*.msn.com
Issued by Microsoft RSA TLS CA 02
About this certificate
This digital certificate with serial number 7f:00:00:39:25:a3:46:a4:79:09:4c:2f:c6:00:00:00:00:39:25 was issued on by Microsoft Corporation.
With 57 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Certificate Subject
CN=*.msn.com
Microsoft Corporation
Organization:
Microsoft Corporation
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 7f:00:00:39:25:a3:46:a4:79:09:4c:2f:c6:00:00:00:00:39:25Serial Number (int): 2832194716174811512119666360749003456364165413
Serial Number lenght: 151 bits, 19 octets
SubjectKeyId: 2c:ac:bc:64:5b:7b:95:d8:63:dd:78:a3:f2:fe:78:ea:3d:cd:a6:40
AuthorityKeyId: ff:2f:7f:e1:06:f4:38:f3:2d:ed:25:8d:98:c2:fe:0e:f6:6c:fc:fa
Fingerprint (sha1): 29:d5:99:f5:fe:16:8c:34:44:fc:b4:f0:88:54:63:c3:84:8d:95:bd
Fingerprint (sha256): 02:3b:6e:11:15:db:e1:84:7e:6b:54:73:5c:60:27:c6:32:79:5c:15:18:c8:84:3f:53:a0:df:d2:9c:b7:f4:ab
Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/Microsoft%20RSA%20TLS%20CA%2002.crt
Revocation information
OCSP Server: http://ocsp.msocsp.comCRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2002.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2002.crl
Check the revocation status for certificate *.msn.com
57
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.msn.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.msn.com
*.msn.cn
*.msn.com.cn
*.msn.it
msn.com
*.msn.co.jp
*.msn.co.nz
*.msn.co.uk
*.msn.at
*.msn.ca
*.msn.ch
*.msn.de
*.msn.es
*.msn.fi
*.msn.fr
*.msn.gr
*.msn.ie
*.msn.jp
*.msn.kz
*.msn.nl
*.msn.no
*.msn.pt
*.msn.ru
*.msn.se
*.msn.sg
*.msnarabia.com
*.msnautos.com
*.msncricket.com
*.msnlatino.com
*.msnnews.com
*.msnsports.com
*.msn.ae
*.msn.be
*.msn.cr
*.msn.dk
*.msn.hu
*.msn.net
*.msn.pl
*.msnstars.dk
*.msntravel.com
*.msn.co.cr
*.msn.co.id
*.msn.co.il
*.msn.co.in
*.msn.co.kr
*.msn.co.th
*.msn.co.za
*.msn.com.au
*.msn.com.br
*.msn.com.gr
*.msn.com.hk
*.msn.com.mx
*.msn.com.my
*.msn.com.sg
*.msn.com.tr
*.msn.com.tw
*.msn.net.ru
*.msn.cn
*.msn.com.cn
*.msn.it
msn.com
*.msn.co.jp
*.msn.co.nz
*.msn.co.uk
*.msn.at
*.msn.ca
*.msn.ch
*.msn.de
*.msn.es
*.msn.fi
*.msn.fr
*.msn.gr
*.msn.ie
*.msn.jp
*.msn.kz
*.msn.nl
*.msn.no
*.msn.pt
*.msn.ru
*.msn.se
*.msn.sg
*.msnarabia.com
*.msnautos.com
*.msncricket.com
*.msnlatino.com
*.msnnews.com
*.msnsports.com
*.msn.ae
*.msn.be
*.msn.cr
*.msn.dk
*.msn.hu
*.msn.net
*.msn.pl
*.msnstars.dk
*.msntravel.com
*.msn.co.cr
*.msn.co.id
*.msn.co.il
*.msn.co.in
*.msn.co.kr
*.msn.co.th
*.msn.co.za
*.msn.com.au
*.msn.com.br
*.msn.com.gr
*.msn.com.hk
*.msn.com.mx
*.msn.com.my
*.msn.com.sg
*.msn.com.tr
*.msn.com.tw
*.msn.net.ru
Other certificates including the domain name msn.com
(limited to 100 certificates)
suppadmgw.css.msn.com
amor.co.msn.com
*.contacts.msn.com
sync-sg1.trusted.msntv.msn.com
storage.live.com
apinternal.messenger.msn.com
ssl003.insnw.net
images.partner.windowsphone.com
account.microsoft.com
*.oneservice.msn.com
music.msn.com
*.vo.msecnd.net
*.events.data.microsoft.com
Reg.msn.com
advertising-uat.microsoft.com
fpt.microsoft.com
ssl003.insnw.net
