*.accesscontrol.identity.office-int.net
Issued by Microsoft IT TLS CA 1
About this certificate
This digital certificate with serial number 7b:00:0a:49:39:6f:32:44:4f:e8:25:1a:5f:00:00:00:0a:49:39 was issued on by Microsoft Corporation.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Certificate Subject
CN=*.accesscontrol.identity.office-int.net
Microsoft Corporation
Organization:
Microsoft Corporation
Organization unit: Microsoft IT
Organization unit: Microsoft IT
State / Province:
Washington
Locality: Redmond
Country: US
Locality: Redmond
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 7b:00:0a:49:39:6f:32:44:4f:e8:25:1a:5f:00:00:00:0a:49:39Serial Number (int): 2742995159574795799044585007774728727042869561
Serial Number lenght: 151 bits, 19 octets
SubjectKeyId: 04:ab:23:60:dd:51:98:75:a4:48:fd:56:72:05:6f:2c:cb:2d:95:a9
AuthorityKeyId: 58:88:9f:d6:dc:9c:48:22:b7:14:3e:ff:84:88:e8:e6:85:ff:fa:7d
Fingerprint (sha1): 19:a7:24:89:1d:1a:51:f1:dd:73:c1:07:a8:e8:c9:f1:fd:0a:3a:0b
Fingerprint (sha256): 0b:af:59:6b:19:be:d4:bf:e5:c6:fd:d8:be:9d:c6:53:bb:66:01:80:44:99:63:20:e2:31:4b:8b:48:99:9b:b9
Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%201.crt
Revocation information
OCSP Server: http://ocsp.msocsp.comCRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%201.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%201.crl
Check the revocation status for certificate *.accesscontrol.identity.office-int.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.accesscontrol.identity.office-int.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.identity.accesscontrol-int.office.com
*.accesscontrol.identity.office-int.net
*.accesscontrol.identity.office-int.net
Other certificates including the domain name office-int.net
(limited to 100 certificates)
officernr.osi.office-int.net
kaizalamessaging.osi.office-int.net
*.osi.office-int.net
augmentation.osi.office-int.net
*.osi.office-int.net
OsiDataEncrypt-Carmine-ALL-DEK.osi.office-int.net
icmconnector.griffinosiplatformtest.osi.office-int.net
kasmgmtportal.osi.office-int.net
Aqua-INT-MdmAdministrator.osi.office-int.net
msa-sapi.graph.office-int.net
Cobalt-INT-MdmAdministrator.osi.office-int.net
manage.osi.office-int.net
Cobalt-INT-MdmAdministrator.osi.office-int.net
inclient.store.office-int.com
store.office-int.com
Wheat-INT-MdmAdministrator.osi.office-int.net
Caelum-INT-MdmAdministrator.osi.office-int.net
insertmedia.osi.office-int.net
captions.officeapps.live-int.com
ssu.office-int.com
oliml.office-int.net
tasks.office-int.com
*.osi.office-int.net
graph.office-int.net
support.office-int.com
wdgfabric.osi.office-int.net
*.osi.office-int.net
*.osi.office-int.net
GriffinOsiPlatformTest-DataEncryptionCertife.office-int.net
manage.osi.office-int.net
entity-sti-int.osi.office-int.net
samplegateway.omex.office-int.net
manage.osi.office-int.net
Vela-INT-MdmAdministrator.osi.office-int.net
GriffinOsiPlatformTest-DataEncryptionCertife.office-int.net
griffinosiplatformtest.osi.office-int.net
*.osi.office-int.net
hubblecontent.osi.office-int.net
hubble.officeapps.live-int.com
Caelum-INT-MdmAdministrator.osi.office-int.net
icms.osi.office-int.net
*.accesscontrol.identity.office-int.net
oxocompliance-test.office-int.net
*.osi.office-int.net
*.osi.office-int.net
Wheat-INT-MdmAdministrator.osi.office-int.net
Mint-INT-Mds.osi.office-int.net
kevlar.marketwatch.office-int.net
validationgateway.omex.office-int.net
scram.osi.office-int.net
Bronze-INT-Mds.osi.office-int.net
enceladus.osi.office-int.net
officecheckoutpurchase.omex.office-int.net
