photos.onedrive.com
- Microsoft Corporation -
Issued by Microsoft Azure RSA TLS Issuing CA 08
About this certificate
This digital certificate with serial number 33:00:2c:29:c5:fd:ac:40:ff:d0:0f:41:6d:00:00:00:2c:29:c5 was issued on by Microsoft Corporation.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Microsoft Corporation
Organization:
Microsoft Corporation
State / Province:
WA
Locality: Redmond
Country: US
Locality: Redmond
Country: US
Microsoft Corporation
Organization:
Microsoft Corporation
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 33:00:2c:29:c5:fd:ac:40:ff:d0:0f:41:6d:00:00:00:2c:29:c5Serial Number (int): 1137353033075581706813601424559552641805068741
Serial Number lenght: 150 bits, 19 octets
SubjectKeyId: a4:ed:dd:a8:a2:89:99:ab:f0:b4:0a:a5:db:83:32:77:fc:0e:d7:07
AuthorityKeyId: f6:7e:2f:bd:80:a3:4a:b2:70:5b:eb:df:9a:1f:d8:ed:ca:61:80:07
Fingerprint (sha1): 7f:7a:41:34:2d:6c:bb:f9:bf:fa:95:53:4f:1c:b2:2b:7e:eb:aa:f7
Fingerprint (sha256): 10:83:1b:63:aa:21:66:70:fd:0b:f1:00:2d:d2:b7:45:c8:a4:49:c1:74:0c:b5:b1:4d:80:09:59:b6:3d:4a:b1
Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2008%20-%20xsign.crt
Revocation information
OCSP Server: http://oneocsp.microsoft.com/ocspCRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2008.crl
Check the revocation status for certificate photos.onedrive.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for photos.onedrive.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
12 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
photos.onedrive.com
Other certificates including the domain name onedrive.com
(limited to 100 certificates)
storage.live.com
photos.onedrive.com
mail.live.com
storage.live.com
mail.live.com
dev.onedrive.com
blog.onedrive.com
storage.live.com
akamai-san11.exacttarget.com
onedrive.com
storage.live.com
storage.live.com
dev.onedrive.com
svc.ms
storage.live.com
onedrive.live.com
storage.live.com
photos.onedrive.com
SPO-Prod-ODWeb-O365Shell.onedrive.com
onedrive-df.live.com
dev-staging.onedrive.com
storage.live.com
onedrive.com
onedrive.live.com
storage.live.com
storage.live.com
akamai-san11.exacttarget.com
storage.live.com
storage.live.com
blog.onedrive.com
onedrive.live.com
onedrive.live.com
svc.ms
storage.live.com
photos.onedrive.com
photos.onedrive.com
storage.live.com
akamai-san11.exacttarget.com
storage.live.com
*.svc.ms
www1.onedrive.com
storage.live.com
storage.live.com
storage.live.com
storage.live.com
storage.live.com
qos.admin.onedrive.com
blog.onedrive.com
onedrive.com
onedrive.live.com
blog.onedrive.com
customersuccessblog.onedrive.com
storage.live.com
storage.live.com
storage.live.com
df.storage.live.com
onedrive.com
onedrive.com
storage.live.com
storage.live.com
*.mail.onedrive.com
storage.live.com
dev-staging.onedrive.com
*.mail.onedrive.com
blog.onedrive.com
storage.live.com
onedrive.live.com
storage.live.com
akamai-san11.exacttarget.com
*.mail.onedrive.com
onedrive.com
storage.live.com
pushchanneltst.cma.onedrive.com
onedrive.live.com
blog.onedrive.com
storage.live.com
onedrive.com
onedrive.live.com
*.svc.ms
onedrive.com
pushchannelprod.cma.onedrive.com
akamai-san11.exacttarget.com
storage.live.com
storage.live.com
onedrive.com
df.badger.onedrive.com
onedrive.com
storage.live.com
storage.live.com
photos.onedrive.com
photos.onedrive.com
onedrive-df.live.com
storage.live.com
storage.live.com
storage.live.com
*.mail.onedrive.com
onedrive.live.com
storage.live.com
spdf.badgerspo.onedrive.com
*.mail.onedrive.com
photos.onedrive.com
mail.live.com
storage.live.com
mail.live.com
dev.onedrive.com
blog.onedrive.com
storage.live.com
akamai-san11.exacttarget.com
onedrive.com
