ti.securitycenter.windows.com

- Microsoft Corporation -

Issued by Microsoft IT TLS CA 1

About this certificate

This digital certificate with serial number 7b:00:00:6b:77:36:49:37:0e:f3:fa:f3:f9:00:00:00:00:6b:77 was issued on by Microsoft Corporation.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)

Microsoft Corporation

Organization: Microsoft Corporation
Organization unit: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Organization unit: Microsoft IT
State / Province: Washington
Locality: Redmond
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 7b:00:00:6b:77:36:49:37:0e:f3:fa:f3:f9:00:00:00:00:6b:77
Serial Number (int): 2742991802265646572374749633507792418588617591
Serial Number lenght: 151 bits, 19 octets

SubjectKeyId: 94:05:f9:84:e6:46:42:38:03:90:38:9f:af:42:97:b1:a4:ef:56:b1
AuthorityKeyId: 58:88:9f:d6:dc:9c:48:22:b7:14:3e:ff:84:88:e8:e6:85:ff:fa:7d

Fingerprint (sha1): 88:50:77:9e:1c:74:7b:a1:18:54:b0:5d:e8:f1:b7:c8:a7:62:40:d8
Fingerprint (sha256): 01:39:fa:41:9e:c2:df:1c:f5:ac:0f:0d:62:5e:71:72:62:f2:1d:de:44:66:10:bf:bc:e4:69:43:cf:5f:63:aa

Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%201.crt

Revocation information

OCSP Server: http://ocsp.msocsp.com
CRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%201.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%201.crl

Check the revocation status for certificate ti.securitycenter.windows.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ti.securitycenter.windows.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

wdatp-tiapi-prd.trafficmanager.net
wdatp-tiapi-cus-prd.cloudapp.net
wdatp-tiapi-eus-prd.cloudapp.net
wdatp-tiapi-weu-prd.cloudapp.net
wdatp-tiapi-neu-prd.cloudapp.net
ti.securitycenter.windows.com

