prd.bmc.cdn.office.net
- Microsoft Corporation -
Issued by Microsoft Azure TLS Issuing CA 02
About this certificate
This digital certificate with serial number 33:00:82:e6:dc:e2:54:1d:b6:0f:33:0a:6f:00:00:00:82:e6:dc was issued on by Microsoft Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Microsoft Corporation
Organization:
Microsoft Corporation
State / Province:
WA
Locality: Redmond
Country: US
Locality: Redmond
Country: US
Microsoft Corporation
Organization:
Microsoft Corporation
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 33:00:82:e6:dc:e2:54:1d:b6:0f:33:0a:6f:00:00:00:82:e6:dcSerial Number (int): 1137382548702096330558122753498415529545885404
Serial Number lenght: 150 bits, 19 octets
SubjectKeyId: d7:cc:9f:23:5c:9d:1a:56:3d:a4:4e:b6:91:cc:19:3a:11:93:ca:9d
AuthorityKeyId: 00:ab:91:fc:21:62:26:97:9a:a8:79:1b:61:41:90:60:a9:62:67:fd
Fingerprint (sha1): 9e:70:2e:12:f2:e8:48:c2:e3:90:6e:c1:05:5e:f2:c3:cd:e1:05:e3
Fingerprint (sha256): 08:45:27:fc:c3:81:22:cc:7f:c3:0f:ee:bf:dd:e5:a9:47:96:97:0b:3a:1c:49:49:9c:a3:cd:93:c5:c8:42:3f
Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-%20xsign.crt
Revocation information
OCSP Server: http://oneocsp.microsoft.com/ocspCRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2002.crl
Check the revocation status for certificate prd.bmc.cdn.office.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for prd.bmc.cdn.office.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
12 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
prd.bmc.cdn.office.net
*.prd.bmc.cdn.office.net
*.prd.bmc.cdn.office.net
Other certificates including the domain name office.net
(limited to 100 certificates)
pavo.keyvault.office.net
prv.config.office.net
otcms.osi.office.net
displaycatalog.templatesproxy.office.net
prv.config.office.net
securitysignalsapi-slice.office.net
statics.teams.cdn.office.net
outlook.com
odc.officeapps.live.com
o365auditrealtimeingestion.manage.office.com
diagnosticsportal.outlook.com
test.office.net
domaincontrollerclient.prod.torus.office.net
api.businesscentral.dynamics.com
support.office.net
testsslcert.office.net
griffinazureicmcert.office.net
videoplayer.osi.office.net
kasmgmtportal.osi.office.net
testrpscert.office.net
bookings.outlookapps.com
www.bing.com
c2r.ts.cdn.office.net
manage.officeppe.com
store.office.com
prv.config.office.net
mars-adls-mt-aus.office.net
prv.config.office.net
test.office.net
outlook.com
*.content.office.net
setup.office.com
agave.myanalytics.cdn.office.net
cws-escalation.office.net
nl.osi.office.net
uci.edog.officeapps.live.com
outlook.com
shredder.osi.office.net
test.office.net
tasman.osi.office.net
sfcluster.apc.complianceposturemanagement.office.net
support.officeppe.com
prv.config.office.net
testdataencryptioncert.office.net
outlook.live.com
support.office.com
macommunication.geneva.keyvault.fullvalue.omex.office.net
test-s01-800-nam-westus.substrate.cosmic-int.office.net
galo.checkin.partner.office.net
sway-to-sds-replication.office.net
prv.config.office.net
config.office.com
outlook.com
wevedata.office.net
ocws.officeapps.live.com
testicmcertyiqwan.office.net
mars-encryptionmaster-mt-gov.office.net
o365auditrealtimeingestion.manage.office.com
outlook.com
partners.portal.office.net
cdn.forms.office.net
verification.omex.office.net
macommunication.geneva.keyvault.fullvalue.omex.office.net
hybridDMS.office.net
comments-ppe.office.net
test-s01-800-nam-westus.substrate.cosmic-int.office.net
bcws-client.office.net
