www.office.com
- Microsoft Corporation -
Issued by Microsoft Azure TLS Issuing CA 02
About this certificate
This digital certificate with serial number 33:00:58:fd:6b:1c:4a:d3:9f:39:09:04:56:00:00:00:58:fd:6b was issued on by Microsoft Corporation.
With 20 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Microsoft Corporation
Organization:
Microsoft Corporation
State / Province:
WA
Locality: Redmond
Country: US
Locality: Redmond
Country: US
Microsoft Corporation
Organization:
Microsoft Corporation
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 33:00:58:fd:6b:1c:4a:d3:9f:39:09:04:56:00:00:00:58:fd:6bSerial Number (int): 1137368286824183356096802730964515232874560875
Serial Number lenght: 150 bits, 19 octets
SubjectKeyId: 10:fc:5b:13:7d:0d:44:08:15:27:69:b8:30:c7:81:df:c1:c0:22:5f
AuthorityKeyId: 00:ab:91:fc:21:62:26:97:9a:a8:79:1b:61:41:90:60:a9:62:67:fd
Fingerprint (sha1): f9:4c:7b:fb:b6:d5:b1:3c:77:27:12:6f:18:6d:f2:8c:d0:55:57:f8
Fingerprint (sha256): 15:d0:d3:86:e6:98:9c:a9:ca:02:90:5c:6d:8e:7f:c1:88:92:b0:7d:0e:13:ca:a4:0c:f8:f1:10:cf:04:32:f6
Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-%20xsign.crt
Revocation information
OCSP Server: http://oneocsp.microsoft.com/ocspCRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2002.crl
Check the revocation status for certificate www.office.com
20
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.office.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
12 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
home.office.com
login.office.com
office.com
signin.office.com
www.office.com
*.prodprv.office.com
*.www.office.com
word.office.com
excel.office.com
powerpoint.office.com
visio.office.com
apps.office.com
stream.office.com
fluid.office.com
www.microsoft365.com
microsoft365.com
*.www.microsoft365.com
m365.go.microsoft
m365.cloud.microsoft
officehome.japaneast.cloudapp.azure.com
login.office.com
office.com
signin.office.com
www.office.com
*.prodprv.office.com
*.www.office.com
word.office.com
excel.office.com
powerpoint.office.com
visio.office.com
apps.office.com
stream.office.com
fluid.office.com
www.microsoft365.com
microsoft365.com
*.www.microsoft365.com
m365.go.microsoft
m365.cloud.microsoft
officehome.japaneast.cloudapp.azure.com
Other certificates including the domain name office.com
(limited to 100 certificates)
loki.delve.office.com
*.asm.skype.com
df.incubator.aesir.office.com
5702666986455040-fe2.pantheonsite.io
officeapps.live.com
*.footprintdns.com
*.wac.gbl.office.com
5702666986455040-fe2.pantheonsite.io
augloop.office.com
cachewriter.teams.microsoft.com
www.office.com
gls.itarl4.ingestion.office.com
nam1.gcs.office.com
outlook.com
graph.windows.net
o365auditrealtimeingestion.manage.office.com
cachewriter.teams.microsoft.com
forms.office.com
authsvc.teams.microsoft.com
*.config.skype.com
*.fp.measure.office.com
app.ingestion.office.com
*.config.skype.com
augloop.office.com
www.office.com
ppe.sso.eduupgrade.office.com
bookings.outlookapps.com
www.office.com
www.office.com
tr-tmc-afd.office.com
augloop.office.com
cert00010-azurecdn.akamaized.net
SPOActivityPipeSigningCertKey.office.com
chatsvcagg.teams.microsoft.com
graph.windows.net
store.office.com
delve.office.com
graph.windows.net
test.test.test.outlook.com
*.footprintdns.com
*.asm.skype.com
outlook.com
setup.office.com
*.fp.measure.office.com
pls-cacheinv.teams.microsoft.com
5702666986455040-fe2.pantheonsite.io
*.footprintdns.com
griffinb2-gru-client.office.com
outlook.com
cisurvey.office.com
support.office.com