Other certificates including the domain name windows.com

(limited to 100 certificates)
wdatpprd-jpe.securitycenter.windows.com
wdatpstg-eus2.securitycenter.windows.com
ingress.wdatpstg.windows.com
wdatpprd-cin.securitycenter.windows.com
wdatpprd-weu3.securitycenter.windows.com
wdatpprd-canc.securitycenter.windows.com
wdatpprd-cus.securitycenter.windows.com
wdatpprd-eus3.securitycenter.windows.com
wdatpprd-weu.securitycenter.windows.com
wdatpprd-sin.securitycenter.windows.com
wdatpprd-sww0a.securitycenter.windows.com
wdatpprd-neu.securitycenter.windows.com
wdatpprd-sww0a.securitycenter.windows.com
wdatpprd-neu.securitycenter.windows.com
wdatpprd-eus2.securitycenter.windows.com
wdatpprd-cin.securitycenter.windows.com
CyberDataPrefetcher-PRD.trafficmanager.net
andrew.rancher.poc.windows.com
wdatpprd-sww0a.securitycenter.windows.com
wdatpprd-sww0a.securitycenter.windows.com
wdatpprd-aus.securitycenter.windows.com
wdatpstg-eus2.securitycenter.windows.com
ti.securitycenter.windows.com
www.windowsphone.com
wdatpprd-sin.securitycenter.windows.com
*.wns.windows.com
wdatpprd-eus2.securitycenter.windows.com
wdatpprd-cus3.securitycenter.windows.com
CyberDataCtrl-PRD.trafficmanager.net
wdatpprd-cus3.securitycenter.windows.com
wdatpprd-sww0a.securitycenter.windows.com
wdatpprd-canc.securitycenter.windows.com
wdatpprd-cane.securitycenter.windows.com
CyberDataPrefetcher-PRD.trafficmanager.net
wdatpprd-cane.securitycenter.windows.com
wdatpprd-weu.securitycenter.windows.com
wdatpprd-uks.securitycenter.windows.com
wdatpprd-cane.securitycenter.windows.com
www.windowsphone.com
wdatpprd-eus3.securitycenter.windows.com
wdatpprd-neu3.securitycenter.windows.com
heartbeat.securitycenter.windows.com
wdatpstg-eus2.securitycenter.windows.com
wdatpprd-jpe.securitycenter.windows.com
ineportalapi-stg.trafficmanager.net
wdatpprd-cus3.securitycenter.windows.com
OnboardingService-PRD.trafficmanager.net
cache.datamart.windows.com
wdatpstg-eus2.securitycenter.windows.com
wdatpprd-eus2.securitycenter.windows.com
wdatpprd-cin.securitycenter.windows.com
WdatpApi-PRD.trafficmanager.net
akamai-san15.exacttarget.com
wdatpprd-canc.securitycenter.windows.com
wdatpprd-canc.securitycenter.windows.com
wdatpprd-cus3.securitycenter.windows.com
wdatpprd-sww0a.securitycenter.windows.com
csharp.net
wdatpstg-eus2.securitycenter.windows.com
insidersurveys.windows.com
wdatpprd-eus3.securitycenter.windows.com
wdatpprd-sin.securitycenter.windows.com
wdatpprd-ukw.securitycenter.windows.com
wdatpprd-canc.securitycenter.windows.com
wdatpprd-neu3.securitycenter.windows.com
wdatpprd-swn0a.securitycenter.windows.com
wdatpprd-cus.securitycenter.windows.com
wdatpprd-cus.securitycenter.windows.com
wdatpprd-cus.securitycenter.windows.com
wdatpprd-weu.securitycenter.windows.com
wdatpmdev-eus1.securitycenter.windows.com
wdatpstg-eus2.securitycenter.windows.com
wdatpprd-weu.securitycenter.windows.com
wdatpprd-neu.securitycenter.windows.com
wdatpprd-eus3.securitycenter.windows.com
wdatpprd-cane.securitycenter.windows.com
wdatpprd-neu3.securitycenter.windows.com
wdatpprd-eus2.securitycenter.windows.com
wdatpprd-cin.securitycenter.windows.com
wdatpprd-ukw.securitycenter.windows.com
wdatpprd-cane.securitycenter.windows.com
wdatpstg-eus2.securitycenter.windows.com
wdatpprd-swn0a.securitycenter.windows.com
wdatpprd-eus3.securitycenter.windows.com
wdatpprd-aue.securitycenter.windows.com
wdatpprd-jpe.securitycenter.windows.com
wdatpprd-cus3.securitycenter.windows.com
wdatpprd-sww0a.securitycenter.windows.com
wdatpprd-sin.securitycenter.windows.com
wdatpstg-eus2.securitycenter.windows.com
wdatpprd-eus2.securitycenter.windows.com
wdatpprd-swn0a.securitycenter.windows.com
wdatpprd-eus3.securitycenter.windows.com
wdatpprd-sww0a.securitycenter.windows.com
wdatpprd-eus2.securitycenter.windows.com
wdatpstg-eus2.securitycenter.windows.com
wdatpprd-cin.securitycenter.windows.com
wdatpstg-eus2.securitycenter.windows.com
wdatpprd-sin.securitycenter.windows.com
wdatpprd-cus.securitycenter.windows.com

