*.msn.com

Issued by Microsoft RSA TLS CA 01

About this certificate

This digital certificate with serial number 12:00:18:8e:d0:a6:2c:2e:4b:d1:0d:c8:7c:00:00:00:18:8e:d0 was issued on by Microsoft Corporation.

With 56 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=*.msn.com

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 12:00:18:8e:d0:a6:2c:2e:4b:d1:0d:c8:7c:00:00:00:18:8e:d0
Serial Number (int): 401421770184100847465388070996408793694768848
Serial Number lenght: 149 bits, 19 octets

SubjectKeyId: 0f:11:d3:0e:4a:c9:c0:9a:0c:cd:d8:38:40:77:53:9f:57:a3:a8:c7
AuthorityKeyId: b5:76:0c:30:11:ce:c7:92:42:4d:4c:c7:5c:2c:c8:a9:0c:e8:0b:64

Fingerprint (sha1): a7:7c:fe:f6:45:3b:a9:37:42:5d:c0:76:a7:db:dc:63:2d:2c:4e:08
Fingerprint (sha256): 0a:2f:1c:b4:f7:01:37:04:c9:98:46:39:e2:c5:ce:a2:3b:a5:57:13:3e:94:57:cc:86:68:14:8b:09:6e:b5:b0

Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/Microsoft%20RSA%20TLS%20CA%2001.crt

Revocation information

OCSP Server: http://ocsp.msocsp.com
CRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2001.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2001.crl

Check the revocation status for certificate *.msn.com

56

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.msn.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

11 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.msn.com
*.msn.cn
*.msn.com.cn
*.msn.it
msn.com
*.msn.co.jp
*.msn.co.nz
*.msn.co.uk
*.msn.at
*.msn.ca
*.msn.ch
*.msn.de
*.msn.es
*.msn.fi
*.msn.fr
*.msn.gr
*.msn.ie
*.msn.jp
*.msn.kz
*.msn.nl
*.msn.no
*.msn.pt
*.msn.ru
*.msn.se
*.msn.sg
*.msnarabia.com
*.msnautos.com
*.msncricket.com
*.msnlatino.com
*.msnnews.com
*.msnsports.com
*.msn.ae
*.msn.be
*.msn.cr
*.msn.dk
*.msn.hu
*.msn.net
*.msn.pl
*.msntravel.com
*.msn.co.cr
*.msn.co.id
*.msn.co.il
*.msn.co.in
*.msn.co.kr
*.msn.co.th
*.msn.co.za
*.msn.com.au
*.msn.com.br
*.msn.com.gr
*.msn.com.hk
*.msn.com.mx
*.msn.com.my
*.msn.com.sg
*.msn.com.tr
*.msn.com.tw
*.msn.net.ru