mdsrunnermgmt.office.com
bookings.outlookapps.com
gcp.ingestion.office.com
*.domains.live.com
support.officeppe.com
portal.office.com
*.footprintdns.com
prod.invite.teams.internal.office.com
ifttt.edog.office.com
OfficeOMEXSigningCertKey.office.com
www.office.com
cortana.office.com
setup.office.com
manage.office.com
api.orginsights.viva.office.com
office365-waffle.forms.office.com
*.config.skype.com
portal.office.com
outlook.live.com
desdemona.osikevlartorus.office.com
support.office.com
*.gcscluster.office.com
sender.office.com
lifecycle.office.com
afd.loki.delve.office.com
support.outlook.com
portal.office.com
*.footprintdns.com
YPPServicesSigningCertKey.office.com
gcc.loki.delve.office.com
reverseproxy.onenote.com
graph.windows.net
kvaccess.delve.office.com
config.office.com
www.silicon.help
outlook.com
www.office.com
o365auditrealtimeingestion.manage.office.com
support.office.com
kvapp.df.aesir.office.com
df.invite.teams.internal.office.com
outlook.com
prod.idsapi.loki.delve.office.com
*.footprintdns.com
cdn.forms.office.net
uci.officeapps.live.com
*.footprintdns.com
hrd.office.com
*.footprintdns.com
*.asm.skype.com
df.incubator.aesir.office.com
5702666986455040-fe2.pantheonsite.io
officeapps.live.com
*.footprintdns.com
*.wac.gbl.office.com
5702666986455040-fe2.pantheonsite.io
augloop.office.com
cachewriter.teams.microsoft.com
www.office.com
gls.itarl4.ingestion.office.com
nam1.gcs.office.com
outlook.com
graph.windows.net
o365auditrealtimeingestion.manage.office.com
cachewriter.teams.microsoft.com
forms.office.com
authsvc.teams.microsoft.com
*.config.skype.com
*.fp.measure.office.com
app.ingestion.office.com
*.config.skype.com
augloop.office.com
www.office.com
ppe.sso.eduupgrade.office.com
bookings.outlookapps.com
www.office.com
www.office.com
tr-tmc-afd.office.com
augloop.office.com
cert00010-azurecdn.akamaized.net
SPOActivityPipeSigningCertKey.office.com
chatsvcagg.teams.microsoft.com
graph.windows.net
store.office.com
delve.office.com
graph.windows.net
test.test.test.outlook.com
*.footprintdns.com
*.asm.skype.com
outlook.com
setup.office.com
*.fp.measure.office.com
pls-cacheinv.teams.microsoft.com
5702666986455040-fe2.pantheonsite.io
*.footprintdns.com
griffinb2-gru-client.office.com
outlook.com
cisurvey.office.com
support.office.com
mdsrunnermgmt.office.com
bookings.outlookapps.com
gcp.ingestion.office.com
*.domains.live.com
support.officeppe.com
portal.office.com
*.footprintdns.com
prod.invite.teams.internal.office.com
ifttt.edog.office.com
OfficeOMEXSigningCertKey.office.com
www.office.com
cortana.office.com
setup.office.com
manage.office.com
api.orginsights.viva.office.com
office365-waffle.forms.office.com
*.config.skype.com
portal.office.com
outlook.live.com
desdemona.osikevlartorus.office.com
support.office.com
*.gcscluster.office.com
sender.office.com
lifecycle.office.com
afd.loki.delve.office.com
support.outlook.com
portal.office.com
*.footprintdns.com
YPPServicesSigningCertKey.office.com
gcc.loki.delve.office.com
reverseproxy.onenote.com
graph.windows.net
kvaccess.delve.office.com
config.office.com
www.silicon.help
outlook.com
www.office.com
o365auditrealtimeingestion.manage.office.com
support.office.com
kvapp.df.aesir.office.com
df.invite.teams.internal.office.com
outlook.com
prod.idsapi.loki.delve.office.com
*.footprintdns.com
cdn.forms.office.net
uci.officeapps.live.com
*.footprintdns.com
hrd.office.com
*.footprintdns.com
Certificate
