*.eu2.prague.office-int.com
Issued by Microsoft IT TLS CA 4
About this certificate
This digital certificate with serial number 16:00:03:69:ff:2f:82:81:a4:b2:e1:82:31:00:00:00:03:69:ff was issued on by Microsoft Corporation.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
Certificate Subject
CN=*.eu2.prague.office-int.com
Microsoft Corporation
Organization:
Microsoft Corporation
Organization unit: Microsoft IT
Organization unit: Microsoft IT
State / Province:
Washington
Locality: Redmond
Country: US
Locality: Redmond
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 16:00:03:69:ff:2f:82:81:a4:b2:e1:82:31:00:00:00:03:69:ffSerial Number (int): 490617556108713341306897217673876753782893055
Serial Number lenght: 149 bits, 19 octets
SubjectKeyId: 4f:e3:73:8e:77:09:0f:9d:39:fa:3f:2d:35:22:2c:19:67:f9:12:73
AuthorityKeyId: 7a:7b:8c:c1:cf:e7:a0:ca:1c:d4:6b:fa:fb:e1:33:c3:0f:1a:a2:9d
Fingerprint (sha1): ea:c6:1a:81:4e:b9:8f:db:dd:c1:0b:b5:3a:90:24:c0:dd:16:20:d0
Fingerprint (sha256): 0c:ae:61:12:38:73:1e:f0:2a:34:8d:73:37:8f:b1:d5:99:9a:2a:27:42:33:dc:71:ea:45:29:9d:be:d7:ae:3a
Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%204.crt
Revocation information
OCSP Server: http://ocsp.msocsp.comCRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%204.crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%204.crl
Check the revocation status for certificate *.eu2.prague.office-int.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.eu2.prague.office-int.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
11 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.eu2.prague.office-int.com
Other certificates including the domain name office-int.com
(limited to 100 certificates)
lifecycle.office-int.com
neur.fis.office-int.com
*.osi.office-int.net
*.osi.office-int.net
c.msn-int.com
cert00046-azurecdn.akamaized.net
cert00046-azurecdn.akamaized.net
redwood.osikevlartorus.office-int.com
api.businesscentral.dynamics-tie.com
lynx.osikevlartorus.office-int.com
cdn.forms.office.net
tasks.osi.office-int.com
helene.osikevlartorus.office-int.com
sway.office-int.com
inclient.store.office-int.com
store.office-int.com
cert00046-azurecdn.akamaized.net
osikevlartorus.office-int.com
c.msn-int.com
*.r11s-wu2-ppe.prague.office-int.com
insertmedia.osi.office-int.net
Pineapple.osikevlartorus.office-int.com
*.financials.dynamics-tie.com
geneva-mds.rose.office-int.com
Eridanus-INT-Mds.office-int.com
ssu.office-int.com
tasks.office-int.com
Mahogany.osikevlartorus.office-int.com
*.osi.office-int.net
*.wu2-ppe.prague.office-int.com
jade.osikevlartorus.office-int.com
geneva-mds.Deimos.office-int.com
support.office-int.com
wheat.osikevlartorus.office-int.com
*.osi.office-int.net
*.osi.office-int.net
firstpartymarketplace.store.office-int.com
cek.rps.lifecycle.office-int.com
geneva-mds.Galatea.office-int.com
*.osi.office-int.net
eucalyptus.osikevlartorus.office-int.com
row.fis.office-int.com
cert00046-azurecdn.akamaized.net
messaging.engagement.office-int.com
*.eu2.prague.office-int.com
forms.office-int.com
*.osi.office-int.net
geneva-mds.patriarch.office-int.com
*.osi.office-int.net
Buff.osikevlartorus.office-int.com
geneva-mds.Enceladus.office-int.com
sagittarius.osikevlartorus.office-int.com
Galatea.osikevlartorus.office-int.com
cluster.project.office-int.com
servicetrust.office-int.com
random12.fis.office-int.com
monitoring.servicetrust.office-int.com
cert00046-azurecdn.akamaized.net
eus.fis.office-int.com