*.sip.messenger.msn.com
suppsugw.css.msn.com
msniaap.msn.com
support.msn.com
*.msn.com
fpt.microsoft.com
sps-out.msn.com
*.vo.msecnd.net
scstest.msn.com
mail.live.com
arc.msn.com
stda02.zone.msn.com
zone.msn.com
www.mappoint.com
cdn.content.prod.cms.msn.com
omt.msn.com
ac3.msn.com
*.events-sandbox.data.microsoft.com
mobileexplorers.ca.msn.com
*.vo.msecnd.net
virtualearth.at
*.live-ws.msn.com
sendersupport.olc.protection.outlook.com
alerts.push.direct.msn.com
*.vo.msecnd.net
help.msn.com
g.msn.com
beta.it.money.msn.com
storage.live.com
adbroker.mp.dse.microsoft.com
*.ssl.catalog.video.msn.com
analytics.r.msn.com
www.multimap.com
featureupdate.msn.com
ssl003.insnw.net
ssl003.insnw.net
*.storage.msn.com
partnerprovider2.pcs.v2s.msn.com
*.msn.com
toolbar.msn.com
mail.live.com
f.msn.com
feedback.office.microsoft.com
partnerportal.msn.com
spaws.msn.com
api.choice.microsoft.com
fpt.microsoft.com
msniafeed.msn.com
federation.messenger.msn.com
api.partner.msn.com
www.bing.com
stdg02.zone.msn.com
test.cms.cdp.msn.com
storage.live.com
www.bing.com
logging.msnia.msn.com
texreg2.msn.com
*.events-sandbox.data.microsoft.com
c.msn.com
querypre.prod.cms.msn.com
*.events.data.microsoft.com
okauth.questionbox.jp.msn.com
beta5.idss.msn.com
g.msn.com
*.events.data.microsoft.com
ssl003.insnw.net
storage.live.com
*.events.data.microsoft.com
api.choice.microsoft.com
*.vo.msecnd.net
storage.live.com
dev.assets.msn.com
ca.moneycentral.msn.com
*.events.data.microsoft.com
answers.msn.com
*.msn.com
uploadlog2.msn.com
*.cn.msn.com
storage.msn.com
blog.msn.com
stda01.zone.msn.com
*.vo.msecnd.net
*.msn.com
amor.co.msn.com
*.contacts.msn.com
sync-sg1.trusted.msntv.msn.com
storage.live.com
apinternal.messenger.msn.com
ssl003.insnw.net
images.partner.windowsphone.com
account.microsoft.com
*.oneservice.msn.com
music.msn.com
*.vo.msecnd.net
*.events.data.microsoft.com
Reg.msn.com
advertising-uat.microsoft.com
fpt.microsoft.com
ssl003.insnw.net
*.sip.messenger.msn.com
suppsugw.css.msn.com
msniaap.msn.com
support.msn.com
*.msn.com
fpt.microsoft.com
sps-out.msn.com
*.vo.msecnd.net
scstest.msn.com
mail.live.com
arc.msn.com
stda02.zone.msn.com
zone.msn.com
www.mappoint.com
cdn.content.prod.cms.msn.com
omt.msn.com
ac3.msn.com
*.events-sandbox.data.microsoft.com
mobileexplorers.ca.msn.com
*.vo.msecnd.net
virtualearth.at
*.live-ws.msn.com
sendersupport.olc.protection.outlook.com
alerts.push.direct.msn.com
*.vo.msecnd.net
help.msn.com
g.msn.com
beta.it.money.msn.com
storage.live.com
adbroker.mp.dse.microsoft.com
*.ssl.catalog.video.msn.com
analytics.r.msn.com
www.multimap.com
featureupdate.msn.com
ssl003.insnw.net
ssl003.insnw.net
*.storage.msn.com
partnerprovider2.pcs.v2s.msn.com
*.msn.com
toolbar.msn.com
mail.live.com
f.msn.com
feedback.office.microsoft.com
partnerportal.msn.com
spaws.msn.com
api.choice.microsoft.com
fpt.microsoft.com
msniafeed.msn.com
federation.messenger.msn.com
api.partner.msn.com
www.bing.com
stdg02.zone.msn.com
test.cms.cdp.msn.com
storage.live.com
www.bing.com
logging.msnia.msn.com
texreg2.msn.com
*.events-sandbox.data.microsoft.com
c.msn.com
querypre.prod.cms.msn.com