helene.cosmosproxy.osi.office-int.net
arms.osi.office-int.net
arms.osi.office-int.net
cornsilkint-mds.osi.office-int.net
Wheat-INT-MdmAdministrator.osi.office-int.net
ogma.osi.office-int.net
externalgateway.omex.office-int.net
addinslicensing.store.office-int.com
augmentation.osi.office-int.net
tellmeservice.osi.office-int.net
Antlia-INT-MdmAdministrator.osi.office-int.net
eridanus-Int-Mdm.osi.office-int.net
Russet-INT-Mds.osi.office-int.net
macommunication.geneva.keyvault.fullvalue.omex.office-int.net
Aqua-INT-MdmAdministrator.osi.office-int.net
setup.office-int.com
Aqua-INT-MdmAdministrator.osi.office-int.net
*.graph.office-int.net
Carpo-INT-Mds.osi.office-int.net
*.osi.office-int.net
cluster.fullvalue.omex.office-int.net
*.osi.office-int.net
dataencryption.omex.office-int.net
hubble.officeapps.live-int.com
forms.office-int.com
Manatee-INT-Mds.osi.office-int.net
checkout.office-int.com
GriffinOsiPlatformTest-gcpcert.office-int.net
config.officeapps.live-int.com
GriffinOsiPlatformTest-gcpcert.office-int.net
pptcast-rps-int.osi.office-int.net
store.office-int.com
aurigasentryportal.office-int.net
tasman.osi.office-int.net
Asparagus-INT-Mds.osi.office-int.net
support.office-int.com
stores.office-int.com
diagnosticsgateway.omex.office-int.net
checkout.office-int.com
usershardextension-sti-int.osi.office-int.net
*.identity.office-int.net
Lynx-INT-Mds.osi.office-int.net
Snow-INT-Mds.osi.office-int.net
loopback.osi.office-int.net
patriarch.cosmosproxy.osi.office-int.net
mdoipdomainmgmt.office-int.net
uci.officeapps.live-int.com
kaizalamessaging.osi.office-int.net
*.osi.office-int.net
augmentation.osi.office-int.net
*.osi.office-int.net
OsiDataEncrypt-Carmine-ALL-DEK.osi.office-int.net
icmconnector.griffinosiplatformtest.osi.office-int.net
kasmgmtportal.osi.office-int.net
Aqua-INT-MdmAdministrator.osi.office-int.net
msa-sapi.graph.office-int.net
Cobalt-INT-MdmAdministrator.osi.office-int.net
manage.osi.office-int.net
Cobalt-INT-MdmAdministrator.osi.office-int.net
inclient.store.office-int.com
store.office-int.com
Wheat-INT-MdmAdministrator.osi.office-int.net
Caelum-INT-MdmAdministrator.osi.office-int.net
insertmedia.osi.office-int.net
captions.officeapps.live-int.com
ssu.office-int.com
oliml.office-int.net
tasks.office-int.com
*.osi.office-int.net
graph.office-int.net
support.office-int.com
wdgfabric.osi.office-int.net
*.osi.office-int.net
*.osi.office-int.net
GriffinOsiPlatformTest-DataEncryptionCertife.office-int.net
manage.osi.office-int.net
entity-sti-int.osi.office-int.net
samplegateway.omex.office-int.net
manage.osi.office-int.net
Vela-INT-MdmAdministrator.osi.office-int.net
GriffinOsiPlatformTest-DataEncryptionCertife.office-int.net
griffinosiplatformtest.osi.office-int.net
*.osi.office-int.net
hubblecontent.osi.office-int.net
hubble.officeapps.live-int.com
Caelum-INT-MdmAdministrator.osi.office-int.net
icms.osi.office-int.net
*.accesscontrol.identity.office-int.net
oxocompliance-test.office-int.net
*.osi.office-int.net
*.osi.office-int.net
Wheat-INT-MdmAdministrator.osi.office-int.net
Mint-INT-Mds.osi.office-int.net
kevlar.marketwatch.office-int.net
validationgateway.omex.office-int.net
scram.osi.office-int.net
Bronze-INT-Mds.osi.office-int.net
enceladus.osi.office-int.net
officecheckoutpurchase.omex.office-int.net
helene.cosmosproxy.osi.office-int.net
arms.osi.office-int.net
arms.osi.office-int.net
cornsilkint-mds.osi.office-int.net
Wheat-INT-MdmAdministrator.osi.office-int.net
ogma.osi.office-int.net
externalgateway.omex.office-int.net
addinslicensing.store.office-int.com
augmentation.osi.office-int.net