servicetrust.office-int.com
Ginger.osikevlartorus.office-int.com
aqua.osikevlartorus.office-int.com
geneva-mds.Coffee.office-int.com
malachite.osikevlartorus.office-int.com
firstpartyapp-encrypt.marketplace.store.office-int.com
cert00046-azurecdn.akamaized.net
deployment.servicetrust.office-int.com
messaging.growth.office-int.com
cert00046-azurecdn.akamaized.net
persimmon.osikevlartorus.office-int.com
proteus.osikevlartorus.office-int.com
melon.osikevlartorus.office-int.com
addinslicensing.store.office-int.com
cert00046-azurecdn.akamaized.net
sway.office-int.com
cert00046-azurecdn.akamaized.net
burlywood.osikevlartorus.office-int.com
setup.office-int.com
prod.fis.office-int.com
*.r11s-wu2.prague.office-int.com
geneva-mds.auburn.office-int.com
cert00046-azurecdn.akamaized.net
*.osi.office-int.net
firstpartymarketplace.store.office-int.com
*.osi.office-int.net
api.servicetrust.office-int.com
sway.office-int.com
mint.osikevlartorus.office-int.com
forms.office-int.com
checkout.office-int.com
lifecycle.office-int.com
lumber.osikevlartorus.office-int.com
margaret.osikevlartorus.office-int.com
testIcmCert1.office-int.com
teal.officeapps.live-int.com
Eridanus-INT-Mds.office-int.com
ginger.osikevlartorus.office-int.com
store.office-int.com
messaging.engagement.office-int.com
scc-nexus.office-int.com
neur.fis.office-int.com
*.osi.office-int.net
*.osi.office-int.net
c.msn-int.com
cert00046-azurecdn.akamaized.net
cert00046-azurecdn.akamaized.net
redwood.osikevlartorus.office-int.com
api.businesscentral.dynamics-tie.com
lynx.osikevlartorus.office-int.com
cdn.forms.office.net
tasks.osi.office-int.com
helene.osikevlartorus.office-int.com
sway.office-int.com
inclient.store.office-int.com
store.office-int.com
cert00046-azurecdn.akamaized.net
osikevlartorus.office-int.com
c.msn-int.com
*.r11s-wu2-ppe.prague.office-int.com
insertmedia.osi.office-int.net
Pineapple.osikevlartorus.office-int.com
*.financials.dynamics-tie.com
geneva-mds.rose.office-int.com
Eridanus-INT-Mds.office-int.com
ssu.office-int.com
tasks.office-int.com
Mahogany.osikevlartorus.office-int.com
*.osi.office-int.net
*.wu2-ppe.prague.office-int.com
jade.osikevlartorus.office-int.com
geneva-mds.Deimos.office-int.com
support.office-int.com
wheat.osikevlartorus.office-int.com
*.osi.office-int.net
*.osi.office-int.net
firstpartymarketplace.store.office-int.com
cek.rps.lifecycle.office-int.com
geneva-mds.Galatea.office-int.com
*.osi.office-int.net
eucalyptus.osikevlartorus.office-int.com
row.fis.office-int.com
cert00046-azurecdn.akamaized.net
messaging.engagement.office-int.com
*.eu2.prague.office-int.com
forms.office-int.com
*.osi.office-int.net
geneva-mds.patriarch.office-int.com
*.osi.office-int.net
Buff.osikevlartorus.office-int.com
geneva-mds.Enceladus.office-int.com
sagittarius.osikevlartorus.office-int.com
Galatea.osikevlartorus.office-int.com
cluster.project.office-int.com
servicetrust.office-int.com
random12.fis.office-int.com
monitoring.servicetrust.office-int.com
cert00046-azurecdn.akamaized.net
eus.fis.office-int.com
servicetrust.office-int.com
Ginger.osikevlartorus.office-int.com
aqua.osikevlartorus.office-int.com
geneva-mds.Coffee.office-int.com
malachite.osikevlartorus.office-int.com
firstpartyapp-encrypt.marketplace.store.office-int.com
cert00046-azurecdn.akamaized.net
deployment.servicetrust.office-int.com
messaging.growth.office-int.com
cert00046-azurecdn.akamaized.net
persimmon.osikevlartorus.office-int.com
proteus.osikevlartorus.office-int.com