Certificate

The complete raw certificate details for ti.securitycenter.windows.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH6DCCBdCgAwIBAgITewAAa3c2STcO8/rz+QAAAABrdzANBgkqhkiG9w0BAQsF
ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT
B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE
CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDEw
HhcNMTcxMjE4MDgxODUwWhcNMTgxMjE4MDgxODUwWjCBlDELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv
ZnQgQ29ycG9yYXRpb24xHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEm
MCQGA1UEAxMddGkuc2VjdXJpdHljZW50ZXIud2luZG93cy5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKdWARN1RIK4TsfysLE1K/3NaYXvjwKrFZ
8yjUj1WqnHYGYTUCnLcnUkpCu+1AJcsF1nC4XVAfq2OilH3aVNOulnyCUc2qFutQ
pA9O7dhxSe8cL5/etBfGZL5Nq3VUIQT0RybOXbehKiRFwVEqs+GsO3GcyH6Bz2IE
hOSqm9+jdJdaYeAzLT5t5c0/8254xvUhYagwSXnb59Z7goWDrvYgnG0wEtgBPcyn
JQA+I9iUyD7iGlHAy1IfzLlI7A+luzA8k160Tsv1WGNSNxnz9AE67FZI3rpQALPB
HYKoQThMOsCq2G2snWaQTaFqZmftahTQy1ofIcA2lpf9d9g0XvGjAgMBAAGjggM4
MIIDNDAdBgNVHQ4EFgQUlAX5hOZGQjgDkDifr0KXsaTvVrEwCwYDVR0PBAQDAgSw
MB8GA1UdIwQYMBaAFFiIn9bcnEgitxQ+/4SI6OaF//p9MIGsBgNVHR8EgaQwgaEw
gZ6ggZuggZiGS2h0dHA6Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAv
Y3JsL01pY3Jvc29mdCUyMElUJTIwVExTJTIwQ0ElMjAxLmNybIZJaHR0cDovL2Ny
bC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMElUJTIw
VExTJTIwQ0ElMjAxLmNybDCBhQYIKwYBBQUHAQEEeTB3MFEGCCsGAQUFBzAChkVo
dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NaWNyb3NvZnQlMjBJ
VCUyMFRMUyUyMENBJTIwMS5jcnQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLm1z
b2NzcC5jb20wPgYJKwYBBAGCNxUHBDEwLwYnKwYBBAGCNxUIh9qGdYPu2QGCyYUb
gbWeYYX062CBXYTS30KC55N6AgFkAgEaMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
BgEFBQcDATBNBgNVHSAERjBEMEIGCSsGAQQBgjcqATA1MDMGCCsGAQUFBwIBFido
dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcHMwJwYJKwYBBAGC
NxUKBBowGDAKBggrBgEFBQcDAjAKBggrBgEFBQcDATCB1gYDVR0RBIHOMIHLgiJ3
ZGF0cC10aWFwaS1wcmQudHJhZmZpY21hbmFnZXIubmV0giB3ZGF0cC10aWFwaS1j
dXMtcHJkLmNsb3VkYXBwLm5ldIIgd2RhdHAtdGlhcGktZXVzLXByZC5jbG91ZGFw
cC5uZXSCIHdkYXRwLXRpYXBpLXdldS1wcmQuY2xvdWRhcHAubmV0giB3ZGF0cC10
aWFwaS1uZXUtcHJkLmNsb3VkYXBwLm5ldIIddGkuc2VjdXJpdHljZW50ZXIud2lu
ZG93cy5jb20wDQYJKoZIhvcNAQELBQADggIBAFyCWCX+uU3DVAMGfx/VuI3AjJpo
bR3jHt0sSNRAbvUFSyIzZgHBUEaeVdbr5U2FV4iMJzVtN8wLKeVCmInKd/m09KlO
ehF+ZjsKQMMaxm/vTsACIy7cQESmS+d4wGDABPclbZaH8XCH3l6Qp1HD9D4O+wMH
W77p4cOIs03qo0CxMeRgzHSZbpB/xUJ+gMnFPupqzoewAcGpSjQYG4G8TB5eT9+q
uorl0HHconysGSf3Ht9e/0ETlrbxF1bysOx3QNE8qUhCHxkYVK5u53DHQnycZXgz
uJuIEgfK31+d45/emHch8z2w4i8vdBL8lqKXko+q+QSroFFEnFq3rIyGLg1fykWw
fp+bhWlVt1fubi5Fz5lLQcY0mtrC2/4VmiDMmRXk+2yoO3qtRc7n7sAkxQ6mabct
7jpAiq6zgjkircueZHrsupz5v2Ce+6qyWbWHq9xJvlnmhj+uM6aG7aNsY8Uz7ifk
Y1LVzA0sU29RCT3CzdsVk1x85x/w8bo6x9uGP549sssZve/7haayYYrK/+H9hDlK
r99NAtnBtcFAeVbzjl1qT/l5kBaWGKcaQtrS3NLqqiXm0LNIvTT+4jr6dZDoaZRj
SkDKii52OBwet25koIHebMwh7+FUBTBT1OUXuqEMnsEHOpvdjav0t9hBAYfyuUYH
lS1Y1W5l6GPLQwjv
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinVgETdUSCuE7H8rCxNS
v9zWmF748CqxWfMo1I9Vqpx2BmE1Apy3J1JKQrvtQCXLBdZwuF1QH6tjopR92lTT
rpZ8glHNqhbrUKQPTu3YcUnvHC+f3rQXxmS+Tat1VCEE9Ecmzl23oSokRcFRKrPh
rDtxnMh+gc9iBITkqpvfo3SXWmHgMy0+beXNP/NueMb1IWGoMEl52+fWe4KFg672
IJxtMBLYAT3MpyUAPiPYlMg+4hpRwMtSH8y5SOwPpbswPJNetE7L9VhjUjcZ8/QB
