svc.ms

- Microsoft Corporation -

Issued by Microsoft Azure RSA TLS Issuing CA 04

About this certificate

This digital certificate with serial number 33:00:05:12:18:b6:49:17:9d:8c:e5:7f:f2:00:00:00:05:12:18 was issued on by Microsoft Corporation.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 33:00:05:12:18:b6:49:17:9d:8c:e5:7f:f2:00:00:00:05:12:18
Serial Number (int): 1137339730591312623156310613847024699133202968
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: e1:b3:c7:ad:6b:91:1e:0d:93:72:bc:3d:82:3d:78:e9:60:93:7e:09
AuthorityKeyId: 3b:70:d1:53:e9:76:25:9d:60:a8:ca:66:0f:c6:9b:ae:6f:54:16:6a

Fingerprint (sha1): 76:6d:28:db:9d:06:38:cd:2a:35:0c:fd:c3:d5:35:49:8b:d0:c0:c7
Fingerprint (sha256): 0b:45:73:92:65:33:53:0e:cd:17:69:da:1d:ce:2f:3f:16:44:7c:cb:a4:b4:21:64:2b:07:d6:a5:29:b8:7a:3c

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2004%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2004.crl

Check the revocation status for certificate svc.ms

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for svc.ms

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

12 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

svc.ms
sharepoint.com
www.sharepoint.com
*.onedrive.com
onedrive.com
1drv.ms
*.svc.ms
sharept.ms
*.sharept.ms
sharepoint-df.com
*.1drv.ms
*.odwebp.svc.ms

Other certificates including the domain name svc.ms

(limited to 100 certificates)
*.notifyd.svc.ms
servicefabric.pushns.svc.ms
*.badgers.svc.ms
*.mediap.svc.ms
*.hwp.svc.ms
SPO-BF-MS-AAD.svc.ms
*.pushng.svc.ms
*.hwp.svc.ms
usdodeast0-notifyg.svc.ms
sdesti.prod.servicecerts.svc.ms
*.mediap.svc.ms
*.pushb.svc.ms
*.hwp.svc.ms
usdodeast0-notifyg.svc.ms
*.pushfp.svc.ms
gcc-notify-sphomep.svc.ms
gcc-managementcert-sphomep.svc.ms
*.pushnp.svc.ms
*.badgerp.svc.ms
usdodeast0-mediag.svc.ms
usgovvirginia0-notifyg.svc.ms
*.badgerb.svc.ms
*.hwp.svc.ms
test.test.usgovvirginia0-mediap.svc.ms
*.pushng.svc.ms
sti.sphomep.svc.ms
*.pushnb.svc.ms
cma.pushs.svc.ms
SPO-DOD-AS-STI.notifyp.svc.ms
servicefabric.pushng.svc.ms
*.pushng.svc.ms
sdeazureauth.prod.servicecerts.svc.ms
api.tpst.svc.ms
*.badgerg.svc.ms
onedrive.com
usgovvirginia0-notifyg.svc.ms
servicefabric.pushfb.svc.ms
usgovvirginia0-notifyp.svc.ms
usgovvirginia0-notifyg.svc.ms
*.kmgcc.svc.ms
servicefabric.pushfp.svc.ms
*.pushfb.svc.ms
*.svc.ms
api.tpsprod.svc.ms
svc.ms
servicefabric.pushfp.svc.ms
*.pushfd.svc.ms
germanynortheast0-notifyp.svc.ms
germanynortheast0-notifyp.svc.ms
*.notifyp.svc.ms
*.badgerp.svc.ms
servicefabric.pushnb.svc.ms
servicefabric.pushfb.svc.ms
servicefabric.photostreamt.svc.ms
*.pushnp.svc.ms
*.badgers.svc.ms
*.pushnp.svc.ms
api.tpsedog.svc.ms
usgovvirginia0-notifyg.svc.ms
*.connectort.svc.ms
sdesti.prod.servicecerts.svc.ms
api.tpsprod.svc.ms
*.hwp.svc.ms
*.badgerb.svc.ms
spo-completenessprod-cma.servicecerts.svc.ms
sdegenevacert.prod.servicecerts.svc.ms
*.mediad.svc.ms
servicefabric.photostreamd.svc.ms
servicefabric.pushnb.svc.ms
SPO-PF-MS-MC-mediag.svc.ms
spo-completenessedog-cma.servicecerts.svc.ms
*.pushfb.svc.ms
*.badgerg.svc.ms
*.completenesss.svc.ms
SPO-BF-MS-AAD.svc.ms
gcc-sti-sphomep.svc.ms
SPO-BF-AS-CMA.svc.ms
usgovvirginia0-notifyg.svc.ms
managementcert.sphomep.svc.ms
onedrive.com
sti.sphomed.svc.ms
*.badgerb.svc.ms
gcc-griffinruntime-sphomep.svc.ms
spo-sscprod.cma.servicecerts.svc.ms
servicefabric.pushns.svc.ms
SPO-TB-STI-notifyg.svc.ms
usgovvirginia0-mediap.svc.ms
*.connectorp.svc.ms
*.pushng.svc.ms
usdodeast0-notifyg.svc.ms
api.tpsedog.svc.ms
spo-sscprod.cma.servicecerts.svc.ms
*.photostreamd.svc.ms
*.connectorp.svc.ms
api.tpsspdf.svc.ms
servicefabric.pushnb.svc.ms
kbstate.sphomeg.svc.ms
*.pushng.svc.ms
kbstate.sphomep.svc.ms
odspsscsiphonedog.servicecerts.svc.ms

