*.cn.msn.com
Issued by Microsoft IT SSL SHA2
About this certificate
This digital certificate with serial number 5a:00:00:59:9b:1b:83:1a:91:64:42:a1:73:00:01:00:00:59:9b was issued on by Microsoft Corporation.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Certificate Subject
CN=*.cn.msn.com
Microsoft Corporation
Organization:
Microsoft Corporation
Organization unit: Microsoft IT
Organization unit: Microsoft IT
State / Province:
Washington
Locality: Redmond
Country: US
Locality: Redmond
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 5a:00:00:59:9b:1b:83:1a:91:64:42:a1:73:00:01:00:00:59:9bSerial Number (int): 2007067186974411732839591544095210274811828635
Serial Number lenght: 151 bits, 19 octets
SubjectKeyId: 59:ce:96:4c:f2:7a:6d:8e:ba:72:a9:62:35:a2:b3:29:fe:0b:28:3b
AuthorityKeyId: 51:af:24:26:9c:f4:68:22:57:80:26:2b:3b:46:62:15:7b:1e:cc:a5
Fingerprint (sha1): 6d:ad:ac:1b:8a:25:ac:75:19:a5:bc:53:7a:4d:99:31:72:bb:7a:f4
Fingerprint (sha256): 09:c0:a8:59:37:49:9e:bd:0a:8b:33:29:2d:79:6d:b7:9e:d8:c5:97:35:e7:37:38:43:0d:18:f3:b4:a3:5c:78
Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/msitwww2.crt
Revocation information
OCSP Server: http://ocsp.msocsp.comCRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/msitwww2.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/msitwww2.crl
Check the revocation status for certificate *.cn.msn.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.cn.msn.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.cn.msn.com
Other certificates including the domain name msn.com
(limited to 100 certificates)
suppadmgw.css.msn.com
amor.co.msn.com
*.contacts.msn.com
sync-sg1.trusted.msntv.msn.com
storage.live.com
apinternal.messenger.msn.com
ssl003.insnw.net
images.partner.windowsphone.com
account.microsoft.com
*.oneservice.msn.com
music.msn.com
*.vo.msecnd.net
*.events.data.microsoft.com
Reg.msn.com
advertising-uat.microsoft.com
fpt.microsoft.com
ssl003.insnw.net
*.sip.messenger.msn.com
suppsugw.css.msn.com
msniaap.msn.com
support.msn.com
*.msn.com
fpt.microsoft.com
sps-out.msn.com
*.vo.msecnd.net
scstest.msn.com
mail.live.com
arc.msn.com
stda02.zone.msn.com
zone.msn.com
www.mappoint.com
cdn.content.prod.cms.msn.com
omt.msn.com
ac3.msn.com
*.events-sandbox.data.microsoft.com
mobileexplorers.ca.msn.com
*.vo.msecnd.net
virtualearth.at
*.live-ws.msn.com
sendersupport.olc.protection.outlook.com
alerts.push.direct.msn.com
*.vo.msecnd.net
help.msn.com
g.msn.com
beta.it.money.msn.com
storage.live.com
adbroker.mp.dse.microsoft.com
*.ssl.catalog.video.msn.com
analytics.r.msn.com
www.multimap.com
featureupdate.msn.com
ssl003.insnw.net
ssl003.insnw.net
*.storage.msn.com
partnerprovider2.pcs.v2s.msn.com
*.msn.com
toolbar.msn.com
mail.live.com
f.msn.com
feedback.office.microsoft.com
partnerportal.msn.com
spaws.msn.com
api.choice.microsoft.com
fpt.microsoft.com
msniafeed.msn.com
federation.messenger.msn.com
api.partner.msn.com
www.bing.com
stdg02.zone.msn.com
test.cms.cdp.msn.com
storage.live.com
www.bing.com
logging.msnia.msn.com
texreg2.msn.com
*.events-sandbox.data.microsoft.com
c.msn.com
querypre.prod.cms.msn.com
*.events.data.microsoft.com
okauth.questionbox.jp.msn.com
beta5.idss.msn.com
g.msn.com
*.events.data.microsoft.com
ssl003.insnw.net
storage.live.com
*.events.data.microsoft.com
api.choice.microsoft.com
*.vo.msecnd.net
storage.live.com
dev.assets.msn.com
ca.moneycentral.msn.com
*.events.data.microsoft.com
answers.msn.com
*.msn.com
uploadlog2.msn.com
*.cn.msn.com
storage.msn.com
blog.msn.com
stda01.zone.msn.com
*.vo.msecnd.net
*.msn.com
amor.co.msn.com
*.contacts.msn.com