storage.live.com
storage.live.com
dev.onedrive.com
svc.ms
storage.live.com
onedrive.live.com
storage.live.com
photos.onedrive.com
SPO-Prod-ODWeb-O365Shell.onedrive.com
onedrive-df.live.com
dev-staging.onedrive.com
storage.live.com
onedrive.com
onedrive.live.com
storage.live.com
storage.live.com
akamai-san11.exacttarget.com
storage.live.com
storage.live.com
blog.onedrive.com
onedrive.live.com
onedrive.live.com
svc.ms
storage.live.com
photos.onedrive.com
photos.onedrive.com
storage.live.com
akamai-san11.exacttarget.com
storage.live.com
*.svc.ms
www1.onedrive.com
storage.live.com
storage.live.com
storage.live.com
storage.live.com
storage.live.com
qos.admin.onedrive.com
blog.onedrive.com
onedrive.com
onedrive.live.com
blog.onedrive.com
customersuccessblog.onedrive.com
storage.live.com
storage.live.com
storage.live.com
df.storage.live.com
onedrive.com
onedrive.com
storage.live.com
storage.live.com
*.mail.onedrive.com
storage.live.com
dev-staging.onedrive.com
*.mail.onedrive.com
blog.onedrive.com
storage.live.com
onedrive.live.com
storage.live.com
akamai-san11.exacttarget.com
*.mail.onedrive.com
onedrive.com
storage.live.com
pushchanneltst.cma.onedrive.com
onedrive.live.com
blog.onedrive.com
storage.live.com
onedrive.com
onedrive.live.com
*.svc.ms
onedrive.com
pushchannelprod.cma.onedrive.com
akamai-san11.exacttarget.com
storage.live.com
storage.live.com
onedrive.com
df.badger.onedrive.com
onedrive.com
storage.live.com
storage.live.com
photos.onedrive.com
photos.onedrive.com
onedrive-df.live.com
storage.live.com
storage.live.com
storage.live.com
*.mail.onedrive.com
onedrive.live.com
storage.live.com
spdf.badgerspo.onedrive.com
*.mail.onedrive.com
Certificate
The complete raw certificate details for photos.onedrive.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG/jCCBOagAwIBAgITMwAsKcX9rED/0A9BbQAAACwpxTANBgkqhkiG9w0BAQwF ADBdMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u MS4wLAYDVQQDEyVNaWNyb3NvZnQgQXp1cmUgUlNBIFRMUyBJc3N1aW5nIENBIDA4 MB4XDTI0MDUxMjE5NTk0NVoXDTI1MDUwNzE5NTk0NVowajELMAkGA1UEBhMCVVMx CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv ZnQgQ29ycG9yYXRpb24xHDAaBgNVBAMTE3Bob3Rvcy5vbmVkcml2ZS5jb20wggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGIe3GLsmc7RwkiP3kdP4PKN5r 4kgctV9UVsA3lhG63M7Hc8aL83JytHLMOND4StNFDY+tzZovKfvIbB+l8OGUijn5 yJquS/A0ErSmfDqcaNjY37V4brFVyXDOGAy96EiqgThrlPViXJR1lchsVGDezjXJ XDqk1O8WJkaFm5p+wlW6e9R6iguwLmrq5lRSUx/1FXBjd5+Vb8Zet1mPgNaiqiiB xd9w3EJ7cwZTy6xRqRIXTTGUGo430bi6YlDzb3pekLdsrsh9MuPwcbKscEncyaNQ H6oq8vgKjERUPgWCMW+934cj3JPfrzctAzlN8iICz50rRNZ8vBNk8Woo+FL5AgMB AAGjggKoMIICpDATBgorBgEEAdZ5AgQDAQH/BAIFADAnBgkrBgEEAYI3FQoEGjAY MAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQB gjcVCIe91xuB5+tGgoGdLo7QDIfw2h1dgoTlaYLzpz4CAWQCASYwgbQGCCsGAQUF BwEBBIGnMIGkMHMGCCsGAQUFBzAChmdodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20v cGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMEF6dXJlJTIwUlNBJTIwVExTJTIwSXNz dWluZyUyMENBJTIwMDglMjAtJTIweHNpZ24uY3J0MC0GCCsGAQUFBzABhiFodHRw Oi8vb25lb2NzcC5taWNyb3NvZnQuY29tL29jc3AwHQYDVR0OBBYEFKTt3aiiiZmr 8LQKpduDMnf8DtcHMA4GA1UdDwEB/wQEAwIFoDAeBgNVHREEFzAVghNwaG90b3Mu b25lZHJpdmUuY29tMAwGA1UdEwEB/wQCMAAwagYDVR0fBGMwYTBfoF2gW4ZZaHR0 cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwQXp1 cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwOC5jcmwwZgYDVR0gBF8w XTBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNy b3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMAgGBmeBDAECAjAf BgNVHSMEGDAWgBT2fi+9gKNKsnBb69+aH9jtymGABzAdBgNVHSUEFjAUBggrBgEF BQcDAgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEMBQADggIBAEqyjThGy6n1sTX6/Mvk