OuxWSN66UACzwR2CqEE4TDrAqthtrJ1mkE2hamZn7WoU0MtaHyHANpaX/XfYNF7x
owIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 2742991802265646572374749633507792418588617591
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT TLS CA 1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-12-18 08:18:50 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-12-18 08:18:50 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ti.securitycenter.windows.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17478765984565512179228185158647853713417770654781992866111714330498514178983461586864936316473173470676007351979550457761482333847299765846540668150384295487562692232311037599080737360578407103358759133214651446052806052642039226180305283508133909730584369035059175826439128057922646201920222757087986094412895586924757277635849795321630472505460128779245248898483584007024469397892124882245138684568246217125742992050069450417327310139587910282115870773487200092662187374945743164207233963132533015642267674348069702412444225441186060648784743825216836227491674455064222016757993083575746796760953941782633444733347
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9405f984e64642380390389faf4297b1a4ef56b1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 58889fd6dc9c4822b7143eff8488e8e685fffa7d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (164 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%201.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%201.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%201.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.16155509.8105089.5391003.2969441.12400096.221.9744322.5884410
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (206 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wdatp-tiapi-prd.trafficmanager.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wdatp-tiapi-cus-prd.cloudapp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wdatp-tiapi-eus-prd.cloudapp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wdatp-tiapi-weu-prd.cloudapp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wdatp-tiapi-neu-prd.cloudapp.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.securitycenter.windows.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		005c825825feb94dc35403067f1fd5b88dc08c9a686d1de31edd2c48d4406ef5054b22336601c150469e55d6ebe54d8557888c27356d37cc0b29e5429889ca77f9b4f4a94e7a117e663b0a40c31ac66fef4ec002232edc4044a64be778c060c004f7256d9687f17087de5e90a751c3f43e0efb03075bbee9e1c388b34deaa340b131e460cc74996e907fc5427e80c9c53eea6ace87b001c1a94a34181b81bc4c1e5e4fdfaaba8ae5d071dca27cac1927f71edf5eff411396b6f11756f2b0ec7740d13ca948421f191854ae6ee770c7427c9c657833b89b881207cadf5f9de39fde987721f33db0e22f2f7412fc96a297928faaf904aba051449c5ab7ac8c862e0d5fca45b07e9f9b856955b757ee6e2e45cf994b41c6349adac2dbfe159a20cc9915e4fb6ca83b7aad45cee7eec024c50ea669b72dee3a408aaeb3823922adcb9e647aecba9cf9bf609efbaab259b587abdc49be59e6863fae33a686eda36c63c533ee27e46352d5cc0d2c536f51093dc2cddb15935c7ce71ff0f1ba3ac7db863f9e3db2cb19bdeffb85a6b2618acaffe1fd84394aafdf4d02d9c1b5c1407956f38e5d6a4ff97990169618a71a42dad2dcd2eaaa25e6d0b348bd34fee23afa7590e86994634a40ca8a2e76381c1eb76e64a081de6ccc21efe154053053d4e517baa10c9ec1073a9bdd8dabf4b7d8410187f2b94607952d58d56e65e863cb4308ef