o365auditrealtimeingestion.manage.office.com

- Microsoft Corporation -

Issued by DigiCert SHA2 Secure Server CA

About this certificate

This digital certificate with serial number 0f:cb:7d:0a:67:b2:70:fb:9f:9c:88:77:56:7b:f8:93 was issued on by DigiCert Inc.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: Washington
Locality: Redmond
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0f:cb:7d:0a:67:b2:70:fb:9f:9c:88:77:56:7b:f8:93
Serial Number (int): 20994992324631068057765173568529496211
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 32:a3:fc:e1:08:a3:46:62:9f:19:2d:06:bb:ef:59:aa:68:42:0b:f2
AuthorityKeyId: 0f:80:61:1c:82:31:61:d5:2f:28:e7:8d:46:38:b4:2c:e1:c6:d9:e2

Fingerprint (sha1): 39:89:6f:8f:ef:09:4a:d0:7e:d7:4f:97:6c:67:7c:16:e7:fb:d7:43
Fingerprint (sha256): 04:95:41:5d:ee:41:64:c0:c6:1c:b4:4c:c0:a3:96:13:ad:52:18:db:b7:1e:f0:c0:9f:6f:f8:39:75:12:37:af

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA-2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigicertSHA2SecureServerCA-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigicertSHA2SecureServerCA-1.crl

Check the revocation status for certificate o365auditrealtimeingestion.manage.office.com

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for o365auditrealtimeingestion.manage.office.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

o365auditrealtimeingestion.manage.office.com
*.o365auditrealtimeingestion.manage.office.com
*.jitrdp.prod.auditing.office.net

Other certificates including the domain name office.com

(limited to 100 certificates)
loki.delve.office.com
*.asm.skype.com
df.incubator.aesir.office.com
5702666986455040-fe2.pantheonsite.io
officeapps.live.com
*.footprintdns.com
*.wac.gbl.office.com
5702666986455040-fe2.pantheonsite.io
augloop.office.com
www.office.com
gls.itarl4.ingestion.office.com
nam1.gcs.office.com
outlook.com
graph.windows.net
o365auditrealtimeingestion.manage.office.com
forms.office.com
*.config.skype.com
app.ingestion.office.com
*.config.skype.com
augloop.office.com
www.office.com
ppe.sso.eduupgrade.office.com
bookings.outlookapps.com
www.office.com
www.office.com
tr-tmc-afd.office.com
augloop.office.com
cert00010-azurecdn.akamaized.net
SPOActivityPipeSigningCertKey.office.com
chatsvcagg.teams.microsoft.com
graph.windows.net
store.office.com
delve.office.com
graph.windows.net
test.test.test.outlook.com
*.footprintdns.com
*.asm.skype.com
outlook.com
setup.office.com
5702666986455040-fe2.pantheonsite.io
*.footprintdns.com
griffinb2-gru-client.office.com
outlook.com
cisurvey.office.com
support.office.com
mdsrunnermgmt.office.com
bookings.outlookapps.com
gcp.ingestion.office.com
*.domains.live.com
support.officeppe.com
portal.office.com
*.footprintdns.com
prod.invite.teams.internal.office.com
ifttt.edog.office.com
OfficeOMEXSigningCertKey.office.com
www.office.com
cortana.office.com
setup.office.com
manage.office.com
api.orginsights.viva.office.com
office365-waffle.forms.office.com
*.config.skype.com
portal.office.com
outlook.live.com
desdemona.osikevlartorus.office.com
support.office.com
*.gcscluster.office.com
sender.office.com
lifecycle.office.com
afd.loki.delve.office.com
support.outlook.com
portal.office.com
*.footprintdns.com
YPPServicesSigningCertKey.office.com
gcc.loki.delve.office.com
reverseproxy.onenote.com
graph.windows.net
kvaccess.delve.office.com
config.office.com
www.silicon.help
outlook.com
www.office.com
o365auditrealtimeingestion.manage.office.com
support.office.com
kvapp.df.aesir.office.com
df.invite.teams.internal.office.com
outlook.com
prod.idsapi.loki.delve.office.com
cdn.forms.office.net
uci.officeapps.live.com
hrd.office.com
*.footprintdns.com
settings.teams.internal.office.com
dreamspace.ie
chatsvcagg.teams.microsoft.com
delve-gcc.office.com
listings-dev.office.com
status.office.com
pdapi.substrate.office.com
bcws.office.com