hlH7Dlwd9mAOaWnqvnj4DW/rmbFV9VagRAxM4YFSS08hViBBORs+mZ2DnjR5yLqr 8dqYCTW48AR/YjExklFrTPWi3VLOK1r8oJWZfyJHbyDM83K7u8tROqlzeVYJni4q 8OjrX1r6IR+fx2XYb67vvE5NeyGq8szZfYjBE6Vi1lt7jBL64SwO7az4n34+u77l LHwoeYeE3MSlX52MH2zMqqeZA8ShjitBGAv1NbJGrT/ZSP1YCLG4TYw7/ZQShwJD VunUaR98McqJpAI3XL1PaiLNaaCY8Dpgo/v/+rqZvmMlyvSfvEnPUL3shMT0pVt5 h7dnoG6IFIU7GUnuSSSD4Y8QFktBn4dSjIRGf0TMvIVIRRUkk8mB8VzxakeVfNUJ px3AEENj0NEZ6z7NTvCgDUX2YjESSspCa8hecZ2aOWTNl1+nGM+JYH3OsKLG1iJT hZ6U4gxquMtVv15At0W0HSPNMCkJTYrrPyrGA2OZiCpwSQjnyyLwbHJ38HzYSz9k ZcoJLwqZkMCHD1/QwvG6y+eR3NhEyo+IW2CuwAtDo2ZwYHjz3QGzp2Fl6IkLm1YV z9+P++xfGNOZzNO1jKZBUIrR0U2lEwUDbWXpGHoLCzoX1DPbXX9AqLF4j32ZDYIU meenopGi89NAO5w/0WLYoo+B -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiHtxi7JnO0cJIj95HT+ Dyjea+JIHLVfVFbAN5YRutzOx3PGi/NycrRyzDjQ+ErTRQ2Prc2aLyn7yGwfpfDh lIo5+ciarkvwNBK0pnw6nGjY2N+1eG6xVclwzhgMvehIqoE4a5T1YlyUdZXIbFRg 3s41yVw6pNTvFiZGhZuafsJVunvUeooLsC5q6uZUUlMf9RVwY3eflW/GXrdZj4DW oqoogcXfcNxCe3MGU8usUakSF00xlBqON9G4umJQ8296XpC3bK7IfTLj8HGyrHBJ 3MmjUB+qKvL4CoxEVD4FgjFvvd+HI9yT3683LQM5TfIiAs+dK0TWfLwTZPFqKPhS +QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1137353033075581706813601424559552641805068741 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure RSA TLS Issuing CA 08' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-12 19:59:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-07 19:59:45 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'photos.onedrive.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25011915300732510035967925497143720663077563332050119023618983278731106940304970746928955414125053730032416944771264550961347783264282841876644609774037876662028655994153237577764222152080692149099442072927534408833415153205971343537156047882477440304183381781032536020589931866762072420251992023331257574429160818757694333054342855500703712115090577246811884411229132007833866446918046094770290300127176187622350287042309560518199801094570272931032012595651663919793475500381133399356574380382589208649701989567773577207035634306651769619606506182695733171865292718280267833905980168949575146639618452909520657601273 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (167 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2008%20-%20xsign.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a4eddda8a28999abf0b40aa5db833277fc0ed707 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos.onedrive.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2008.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f67e2fbd80a34ab2705bebdf9a1fd8edca618007 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 004ab28d3846cba9f5b135fafccbe48651fb0e5c1df6600e6969eabe78f80d6feb99b155f556a0440c4ce181524b4f21562041391b3e999d839e3479c8baabf1da980935b8f0047f62313192516b4cf5a2dd52ce2b5afca095997f22476f20ccf372bbbbcb513aa9737956099e2e2af0e8eb5f5afa211f9fc765d86faeefbc4e4d7b21aaf2ccd97d88c113a562d65b7b8c12fae12c0eedacf89f7e3ebbbee52c7c28798784dcc4a55f9d8c1f6cccaaa79903c4a18e2b41180bf535b246ad3fd948fd5808b1b84d8c3bfd941287024356e9d4691f7c31ca89a402375cbd4f6a22cd69a098f03a60a3fbfffaba99be6325caf49fbc49cf50bdec84c4f4a55b7987b767a06e8814853b1949ee492483e18f10164b419f87528c84467f44ccbc854845152493c981f15cf16a47957cd509a71dc0104363d0d119eb3ecd4ef0a00d45f66231124aca426bc85e719d9a3964cd975fa718cf89607dceb0a2c6d62253859e94e20c6ab8cb55bf5e40b745b41d23cd3029094d8aeb3f2ac6036399882a704908e7cb22f06c7277f07cd84b3f6465ca092f0a9990c0870f5fd0c2f1bacbe791dcd844ca8f885b60aec00b43a366706078f3dd01b3a76165e8890b9b5615cfdf8ffbec5f18d399ccd3b58ca641508ad1d14da51305036d65e9187a0b0b3a17d433db5d7f40a8b1788f7d990d821499e7a7a291a2f3d3403b9c3fd162d8a28f81