The complete raw certificate details for www.office.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIaDCCBlCgAwIBAgITMwBY/WscStOfOQkEVgAAAFj9azANBgkqhkiG9w0BAQwF ADBZMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u MSowKAYDVQQDEyFNaWNyb3NvZnQgQXp1cmUgVExTIElzc3VpbmcgQ0EgMDIwHhcN MjIwODE5MTkwNjQyWhcNMjMwODE0MTkwNjQyWjBlMQswCQYDVQQGEwJVUzELMAkG A1UECBMCV0ExEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD b3Jwb3JhdGlvbjEXMBUGA1UEAxMOd3d3Lm9mZmljZS5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQC38Q7vuiwVrkMjEipOREPTEJBdJJJOnf3d6l3p 0l+WtYqz9zpggWipXmb2/0Q+TGUgJgmypQO4cq+VOAZ6fCFiYVwBMFm4C8ME5bfJ RGEouJeodM1BhcZoTIuZs0hmvHb8vHwf6RFesQPsmjnyxGAVMrCmLqVbh19xJSrS 3H/kamUz2Q4SwcYhQ8iRtlmGolZHWTYERXkh9frX2vnjsPqOfBA+AcmXfUcGVp86 LPkXhNgx+3KrdZEL5XsxtECDK1E9GDEY5+xykmVP7PdvcfAFB3Qc9Vx4ZySe0qkp n9T7Xo2iHll99nWj4GtaZVAnTLkLpVZRisxt5hwFiBCtOifJAgMBAAGjggQbMIIE FzATBgorBgEEAdZ5AgQDAQH/BAIFADAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUF BwMCMAoGCCsGAQUFBwMBMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQBgjcVCIe91xuB 5+tGgoGdLo7QDIfw2h1dgoTlaYLzpz4CAWQCASUwga4GCCsGAQUFBwEBBIGhMIGe MG0GCCsGAQUFBzAChmFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2Nl cnRzL01pY3Jvc29mdCUyMEF6dXJlJTIwVExTJTIwSXNzdWluZyUyMENBJTIwMDIl MjAtJTIweHNpZ24uY3J0MC0GCCsGAQUFBzABhiFodHRwOi8vb25lb2NzcC5taWNy b3NvZnQuY29tL29jc3AwHQYDVR0OBBYEFBD8WxN9DUQIFSdpuDDHgd/BwCJfMA4G A1UdDwEB/wQEAwIEsDCCAZsGA1UdEQSCAZIwggGOgg9ob21lLm9mZmljZS5jb22C EGxvZ2luLm9mZmljZS5jb22CCm9mZmljZS5jb22CEXNpZ25pbi5vZmZpY2UuY29t gg53d3cub2ZmaWNlLmNvbYIUKi5wcm9kcHJ2Lm9mZmljZS5jb22CECoud3d3Lm9m ZmljZS5jb22CD3dvcmQub2ZmaWNlLmNvbYIQZXhjZWwub2ZmaWNlLmNvbYIVcG93 ZXJwb2ludC5vZmZpY2UuY29tghB2aXNpby5vZmZpY2UuY29tgg9hcHBzLm9mZmlj ZS5jb22CEXN0cmVhbS5vZmZpY2UuY29tghBmbHVpZC5vZmZpY2UuY29tghR3d3cu bWljcm9zb2Z0MzY1LmNvbYIQbWljcm9zb2Z0MzY1LmNvbYIWKi53d3cubWljcm9z b2Z0MzY1LmNvbYIRbTM2NS5nby5taWNyb3NvZnSCFG0zNjUuY2xvdWQubWljcm9z b2Z0gidvZmZpY2Vob21lLmphcGFuZWFzdC5jbG91ZGFwcC5henVyZS5jb20wDAYD VR0TAQH/BAIwADBkBgNVHR8EXTBbMFmgV6BVhlNodHRwOi8vd3d3Lm1pY3Jvc29m dC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBBenVyZSUyMFRMUyUyMElzc3Vp bmclMjBDQSUyMDAyLmNybDBmBgNVHSAEXzBdMFEGDCsGAQQBgjdMg30BATBBMD8G CCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3Mv UmVwb3NpdG9yeS5odG0wCAYGZ4EMAQICMB8GA1UdIwQYMBaAFACrkfwhYiaXmqh5 G2FBkGCpYmf9MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATANBgkqhkiG 9w0BAQwFAAOCAgEArI/T4XdDjX+WPZtF3EHo1bWywiGNX08fhIZ26riizmu5M053 G02wyPjpWkVgL44byFwHA3kx2R7Kph+lNB/su4qciYCHw7pLhSLSQ9CAvhEgBTcx 2pY+vtxSLHbinO0tuYz8fm01FWSYZXi19CktNNkHYNz9dJ26uI7t7qhkb3aHIDDt AQNXpSECQei5lONx51Arv1PiP+ZyGi3AbcWo8NQymZXvPRO8/90jtlqbQci6WoQf FcfEnGgdksyV7MA30IkrCF1LeZMWMzaFKz4JlF6glt7YhZSNzQgQ7fB/hDzFIpNw WEkhj0OWF98sH3W3ONkuo/Zndxt7pKwn59wTkCmIvHfJMvQZI8L9mo9yguTmlPw4 M5vfFkaT9kUm5myjyGJVs6hOyL7zMJj27LjwJ93vtUXSrA/sVSX++QlpCKtqvP74 6Hj5TPOCLxtoWV3rbI9HMEZ7GGhKUUxBGvm6Dmug2387k0yFLWsqmIqaAyx8DBKk fgf+HYXylQrSRB4Dji1PonKCrHPt+DpR/6EOLXg6shpVplzhiDu7n/BK7YjMcoyx Ha9IrCMhEEpJUJVbPTJwveDiHVfVHYJo7GwjZLRARxpBaP5t0DkhY/ascXzQfcew oD2t/RGws8pheENDzV7pvm5c26eDoKLH4HDAzsEfa1joDvOvX50Iji4UDGk= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/EO77osFa5DIxIqTkRD 0xCQXSSSTp393epd6dJflrWKs/c6YIFoqV5m9v9EPkxlICYJsqUDuHKvlTgGenwh YmFcATBZuAvDBOW3yURhKLiXqHTNQYXGaEyLmbNIZrx2/Lx8H+kRXrED7Jo58sRg FTKwpi6lW4dfcSUq0tx/5GplM9kOEsHGIUPIkbZZhqJWR1k2BEV5IfX619r547D6 jnwQPgHJl31HBlafOiz5F4TYMftyq3WRC+V7MbRAgytRPRgxGOfscpJlT+z3b3Hw BQd0HPVceGckntKpKZ/U+16Noh5ZffZ1o+BrWmVQJ0y5C6VWUYrMbeYcBYgQrTon yQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1137368286824183356096802730964515232874560875 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure TLS Issuing CA 02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-19 19:06:42 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-14 19:06:42 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.office.