melon.osikevlartorus.office-int.com
addinslicensing.store.office-int.com
cert00046-azurecdn.akamaized.net
sway.office-int.com
cert00046-azurecdn.akamaized.net
burlywood.osikevlartorus.office-int.com
setup.office-int.com
prod.fis.office-int.com
*.r11s-wu2.prague.office-int.com
geneva-mds.auburn.office-int.com
cert00046-azurecdn.akamaized.net
*.osi.office-int.net
firstpartymarketplace.store.office-int.com
*.osi.office-int.net
api.servicetrust.office-int.com
sway.office-int.com
mint.osikevlartorus.office-int.com
forms.office-int.com
checkout.office-int.com
lifecycle.office-int.com
lumber.osikevlartorus.office-int.com
margaret.osikevlartorus.office-int.com
testIcmCert1.office-int.com
teal.officeapps.live-int.com
Eridanus-INT-Mds.office-int.com
ginger.osikevlartorus.office-int.com
store.office-int.com
messaging.engagement.office-int.com
scc-nexus.office-int.com
Certificate
The complete raw certificate details for *.eu2.prague.office-int.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG3TCCBMWgAwIBAgITFgADaf8vgoGksuGCMQAAAANp/zANBgkqhkiG9w0BAQsF ADCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UE CxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgVExTIENBIDQw HhcNMTgxMTA5MDE0NzIwWhcNMjAxMTA5MDE0NzIwWjAmMSQwIgYDVQQDDBsqLmV1 Mi5wcmFndWUub2ZmaWNlLWludC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDRsJ00t4ljaoKBco+wLfOYM72JDwL8j6HXCbOOlPEMGu9pPomxaDhZ gUudFo+0zIffFSsAg8NdTUqqKC8DqS/5FyGCQ0SlhGv2qrgRje3AvMwmqcAjeA6y SdhNGjHedCJafU8Vzh1nL6A9Aa2zeNiindysRyBrvoFm20eodSMixCcIYTazXVi8 Y5WP7WYtnix7HHbJMgUG5DPuli9IM62LBdpeef4hj57XOut6pHayrXoJmGbj/KWu FuMy6oxeDOAOu4EPzlHXUa9pX35PlcX7h3dvNoYhXy3O1jyK+taeaHQGB2kZMRN/ covCf+9YY1RLDTjQ97nlwtcS2PbctvZhAgMBAAGjggKcMIICmDATBgorBgEEAdZ5 AgQDAQH/BAIFADAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUF BwMBMD4GCSsGAQQBgjcVBwQxMC8GJysGAQQBgjcVCIfahnWD7tkBgsmFG4G1nmGF 9OtggV2E0t9CgueTegIBZAIBHTCBhQYIKwYBBQUHAQEEeTB3MFEGCCsGAQUFBzAC hkVodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NaWNyb3NvZnQl MjBJVCUyMFRMUyUyMENBJTIwNC5jcnQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3Nw Lm1zb2NzcC5jb20wHQYDVR0OBBYEFE/jc453CQ+dOfo/LTUiLBln+RJzMAsGA1Ud DwQEAwIEsDAmBgNVHREEHzAdghsqLmV1Mi5wcmFndWUub2ZmaWNlLWludC5jb20w gawGA1UdHwSBpDCBoTCBnqCBm6CBmIZLaHR0cDovL21zY3JsLm1pY3Jvc29mdC5j b20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQu Y3JshklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWlj cm9zb2Z0JTIwSVQlMjBUTFMlMjBDQSUyMDQuY3JsME0GA1UdIARGMEQwQgYJKwYB BAGCNyoBMDUwMwYIKwYBBQUHAgEWJ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9w a2kvbXNjb3JwL2NwczAfBgNVHSMEGDAWgBR6e4zBz+egyhzUa/r74TPDDxqinTAd BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggIB AJIbTaOgCyQ9PHxYWe/fTIribX3uAUf7zUYN1lVaRx2XjrGO4y7luObQwbaXIRDf +6sS/V0HN1w31H8eoAxdgEIgyVC+VGXCltiNUdiC6WU8TuVGfzASYpmykmF/LgJe TZCaxF03UielTlkg2bZu/cnPMwIm2n23KMEDpFRWetW1fqP+Dlz7qIhcJrbbF+Jo e0mn/10KxvJTkmZrV8Gb0UACykicipA28o+aWmAKiB7e9ijaGaR0pyL0ZD1+NAAm mTZ0JJmGW0G2DmRgMt+fbT1yHUtrnDR4owG0p+cg2XOMw+rloPuuK2KsZ86u1J2d WhaW00Pn9rXoAU2x0VR+MXXbWjSfCWef5uDAXi+xcB+tdVkIXwXufGqQqaoftZFP 6Z+ZQqlDvtXDWRp+feY0YyCWKRfNtmaNFtaGwfPR9nhDAi+miinA5MeyaPo7tKHC jgpC2HbuSOIVIoAh475T7iwkIqODITbGTYslnEUBf/FE+BgTjpfANYiFIdPCA/mZ ziXmkqvd4RFglspCmdfbb7uXLGjYc+eToGELl1TSN0Y6BMML/hzsfX3Kael9Crf9 L31zlwNbKRvK1bMBRSjkvX2os2hM3bzZ+HXqfD0qWRjDDO58F7u7FB22ppoyH9zv UAzlQsAoQwhPBgOzX76IOjdrQiwhyu7Ov76BFHUjASgI -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bCdNLeJY2qCgXKPsC3z