwZIs1HUoHLbsZjswJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcD
AjAKBggrBgEFBQcDATA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiH2oZ1g+7Z
AYLJhRuBtZ5hhfTrYIFdhNLfQoLnk3oCAWQCAR0wgYUGCCsGAQUFBwEBBHkwdzBR
BggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAv
TWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3J0MCIGCCsGAQUFBzABhhZo
dHRwOi8vb2NzcC5tc29jc3AuY29tMB0GA1UdDgQWBBQC5idF2geLTkd00hraXtfe
+pmHiTALBgNVHQ8EBAMCBLAwVAYDVR0RBE0wS4IoKi5wcm9kLnJjcC5wcml2YXRl
ZG5zLnRyYWZmaWNtYW5hZ2VyLm5ldIIfQ1ExUHJkQXBwMDIucHJvZC5pZG5zLmF6
dXJlLm5ldDCBrAYDVR0fBIGkMIGhMIGeoIGboIGYhktodHRwOi8vbXNjcmwubWlj
cm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBJVCUyMFRMUyUy
MENBJTIwNC5jcmyGSWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3Jw
L2NybC9NaWNyb3NvZnQlMjBJVCUyMFRMUyUyMENBJTIwNC5jcmwwTQYDVR0gBEYw
RDBCBgkrBgEEAYI3KgEwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5taWNyb3Nv
ZnQuY29tL3BraS9tc2NvcnAvY3BzMB8GA1UdIwQYMBaAFHp7jMHP56DKHNRr+vvh
M8MPGqKdMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0B
AQsFAAOCAgEAnf5TPjYyEhFe0k6jnL9q//+vtZeWcOcw2g4uosaoeY9PEBYPkA5e
LacjlcA3NXUdJBKjq62Io7T4RgttP8qF73ltbIQojQRLNjYlmhAlERwsaRsREqEc
xT8i6S7Anx5DhJEQim0lQ4BbXQ8aERDg07dN1g3Zsv38bYHctW4YxSGtO8mr3E/F
PZ2OsLLq5D61DeSbQXz5NgPUrz/C2+Q78AUfmCKMjThppLz27e/1k6GKw3QVJlJD
Um+xp7GDmQuu+9dCBk2ATt9S+Ht0jLYJIj0UB55wTM6zp+Tbh68Bz1DM9rMD31X1
79dUNKhdsyTXsjuZheTJPXaZOLrJ8q8CWuo+OPDEIVpfxER8peJ0NVKNEdTVlmE9
6sqAbcuk4sWt/hS9DN5g32EdXOo+XkaJYJO0Wn5efaTT8rr8NWqHqjtOvVZ2q8WG
uiYEgTTJIEvehZoIuwbMcuPysRsP0UvqCk9wWYkzouzVx31enVsSjDeAPO3xq1b5
YWic0D0tOhmHyxHPGfm0YLro1rqeIcmLtWxA3A/5r5wH2U53ukuWc6DHgunt2fOg
6rlPHct9/yuDh2I57SZ2G+HI1t98/VTZzmNtW8TAIbMn07pwrEP80lpYyhx8AQ4g
QqHGfR6/Ki/yLRt6X+fs5eL27pMTUHURMfBVINexI+35ty96vpkm5FE=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsVqD/rnjKH3vuOqWnDd
JRvfjrHf9Ie4Qbw0djLlgehBlNwPwj5rHv9nD4pBYVGF+L8XpzuKQopUZwBE74WA
BRDY2gIRdEw0ZyMuQS87YPPhmK/yYKeyUwzZ7F35tsEWxyJyxn8YbluUxagyD+wr
QYbEZB+gm9hd6zPzetlpOhDdLDRUg890qXCixog3fXsR6fWtcacYO4nammsHUFfJ
Q3MwqdkceIvKjtJjbZOPe6NEfesARx1VQu/dtJURHCA1I71LBNOt9KYVrmICRhXE
P2CVOYRQnn7+gVN55af60pdGVlEWwZmlcDLf7X/U4lbpqLtOSMkQukBlyaLYD0FD
ywIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 490617911900457928649279459957563864182453674
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT TLS CA 4'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-20 00:07:19 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-20 00:07:19 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CQ1PrdApp02.prod.idns.azure.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21557860466917550265287274943059324790246967447544969290192911036390886668484982246895026023944681869510499509487024647794090998936981828991326016763893629154808795005798935621143433253321365780329966719942089218074197559917377856272277951630725698735417876809458805858723902625347129518545020225602269661083440339434513021081730455352858054790146314092200156873066535456570357722205038811750470863252788584178643263222716674921052261089613887474622048644662238117641563703317101806616955897690472411588209879803165077082528292252295926284665208208056225868617140493196630732308207256943020013863433944232322444379083