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23220480109285569869400554719368363475893155961565655387021782482142015817515029471303953436950524401956380439485003419943266193711656154771732982475509860798562606859662865437763017807788389475160173200009763879641163998173471696677967801499298522912061686505058694698244429799310803692883334572532697261310761425753725821677753753303291080280851020176261310361944257538927415960650100312099739950149774179583792463260761744505299821610167764020412539792846074775110101672729489260995349977792553396462179248353713525882555361781101632670729882713226118587268730244213196471365019308824380117877619472597681228621769 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 37 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2002%20-%20xsign.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 10fc5b137d0d4408152769b830c781dfc1c0225f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (402 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'home.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'login.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'signin.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.prodprv.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.www.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'word.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'excel.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'powerpoint.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'visio.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stream.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fluid.office.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.microsoft365.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'microsoft365.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.www.microsoft365.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm365.go.microsoft' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm365.cloud.microsoft' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'officehome.japaneast.cloudapp.azure.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2002.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 00ab91fc216226979aa8791b61419060a96267fd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (4096 bits) 00ac8fd3e177438d7f963d9b45dc41e8d5b5b2c2218d5f4f1f848676eab8a2ce6bb9334e771b4db0c8f8e95a45602f8e1bc85c07037931d91ecaa61fa5341fecbb8a9c898087c3ba4b8522d243d080be1120053731da963ebedc522c76e29ced2db98cfc7e6d351564986578b5f4292d34d90760dcfd749dbab88eedeea8646f76872030ed010357a5210241e8b994e371e7502bbf53e23fe6721a2dc06dc5a8f0d4329995ef3d13bcffdd23b65a9b41c8ba5a841f15c7c49c681d92cc95ecc037d0892b085d4b7993163336852b3e09945ea096ded885948dcd0810edf07f843cc52293705849218f439617df2c1f75b738d92ea3f667771b7ba4ac27e7dc13902988bc77c932f41923c2fd9a8f7282e4e694fc38339bdf164693f64526e66ca3c86255b3a84ec8bef33098f6ecb8f027ddefb545d2ac0fec5525fef9096908ab6abcfef8e878f94cf3822f1b68595deb6c8f4730467b18684a514c411af9ba0e6ba0db7f3b934c852d6b2a988a9a032c7c0c12a47e07fe1d85f2950ad2441e038e2d4fa27282ac73edf83a51ffa10e2d783ab21a55a65ce1883bbb9ff04aed88cc728cb11daf48ac2321104a4950955b3d3270bde0e21d57d51d8268ec6c2364b440471a4168fe6dd0392163f6ac717cd07dc7b0a03dadfd11b0b3ca61784343cd5ee9be6e5cdba783a0a2c7e070c0cec11f6b58e80ef3af5f9d088e2e140c69