Certificate

The complete raw certificate details for o365auditrealtimeingestion.manage.office.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHRTCCBi2gAwIBAgIQD8t9CmeycPufnIh3Vnv4kzANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMjQwMjI3MDAwMDAwWhcN
MjUwMjI3MjM1OTU5WjCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0
b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh
dGlvbjE1MDMGA1UEAxMsbzM2NWF1ZGl0cmVhbHRpbWVpbmdlc3Rpb24ubWFuYWdl
Lm9mZmljZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj0Tke
+Uoot0xiY599g0n0ccb/1O4EAQJWTssOg1VL4Cryu1bZpCOSULGOYdNZJ4kPvMZO
yN0U1Db2iD/M0vjZgmspcVQlrQlzKmprwiLCkISw1zsxXiPlfOLcn+OlonFtle4D
8KPbIF6joB3HCJJIWqiKWxMCQUQKTdt/kKkNPLvsbFdvvrF/17JC00lxxzb5nZIB
Ep3a9mMbR2K1utVmuszlq4e3PeHpKZAwUti5xXCCCGzT+Kfvif6wpo88qYj7tVLA
ruRr9cHVCzMsVJLk7m7RD2WfHYcf86gSpOmgafPg3njR7p6bfapwqPy3BBIhm+aT
AQyHh0lAK36YPpHxAgMBAAGjggPgMIID3DAfBgNVHSMEGDAWgBQPgGEcgjFh1S8o
541GOLQs4cbZ4jAdBgNVHQ4EFgQUMqP84QijRmKfGS0Gu+9ZqmhCC/IwgYwGA1Ud
EQSBhDCBgYIsbzM2NWF1ZGl0cmVhbHRpbWVpbmdlc3Rpb24ubWFuYWdlLm9mZmlj
ZS5jb22CLioubzM2NWF1ZGl0cmVhbHRpbWVpbmdlc3Rpb24ubWFuYWdlLm9mZmlj
ZS5jb22CISouaml0cmRwLnByb2QuYXVkaXRpbmcub2ZmaWNlLm5ldDA+BgNVHSAE
NzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRpZ2ljZXJ0
LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vY3JsMy5kaWdpY2Vy
dC5jb20vRGlnaWNlcnRTSEEyU2VjdXJlU2VydmVyQ0EtMS5jcmwwP6A9oDuGOWh0
dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpY2VydFNIQTJTZWN1cmVTZXJ2ZXJD
QS0xLmNybDB+BggrBgEFBQcBAQRyMHAwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw
LmRpZ2ljZXJ0LmNvbTBIBggrBgEFBQcwAoY8aHR0cDovL2NhY2VydHMuZGlnaWNl
cnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLTIuY3J0MAwGA1UdEwEB
/wQCMAAwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgBZgB2AE51oydcmhDDOFts1N8/
Uusd8OCOG41pwLH6ZLFimjnfAAABjenKrjsAAAQDAEcwRQIhALy63K2k1S1OqwEP
4Fa5zWy8Gdvhs1+WUtJ0qYt+Kf6fAiBToLnQvKhdE5u6nt0gCS1hNAWCsrxG/dY0
WiUAAZKG7QB1AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABjenK
rnMAAAQDAEYwRAIgbgEi8JunkT8caWJDgSEE1edb/bMXcc2MEzI/h2EZGtQCIDzX
bt+Bj0kCyzwScC9MAyDwoxGQguqzcuyuRXOa2NqgAHUA5tIxY0B3jMEQQQbXcbnO
wdJA9paEhvu6hzId/R43jlAAAAGN6cqunAAABAMARjBEAiA4/vBXNrzQ3GsnaCUP
5dVgUm1ox5TsbVtJMT+GtodiywIgMQOEDhC4cORCIWpAlX7U+NFcdiW1Uz4P3yN1
sgjS+FgwDQYJKoZIhvcNAQELBQADggEBANdWNIthlohj6dXBXYRo2X7NuHY0G2MO
G4sOqiJmEwacx8SbKt++xxtc2T4K5pUwPJFR6n6nt2I5zCA0xCJXZGt4CCjwyWs0
FLXXbsee3IAYSyh02vmAD1l1p17ambaB2CypKG6nXhkU4Zsen+u6olWg4pJckv6j
BmP39ApZ3seQMizvAHJbPjy4CZexKrU2UU9BssEwCTHS2MYQh2avTXP3MC1kQHle
Pqk7DfZ9Ez8jPks+bSDPZ5pIy5jBv9+KttaihgckkHhMPMl2HUtjsz/+/5Contek
CtDVo/tjZEs5wbT2F8POHRCT0UN49nCYvZLDrGVmcTnlwC2zXMQD8r8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49E5HvlKKLdMYmOffYNJ
9HHG/9TuBAECVk7LDoNVS+Aq8rtW2aQjklCxjmHTWSeJD7zGTsjdFNQ29og/zNL4
2YJrKXFUJa0Jcypqa8IiwpCEsNc7MV4j5Xzi3J/jpaJxbZXuA/Cj2yBeo6AdxwiS
SFqoilsTAkFECk3bf5CpDTy77GxXb76xf9eyQtNJccc2+Z2SARKd2vZjG0ditbrV
ZrrM5auHtz3h6SmQMFLYucVwgghs0/in74n+sKaPPKmI+7VSwK7ka/XB1QszLFSS
