esign.svc.cloud.microsoft

- Microsoft Corporation -

Issued by Microsoft Azure RSA TLS Issuing CA 07

About this certificate

This digital certificate with serial number 33:00:12:8e:65:23:3f:71:0a:1b:84:eb:f2:00:00:00:12:8e:65 was issued on by Microsoft Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 33:00:12:8e:65:23:3f:71:0a:1b:84:eb:f2:00:00:00:12:8e:65
Serial Number (int): 1137344319483178651975127046463335255764012645
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: 98:8b:37:13:ab:bc:82:a3:64:d9:57:d3:c7:a4:ca:74:07:7d:09:c6
AuthorityKeyId: ce:15:16:3b:ea:02:a3:a6:6b:da:d9:2b:fd:e5:8c:52:be:7a:50:a8

Fingerprint (sha1): 38:8a:f3:8c:a1:a5:0a:23:4a:83:37:f5:f3:c9:bd:18:f1:bf:46:66
Fingerprint (sha256): 05:83:96:0c:d5:07:e1:4d:ae:83:6b:92:94:60:9c:d6:6f:fb:18:c8:62:3c:de:df:4e:86:9f:83:b5:52:5e:3b

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007.crl

Check the revocation status for certificate esign.svc.cloud.microsoft

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for esign.svc.cloud.microsoft

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

12 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

esign-gateway-lb.prod.odsp-syntex-esign-gateway.westus2-prod.cosmic.office.net
esign.svc.cloud.microsoft

Other certificates including the domain name cloud.microsoft

(limited to 100 certificates)
portal.azure
*.reviewsetservice.ediscovery.svc.cloud.microsoft
augloop.office.com
www.office.com
www.office.com
www.office.com
www.office.com
augloop.office.com
www.office.com
portal.azure
www.office.com
esign.svc.cloud.microsoft
msit.neu.pubsub.mb.mobile.m365.svc.cloud.microsoft
status.office.com
esign.svc.cloud.microsoft
augloop.office.com
www.office.com
msit.scus.pubsub.mb.mobile.m365.svc.cloud.microsoft
www.office.com
auth.brb.skype.cloud.microsoft
kevlar-ssl.augloop-dogfood.officeppe.com
augloop.office.com
www.office.com
www.office.com
www.office.com
*.brb.skype.cloud.microsoft
www.office.com
officeapps.live.com
sdf.substrate.svc.cloud.microsoft
www.office.com
www.office.com
augloop.office.com
portal.azure
www.office.com
admin.cloud.microsoft
www.office.com
portal.office.com
augloop.office.com
portal.azure
www.office.com
portal.azure
community.dynamics365.com
insights.cloud.microsoft
www.office.com
www.office.com
www.office.com
www.office.com
community.dynamics365.com
esign.svc.cloud.microsoft
www.office.com
status.cloud.microsoft
www.office.com
odc.officeapps.live.com
dogfood.augloop.svc.cloud.microsoft
portal.azure
www.office.com
*.us1.glint.cloud.microsoft
*.eu1.glint.cloud.microsoft
www.office.com
viva.cloud.microsoft
esign.svc.cloud.microsoft
esign.svc.cloud.microsoft
augloop.office.com
substrate.svc.cloud.microsoft
www.office.com
kevlar-ssl.augloop.office.com
forms.cloud.microsoft
logapi.brb.teams.cloud.microsoft
*.yammer.com
www.office.com
augloop.office.com
augloop.office.com
*.graphservice.ediscovery.svc.cloud.microsoft
www.office.com
www.office.com
www.office.com
www.office.com
portal.azure
augloop.office.com
viva.cloud.microsoft
sway.office.com
augloop.office.com
www.office.com
brbportal.brb.teams.cloud.microsoft
portal.azure
substrate.svc.cloud.microsoft
hrd.svc.cloud.microsoft
augloop-dogfood.officeppe.com
www.office.com
augloop-dogfood.officeppe.com
df.learning.cloud.microsoft
www.office.com
www.office.com
msit.sea.messagebroker.mobile.m365.svc.cloud.microsoft
www.office.com
windows.cloud.microsoft
augloop.office.com
www.office.com
esign.svc.cloud.microsoft
www.office.com