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes)
							01e1007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed185000001699875ae0e0000040300473045022100cbf7f3e0953d49262d1154762d30d30dd2cbe9534bb27fa7a7c65e6fa8eb31ef0220206ee32c59e1b1f3c765a1f705757c45f3879ff65c4b75d5213fc1f5a1201e6f007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001699875ae0d0000040300473045022100bbc1267bbdc27b0367eeb8f0ffda7f7b33f6afec8f47e3d17d0c003fabfd1b2a0220437ef4bbaf272d2c06d9fdbd22d344b384b78820fe358aced628437bae194db40076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001699875af700000040300473045022010ceb5381900bd9d6432b402f60d3dc013027a8f82197817630b795fa749fef3022100e60d822a8281e4f116efaf7f349b4b57570f2316dfc753d6743bda3aac8ddb960077004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a8000001699875ae0e000004030048304602210093f68c851db42a9ab0bfc5684ccc9081dacd0f3302f8f98ace04aa5c5ad8f3bc022100e8e86df6eba9e8a694dd2cc4a7ade9aef063e07f23c1922cd475281cb6ec663b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.16155509.8105089.5391003.2969441.12400096.221.9744322.5884410
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%204.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							02e62745da078b4e4774d21ada5ed7defa998789
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prod.rcp.privatedns.trafficmanager.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'CQ1PrdApp02.prod.idns.azure.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (164 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%204.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%204.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7a7b8cc1cfe7a0ca1cd46bfafbe133c30f1aa29d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		009dfe533e363212115ed24ea39cbf6affffafb5979670e730da0e2ea2c6a8798f4f10160f900e5e2da72395c03735751d2412a3abad88a3b4f8460b6d3fca85ef796d6c84288d044b3636259a1025111c2c691b1112a11cc53f22e92ec09f1e438491108a6d2543805b5d0f1a1110e0d3b74dd60dd9b2fdfc6d81dcb56e18c521ad3bc9abdc4fc53d9d8eb0b2eae43eb50de49b417cf93603d4af3fc2dbe43bf0051f98228c8d3869a4bcf6edeff593a18ac37415265243526fb1a7b183990baefbd742064d804edf52f87b748cb609223d14079e704cceb3a7e4db87af01cf50ccf6b303df55f5efd75434a85db324d7b23b9985e4c93d769938bac9f2af025aea3e38f0c4215a5fc4447ca5e27435528d11d4d596613deaca806dcba4e2c5adfe14bd0cde60df611d5cea3e5e46896093b45a7e5e7da4d3f2bafc356a87aa3b4ebd5676abc586ba26048134c9204bde859a08bb06cc72e3f2b11b0fd14bea0a4f70598933a2ecd5c77d5e9d5b128c37803cedf1ab56f961689cd03d2d3a1987cb11cf19f9b460bae8d6ba9e21c98bb56c40dc0ff9af9c07d94e77ba4b9673a0c782e9edd9f3a0eab94f1dcb7dff2b83876239ed26761be1c8d6df7cfd54d9ce636d5bc4c021b327d3ba70ac43fcd25a58ca1c7c010e2042a1c67d1ebf2a2ff22d1b7a5fe7ece5e2f6ee931350751131f05520d7b123edf9b72f7abe9926e451