*.events.data.microsoft.com
okauth.questionbox.jp.msn.com
beta5.idss.msn.com
g.msn.com
*.events.data.microsoft.com
ssl003.insnw.net
storage.live.com
*.events.data.microsoft.com
api.choice.microsoft.com
*.vo.msecnd.net
storage.live.com
dev.assets.msn.com
ca.moneycentral.msn.com
*.events.data.microsoft.com
answers.msn.com
*.msn.com
uploadlog2.msn.com
*.cn.msn.com
storage.msn.com
blog.msn.com
stda01.zone.msn.com
*.vo.msecnd.net
*.msn.com
Certificate
The complete raw certificate details for *.msn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJQDCCByigAwIBAgITfwAAOSWjRqR5CUwvxgAAAAA5JTANBgkqhkiG9w0BAQsF ADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u MSAwHgYDVQQDExdNaWNyb3NvZnQgUlNBIFRMUyBDQSAwMjAeFw0yMDA5MjkyMTE3 MzZaFw0yMTA5MjkyMTE3MzZaMBQxEjAQBgNVBAMMCSoubXNuLmNvbTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBALWyE5eqku798/T2Q9ZNS6RCXmwGNNpv yxOzDduUGMLqn16HVMTxrLIXkWkU11aC8NFTccnGmCWzAIPZPb9J11VnuhqKUGJI o+EZ2Yt8ZF7E8gDyCmX3JPxX6usO3fifFssHuJVjvJe6IW8h8uF4L0Vg6ZcHqX4/ qoaTraBNpyWDNkYgmsUec5V1nf1KjLSqENrRPmqyMBDpQILqzcPHnk7WdyJpZ1Cj P8xubTxhPkhxWFxCiXQDjn6m7fr/4LYACuDYmWopwTmu1lXFtXDhtVcFHRNsyZWK skbw7r1XVItAMCVEOUreYfP89r+6VoB8/pgP4ja2db/XBe94VFO2hvkCAwEAAaOC BU4wggVKMBMGCisGAQQB1nkCBAMBAf8EAgUAMCcGCSsGAQQBgjcVCgQaMBgwCgYI KwYBBQUHAwEwCgYIKwYBBQUHAwIwPgYJKwYBBAGCNxUHBDEwLwYnKwYBBAGCNxUI h9qGdYPu2QGCyYUbgbWeYYX062CBXYWGjkGHwphQAgFkAgElMIGHBggrBgEFBQcB AQR7MHkwUwYIKwYBBQUHMAKGR2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kv bXNjb3JwL01pY3Jvc29mdCUyMFJTQSUyMFRMUyUyMENBJTIwMDIuY3J0MCIGCCsG AQUFBzABhhZodHRwOi8vb2NzcC5tc29jc3AuY29tMB0GA1UdDgQWBBQsrLxkW3uV 2GPdeKPy/njqPc2mQDALBgNVHQ8EBAMCBLAwggLGBgNVHREEggK9MIICuYIJKi5t c24uY29tgggqLm1zbi5jboIMKi5tc24uY29tLmNugggqLm1zbi5pdIIHbXNuLmNv bYILKi5tc24uY28uanCCCyoubXNuLmNvLm56ggsqLm1zbi5jby51a4IIKi5tc24u YXSCCCoubXNuLmNhgggqLm1zbi5jaIIIKi5tc24uZGWCCCoubXNuLmVzgggqLm1z bi5maYIIKi5tc24uZnKCCCoubXNuLmdygggqLm1zbi5pZYIIKi5tc24uanCCCCou bXNuLmt6gggqLm1zbi5ubIIIKi5tc24ubm+CCCoubXNuLnB0gggqLm1zbi5ydYII Ki5tc24uc2WCCCoubXNuLnNngg8qLm1zbmFyYWJpYS5jb22CDioubXNuYXV0b3Mu Y29tghAqLm1zbmNyaWNrZXQuY29tgg8qLm1zbmxhdGluby5jb22CDSoubXNubmV3 cy5jb22CDyoubXNuc3BvcnRzLmNvbYIIKi5tc24uYWWCCCoubXNuLmJlgggqLm1z bi5jcoIIKi5tc24uZGuCCCoubXNuLmh1ggkqLm1zbi5uZXSCCCoubXNuLnBsgg0q Lm1zbnN0YXJzLmRrgg8qLm1zbnRyYXZlbC5jb22CCyoubXNuLmNvLmNyggsqLm1z bi5jby5pZIILKi5tc24uY28uaWyCCyoubXNuLmNvLmluggsqLm1zbi5jby5rcoIL Ki5tc24uY28udGiCCyoubXNuLmNvLnphggwqLm1zbi5jb20uYXWCDCoubXNuLmNv bS5icoIMKi5tc24uY29tLmdyggwqLm1zbi5jb20uaGuCDCoubXNuLmNvbS5teIIM Ki5tc24uY29tLm15ggwqLm1zbi5jb20uc2eCDCoubXNuLmNvbS50coIMKi5tc24u Y29tLnR3ggwqLm1zbi5uZXQucnUwgbAGA1UdHwSBqDCBpTCBoqCBn6CBnIZNaHR0 cDovL21zY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0 JTIwUlNBJTIwVExTJTIwQ0ElMjAwMi5jcmyGS2h0dHA6Ly9jcmwubWljcm9zb2Z0 LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBDQSUy MDAyLmNybDBXBgNVHSAEUDBOMEIGCSsGAQQBgjcqATA1MDMGCCsGAQUFBwIBFido dHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcHMwCAYGZ4EMAQIB MB8GA1UdIwQYMBaAFP8vf+EG9DjzLe0ljZjC/g72bPz6MB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAgEArWj/aqGN67aasNM1 