esign.svc.cloud.microsoft
outlook.com
outlook.com
prv.config.office.net
partners.portal.office.net
cluster.osp.office.net
signalStore-client.office.net
gcp.comments.office.net
outlook.com
www.bing.com
outlook.com
support.officeppe.com
invites.office.com
www.bing.com
outlook.com
outlook.com
uci.edog.officeapps.live.com
test-s01-800-nam-westus.substrate.cosmic-int.office.net
eop.pavcservice.office.net
mars-tokenservice-datawriterclient-mt-aus.office.net
test-s01-800-nam-westus.substrate.cosmic-int.office.net
outlook.com
cdn.uci.officeapps.live.com
outlook.com
sfcluster.kor.unifiedfeedback.office.net
substratecerttext.office.net
wac-icmppe.s2s.office.net
westus-ingress.ic3-swat-test.office.net
pavo.monitoring.geneva.office.net
Outlook.office.com
test-s01-800-nam-westus.substrate.cosmic-int.office.net
outlook.com
griffinazureev2extension.test.office.net
prv.config.office.net
otcms.osi.office.net
displaycatalog.templatesproxy.office.net
prv.config.office.net
securitysignalsapi-slice.office.net
statics.teams.cdn.office.net
outlook.com
odc.officeapps.live.com
o365auditrealtimeingestion.manage.office.com
diagnosticsportal.outlook.com
test.office.net
domaincontrollerclient.prod.torus.office.net
api.businesscentral.dynamics.com
support.office.net
testsslcert.office.net
griffinazureicmcert.office.net
videoplayer.osi.office.net
kasmgmtportal.osi.office.net
testrpscert.office.net
bookings.outlookapps.com
www.bing.com
c2r.ts.cdn.office.net
manage.officeppe.com
store.office.com
prv.config.office.net
mars-adls-mt-aus.office.net
prv.config.office.net
test.office.net
outlook.com
*.content.office.net
setup.office.com
agave.myanalytics.cdn.office.net
cws-escalation.office.net
nl.osi.office.net
uci.edog.officeapps.live.com
outlook.com
shredder.osi.office.net
test.office.net
tasman.osi.office.net
sfcluster.apc.complianceposturemanagement.office.net
support.officeppe.com
prv.config.office.net
testdataencryptioncert.office.net
outlook.live.com
support.office.com
macommunication.geneva.keyvault.fullvalue.omex.office.net
test-s01-800-nam-westus.substrate.cosmic-int.office.net
galo.checkin.partner.office.net
sway-to-sds-replication.office.net
prv.config.office.net
config.office.com
outlook.com
wevedata.office.net
ocws.officeapps.live.com
testicmcertyiqwan.office.net
mars-encryptionmaster-mt-gov.office.net
o365auditrealtimeingestion.manage.office.com
outlook.com
partners.portal.office.net
cdn.forms.office.net
verification.omex.office.net
macommunication.geneva.keyvault.fullvalue.omex.office.net
hybridDMS.office.net
comments-ppe.office.net
test-s01-800-nam-westus.substrate.cosmic-int.office.net
bcws-client.office.net
esign.svc.cloud.microsoft
outlook.com
outlook.com
prv.config.office.net
partners.portal.office.net
cluster.osp.office.net
signalStore-client.office.net
gcp.comments.office.net
outlook.com
www.bing.com
outlook.com
support.officeppe.com
invites.office.com
www.bing.com
outlook.com
outlook.com
uci.edog.officeapps.live.com
test-s01-800-nam-westus.substrate.cosmic-int.office.net
eop.pavcservice.office.net
mars-tokenservice-datawriterclient-mt-aus.office.net
test-s01-800-nam-westus.substrate.cosmic-int.office.net
outlook.com
cdn.uci.officeapps.live.com
outlook.com
sfcluster.kor.unifiedfeedback.office.net
substratecerttext.office.net
wac-icmppe.s2s.office.net
westus-ingress.ic3-swat-test.office.net
pavo.monitoring.geneva.office.net
Outlook.office.com
test-s01-800-nam-westus.substrate.cosmic-int.office.net
outlook.com
