*.services.smb.dynamics-tie.com
Issued by Microsoft IT TLS CA 2
About this certificate
This digital certificate with serial number 20:00:04:3b:4c:ec:80:ef:f0:77:73:29:69:00:00:00:04:3b:4c was issued on by Microsoft Corporation.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Certificate Subject
CN=*.services.smb.dynamics-tie.com
Microsoft Corporation
Organization:
Microsoft Corporation
Organization unit: Microsoft IT
Organization unit: Microsoft IT
State / Province:
Washington
Locality: Redmond
Country: US
Locality: Redmond
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 20:00:04:3b:4c:ec:80:ef:f0:77:73:29:69:00:00:00:04:3b:4cSerial Number (int): 713625286306310800970567489351303717395381068
Serial Number lenght: 150 bits, 19 octets
SubjectKeyId: 9b:2c:4d:2b:1f:dd:75:01:86:18:ed:41:31:49:e0:c6:59:d5:2a:78
AuthorityKeyId: 91:9e:3b:44:6c:3d:57:9c:42:77:2a:34:d7:4f:d1:cc:4a:97:2c:da
Fingerprint (sha1): 42:03:2c:a7:b8:6b:54:f5:09:b2:63:99:ce:07:f8:34:62:f1:07:30
Fingerprint (sha256): 05:12:ed:5b:f7:d6:c2:42:29:aa:5f:89:b9:18:89:61:7c:88:6d:6f:81:1a:89:c6:d6:ab:39:c0:8c:9f:9b:ed
Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%202.crt
Revocation information
OCSP Server: http://ocsp.msocsp.comCRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%202.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%202.crl
Check the revocation status for certificate *.services.smb.dynamics-tie.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.services.smb.dynamics-tie.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.services.smb.dynamics-tie.com
Other certificates including the domain name dynamics-tie.com
(limited to 100 certificates)
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
cluster.services.dev.smb.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
syncdaemoninternal-aadapp.staging.smb.dynamics-tie.com
cluster.services.staging.smb.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
api.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
extensionmanagementproxy-aadapp.test.smb.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.services.smb.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
cluster.services.dev.smb.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
syncdaemoninternal-aadapp.staging.smb.dynamics-tie.com
cluster.services.staging.smb.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
api.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
extensionmanagementproxy-aadapp.test.smb.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.appservices.staging.businesscentral.dynamics-tie.com
*.services.smb.dynamics-tie.com
Certificate
The complete raw certificate details for *.services.smb.dynamics-tie.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG5TCCBM2gAwIBAgITIAAEO0zsgO/wd3MpaQAAAAQ7TDANBgkqhkiG9w0BAQsF ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDIw HhcNMTgwOTI3MTQxMTM3WhcNMjAwOTI3MTQxMTM3WjAqMSgwJgYDVQQDDB8qLnNl cnZpY2VzLnNtYi5keW5hbWljcy10aWUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEApur2DYNRZdmY8Ais2jZXXvTDwZ4t5Uu15HT6R84Q9RDsKDjI Z7jHPpKEmMLR9zMc3fKD3w718c8M8T4aJqMGDT8k8xqUVeaOwAsV3LMZo/de8q/C vw4CfLgXJC1jrgtm0m6usFIkLVEFRo9Xh2vLCfWOG9JjqjfCcXaa3YXKh9VLpcRH aAHoHvqIXq+8Gfuw1vj6nGj0AcLJfNBLTCDZS2MHQd9FV6/9rHiYHSEj63CkTbzO teq4MsBB+a9XVR1QLOFdIF6Q8g6kIArWli1xrCp40T3huYi35fdDrxtph61qo6hM IsrqliBuY+LHp9NG/5KcIUuB6WdmKVC+lbsdUwIDAQABo4ICoDCCApwwEwYKKwYB BAHWeQIEAwEB/wQCBQAwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAKBggr BgEFBQcDATA+BgkrBgEEAYI3FQcEMTAvBicrBgEEAYI3FQiH2oZ1g+7ZAYLJhRuB tZ5hhfTrYIFdhNLfQoLnk3oCAWQCAR0wgYUGCCsGAQUFBwEBBHkwdzBRBggrBgEF BQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvTWljcm9z b2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDIuY3J0MCIGCCsGAQUFBzABhhZodHRwOi8v b2NzcC5tc29jc3AuY29tMB0GA1UdDgQWBBSbLE0rH911AYYY7UExSeDGWdUqeDAL BgNVHQ8EBAMCBLAwKgYDVR0RBCMwIYIfKi5zZXJ2aWNlcy5zbWIuZHluYW1pY3Mt dGllLmNvbTCBrAYDVR0fBIGkMIGhMIGeoIGboIGYhktodHRwOi8vbXNjcmwubWlj cm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBJVCUyMFRMUyUy MENBJTIwMi5jcmyGSWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3Jw