8yqTc560W3alVsNuMioFM3o/ru46QUBV2M3k2e9WNu0M4aOOpHIZbnrsANvcA96P XkY+w3DH0BX1V/rzWFAHr5I3Tp9m1d6pE9Oe9+TcWzfD5kV4FXiLFFwk5cdAGHJK IU6sIetmSLlEXqesBfQL6OiwIZQW3WmZwKkPAJfAwdbQU6P+26+hkpWwE6UVEgRE yJzhbQ5RHKLo3IdV2IS5b4tkqyOcXSJUxNKZGKBDID3VOsoc4GYLqlfHyWkE8uuC ZROUQNN0eSLKZOigD8yvvcFllQG+aDzJFwsT0OrrInGlcBbbWEA3etmGNpt0b6Kq a9jBJDNcedLp3lOL3h7M1um6N+WesgDH9rb4K5/d7NXbhMU1QYnwA8mu0pAlTUBH +76b9XgkLLt46uzyxyz6JRxkiQKIv4klfNyQIJRDA5Wm9LTn0EIZE0/lik13eRds +QNroz+h/pZ9wuJF51FRAtESm5c1NIcr35FxulBF+xk1P1CWBMaZX7wy9BtlvRUw 9lxAcL+p6DhLLdGkNB98s5eThmTVDySGDZJiUSevApxZUD6/FSgmDRmJHTQXQqM9 6ubWFzw24epC/fY4EwVd5OOhRdG8hADF3w7xTjbktP8/SOpOs3snUjWMx6NHUJ4+ Pt2pi0g3zAZ6pcq1ZUCjyheVW7E= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbITl6qS7v3z9PZD1k1L pEJebAY02m/LE7MN25QYwuqfXodUxPGssheRaRTXVoLw0VNxycaYJbMAg9k9v0nX VWe6GopQYkij4RnZi3xkXsTyAPIKZfck/Ffq6w7d+J8Wywe4lWO8l7ohbyHy4Xgv RWDplwepfj+qhpOtoE2nJYM2RiCaxR5zlXWd/UqMtKoQ2tE+arIwEOlAgurNw8ee TtZ3ImlnUKM/zG5tPGE+SHFYXEKJdAOOfqbt+v/gtgAK4NiZainBOa7WVcW1cOG1 VwUdE2zJlYqyRvDuvVdUi0AwJUQ5St5h8/z2v7pWgHz+mA/iNrZ1v9cF73hUU7aG +QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2832194716174811512119666360749003456364165413 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft RSA TLS CA 02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-29 21:17:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-29 21:17:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.msn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22936946010104320560554597335465839051843917355969549171645456391677369287999930479501620463611003704972901266160363231619760210816866148340919546420664462737040653411983221148556868148341097341774624226477655748421921346124950374794710336964448307818420333307102707340764601913532660057139505521261768400576214802809257491415443766787604667672805022898740243451995284683460103887784999981104751723485159720960532840566420739270217759880912051254935718508942940170340398887040309342835939547335497246921648550591828126434928770206571126195451138483870201062046312401996900198702351807263773227512392991830693301880569 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.16155509.8105089.5391003.2969441.12400096.221.10585921.15764560 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 37 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/Microsoft%20RSA%20TLS%20CA%2002.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2cacbc645b7b95d863dd78a3f2fe78ea3dcda640 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (701 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.nz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.at' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.es' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.fi' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.gr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ie' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.kz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.no' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.pt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ru' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.se' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.sg' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnarabia.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnautos.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msncricket.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnlatino.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnnews.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnsports.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ae' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.be' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.cr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.dk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.hu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.pl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnstars.dk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msntravel.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.cr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.id' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.il' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.kr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.th' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.za' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.br' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.gr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.hk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.my' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.sg' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.tr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.tw' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.net.ru' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (168 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2002.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2002.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ff2f7fe106f438f32ded258d98c2fe0ef66cfcfa . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00ad68ff6aa18debb69ab0d335f32a93739eb45b76a556c36e322a05337a3faeee3a414055d8cde4d9ef5636ed0ce1a38ea472196e7aec00dbdc03de8f5e463ec370c7d015f557faf3585007af92374e9f66d5dea913d39ef7e4dc5b37c3e6457815788b145c24e5c74018724a214eac21eb6648b9445ea7ac05f40be8e8b0219416dd6999c0a90f0097c0c1d6d053a3fedbafa19295b013a515120444c89ce16d0e511ca2e8dc8755d884b96f8b64ab239c5d2254c4d29918a043203dd53aca1ce0660baa57c7c96904f2eb8265139440d3747922ca64e8a00fccafbdc1659501be683cc9170b13d0eaeb2271a57016db5840377ad986369b746fa2aa6bd8c124335c79d2e9de538bde1eccd6e9ba37e59eb200c7f6b6f82b9fddecd5db84c5354189f003c9aed290254d4047fbbe9bf578242cbb78eaecf2c72cfa251c64890288bf89257cdc902094430395a6f4b4e7d04219134fe58a4d7779176cf9036ba33fa1fe967dc2e245e7515102d1129b973534872bdf9171ba5045fb19353f509604c6995fbc32f41b65bd1530f65c4070bfa9e8384b2dd1a4341f7cb397938664d50f24860d92625127af029c59503ebf1528260d19891d341742a33deae6d6173c36e1ea42fdf63813055de4e3a145d1bc8400c5df0ef14e36e4b4ff3f48ea4eb37b2752358cc7a347509e3e3edda98b4837cc067aa5cab56540a3ca17955bb1