Certificate

The complete raw certificate details for svc.ms in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII8jCCBtqgAwIBAgITMwAFEhi2SRedjOV/8gAAAAUSGDANBgkqhkiG9w0BAQwF
ADBdMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MS4wLAYDVQQDEyVNaWNyb3NvZnQgQXp1cmUgUlNBIFRMUyBJc3N1aW5nIENBIDA0
MB4XDTIzMDkyNzIxNTc1OFoXDTI0MDkyMTIxNTc1OFowXTELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv
ZnQgQ29ycG9yYXRpb24xDzANBgNVBAMTBnN2Yy5tczCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBALvMnZs+LhrfjQyNLjb0hLhJA2u0YIM/w8kGQ9Oi4y9j
n/5DborLCbE+735HopFtrdwQAMEIcGexig0716LBRDY3qqHN5FaKbMfCQaxlpQCI
9XR0eL4qW+IaJ0Tsq2Xck6mksVWF1leZxf7WGa2DVWZtW7YbGHgHdDL7v6/YtjIi
CwOEvVPUL3WmuIw4MQcQ1HKz5sf7G+evifjbse7JCcHwVt77eB5wX9msHcaD7mMF
HiCPJYY4ONUgyaXP2qxLg0+5iEduSIUiFDRAk7nRoGe64VZrgNZwgvHcVM535wA/
ay/QTJAdFFO44aPbVz4sWP+v28E+zpx82ReFpa7H3/ECAwEAAaOCBKkwggSlMIIB
fgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuync
aEIKn+ZnTFo6dAAAAYrYr01fAAAEAwBHMEUCIBx/+rU9S8UZnM5U8e+9d6xgZO5W
coCNIfbDlDdR2nM9AiEA4ZGFnCW0lv1+rN6XyuXZ1TSJwj+PFe6VBPd6HRMwzvYA
dQDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYrYr01EAAAEAwBG
MEQCIBa3XvnuixwPhzlLikoxLwStitWA0v5Xi4SktmjIV5CeAiBh127TQ9sHnFYS
xiNvmlYIdNgCFCTbUX/dS6PVC0h/mgB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0s
gdm7v6s52IRzAAABitivTSYAAAQDAEgwRgIhANxXI2fF7d3g/9RLgBC86ZEcpazw
8ggY7WEq7O6V9MkkAiEAvTPKyut6xp3IHZ1fRIhfsJBudaSR+B/lZsr9dGhDRYcw
JwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAKBggrBgEFBQcDATA8BgkrBgEE
AYI3FQcELzAtBiUrBgEEAYI3FQiHvdcbgefrRoKBnS6O0AyH8NodXYKE5WmC86c+
AgFkAgEmMIG0BggrBgEFBQcBAQSBpzCBpDBzBggrBgEFBQcwAoZnaHR0cDovL3d3
dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBBenVyZSUy
MFJTQSUyMFRMUyUyMElzc3VpbmclMjBDQSUyMDA0JTIwLSUyMHhzaWduLmNydDAt
BggrBgEFBQcwAYYhaHR0cDovL29uZW9jc3AubWljcm9zb2Z0LmNvbS9vY3NwMB0G
A1UdDgQWBBThs8eta5EeDZNyvD2CPXjpYJN+CTAOBgNVHQ8BAf8EBAMCBaAwgbEG
A1UdEQSBqTCBpoIGc3ZjLm1zgg5zaGFyZXBvaW50LmNvbYISd3d3LnNoYXJlcG9p
bnQuY29tgg4qLm9uZWRyaXZlLmNvbYIMb25lZHJpdmUuY29tggcxZHJ2Lm1zgggq
LnN2Yy5tc4IKc2hhcmVwdC5tc4IMKi5zaGFyZXB0Lm1zghFzaGFyZXBvaW50LWRm
LmNvbYIJKi4xZHJ2Lm1zgg8qLm9kd2VicC5zdmMubXMwDAYDVR0TAQH/BAIwADBq
BgNVHR8EYzBhMF+gXaBbhllodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3Bz
L2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFJTQSUyMFRMUyUyMElzc3VpbmclMjBD
QSUyMDA0LmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUF
BwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3Np
dG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFDtw0VPpdiWdYKjKZg/Gm65v
VBZqMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG9w0BAQwF
AAOCAgEAp4QmsXvRC7U5qXweCxaYi5XzszK1lKrFkLkwNhIqcm+2FA4Xx2MQX0tZ
JabhIJxSzH9QQdNjCt9Vb9R2uQCDb4OioVofxy4FFFvymm3RsNhDcCUuPzkx/IpE
Fw073MhMAgp98NRYerIXAI5juY54otMSUi7Jos4XH5RlVcKwMPmJQUQM+xoeRpBu
KCc/4+YfTy2Lk3B6JtVsUMes91W1OzOCFMTa3cuXX33OczqT7DeEafuBUrXuucA+
J7FONLdW8hECbgj0RieJa80wy5qSNhWxtV4Tzgyolx1hYvMHVtYFX+LaaPHQquId
pXsVJHpB+5phcx0tMjS231/q0xipZGFe+gNvMuYJrmST6hMbN5kzQpv44VweHg0L
GY04yKeSahQVzD9x4H9FlePk+/eSGdYBzAPXVnTW8RxTK080A1F+Y6pcB2RwUEPM
QqfowhMHv244Ybp0K7EIr4br704s/tYbaYl3O9anWekGvbpbSuySvCR3ySki4G1z
kuGSE/AlZccHHT1ZDyLD4rwuiejV1xMGawNYIYCmBNcvTkkY+gXmxOW66dEpR+Dw
0xPnmOVoLfuqwAoVv0tusirLNvbB0XEBrnl8wDOE8PUucxESDyu7+ZhkWWruApYT
evckRmkCnIWf8Ap8BTY5ZeIKIzgnV4JLl7YpvijUB/quQtrNYjw=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8ydmz4uGt+NDI0uNvSE
uEkDa7Rggz/DyQZD06LjL2Of/kNuissJsT7vfkeikW2t3BAAwQhwZ7GKDTvXosFE
Njeqoc3kVopsx8JBrGWlAIj1dHR4vipb4honROyrZdyTqaSxVYXWV5nF/tYZrYNV
Zm1bthsYeAd0Mvu/r9i2MiILA4S9U9Qvdaa4jDgxBxDUcrPmx/sb56+J+Nux7skJ
wfBW3vt4HnBf2awdxoPuYwUeII8lhjg41SDJpc/arEuDT7mIR25IhSIUNECTudGg
Z7rhVmuA1nCC8dxUznfnAD9rL9BMkB0UU7jho9tXPixY/6/bwT7OnHzZF4Wlrsff
8QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137339730591312623156310613847024699133202968
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure RSA TLS Issuing CA 04'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-27 21:57:58 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-21 21:57:58 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'svc.ms'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23707462766286474414698971299913484860017400871653191687749346489951356360507619468287731751051762881006808909436174109478605310697293145120342503078969023376916953297042777528543515841359774066262051221167305860734840247651813596707021447527314916927412721568319635101024583781496153055749390649898273492247598066601461261809464754858205984065758000820831244391124386907217881487023817651700155801359748817953417623456244046506404124838687487206674182415782389415246545327859005217781892484966565411311721638818347854770909440159048393300307328354613372603149448339511113299891344559269236722835253331709888811229169