Other certificates including the domain name msn.com

(limited to 100 certificates)
suppadmgw.css.msn.com
amor.co.msn.com
*.contacts.msn.com
sync-sg1.trusted.msntv.msn.com
storage.live.com
apinternal.messenger.msn.com
ssl003.insnw.net
images.partner.windowsphone.com
account.microsoft.com
*.oneservice.msn.com
music.msn.com
*.vo.msecnd.net
*.events.data.microsoft.com
Reg.msn.com
advertising-uat.microsoft.com
fpt.microsoft.com
ssl003.insnw.net
*.sip.messenger.msn.com
suppsugw.css.msn.com
msniaap.msn.com
support.msn.com
*.msn.com
fpt.microsoft.com
sps-out.msn.com
*.vo.msecnd.net
scstest.msn.com
mail.live.com
arc.msn.com
stda02.zone.msn.com
zone.msn.com
www.mappoint.com
cdn.content.prod.cms.msn.com
omt.msn.com
ac3.msn.com
*.events-sandbox.data.microsoft.com
mobileexplorers.ca.msn.com
*.vo.msecnd.net
virtualearth.at
*.live-ws.msn.com
sendersupport.olc.protection.outlook.com
alerts.push.direct.msn.com
*.vo.msecnd.net
help.msn.com
g.msn.com
beta.it.money.msn.com
storage.live.com
adbroker.mp.dse.microsoft.com
*.ssl.catalog.video.msn.com
analytics.r.msn.com
www.multimap.com
featureupdate.msn.com
ssl003.insnw.net
ssl003.insnw.net
*.storage.msn.com
partnerprovider2.pcs.v2s.msn.com
*.msn.com
toolbar.msn.com
mail.live.com
f.msn.com
feedback.office.microsoft.com
partnerportal.msn.com
spaws.msn.com
api.choice.microsoft.com
fpt.microsoft.com
msniafeed.msn.com
federation.messenger.msn.com
api.partner.msn.com
www.bing.com
stdg02.zone.msn.com
test.cms.cdp.msn.com
storage.live.com
www.bing.com
logging.msnia.msn.com
texreg2.msn.com
*.events-sandbox.data.microsoft.com
c.msn.com
querypre.prod.cms.msn.com
*.events.data.microsoft.com
okauth.questionbox.jp.msn.com
beta5.idss.msn.com
g.msn.com
*.events.data.microsoft.com
ssl003.insnw.net
storage.live.com
*.events.data.microsoft.com
api.choice.microsoft.com
*.vo.msecnd.net
storage.live.com
dev.assets.msn.com
ca.moneycentral.msn.com
*.events.data.microsoft.com
answers.msn.com
*.msn.com
uploadlog2.msn.com
*.cn.msn.com
storage.msn.com
blog.msn.com
stda01.zone.msn.com
*.vo.msecnd.net
*.msn.com

