cdn.forms.office.net

- Microsoft Corporation -

Issued by Microsoft RSA TLS CA 01

About this certificate

This digital certificate with serial number 12:00:1a:25:ad:13:b3:a3:bc:50:4f:55:63:00:00:00:1a:25:ad was issued on by Microsoft Corporation.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 12:00:1a:25:ad:13:b3:a3:bc:50:4f:55:63:00:00:00:1a:25:ad
Serial Number (int): 401422310995193959813378796609554468126205357
Serial Number lenght: 149 bits, 19 octets

SubjectKeyId: d9:52:ee:ea:0e:41:3c:fc:91:c7:60:31:ae:8c:97:66:a1:38:4e:f4
AuthorityKeyId: b5:76:0c:30:11:ce:c7:92:42:4d:4c:c7:5c:2c:c8:a9:0c:e8:0b:64

Fingerprint (sha1): 25:0f:32:89:3a:40:3d:8f:57:f6:7b:56:d5:b5:05:a7:24:d9:d3:0c
Fingerprint (sha256): 04:d7:c7:f4:c8:8c:ab:07:e1:16:77:90:8d:c7:83:1d:d1:2e:e5:3e:f4:2e:01:22:17:26:18:da:a8:60:a1:d9

Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/Microsoft%20RSA%20TLS%20CA%2001.crt

Revocation information

OCSP Server: http://ocsp.msocsp.com
CRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2001.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2001.crl

Check the revocation status for certificate cdn.forms.office.net

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cdn.forms.office.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

11 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cdn.forms.office.net
*.forms.officeppe.com
*.forms.office.com
*.forms.office-int.com
*.forms.microsoft.com

Other certificates including the domain name office.net

(limited to 100 certificates)
pavo.keyvault.office.net
prv.config.office.net
otcms.osi.office.net
displaycatalog.templatesproxy.office.net
prv.config.office.net
securitysignalsapi-slice.office.net
statics.teams.cdn.office.net
outlook.com
odc.officeapps.live.com
o365auditrealtimeingestion.manage.office.com
diagnosticsportal.outlook.com
test.office.net
domaincontrollerclient.prod.torus.office.net
api.businesscentral.dynamics.com
support.office.net
testsslcert.office.net
griffinazureicmcert.office.net
videoplayer.osi.office.net
kasmgmtportal.osi.office.net
testrpscert.office.net
bookings.outlookapps.com
www.bing.com
c2r.ts.cdn.office.net
manage.officeppe.com
store.office.com
prv.config.office.net
mars-adls-mt-aus.office.net
prv.config.office.net
test.office.net
outlook.com
*.content.office.net
setup.office.com
agave.myanalytics.cdn.office.net
nl.osi.office.net
uci.edog.officeapps.live.com
outlook.com
shredder.osi.office.net
test.office.net
tasman.osi.office.net
sfcluster.apc.complianceposturemanagement.office.net
support.officeppe.com
prv.config.office.net
testdataencryptioncert.office.net
outlook.live.com
support.office.com
macommunication.geneva.keyvault.fullvalue.omex.office.net
galo.checkin.partner.office.net
sway-to-sds-replication.office.net
prv.config.office.net
config.office.com
outlook.com
wevedata.office.net
ocws.officeapps.live.com
testicmcertyiqwan.office.net
mars-encryptionmaster-mt-gov.office.net
o365auditrealtimeingestion.manage.office.com
outlook.com
partners.portal.office.net
cdn.forms.office.net
verification.omex.office.net
macommunication.geneva.keyvault.fullvalue.omex.office.net
hybridDMS.office.net
comments-ppe.office.net
bcws-client.office.net
esign.svc.cloud.microsoft
outlook.com
outlook.com
prv.config.office.net
partners.portal.office.net
cluster.osp.office.net
signalStore-client.office.net
gcp.comments.office.net
outlook.com
www.bing.com
outlook.com
support.officeppe.com
invites.office.com
outlook.com
outlook.com
uci.edog.officeapps.live.com
eop.pavcservice.office.net
mars-tokenservice-datawriterclient-mt-aus.office.net
outlook.com
cdn.uci.officeapps.live.com
outlook.com
sfcluster.kor.unifiedfeedback.office.net
substratecerttext.office.net
wac-icmppe.s2s.office.net
westus-ingress.ic3-swat-test.office.net
pavo.monitoring.geneva.office.net
Outlook.office.com
outlook.com
griffinazureev2extension.test.office.net
protectionservice.osi.office.net
prd.bmc.cdn.office.net
config.office.com
nleditor.osi.office.net
checkout.office.com
commerceapi.office.net
outlook.com