mDO9iQ8C/I+h1wmzjpTxDBrvaT6JsWg4WYFLnRaPtMyH3xUrAIPDXU1KqigvA6kv +RchgkNEpYRr9qq4EY3twLzMJqnAI3gOsknYTRox3nQiWn1PFc4dZy+gPQGts3jY op3crEcga76BZttHqHUjIsQnCGE2s11YvGOVj+1mLZ4sexx2yTIFBuQz7pYvSDOt iwXaXnn+IY+e1zrreqR2sq16CZhm4/ylrhbjMuqMXgzgDruBD85R11GvaV9+T5XF +4d3bzaGIV8tztY8ivrWnmh0BgdpGTETf3KLwn/vWGNUSw040Pe55cLXEtj23Lb2 YQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 490617556108713341306897217673876753782893055 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft IT TLS CA 4' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-09 01:47:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-09 01:47:20 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.eu2.prague.office-int.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26470897389488931179837487095934737524629144676067015186297156494351402185440172752794343275151521528658657835913507138194213485374493596764289199316310604260827723275723601535677839577030370745389190635630630131429862745584816724830187831954250910738174293113719696031968995631395647230009257025902337927342326799289121262031961565534803015899428829033980463738593118718910809654165682348194439327738806144199352508395558755385262668847893889402108998436563923008821021527389115372442521210630800224024804611072280108294241403877269817916422756305399818354569800981815682060134191787624463004753635717749966638610017 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.16155509.8105089.5391003.2969441.12400096.221.9744322.5884410 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (121 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/Microsoft%20IT%20TLS%20CA%204.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.msocsp.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4fe3738e77090f9d39fa3f2d35222c1967f91273 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (31 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.eu2.prague.office-int.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (164 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%204.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/Microsoft%20IT%20TLS%20CA%204.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (70 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.42.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pki/mscorp/cps' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7a7b8cc1cfe7a0ca1cd46bfafbe133c30f1aa29d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00921b4da3a00b243d3c7c5859efdf4c8ae26d7dee0147fbcd460dd6555a471d978eb18ee32ee5b8e6d0c1b6972110dffbab12fd5d07375c37d47f1ea00c5d804220c950be5465c296d88d51d882e9653c4ee5467f30126299b292617f2e025e4d909ac45d375227a54e5920d9b66efdc9cf330226da7db728c103a454567ad5b57ea3fe0e5cfba8885c26b6db17e2687b49a7ff5d0ac6f25392666b57c19bd14002ca489c8a9036f28f9a5a600a881edef628da19a474a722f4643d7e3400269936742499865b41b60e646032df9f6d3d721d4b6b9c3478a301b4a7e720d9738cc3eae5a0fbae2b62ac67ceaed49d9d5a1696d343e7f6b5e8014db1d1547e3175db5a349f09679fe6e0c05e2fb1701fad7559085f05ee7c6a90a9aa1fb5914fe99f9942a943bed5c3591a7e7de6346320962917cdb6668d16d686c1f3d1f67843022fa68a29c0e4c7b268fa3bb4a1c28e0a42d876ee48e215228021e3be53ee2c2422a3832136c64d8b259c45017ff144f818138e97c035888521d3c203f999ce25e692abdde1116096ca4299d7db6fbb972c68d873e793a0610b9754d237463a04c30bfe1cec7d7dca69e97d0ab7fd2f7d7397035b291bcad5b3014528e4bd7da8b3684cddbcd9f875ea7c3d2a5918c30cee7c17bbbb141db6a69a321fdcef500ce542c02843084f0603b35fbe883a376b422c21caeecebfbe81147523012808