Certificate

The complete raw certificate details for esign.svc.cloud.microsoft in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHWjCCBUKgAwIBAgITMwASjmUjP3EKG4Tr8gAAABKOZTANBgkqhkiG9w0BAQwF
ADBdMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MS4wLAYDVQQDEyVNaWNyb3NvZnQgQXp1cmUgUlNBIFRMUyBJc3N1aW5nIENBIDA3
MB4XDTIzMTEyODE2MjUzNloXDTI0MDUyNjE2MjUzNlowcDELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv
ZnQgQ29ycG9yYXRpb24xIjAgBgNVBAMTGWVzaWduLnN2Yy5jbG91ZC5taWNyb3Nv
ZnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTbVK7cEMW6QTO61Bg
DJK53wJ4Asw6Z7YSe8l6qV2dRxkjphR8dTTD/cVdkm+kg6E1sRk5IVMORJpqr0MS
cE7mnrYU6K0/gkqS3A+eT5g5k9jzv/u0Kgbd0Fq6WF37lfTE622mxZ/Q1E4q6ogb
+3Kd8eGdaiQqHciJGnP3OVC8e1E/gD2ouYT4FNpteZyudAYgP7dtFzB9VtJ1pNsJ
l+/F7FyPUZSjQVlIRjCDPfOqIQAYGSzxpQ7ciZW67n5tIt/EpUPYXETNh5Z0oyHi
s5S+63H6mnMwiz2MWsdr2SSZENLskjWJ4btV4KxwtZSjFT1ABa6m7sKj4TKzB7wW
IvIZAgMBAAGjggL+MIIC+jATBgorBgEEAdZ5AgQDAQH/BAIFADAnBgkrBgEEAYI3
FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMDwGCSsGAQQBgjcVBwQvMC0G
JSsGAQQBgjcVCIe91xuB5+tGgoGdLo7QDIfw2h1dgqvnMIft8R8CAWQCAS0wgbQG
CCsGAQUFBwEBBIGnMIGkMHMGCCsGAQUFBzAChmdodHRwOi8vd3d3Lm1pY3Jvc29m
dC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMEF6dXJlJTIwUlNBJTIwVExT
JTIwSXNzdWluZyUyMENBJTIwMDclMjAtJTIweHNpZ24uY3J0MC0GCCsGAQUFBzAB
hiFodHRwOi8vb25lb2NzcC5taWNyb3NvZnQuY29tL29jc3AwHQYDVR0OBBYEFJiL
NxOrvIKjZNlX08ekynQHfQnGMA4GA1UdDwEB/wQEAwIFoDB0BgNVHREEbTBrgk5l
c2lnbi1nYXRld2F5LWxiLnByb2Qub2RzcC1zeW50ZXgtZXNpZ24tZ2F0ZXdheS53
ZXN0dXMyLXByb2QuY29zbWljLm9mZmljZS5uZXSCGWVzaWduLnN2Yy5jbG91ZC5t
aWNyb3NvZnQwDAYDVR0TAQH/BAIwADBqBgNVHR8EYzBhMF+gXaBbhllodHRwOi8v
d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUy
MFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDA3LmNybDBmBgNVHSAEXzBdMFEG
DCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29m
dC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1Ud
IwQYMBaAFM4VFjvqAqOma9rZK/3ljFK+elCoMB0GA1UdJQQWMBQGCCsGAQUFBwMC
BggrBgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAgEADBWU59MW/AG21p/KIOT+Ui/N
dB6I789z/R85yTfr+pdGICQDSuj2hW9OzjyXOE+7WXFtMgq/hXAIaPjhKaJyEuJ3
Z0ICMb9E/S00+Ga8ZWrDp0ygFG5hFvyhq5wCNToVu/vzZUEuOXsg6xs1/uk7Oe27
k7auMXx7tyoxCdSbbTdshfc9arry0BFvFMdbnh9ZMGOi67/kUvpnDb7iOegzIafP
lPX1xEQCN0tKqq0nx9qiF2TOlb8Jmc+NvqmDQz9HIOAMq4QB+Dtbt1+JpUaxoEcV
JCDWTeDmhlpBrrDFHd4XjErh6XSSl/lJDo2gi1HuQgS0aa4uZ/6DKDYZrH/BaIxo
2XPKcfDvqlP77YxedfYZCVElfv5tKsJynEgmaaR4tLyypBXeh0AI5vEd6h5YxKhY
Uc+SXPzd5XnSuD2vCTJIUfL1crSXHbE+GZwhL74WjWSZtfD0SytAiyI9TZ7LFhrN
PWXFeikzQkYnhzrslOq8ZdbkRYeRPAzAqZ5KAvof7XOh02x4oSGu6CcJL/p2GPr3
iwnL6PwtMTwlHJMOHrPftPxgo6Y7keftwHQ4abOZ4UamWXlhBpMn7N4k3onT5Zrc
cax6EL11Ot5sm3ny/Nf3gcvcOSB8EwM5SNR80RiP3K/hCx5hqVmXj1OAKNCzaNo2
re65bfSSw40b9VDxcbI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk21Su3BDFukEzutQYAyS
ud8CeALMOme2EnvJeqldnUcZI6YUfHU0w/3FXZJvpIOhNbEZOSFTDkSaaq9DEnBO
5p62FOitP4JKktwPnk+YOZPY87/7tCoG3dBaulhd+5X0xOttpsWf0NROKuqIG/ty