sync-sg1.trusted.msntv.msn.com
storage.live.com
apinternal.messenger.msn.com
ssl003.insnw.net
images.partner.windowsphone.com
account.microsoft.com
*.oneservice.msn.com
music.msn.com
*.vo.msecnd.net
*.events.data.microsoft.com
Reg.msn.com
advertising-uat.microsoft.com
fpt.microsoft.com
ssl003.insnw.net
*.sip.messenger.msn.com
suppsugw.css.msn.com
msniaap.msn.com
support.msn.com
*.msn.com
fpt.microsoft.com
sps-out.msn.com
*.vo.msecnd.net
scstest.msn.com
mail.live.com
arc.msn.com
stda02.zone.msn.com
zone.msn.com
www.mappoint.com
cdn.content.prod.cms.msn.com
omt.msn.com
ac3.msn.com
*.events-sandbox.data.microsoft.com
mobileexplorers.ca.msn.com
*.vo.msecnd.net
virtualearth.at
*.live-ws.msn.com
sendersupport.olc.protection.outlook.com
alerts.push.direct.msn.com
*.vo.msecnd.net
help.msn.com
g.msn.com
beta.it.money.msn.com
storage.live.com
adbroker.mp.dse.microsoft.com
*.ssl.catalog.video.msn.com
analytics.r.msn.com
www.multimap.com
featureupdate.msn.com
ssl003.insnw.net
ssl003.insnw.net
*.storage.msn.com
partnerprovider2.pcs.v2s.msn.com
*.msn.com
toolbar.msn.com
mail.live.com
f.msn.com
feedback.office.microsoft.com
partnerportal.msn.com
spaws.msn.com
api.choice.microsoft.com
fpt.microsoft.com
msniafeed.msn.com
federation.messenger.msn.com
api.partner.msn.com
www.bing.com
stdg02.zone.msn.com
test.cms.cdp.msn.com
storage.live.com
www.bing.com
logging.msnia.msn.com
texreg2.msn.com
*.events-sandbox.data.microsoft.com
c.msn.com
querypre.prod.cms.msn.com
*.events.data.microsoft.com
okauth.questionbox.jp.msn.com
beta5.idss.msn.com
g.msn.com
*.events.data.microsoft.com
ssl003.insnw.net
storage.live.com
*.events.data.microsoft.com
api.choice.microsoft.com
*.vo.msecnd.net
storage.live.com
dev.assets.msn.com
ca.moneycentral.msn.com
*.events.data.microsoft.com
answers.msn.com
*.msn.com
uploadlog2.msn.com
*.cn.msn.com
storage.msn.com
blog.msn.com
stda01.zone.msn.com
*.vo.msecnd.net
*.msn.com
Certificate
The complete raw certificate details for *.cn.msn.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJTCCBA2gAwIBAgITWgAAWZsbgxqRZEKhcwABAABZmzANBgkqhkiG9w0BAQsF ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgU1NMIFNIQTIw HhcNMTQxMDI5MDczMDA4WhcNMTYxMDI4MDczMDA4WjAXMRUwEwYDVQQDDAwqLmNu Lm1zbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7/5oH7eZ8 7zGVbpRchgxGj6qsbqyc4ir9G9F5GMA0orZ0lm82ZjGZItngd4kGUYGfxlViU2Yc 1CR79EvpN9CaMo8uleNPE9iILCMJXaYS4mDIApL986voDr/g6xnbFiBkHjOew8Eb znlNYt5CPpGZN0/V4jxfbAIP6Wr3IHJ47QjTRbzjesbaWfclzmhBW6Y02/H8F4iw ka1e31SCYPyH/kinK1gfRK47E1ep+dgdGxR9mP/rYC3dMAhMbw/MBbbBXZOnOmRX s4VdcUs4Tw5oEEuSmyr8d47M3rp8ra/OJx7wbCs0cwXRUQjGC07PfHYRUP/PkW/L Izv/uleUhCNZAgMBAAGjggHzMIIB7zAdBgNVHQ4EFgQUWc6WTPJ6bY66cqliNaKz Kf4LKDswCwYDVR0PBAQDAgSwMB8GA1UdIwQYMBaAFFGvJCac9GgiV4AmKztGYhV7 HsylMH0GA1UdHwR2MHQwcqBwoG6GNmh0dHA6Ly9tc2NybC5taWNyb3NvZnQuY29t L3BraS9tc2NvcnAvY3JsL21zaXR3d3cyLmNybIY0aHR0cDovL2NybC5taWNyb3Nv ZnQuY29tL3BraS9tc2NvcnAvY3JsL21zaXR3d3cyLmNybDBwBggrBgEFBQcBAQRk MGIwPAYIKwYBBQUHMAKGMGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNj b3JwL21zaXR3d3cyLmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3Nw LmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTgYDVR0gBEcwRTBD BgkrBgEEAYI3KgEwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5taWNyb3NvZnQu Y29tL3BraS9tc2NvcnAvY3BzADAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMB MAoGCCsGAQUFBwMCMBcGA1UdEQQQMA6CDCouY24ubXNuLmNvbTANBgkqhkiG9w0B AQsFAAOCAgEABDUUuyr9cCI1uCA5gQSGp7SQvDSEsPkAQR96eU4YLhTJjbJrx73g abnwynppaorKlENXnUpPiaWJNrIl6sDWsaqjeP4yfjE6jLwsxiPNPS+ZXU9rIQL0 GCuHYW0kQabnRqZVuC3qC9nBUACqwBiyfF3hFACyxD13JM+6Ov4pWzSoiwzJS/8+ WG/TmYLvOjWhLAp63xDzlq3GBZHX5ZrBYLatnJVvwCjQCfWZyrK8uz+aNal1zg+P JrQAZQ/86oWu/VMsbwQu49wNL8s3Xe3hEn1Kep5q51oQgZY+fYi3pQHzVDVqiZw0 yhYAZ5LaFXlpeKr9xYuncOhofTg1LOGeNhKLRGjKHEdtJ1PyEi9DU74qUp6drtlZ 2nNvEp6qJj6ogDdEIgq6DECFxn3EqzwGkPHwlFa7QgUjOLOKs7/iE4dyWBVaQXRH Q53i9qaCO0pIvUieH+nIX0EuEowxm3PoNkOLgj6NywDxciQ/ttWzsG5kkUulBwtx Bh0zQ/ZEfLBrdY8TvNL6K4Y/vv0yEjqhCjMFPRddeH8bWGP/Hsjom+xT7F6sttY8 IKq3MkHMzvuu7xCcjTB1qlbVDnpaHD3zsKhiPybLylIwQpKVHVTbWgVKaattmC33 8L11+RDgYPRPxt8S7EgvTnNuuv1p7bDTCmna/wh0GCN9a76SLDaN820= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/+aB+3mfO8xlW6UXIYM Ro+qrG6snOIq/RvReRjANKK2dJZvNmYxmSLZ4HeJBlGBn8ZVYlNmHNQke/RL6TfQ mjKPLpXjTxPYiCwjCV2mEuJgyAKS/fOr6A6/4OsZ2xYgZB4znsPBG855TWLeQj6R mTdP1eI8X2wCD+lq9yByeO0I00W843rG2ln3Jc5oQVumNNvx/BeIsJGtXt9UgmD8 h/5IpytYH0SuOxNXqfnYHRsUfZj/62At3TAITG8PzAW2wV2TpzpkV7OFXXFLOE8O aBBLkpsq/HeOzN66fK2vzice8GwrNHMF0VEIxgtOz3x2EVD/z5FvyyM7/7pXlIQj WQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2007067186974411732839591544095210274811828635 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT SSL SHA2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-10-29 07:30:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-10-28 07:30:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.cn.msn.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23732604916428105217549817960891087444729811654093155936142935876525154097481253821282042941811148079369822112229564255949064086257860853457738342842622828827251547331989137206524970864326664242242108679212982836834392546059179223434288627732214108957884522384575101900728082878197917435853249571546938693300652378918235536268420970040882330946515636726002295635193221772906650169035739085566984887562049340140290580438892923788259081043782087476292822769768621957533078124163345857839071560523443420505989053721320751430256564534165825292102055553951966144745219715342694780098602579022889496302724759618002515927897 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 59ce964cf27a6d8eba72a96235a2b329fe0b283b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 51af24269cf468225780262b3b4662157b1ecca5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/msitwww2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/msitwww2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/msitwww2.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (71 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps�' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cn.msn.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00043514bb2afd702235b82039810486a7b490bc3484b0f900411f7a794e182e14c98db26bc7bde069b9f0ca7a696a8aca9443579d4a4f89a58936b225eac0d6b1aaa378fe327e313a8cbc2cc623cd3d2f995d4f6b2102f4182b87616d2441a6e746a655b82dea0bd9c15000aac018b27c5de11400b2c43d7724cfba3afe295b34a88b0cc94bff3e586fd39982ef3a35a12c0a7adf10f396adc60591d7e59ac160b6ad9c956fc028d009f599cab2bcbb3f9a35a975ce0f8f26b400650ffcea85aefd532c6f042ee3dc0d2fcb375dede1127d4a7a9e6ae75a1081963e7d88b7a501f354356a899c34ca16006792da15796978aafdc58ba770e8687d38352ce19e36128b4468ca1c476d2753f2122f4353be2a529e9daed959da736f129eaa263ea8803744220aba0c4085c67dc4ab3c0690f1f09456bb42052338b38ab3bfe213877258155a417447439de2f6a6823b4a48bd489e1fe9c85f412e128c319b73e836438b823e8dcb00f172243fb6d5b3b06e64914ba5070b71061d3343f6447cb06b758f13bcd2fa2b863fbefd32123aa10a33053d175d787f1b5863ff1ec8e89bec53ec5eacb6d63c20aab73241cccefbaeef109c8d3075aa56d50e7a5a1c3df3b0a8623f26cbca52304292951d54db5a054a69ab6d982df7f0bd75f910e060f44fc6df12ec482f4e736ebafd69edb0d30a69daff087418237d6bbe922c368df36d