Certificate

The complete raw certificate details for *.msn.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIJNDCCBxygAwIBAgITEgAYjtCmLC5L0Q3IfAAAABiO0DANBgkqhkiG9w0BAQsF
ADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MSAwHgYDVQQDExdNaWNyb3NvZnQgUlNBIFRMUyBDQSAwMTAeFw0yMTA5MTYyMDE4
MjNaFw0yMjA5MTYyMDE4MjNaMBQxEjAQBgNVBAMMCSoubXNuLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOCQWWG02z3x1nfdEEQCbeeVPH2EuK7b
u/fSXo7EkIFxhgxThe+Q4cIRlnry1E+iW3NazQOvUSJmLEE2AEbo2e2oFXjW0ln4
bMcV/yZL/7aUES8YdhW906ql4ITYu4pblI1y4IkC24+qAsYBOqiZpVHugp/rgHEz
pq58qzqnjLPd57gN4mP3QjZKd2tv7rzj72k0TXRwnC8DONcmKCdaFTAPQHP7xbNl
4eZvvbLqjP5ucC97KZ0iHIXHiStzycIGbmUHiCpT47gRr/5VVTUZB9ryt7hnZmvH
NyLDWkhlw5oWqDzfuZbfAqLsIoUVdc0XK6/F+B2/D3RCYAbdOovDaK0CAwEAAaOC
BUIwggU+MBMGCisGAQQB1nkCBAMBAf8EAgUAMCcGCSsGAQQBgjcVCgQaMBgwCgYI
KwYBBQUHAwEwCgYIKwYBBQUHAwIwPgYJKwYBBAGCNxUHBDEwLwYnKwYBBAGCNxUI
h9qGdYPu2QGCyYUbgbWeYYX062CBXYWGjkGHwphQAgFkAgEnMIGHBggrBgEFBQcB
AQR7MHkwUwYIKwYBBQUHMAKGR2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kv
bXNjb3JwL01pY3Jvc29mdCUyMFJTQSUyMFRMUyUyMENBJTIwMDEuY3J0MCIGCCsG
AQUFBzABhhZodHRwOi8vb2NzcC5tc29jc3AuY29tMB0GA1UdDgQWBBQPEdMOSsnA
mgzN2DhAd1OfV6OoxzAOBgNVHQ8BAf8EBAMCBLAwggK3BgNVHREEggKuMIICqoIJ
Ki5tc24uY29tgggqLm1zbi5jboIMKi5tc24uY29tLmNugggqLm1zbi5pdIIHbXNu
LmNvbYILKi5tc24uY28uanCCCyoubXNuLmNvLm56ggsqLm1zbi5jby51a4IIKi5t
c24uYXSCCCoubXNuLmNhgggqLm1zbi5jaIIIKi5tc24uZGWCCCoubXNuLmVzgggq
Lm1zbi5maYIIKi5tc24uZnKCCCoubXNuLmdygggqLm1zbi5pZYIIKi5tc24uanCC
CCoubXNuLmt6gggqLm1zbi5ubIIIKi5tc24ubm+CCCoubXNuLnB0gggqLm1zbi5y
dYIIKi5tc24uc2WCCCoubXNuLnNngg8qLm1zbmFyYWJpYS5jb22CDioubXNuYXV0
b3MuY29tghAqLm1zbmNyaWNrZXQuY29tgg8qLm1zbmxhdGluby5jb22CDSoubXNu
bmV3cy5jb22CDyoubXNuc3BvcnRzLmNvbYIIKi5tc24uYWWCCCoubXNuLmJlgggq
Lm1zbi5jcoIIKi5tc24uZGuCCCoubXNuLmh1ggkqLm1zbi5uZXSCCCoubXNuLnBs
gg8qLm1zbnRyYXZlbC5jb22CCyoubXNuLmNvLmNyggsqLm1zbi5jby5pZIILKi5t
c24uY28uaWyCCyoubXNuLmNvLmluggsqLm1zbi5jby5rcoILKi5tc24uY28udGiC
CyoubXNuLmNvLnphggwqLm1zbi5jb20uYXWCDCoubXNuLmNvbS5icoIMKi5tc24u
Y29tLmdyggwqLm1zbi5jb20uaGuCDCoubXNuLmNvbS5teIIMKi5tc24uY29tLm15
ggwqLm1zbi5jb20uc2eCDCoubXNuLmNvbS50coIMKi5tc24uY29tLnR3ggwqLm1z
bi5uZXQucnUwgbAGA1UdHwSBqDCBpTCBoqCBn6CBnIZNaHR0cDovL21zY3JsLm1p
Y3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwUlNBJTIwVExT
JTIwQ0ElMjAwMS5jcmyGS2h0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNj
b3JwL2NybC9NaWNyb3NvZnQlMjBSU0ElMjBUTFMlMjBDQSUyMDAxLmNybDBXBgNV
HSAEUDBOMEIGCSsGAQQBgjcqATA1MDMGCCsGAQUFBwIBFidodHRwOi8vd3d3Lm1p
Y3Jvc29mdC5jb20vcGtpL21zY29ycC9jcHMwCAYGZ4EMAQIBMB8GA1UdIwQYMBaA
FLV2DDARzseSQk1Mx1wsyKkM6AtkMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjANBgkqhkiG9w0BAQsFAAOCAgEAEdZbTj3tWPdc6uqVnJQCyNZ/taQEQiHD
tAhcWQpq/n4yzEE6E0wz4On4CcsLDAH4U2k6qMxcueayOGNpKdPsGuJu5FunCXol
/eckHCnOtPGp4o+ol8uTOOdRrCEDL1tHN9zVNNp+P6I8nDOiT6pl3rgFra0oCkyW
UY16Ttv/WprW6OEY8clNJdJTUcbJQNIh76wV6AJqgs6PPEw9VthsReLjmi+hbIJo
f0TNltrIJlP1yg9OMZSaOMIPAtSOs/dFK0+LAFGAxac6aynwZXu6zoEOhVVGIhIL
3w7Sm2YUA280doHfNugAejxC2JEJWlNzSOsMGotFmltLg5iS5QLPHYDdS1kfnHut
G79smz7MwPGh9PgIydaVhLjBXdsHYQ2js3v6sm311XtZMldNX/PKfTCitPRSM5g+
IkpWVXzavv7iJ/9673Y2MQoLu5bfcgh6ecWWl62P3a5SymqEXhmBOQh0Mrumy0cw
ECKgdk/842GXkZ7USX75g2uDqM+foKCuLJEEMEeb+RxT+o3tMcGscUoD8fMzc/lc
47bdqtzTI0bMYlGkIU/mDhoJrFGJPnW3br8vYMGVxhzLO3VdwKQJsBZOyc8jirqh
DRHkYaSENPimK2sOrmGFgCqWFlB6dMj6viKz4+jpHS5i1/56f2j0F3IRIQdiiYr5
uVBR5kFDopo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JBZYbTbPfHWd90QRAJt
55U8fYS4rtu799JejsSQgXGGDFOF75DhwhGWevLUT6Jbc1rNA69RImYsQTYARujZ
7agVeNbSWfhsxxX/Jkv/tpQRLxh2Fb3TqqXghNi7iluUjXLgiQLbj6oCxgE6qJml
Ue6Cn+uAcTOmrnyrOqeMs93nuA3iY/dCNkp3a2/uvOPvaTRNdHCcLwM41yYoJ1oV
MA9Ac/vFs2Xh5m+9suqM/m5wL3spnSIchceJK3PJwgZuZQeIKlPjuBGv/lVVNRkH
2vK3uGdma8c3IsNaSGXDmhaoPN+5lt8CouwihRV1zRcrr8X4Hb8PdEJgBt06i8No
rQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 401421770184100847465388070996408793694768848
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft RSA TLS CA 01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-16 20:18:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-09-16 20:18:23 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.msn.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28348561529808432464460283850509663410810302731052974882722554701278699441134580735371481390698443520142204938541076642857556607256975607196634167982772504957874727464716186343682884261152703634415332478736502420464128432053679089661250145958132022103927921207086233484421824611288260720806911992775471950283430578844590716507010234621834061370324029466557120783864882970162391423834807523387029450997842838754109820962458655396083111320161514072460702272621194397909582006129975397788902487561227281637397675655914376509365058154791773191413617426131619847697335116083303580559234939489098415067464887868862889158829