nfHhnWokKh3IiRpz9zlQvHtRP4A9qLmE+BTabXmcrnQGID+3bRcwfVbSdaTbCZfv
xexcj1GUo0FZSEYwgz3zqiEAGBks8aUO3ImVuu5+bSLfxKVD2FxEzYeWdKMh4rOU
vutx+ppzMIs9jFrHa9kkmRDS7JI1ieG7VeCscLWUoxU9QAWupu7Co+Eyswe8FiLy
GQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137344319483178651975127046463335255764012645
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure RSA TLS Issuing CA 07'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-28 16:25:36 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-26 16:25:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'esign.svc.cloud.microsoft'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18610940095638074832122398987621967576201287783437841597136349935650185905414217222244871838284746862099421255378189848854795171822499520175144515615365275300025119743119237323824282147727853083503656433628940482795211174722265609762719313054361399156078052160355632384304259060488297791931553792375335979119975062318651351970477316333045282176661843979245689968456234520280764046953243286462597594627758643238330922014559598253548527698436107524481779008387547346906973620272609622542399886821994955747728241686758650705748114716036355157708134827456938218115506537988072276701562493841542221624319898357119773241881
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4912048.16480415
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 45
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (167 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							988b3713abbc82a364d957d3c7a4ca74077d09c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (109 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esign-gateway-lb.prod.odsp-syntex-esign-gateway.westus2-prod.cosmic.office.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esign.svc.cloud.microsoft'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ce15163bea02a3a66bdad92bfde58c52be7a50a8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		000c1594e7d316fc01b6d69fca20e4fe522fcd741e88efcf73fd1f39c937ebfa97462024034ae8f6856f4ece3c97384fbb59716d320abf85700868f8e129a27212e27767420231bf44fd2d34f866bc656ac3a74ca0146e6116fca1ab9c02353a15bbfbf365412e397b20eb1b35fee93b39edbb93b6ae317c7bb72a3109d49b6d376c85f73d6abaf2d0116f14c75b9e1f593063a2ebbfe452fa670dbee239e83321a7cf94f5f5c44402374b4aaaad27c7daa21764ce95bf0999cf8dbea983433f4720e00cab8401f83b5bb75f89a546b1a047152420d64de0e6865a41aeb0c51dde178c4ae1e9749297f9490e8da08b51ee4204b469ae2e67fe83283619ac7fc1688c68d973ca71f0efaa53fbed8c5e75f6190951257efe6d2ac2729c482669a478b4bcb2a415de874008e6f11dea1e58c4a85851cf925cfcdde579d2b83daf09324851f2f572b4971db13e199c212fbe168d6499b5f0f44b2b408b223d4d9ecb161acd3d65c57a2933424627873aec94eabc65d6e44587913c0cc0a99e4a02fa1fed73a1d36c78a121aee827092ffa7618faf78b09cbe8fc2d313c251c930e1eb3dfb4fc60a3a63b91e7edc0743869b399e146a6597961069327ecde24de89d3e59adc71ac7a10bd753ade6c9b79f2fcd7f781cbdc39207c13033948d47cd1188fdcafe10b1e61a959978f538028d0b368da36adeeb96df492c38d1bf550f171b2