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ad8af4d5f000004030047304502201c7ffab53d4bc5199cce54f1efbd77ac6064ee5672808d21f6c3943751da733d022100e191859c25b496fd7eacde97cae5d9d53489c23f8f15ee9504f77a1d1330cef6007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ad8af4d440000040300463044022016b75ef9ee8b1c0f87394b8a4a312f04ad8ad580d2fe578b84a4b668c857909e022061d76ed343db079c5612c6236f9a560874d8021424db517fdd4ba3d50b487f9a00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ad8af4d260000040300483046022100dc572367c5eddde0ffd44b8010bce9911ca5acf0f20818ed612aecee95f4c924022100bd33cacaeb7ac69dc81d9d5f44885fb0906e75a491f81fe566cafd7468434587
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (167 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2004%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e1b3c7ad6b911e0d9372bc3d823d78e960937e09
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'svc.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sharepoint.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sharepoint.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.onedrive.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onedrive.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1drv.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.svc.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sharept.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sharept.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sharepoint-df.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.1drv.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.odwebp.svc.ms'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2004.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3b70d153e976259d60a8ca660fc69bae6f54166a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00a78426b17bd10bb539a97c1e0b16988b95f3b332b594aac590b93036122a726fb6140e17c763105f4b5925a6e1209c52cc7f5041d3630adf556fd476b900836f83a2a15a1fc72e05145bf29a6dd1b0d84370252e3f3931fc8a44170d3bdcc84c020a7df0d4587ab217008e63b98e78a2d312522ec9a2ce171f946555c2b030f98941440cfb1a1e46906e28273fe3e61f4f2d8b93707a26d56c50c7acf755b53b338214c4daddcb975f7dce733a93ec378469fb8152b5eeb9c03e27b14e34b756f211026e08f44627896bcd30cb9a923615b1b55e13ce0ca8971d6162f30756d6055fe2da68f1d0aae21da57b15247a41fb9a61731d2d3234b6df5fead318a964615efa036f32e609ae6493ea131b379933429bf8e15c1e1e0d0b198d38c8a7926a1415cc3f71e07f4595e3e4fbf79219d601cc03d75674d6f11c532b4f3403517e63aa5c0764705043cc42a7e8c21307bf6e3861ba742bb108af86ebef4e2cfed61b6989773bd6a759e906bdba5b4aec92bc2477c92922e06d7392e19213f02565c7071d3d590f22c3e2bc2e89e8d5d713066b03582180a604d72f4e4918fa05e6c4e5bae9d12947e0f0d313e798e5682dfbaac00a15bf4b6eb22acb36f6c1d17101ae797cc03384f0f52e7311120f2bbbf99864596aee0296137af7244669029c859ff00a7c05363965e20a23382757824b97b629be28d407faae42dacd623c