Certificate

The complete raw certificate details for cdn.forms.office.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIItzCCBp+gAwIBAgITEgAaJa0Ts6O8UE9VYwAAABolrTANBgkqhkiG9w0BAQsF
ADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MSAwHgYDVQQDExdNaWNyb3NvZnQgUlNBIFRMUyBDQSAwMTAeFw0yMTEwMTIxODAw
MzNaFw0yMjEwMTIxODAwMzNaMGsxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJXQTEQ
MA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MR0wGwYDVQQDExRjZG4uZm9ybXMub2ZmaWNlLm5ldDCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAOBf9tsTPvSzxSgFThONl6Oioflkxt84xu35w//w/hNT
o3MM46rI+U0jwejQY9rWWgUpqvhCYeUEy5SQO6U1QzxoZOa8MycsJqWuwG/37jam
z1NYBJ2C5eZl8ORyvOcXZ/40IUlwNL/27ESSrojh9QlVJr2pNHc5n29GV0lfH/Hb
U3OHTKSL4A2LpjVEghKDaHYIKI3ysqiA5MZMvHUJui/DB7CaWe2w/Z1gMdtxwJKG
r+DKI4iM0bt0ILH665xjzJRnud38SGEtSxh8Xhh21/oF6varK58KIQ4fllAD+RaQ
/PHFIjeLZxsLaRbXm4uBBsUH23wAAH70Colfd4LBl4kCAwEAAaOCBG4wggRqMIIB
fgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgApeb7wnjk5IfBWc59jpXflvld9nGAK
+PlNXSZcJV3HhAAAAXx1swF2AAAEAwBHMEUCIQCc6PtvuLyefdwqVC1ViQiGGn77
rIQO8bQXetztkUSRYAIge11Ba5NGgUqsoUBHvFg/diR1rKdP1Mh1mMpANcKSouIA
dgBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXx1sv/mAAAEAwBH
MEUCIQD49Hz4ZLTcAIF52pKiJ7AKwPAIMTpcEaeMu/Ta2ZlkqgIgMX8D3mRgkmjr
++8smbuS0FvJnOYNuMRsa8JmnpI/sp0AdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79
SbiFq/L8cP5tRwAAAXx1sv/JAAAEAwBHMEUCIQClgcYGMh8VTaoX/tbh9SsEmyQI
NLCmRJomBZs9wf/RDQIgdjEWVIQ27pyepsZsc1gF32ZbJT7SYJFoTl0sO5qQ9Wsw
JwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAKBggrBgEFBQcDATA9BgkrBgEE
AYI3FQcEMDAuBiYrBgEEAYI3FQiH2oZ1g+7ZAYLJhRuBtZ5hhfTrYIFdufgQhpHQ
eAIBZAIBJTCBhwYIKwYBBQUHAQEEezB5MFMGCCsGAQUFBzAChkdodHRwOi8vd3d3
Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMl
MjBDQSUyMDAxLmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNv
bTAdBgNVHQ4EFgQU2VLu6g5BPPyRx2AxroyXZqE4TvQwDgYDVR0PAQH/BAQDAgSw
MHkGA1UdEQRyMHCCFGNkbi5mb3Jtcy5vZmZpY2UubmV0ghUqLmZvcm1zLm9mZmlj
ZXBwZS5jb22CEiouZm9ybXMub2ZmaWNlLmNvbYIWKi5mb3Jtcy5vZmZpY2UtaW50
LmNvbYIVKi5mb3Jtcy5taWNyb3NvZnQuY29tMIGwBgNVHR8EgagwgaUwgaKggZ+g
gZyGTWh0dHA6Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01p
Y3Jvc29mdCUyMFJTQSUyMFRMUyUyMENBJTIwMDEuY3JshktodHRwOi8vY3JsLm1p
Y3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwUlNBJTIwVExT
JTIwQ0ElMjAwMS5jcmwwVwYDVR0gBFAwTjBCBgkrBgEEAYI3KgEwNTAzBggrBgEF
BQcCARYnaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3BzMAgG
BmeBDAECAjAfBgNVHSMEGDAWgBS1dgwwEc7HkkJNTMdcLMipDOgLZDAdBgNVHSUE
FjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggIBADxAdMwZ
Qxrdeiy47JWixeGhDXgUi7+Ev1EOh6BopcDqkjd/ow6XthExmlD27SXKd/maFkfw
QIpd2OHkaWXjnMa5py18eSNphADQBvBuk/QjjZqiJrAhmRBSsz68uiK+X69ykdfB
Gwah4Lt0ATxSPQI9ZR/K/7JjUblVFHOfjINCFH0hIboHwNaqd3x0r2i9YO7TwJiF
bt9OhqVT26fepaJmA+mDWnbPkjaa3IN/KUZOqnMTtq3zmyYtVRPUQijCXX2Xx1iV
dkgAxql54bXsPzsQ9LpghzqtgsgX5rlfACnK2INKBZ6CTdkf9qQXt15v2bczOgbJ
A6r64//DR/ObgxOcEa84FxeuEyPzJkRSbkRsdzFMo7OPIfHlJ4audnDhLxOIbAhE
cuOsGfzEvwjL3TIXMw5rPIzvD6gxfCmUQUzFTyrVl5XDK89BwLiMGRawIZ7qGO1S
4vInGwvHdHHwMRHgXbZsmCcxnAXTiuWSFFCKsBPzl9cCCihiWqWGmi1sZt8X9dmA
ZEuacvoSBr62mHG1Vi6bCfWJXF8HhyOonjos/teL5KFzxg3iX9V5hzykfVmyqWSE
LiSDOR9NIbiGZ3QAqd2yjO+ZXU/eN/hzPZcywljhOQ8XL7a/dUYsWT4MhsWiOxPM
jSPGEwq9dcp4/4iVTY5rQpjP7f7wB91gX3Pq
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4F/22xM+9LPFKAVOE42X
o6Kh+WTG3zjG7fnD//D+E1Ojcwzjqsj5TSPB6NBj2tZaBSmq+EJh5QTLlJA7pTVD
PGhk5rwzJywmpa7Ab/fuNqbPU1gEnYLl5mXw5HK85xdn/jQhSXA0v/bsRJKuiOH1
CVUmvak0dzmfb0ZXSV8f8dtTc4dMpIvgDYumNUSCEoNodggojfKyqIDkxky8dQm6
L8MHsJpZ7bD9nWAx23HAkoav4MojiIzRu3QgsfrrnGPMlGe53fxIYS1LGHxeGHbX
+gXq9qsrnwohDh+WUAP5FpD88cUiN4tnGwtpFtebi4EGxQfbfAAAfvQKiV93gsGX
iQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 401422310995193959813378796609554468126205357