5O5u0Q9lnx2HH/OoEqTpoGnz4N540e6em32qcKj8twQSIZvmkwEMh4dJQCt+mD6R
8QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20994992324631068057765173568529496211
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'o365auditrealtimeingestion.manage.office.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28759266997406865844443180933878269741884253252069582472985373232378255311651735335564761781534647863514949362434991523724644580316223147472216592089346728240378495414518495509951833768370974440339990065026007218123564710064353623706383176771328138675545331133964015064390041363372927316834655470365513336191714877442476996939871781586536707304265461712179941072429257629415943858308988369912724198838677639918098923321926791160843132149232106666829195003928348559309526150703136469540142712753845427807163670344884934446710434955661576918585237712029419798994534285932254736199198622362786846185939293678270993568241
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 0f80611c823161d52f28e78d4638b42ce1c6d9e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							32a3fce108a346629f192d06bbef59aa68420bf2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (132 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'o365auditrealtimeingestion.manage.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.o365auditrealtimeingestion.manage.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jitrdp.prod.auditing.office.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigicertSHA2SecureServerCA-1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigicertSHA2SecureServerCA-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (114 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2SecureServerCA-2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							01660076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018de9caae3b0000040300473045022100bcbadcada4d52d4eab010fe056b9cd6cbc19dbe1b35f9652d274a98b7e29fe9f022053a0b9d0bca85d139bba9edd20092d61340582b2bc46fdd6345a2500019286ed0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018de9caae73000004030046304402206e0122f09ba7913f1c696243812104d5e75bfdb31771cd8c13323f8761191ad402203cd76edf818f4902cb3c12702f4c0320f0a3119082eab372ecae45739ad8daa0007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018de9caae9c0000040300463044022038fef05736bcd0dc6b2768250fe5d560526d68c794ec6d5b49313f86b68762cb02203103840e10b870e442216a40957ed4f8d15c7625b5533e0fdf2375b208d2f858
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00d756348b61968863e9d5c15d8468d97ecdb876341b630e1b8b0eaa226613069cc7c49b2adfbec71b5cd93e0ae695303c9151ea7ea7b76239cc2034c42257646b780828f0c96b3414b5d76ec79edc80184b2874daf9800f5975a75eda99b681d82ca9286ea75e1914e19b1e9febbaa255a0e2925c92fea30663f7f40a59dec790322cef00725b3e3cb80997b12ab536514f41b2c1300931d2d8c6108766af4d73f7302d6440795e3ea93b0df67d133f233e4b3e6d20cf679a48cb98c1bfdf8ab6d6a286072490784c3cc9761d4b63b33ffeff90a89ed7a40ad0d5a3fb63644b39c1b4f617c3ce1d1093d14378f67098bd92c3ac65667139e5c02db35cc403f2bf