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.16155509.8105089.5391003.2969441.12400096.221.10585921.15764560
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 39
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/Microsoft%20RSA%20TLS%20CA%2001.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0f11d30e4ac9c09a0ccdd8384077539f57a3a8c7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (686 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'msn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.nz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.at'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.fi'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.gr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.kz'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.no'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.pt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ru'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.se'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.sg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnarabia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnautos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msncricket.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnlatino.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnnews.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msnsports.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.ae'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.be'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.cr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.dk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.hu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msntravel.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.cr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.id'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.il'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.kr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.th'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.co.za'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.br'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.gr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.hk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.mx'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.my'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.sg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com.tw'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.net.ru'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (168 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2001.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20RSA%20TLS%20CA%2001.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (80 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName b5760c3011cec792424d4cc75c2cc8a90ce80b64
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0011d65b4e3ded58f75ceaea959c9402c8d67fb5a4044221c3b4085c590a6afe7e32cc413a134c33e0e9f809cb0b0c01f853693aa8cc5cb9e6b238636929d3ec1ae26ee45ba7097a25fde7241c29ceb4f1a9e28fa897cb9338e751ac21032f5b4737dcd534da7e3fa23c9c33a24faa65deb805adad280a4c96518d7a4edbff5a9ad6e8e118f1c94d25d25351c6c940d221efac15e8026a82ce8f3c4c3d56d86c45e2e39a2fa16c82687f44cd96dac82653f5ca0f4e31949a38c20f02d48eb3f7452b4f8b005180c5a73a6b29f0657bbace810e85554622120bdf0ed29b6614036f347681df36e8007a3c42d891095a537348eb0c1a8b459a5b4b839892e502cf1d80dd4b591f9c7bad1bbf6c9b3eccc0f1a1f4f808c9d69584b8c15ddb07610da3b37bfab26df5d57b5932574d5ff3ca7d30a2b4f45233983e224a56557cdabefee227ff7aef7636310a0bbb96df72087a79c59697ad8fddae52ca6a845e198139087432bba6cb47301022a0764ffce36197919ed4497ef9836b83a8cf9fa0a0ae2c910430479bf91c53fa8ded31c1ac714a03f1f33373f95ce3b6ddaadcd32346cc6251a4214fe60e1a09ac51893e75b76ebf2f60c195c61ccb3b755dc0a409b0164ec9cf238abaa10d11e461a48434f8a62b6b0eae6185802a9616507a74c8fabe22b3e3e8e91d2e62d7fe7a7f68f4177211210762898af9b95051e64143a29a