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft RSA TLS CA 01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-12 18:00:33 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-12 18:00:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cdn.forms.office.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28324702062729673528077220696887776389839719073723589426257619629939867238769095775322732501431789991146505610356193537178123751688863159942936975219857310093721784442822559857325491885911836575606715883271378096758969449600013859469239562505046097887474452762314946802189461832271230289355216104897072593634585617108145264887357679843196515460193099809001127480295386989985998034873279502488187014925541265042873417590363785938310828977809264606399658852418136209444958556966647045598221310296276532644719271875410224156904380324842946609913480139299919206677840867391749317653467240364512908684300559218719810754441
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680076002979bef09e393921f056739f63a577e5be577d9c600af8f94d5d265c255dc7840000017c75b3017600000403004730450221009ce8fb6fb8bc9e7ddc2a542d558908861a7efbac840ef1b4177adced9144916002207b5d416b9346814aaca14047bc583f762475aca74fd4c87598ca4035c292a2e200760041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017c75b2ffe60000040300473045022100f8f47cf864b4dc008179da92a227b00ac0f008313a5c11a78cbbf4dad99964aa0220317f03de64609268ebfbef2c99bb92d05bc99ce60db8c46c6bc2669e923fb29d00760046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d470000017c75b2ffc90000040300473045022100a581c606321f154daa17fed6e1f52b049b240834b0a6449a26059b3dc1ffd10d0220763116548436ee9c9ea6c66c735805df665b253ed26091684e5d2c3b9a90f56b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.16155509.8105089.5391003.2969441.12400096.221.949264.12871800
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 37
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/Microsoft%20RSA%20TLS%20CA%2001.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d952eeea0e413cfc91c76031ae8c9766a1384ef4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (114 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.forms.office.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.forms.officeppe.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.forms.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.forms.office-int.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.forms.microsoft.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (168 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2001.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2001.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b5760c3011cec792424d4cc75c2cc8a90ce80b64
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		003c4074cc19431add7a2cb8ec95a2c5e1a10d78148bbf84bf510e87a068a5c0ea92377fa30e97b611319a50f6ed25ca77f99a1647f0408a5dd8e1e46965e39cc6b9a72d7c7923698400d006f06e93f4238d9aa226b021991052b33ebcba22be5faf7291d7c11b06a1e0bb74013c523d023d651fcaffb26351b95514739f8c8342147d2121ba07c0d6aa777c74af68bd60eed3c098856edf4e86a553dba7dea5a26603e9835a76cf92369adc837f29464eaa7313b6adf39b262d5513d44228c25d7d97c75895764800c6a979e1b5ec3f3b10f4ba60873aad82c817e6b95f0029cad8834a059e824dd91ff6a417b75e6fd9b7333a06c903aafae3ffc347f39b83139c11af381717ae1323f32644526e446c77314ca3b38f21f1e52786ae7670e12f13886c084472e3ac19fcc4bf08cbdd3217330e6b3c8cef0fa8317c2994414cc54f2ad59795c32bcf41c0b88c1916b0219eea18ed52e2f2271b0bc77471f03111e05db66c9827319c05d38ae59214508ab013f397d7020a28625aa5869a2d6c66df17f5d980644b9a72fa1206beb69871b5562e9b09f5895c5f078723a89e3a2cfed78be4a173c60de25fd579873ca47d59b2a964842e2483391f4d21b886677400a9ddb28cef995d4fde37f8733d9732c258e1390f172fb6bf75462c593e0c86c5a23b13cc8d23c6130abd75ca78ff88954d8e6b4298cfedfef007dd605f73ea