griffinazureev2extension.test.office.net
Certificate
The complete raw certificate details for prd.bmc.cdn.office.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIezCCBmOgAwIBAgITMwCC5tziVB22DzMKbwAAAILm3DANBgkqhkiG9w0BAQwF ADBZMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u MSowKAYDVQQDEyFNaWNyb3NvZnQgQXp1cmUgVExTIElzc3VpbmcgQ0EgMDIwHhcN MjMwMTA0MDMzMjAwWhcNMjMxMjMwMDMzMjAwWjBtMQswCQYDVQQGEwJVUzELMAkG A1UECBMCV0ExEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD b3Jwb3JhdGlvbjEfMB0GA1UEAxMWcHJkLmJtYy5jZG4ub2ZmaWNlLm5ldDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK9DvPOb501olXa5+tsTlar0j4s/ 9enWAK+FkxTeUQhAYFGeHG8IA2U+TgXhnbOkbgPrZLX/bOSVPUhwI3QotKxvZH0d EpxVdRsKGGhcNCJKKtk6Rsb8l/swn4knFCQUb03vEAgeibflRU5ORXwgQY8D6L6+ faExW0tqwnr0IKMjlASVDEj57gV8iX9yU3tXonrjsmvtFTLXXjAO5SUvUf304Lbr RS3y5FO3tWg3nA8P+j9wj/skelEQW9EhMKKSTqn8zfKsQ6t5x5S1x8owq6Vm3te6 thWIZkEWlRxreR/zwglm2XdMTORJiE0rmBu9xX0dbX+aU4oHUmP46ZgNW5kCAwEA AaOCBCYwggQiMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgDoPtDaPvUGNTLn Vyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYV63yiTAAAEAwBHMEUCIEVrbsw2+XQF 8z/zzEl3AZpCw4g+zs2xghp19QD1JVy7AiEA7U7i3pUYD9+ktPIaX8ao4d8RIoJe 6EQd8mwwaL36bw4AdQCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAA AYV63ykjAAAEAwBGMEQCIH2AGRvY39CzsIK/30Rngy4j2q4SjFFePRogCv8Ngf/c AiB4/l/TGCkdgaiIy2a8YrsCDoSnPT+7ZqEvhe0TKGb7zgB3AHoyjFTYty22IOo4 4FIe6YQWcDIThU070ivBOlejUutSAAABhXrfKMAAAAQDAEgwRgIhAKKweIZdhcLM P6GneDz34QtB8nfidAF41Vko44l256rPAiEA+Y9DctF4bxftYIOVPfuHtrIY8LvE nrbutvndTtQ0J5QwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAKBggrBgEF BQcDATA8BgkrBgEEAYI3FQcELzAtBiUrBgEEAYI3FQiHvdcbgefrRoKBnS6O0AyH 8NodXYKE5WmC86c+AgFkAgElMIGuBggrBgEFBQcBAQSBoTCBnjBtBggrBgEFBQcw AoZhaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNyb3Nv ZnQlMjBBenVyZSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDAyJTIwLSUyMHhzaWdu LmNydDAtBggrBgEFBQcwAYYhaHR0cDovL29uZW9jc3AubWljcm9zb2Z0LmNvbS9v Y3NwMB0GA1UdDgQWBBTXzJ8jXJ0aVj2kTraRzBk6EZPKnTAOBgNVHQ8BAf8EBAMC BLAwOwYDVR0RBDQwMoIWcHJkLmJtYy5jZG4ub2ZmaWNlLm5ldIIYKi5wcmQuYm1j LmNkbi5vZmZpY2UubmV0MAwGA1UdEwEB/wQCMAAwZAYDVR0fBF0wWzBZoFegVYZT aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIw QXp1cmUlMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwMi5jcmwwZgYDVR0gBF8wXTBR BgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3Nv ZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMAgGBmeBDAECAjAfBgNV HSMEGDAWgBQAq5H8IWIml5qoeRthQZBgqWJn/TAdBgNVHSUEFjAUBggrBgEFBQcD AgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEMBQADggIBAJ5YNNopOORxddpoUnjLSdJv oRluyrB334GYlg7BmrxggRKfflzd5pYRy4jVbtuSqrQJYucVf+46mZWL7Pnvo2HO WfbEHtZP6wbEaf0r6DcZCdHhgMSZHZA6EuqiOxe7FCjuAZIDszRuZAb1ri11m1yl FT4gyGgFGcFKDwW5BQ2gagQabxzdRXO/zjFl5e2aaJn7tF143c+b7rD6AVL3UTpe k9ZYb5o+aIPylIZiPdyiDMxZTX7/RZ800s0w2jBYAKSFh0lxAz4SRqoWsJDraruu t66F61F0ArkoS7Vecju4bj7L9FPIBgHSNygHu3zK6vKbyvCyCvUQgnY4njKrli+d w/g72jxEZLBxz863N12C+yEB+/xrj70O7Z/cGKzYERSilXbIVjEfu+MLrojc6t3z M7EJNhVX7m69QnhfgmZePYUVD/L8Uxj0VSE2BmpTx+VhhfdVfaq4cKe1MVJcGN3A zNlVQ7MmecNQJSLwkFZEQXTP1V7kGnUlj1fEy6BbmTMZ6BrL0JEJmYPT3QH9Gn9Q vfZrYTGXz3gqjmBOEDVPgDOHz4N8j6tp7/6f5F8AD8uRn6QJc9l3DfScO4nqE/6F V/Ludwgknm/NgPhabGCoRNCH68W7ifaF4mVJNcWl0P+NhI8zshqXv1z6MdVWla67 +VdU7ggE3l0/Xw64CMYV -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0O885vnTWiVdrn62xOV qvSPiz/16dYAr4WTFN5RCEBgUZ4cbwgDZT5OBeGds6RuA+tktf9s5JU9SHAjdCi0 rG9kfR0SnFV1GwoYaFw0Ikoq2TpGxvyX+zCfiScUJBRvTe8QCB6Jt+VFTk5FfCBB