L2NybC9NaWNyb3NvZnQlMjBJVCUyMFRMUyUyMENBJTIwMi5jcmwwTQYDVR0gBEYw RDBCBgkrBgEEAYI3KgEwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3dy5taWNyb3Nv ZnQuY29tL3BraS9tc2NvcnAvY3BzMB8GA1UdIwQYMBaAFJGeO0RsPVecQncqNNdP 0cxKlyzaMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0B AQsFAAOCAgEAggbdSjH0da7ShbVTatodOa4jEnZpyaCa5cXoxpOD9VNpHh/xVJR+ 2W3YvidcwCJtTGuM3wM13o5wajoVhfcK1eMsaSbV3diBgvg7Sry8iV9MY7Zn6pJn vMZSrm9KG9fjSjUTn4satpus0liei2GlbJ6rQ/1uKZlMg9ibHQQmmDMOARWdduS5 xM2JCOI2oZE2h9fs4i9iM6DRmyJpUlw2OXFU9I3kOi0908PokLMSvYyRfTFLEs9r vEThnY8an8xKWVsTYFwU+zHCKExeA4UhRfdFfkUxhfhYh7X2yx3gQE4Hk5SeEPWg qWe5gRtpbI07xjIfIV11OVeakO63XAxa8s4RLHLolLmkVzGrjx6uoTr4e7DnOz3a TLOECJZO5tHPzoaX48OhlZPNasgzS+yVs1TVMpUNu6dhlvoVq+ukBQNOXAyT/wJ6 TenM3XqEgf5jZHYN9k5nzRWz4Eis04Jh1GICL+8i7ItoF3AZ1yzWDPjTNUop0UJN 9Z4CdvNamOqZoW1eX7JoI2UcqLjPOk3sDKKfEBPSzsuzf1wZ9pGHYIVn6mPZnSRI eGqUjwDHjS5gpcZCLgHH47Mjw15TLGReLQ+ZTwh8M/X4SMh0iYBDQoj3LIcrklkq eUVpgAE2ptQfm+5usTXp8QbACYcqGKDI0rpQtflSm1D4mbC3sp5CsJw= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApur2DYNRZdmY8Ais2jZX XvTDwZ4t5Uu15HT6R84Q9RDsKDjIZ7jHPpKEmMLR9zMc3fKD3w718c8M8T4aJqMG DT8k8xqUVeaOwAsV3LMZo/de8q/Cvw4CfLgXJC1jrgtm0m6usFIkLVEFRo9Xh2vL CfWOG9JjqjfCcXaa3YXKh9VLpcRHaAHoHvqIXq+8Gfuw1vj6nGj0AcLJfNBLTCDZ S2MHQd9FV6/9rHiYHSEj63CkTbzOteq4MsBB+a9XVR1QLOFdIF6Q8g6kIArWli1x rCp40T3huYi35fdDrxtph61qo6hMIsrqliBuY+LHp9NG/5KcIUuB6WdmKVC+lbsd UwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 713625286306310800970567489351303717395381068 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT TLS CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-27 14:11:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-27 14:11:37 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.services.smb.dynamics-tie.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21071422282617649932120015536570294417975509425830658597424616459106397211764821010297113192011713072247058820574731844618071880334727846205200413459083959755010832370085066208646687719398464468589162508694794379727588448568973365954752425580507872377183660546653953338419794959204638236827772687329661420558382244591454366355636854983853349430902535535612540251202099283169484184619176093473426923907265693326305227236378765035561662004923637551786720952926865897959756400096412300157616769102553956833408851473840928934632930664424582102350515639571402483231578747907967242031946042014157772293531314609426544663891 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.16155509.8105089.5391003.2969441.12400096.221.9744322.5884410 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%202.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9b2c4d2b1fdd75018618ed413149e0c659d52a78 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.services.smb.dynamics-tie.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (164 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%202.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%202.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 919e3b446c3d579c42772a34d74fd1cc4a972cda . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 008206dd4a31f475aed285b5536ada1d39ae23127669c9a09ae5c5e8c69383f553691e1ff154947ed96dd8be275cc0226d4c6b8cdf0335de8e706a3a1585f70ad5e32c6926d5ddd88182f83b4abcbc895f4c63b667ea9267bcc652ae6f4a1bd7e34a35139f8b1ab69bacd2589e8b61a56c9eab43fd6e29994c83d89b1d042698330e01159d76e4b9c4cd8908e236a1913687d7ece22f6233a0d19b2269525c36397154f48de43a2d3dd3c3e890b312bd8c917d314b12cf6bbc44e19d8f1a9fcc4a595b13605c14fb31c2284c5e03852145f7457e453185f85887b5f6cb1de0404e0793949e10f5a0a967b9811b696c8d3bc6321f215d7539579a90eeb75c0c5af2ce112c72e894b9a45731ab8f1eaea13af87bb0e73b3dda4cb38408964ee6d1cfce8697e3c3a19593cd6ac8334bec95b354d532950dbba76196fa15abeba405034e5c0c93ff027a4de9ccdd7a8481fe6364760df64e67cd15b3e048acd38261d462022fef22ec8b68177019d72cd60cf8d3354a29d1424df59e0276f35a98ea99a16d5e5fb26823651ca8b8cf3a4dec0ca29f1013d2cecbb37f5c19f69187608567ea63d99d2448786a948f00c78d2e60a5c6422e01c7e3b323c35e532c645e2d0f994f087c33f5f848c8748980434288f72c872b92592a794569800136a6d41f9bee6eb135e9f106c009872a18a0c8d2ba50b5f9529b50f899b0b7b29e42b09c