tellmeservice.osi.office-int.net
Antlia-INT-MdmAdministrator.osi.office-int.net
eridanus-Int-Mdm.osi.office-int.net
Russet-INT-Mds.osi.office-int.net
macommunication.geneva.keyvault.fullvalue.omex.office-int.net
Aqua-INT-MdmAdministrator.osi.office-int.net
setup.office-int.com
Aqua-INT-MdmAdministrator.osi.office-int.net
*.graph.office-int.net
Carpo-INT-Mds.osi.office-int.net
*.osi.office-int.net
cluster.fullvalue.omex.office-int.net
*.osi.office-int.net
dataencryption.omex.office-int.net
hubble.officeapps.live-int.com
forms.office-int.com
Manatee-INT-Mds.osi.office-int.net
checkout.office-int.com
GriffinOsiPlatformTest-gcpcert.office-int.net
config.officeapps.live-int.com
GriffinOsiPlatformTest-gcpcert.office-int.net
pptcast-rps-int.osi.office-int.net
store.office-int.com
aurigasentryportal.office-int.net
tasman.osi.office-int.net
Asparagus-INT-Mds.osi.office-int.net
support.office-int.com
stores.office-int.com
diagnosticsgateway.omex.office-int.net
checkout.office-int.com
usershardextension-sti-int.osi.office-int.net
*.identity.office-int.net
Lynx-INT-Mds.osi.office-int.net
Snow-INT-Mds.osi.office-int.net
loopback.osi.office-int.net
patriarch.cosmosproxy.osi.office-int.net
mdoipdomainmgmt.office-int.net
uci.officeapps.live-int.com
Certificate
The complete raw certificate details for *.accesscontrol.identity.office-int.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHHjCCBQagAwIBAgITewAKSTlvMkRP6CUaXwAAAApJOTANBgkqhkiG9w0BAQsF ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDEw HhcNMTkwOTI0MTkzNzIyWhcNMjEwOTI0MTkzNzIyWjAyMTAwLgYDVQQDDCcqLmFj Y2Vzc2NvbnRyb2wuaWRlbnRpdHkub2ZmaWNlLWludC5uZXQwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCwgoStAmEsEYiFOKAz+y44AapJMGztEi/ZnDVU f3wmCHiTLIX9llu/gYnKkHd2rdJ2W3t1Jj0yRpY+4Ypo4jaUxGvLgdvzgichbT/5 XsShwz8o3qiL+oO0HpxoemUCH64XQzEWSU7vZrVIfd3VYVyK+gF3WZAScj0GNosz dUFrLYezYFmtwDggOeeDJAB2AAR61zsI2LjIgSCvfH9dFWuTo8RJB3LnWpVU/XSG ffv5TTVlIdF6Cdqy5IhG+goQEc7KmdNO1yTYPbSNMWTKPaXEKJ46zmPUE/l5Q1iP Vmgbneoci804z9LeRg4z/imBmPYV/XMP4p9uwBV0jx3q6tgDAgMBAAGjggLRMIIC zTATBgorBgEEAdZ5AgQDAQH/BAIFADAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUF BwMCMAoGCCsGAQUFBwMBMD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIfahnWD 7tkBgsmFG4G1nmGF9OtggV2E0t9CgueTegIBZAIBHTCBhQYIKwYBBQUHAQEEeTB3 MFEGCCsGAQUFBzAChkVodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29y cC9NaWNyb3NvZnQlMjBJVCUyMFRMUyUyMENBJTIwMS5jcnQwIgYIKwYBBQUHMAGG Fmh0dHA6Ly9vY3NwLm1zb2NzcC5jb20wHQYDVR0OBBYEFASrI2DdUZh1pEj9VnIF byzLLZWpMAsGA1UdDwQEAwIEsDBbBgNVHREEVDBSgicqLmlkZW50aXR5LmFjY2Vz c2NvbnRyb2wtaW50Lm9mZmljZS5jb22CJyouYWNjZXNzY29udHJvbC5pZGVudGl0 eS5vZmZpY2UtaW50Lm5ldDCBrAYDVR0fBIGkMIGhMIGeoIGboIGYhktodHRwOi8v bXNjcmwubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBJ VCUyMFRMUyUyMENBJTIwMS5jcmyGSWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9w a2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBJVCUyMFRMUyUyMENBJTIwMS5jcmww TQYDVR0gBEYwRDBCBgkrBgEEAYI3KgEwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3 dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3BzMB8GA1UdIwQYMBaAFFiIn9bc nEgitxQ+/4SI6OaF//p9MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAN BgkqhkiG9w0BAQsFAAOCAgEAYlWZiu1UiKX3J9Vu4S60lsTjKoNYTeGElWldtCEb 4qw+5FmFwGz3BtWzIT9fS6tIPIX4psnDeJ5C6wusNXa/o8CaaXdElBVARcbWn80t zhgsa98dguBww8M58RQFRRcbW5lEY0taxkvNQGmPQA8fTloIaleIK7HjukJoyqhi xm0qJ5PFbMNFVj5RLPWrSMIj6r7vfiK3bQb8hAObgsX6UXRyKKykumPHTnrCA6LP VbVg/qG58krf7qvoxapbczaGlplof/HSg390kt4AoY08fpTOnzzCfMdJdoHk46cU TBYzCDgJBnwfzxUSjTSC2FhKcKqw597H5alffft+gah0OG73Vev2AOtQirb7XpIQ wZUtYlmK5jmfYxlgrGxndLObl2+E1RS7KL5wskWNV85qIT+GK4rFyEyesSy/aBCL j07CTKZnYVGXhScpDi0L7yvsGNNf8V2KfJFOBvJR3KGEu80C5pIuAFRHogvVmEZA fiJWgJldn91sgueYPNxA2ebswkjqlybEgWx48g2rM3XXvMTZ/52jRvhFkyVqtASP IK7miFJ2ljzYIqxEqkX4FEKq9GVWgzeA/yM1REqW34HJg1hF0w1l2cXNMRY2bFh7 puDqYhbnsk8OnGT53rWc9tU1+YlMNwlBsCN3rAumkxedm/hcg0ONIwukKMANCPig /Bc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIKErQJhLBGIhTigM/su OAGqSTBs7RIv2Zw1VH98Jgh4kyyF/ZZbv4GJypB3dq3Sdlt7dSY9MkaWPuGKaOI2 lMRry4Hb84InIW0/+V7EocM/KN6oi/qDtB6caHplAh+uF0MxFklO72a1SH3d1WFc ivoBd1mQEnI9BjaLM3VBay2Hs2BZrcA4IDnngyQAdgAEetc7CNi4yIEgr3x/XRVr k6PESQdy51qVVP10hn37+U01ZSHRegnasuSIRvoKEBHOypnTTtck2D20jTFkyj2l xCieOs5j1BP5eUNYj1ZoG53qHIvNOM/S3kYOM/4pgZj2Ff1zD+KfbsAVdI8d6urY AwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2742995159574795799044585007774728727042869561 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT TLS CA 1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-24 19:37:22 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-24 19:37:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.accesscontrol.identity.office-int.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22282302629220243405741285846794893786885279365015168781937180202563558047938854863406752002650308701113216000115608864687267901438555999665425029625692975711642574131827613485990091311002319803761427582872698686293751708489256881736599287784438463243239272469252144980493747263633972751634863646724339455151920699691250134685003977602529902928838450005817755006796889184865831818920894993198398684424339632775759930775296915607899288777352958044108532824864883858156430214908726367959338055252945817889380990175112491089874452885003297244526407171471824292475000416116950235660509559123070355244309809731267648477187 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.16155509.8105089.5391003.2969441.12400096.221.9744322.5884410 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%201.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 04ab2360dd519875a448fd5672056f2ccb2d95a9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.identity.accesscontrol-int.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accesscontrol.identity.office-int.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (164 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%201.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%201.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 58889fd6dc9c4822b7143eff8488e8e685fffa7d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 006255998aed5488a5f727d56ee12eb496c4e32a83584de18495695db4211be2ac3ee45985c06cf706d5b3213f5f4bab483c85f8a6c9c3789e42eb0bac3576bfa3c09a69774494154045c6d69fcd2dce182c6bdf1d82e070c3c339f1140545171b5b9944634b5ac64bcd40698f400f1f4e5a086a57882bb1e3ba4268caa862c66d2a2793c56cc345563e512cf5ab48c223eabeef7e22b76d06fc84039b82c5fa51747228aca4ba63c74e7ac203a2cf55b560fea1b9f24adfeeabe8c5aa5b7336869699687ff1d2837f7492de00a18d3c7e94ce9f3cc27cc7497681e4e3a7144c1633083809067c1fcf15128d3482d8584a70aab0e7dec7e5a95f7dfb7e81a874386ef755ebf600eb508ab6fb5e9210c1952d62598ae6399f631960ac6c6774b39b976f84d514bb28be70b2458d57ce6a213f862b8ac5c84c9eb12cbf68108b8f4ec24ca6676151978527290e2d0bef2bec18d35ff15d8a7c914e06f251dca184bbcd02e6922e005447a20bd59846407e225680995d9fdd6c82e7983cdc40d9e6ecc248ea9726c4816c78f20dab3375d7bcc4d9ff9da346f84593256ab4048f20aee6885276963cd822ac44aa45f81442aaf46556833780ff2335444a96df81c9835845d30d65d9c5cd3116366c587ba6e0ea6216e7b24f0e9c64f9deb59cf6d535f9894c370941b02377ac0ba693179d9bf85c83438d230ba428c00d08f8a0fc17