jwPovr59oTFbS2rCevQgoyOUBJUMSPnuBXyJf3JTe1eieuOya+0VMtdeMA7lJS9R /fTgtutFLfLkU7e1aDecDw/6P3CP+yR6URBb0SEwopJOqfzN8qxDq3nHlLXHyjCr pWbe17q2FYhmQRaVHGt5H/PCCWbZd0xM5EmITSuYG73FfR1tf5pTigdSY/jpmA1b mQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1137382548702096330558122753498415529545885404 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure TLS Issuing CA 02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-04 03:32:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-30 03:32:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'prd.bmc.cdn.office.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22125106267256451463592934027769292979377333467715539825170166014497794130994902095926686863043777351495232779273457338478271721642141269161884824735362432821767188297787959999196982075567398218541678484252119848807925149870709301549942696959210720704679279588319846892426052399469196141963139523102776419196576030566721238896980038241722673205116033472790385493150274544809939968130065007612938652720443729662836241779981582645720046777442181548559336497016929010942605157711145927793913278551931362325254397364567210375772080277353700797191491233812303327984796404441079817144422408016731428257353336069455526845337 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001857adf289300000403004730450220456b6ecc36f97405f33ff3cc4977019a42c3883ececdb1821a75f500f5255cbb022100ed4ee2de95180fdfa4b4f21a5fc6a8e1df1122825ee8441df26c3068bdfa6f0e007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001857adf2923000004030046304402207d80191bd8dfd0b3b082bfdf4467832e23daae128c515e3d1a200aff0d81ffdc022078fe5fd318291d81a888cb66bc62bb020e84a73d3fbb66a12f85ed132866fbce0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001857adf28c00000040300483046022100a2b078865d85c2cc3fa1a7783cf7e10b41f277e2740178d55928e38976e7aacf022100f98f4372d1786f17ed6083953dfb87b6b218f0bbc49eb6eeb6f9dd4ed4342794 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 37 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-%20xsign.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d7cc9f235c9d1a563da44eb691cc193a1193ca9d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prd.bmc.cdn.office.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prd.bmc.cdn.office.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2002.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 00ab91fc216226979aa8791b61419060a96267fd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 009e5834da2938e47175da685278cb49d26fa1196ecab077df8198960ec19abc6081129f7e5cdde69611cb88d56edb92aab40962e7157fee3a99958becf9efa361ce59f6c41ed64feb06c469fd2be8371909d1e180c4991d903a12eaa23b17bb1428ee019203b3346e6406f5ae2d759b5ca5153e20c8680519c14a0f05b9050da06a041a6f1cdd4573bfce3165e5ed9a6899fbb45d78ddcf9beeb0fa0152f7513a5e93d6586f9a3e6883f29486623ddca20ccc594d7eff459f34d2cd30da305800a485874971033e1246aa16b090eb6abbaeb7ae85eb517402b9284bb55e723bb86e3ecbf453c80601d2372807bb7ccaeaf29bcaf0b20af5108276389e32ab962f9dc3f83bda3c4464b071cfceb7375d82fb2101fbfc6b8fbd0eed9fdc18acd81114a29576c856311fbbe30bae88dceaddf333b109361557ee6ebd42785f82665e3d85150ff2fc5318f4552136066a53c7e56185f7557daab870a7b531525c18ddc0ccd95543b32679c3502522f09056444174cfd55ee41a75258f57c4cba05b993319e81acbd091099983d3dd01fd1a7f50bdf66b613197cf782a8e604e10354f803387cf837c8fab69effe9fe45f000fcb919fa40973d9770df49c3b89ea13fe8557f2ee7708249e6fcd80f85a6c60a844d087ebc5bb89f685e2654935c5a5d0ff8d848f33b21a97bf5cfa31d55695aebbf95754ee0804de5d3f5f0eb808c615