*.teach.org

- Teach.org -

Issued by MSIT Machine Auth CA 2

About this certificate

This digital certificate with serial number 3c:90:a9:f7:00:01:00:00:9e:ea was issued on byMSIT Machine Auth CA 2.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates MUST contain the Subject Alternate Name extension (BRs: 7.1.4.2.1)
  • KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: authorityInformationAccess MUST contain the HTTP URL of the Issuing CA's OSCP responder. (BRs: 7.1.2.3)
  • Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards (BRs: 7.1.2.3)
  • Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical. (BRs: 7.1.2.3)
  • The common name field in subscriber certificates must include only names from the SAN extension (BRs: 7.1.4.2.2)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
  • Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate, for public certificates this should not be an internal name (BRs: 7.1.2.10.3)

Teach.org

Organization: Teach.org
Organization unit: Teach.org
State / Province: Washington
Locality: Seattle
Country: US

MSIT Machine Auth CA 2

This certificate has expire since

Certificate Details

Serial Number (hex): 3c:90:a9:f7:00:01:00:00:9e:ea
Serial Number (int): 286010567376508840615658
Serial Number lenght: 78 bits, 10 octets

SubjectKeyId: a7:81:e8:95:bf:9a:94:fa:da:d2:98:e9:77:17:fb:47:91:1b:41:7c
AuthorityKeyId: eb:db:11:5e:f8:09:9e:d8:d6:62:9c:fd:62:9d:e3:84:4a:28:e1:27

Fingerprint (sha1): 34:06:83:f2:52:07:0d:12:e8:5c:f9:2f:dd:50:15:6e:dc:1d:28:b2
Fingerprint (sha256): 16:6c:d2:4f:8d:67:ea:4e:7d:5d:b7:4f:34:70:ce:39:4e:cb:bd:06:d8:57:bb:08:0e:51:bf:e6:24:64:20:ea

Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/MSIT%20Machine%20Auth%20CA%202(1).crt
Issuing Certificate URL: http://corppki/aia/MSIT%20Machine%20Auth%20CA%202(1).crt

Revocation information

CRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crl
CRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crl
CRL Distribution Point: http://corppki/crl/MSIT%20Machine%20Auth%20CA%202(1).crl

Check the revocation status for certificate *.teach.org

0

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.teach.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

8 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

This certificate doesn't contain any subject alternative names.

Other certificates including the domain name teach.org

(limited to 100 certificates)
amkstatus.nhn.no
5690145009303552-fe2.pantheonsite.io
amkstatus.nhn.no
teach.org
amkstatus.nhn.no
5663998322147328-fe1.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
platformsh4.map.fastly.net
5721718521856000-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5759180434571264-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
amkstatus.nhn.no
5663998322147328-fe1.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
5736232826961920-fe1.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
5759180434571264-fe2.pantheonsite.io
amkstatus.nhn.no
5663998322147328-fe1.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
amkstatus.nhn.no
amkstatus.nhn.no
5663998322147328-fe1.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5759180434571264-fe2.pantheonsite.io
5721718521856000-fe2.pantheonsite.io
dallasftworth.teach.org
5663998322147328-fe1.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5691726094139392-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
platformsh4.map.fastly.net
5759180434571264-fe2.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
amkstatus.nhn.no
5691726094139392-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
san-11-s10.tlsprovisioning.exacttarget.com
amkstatus.nhn.no
5736232826961920-fe1.pantheonsite.io
kansascity.teach.org
5754258133614592-fe3.pantheonsite.io
5736232826961920-fe1.pantheonsite.io
5754258133614592-fe3.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
san-11-s10.tlsprovisioning.exacttarget.com
5690145009303552-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5759180434571264-fe2.pantheonsite.io
5754258133614592-fe3.pantheonsite.io
5752754626625536-fe1.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
san-11-s10.tlsprovisioning.exacttarget.com
5663998322147328-fe1.pantheonsite.io
dallasftworth.teach.org
5663998322147328-fe1.pantheonsite.io
amkstatus.nhn.no
5690145009303552-fe2.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
5736232826961920-fe1.pantheonsite.io
*.teach.org
5691726094139392-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
northcarolina.teach.org
amkstatus.nhn.no
5754258133614592-fe3.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5690145009303552-fe2.pantheonsite.io
5691726094139392-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
qa.teach.org
5663998322147328-fe1.pantheonsite.io
5736232826961920-fe1.pantheonsite.io
5691726094139392-fe2.pantheonsite.io
kansascity.teach.org
5663998322147328-fe1.pantheonsite.io
api.teach.org
platformsh4.map.fastly.net
5663998322147328-fe1.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
kansascity.teach.org
5759180434571264-fe2.pantheonsite.io
5691726094139392-fe2.pantheonsite.io
amkstatus.nhn.no
5663998322147328-fe1.pantheonsite.io
platformsh4.map.fastly.net
5721718521856000-fe2.pantheonsite.io
5754258133614592-fe3.pantheonsite.io
5721718521856000-fe2.pantheonsite.io
5663998322147328-fe1.pantheonsite.io
platformsh4.map.fastly.net
amkstatus.nhn.no
platformsh4.map.fastly.net

Certificate

The complete raw certificate details for *.teach.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIKPJCp9wABAACe6jANBgkqhkiG9w0BAQUFADCBgDETMBEG
CgmSJomT8ixkARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEUMBIG
CgmSJomT8ixkARkWBGNvcnAxFzAVBgoJkiaJk/IsZAEZFgdyZWRtb25kMR8wHQYD
VQQDExZNU0lUIE1hY2hpbmUgQXV0aCBDQSAyMB4XDTEzMDkwNDE2NTExNVoXDTE1
MDkwNDE2NTExNVowgZgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u
MRAwDgYDVQQHEwdTZWF0dGxlMRIwEAYDVQQKEwlUZWFjaC5vcmcxEjAQBgNVBAsT
CVRlYWNoLm9yZzEUMBIGA1UEAwwLKi50ZWFjaC5vcmcxJDAiBgkqhkiG9w0BCQEW
FWRvbWFpbnNAbWljcm9zb2Z0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAKBEV5k7xeW5LLRjcY+SzT2CNoicWQMCNzVtHEStLxhC3jCWVcXgtzLS
bIcE5/2JLB/F+GtplZ0Ijbveg0Siked/UMtyrDLgQhz4Ni/FSYs8mnAsrrglop3o
TpFBUPBdqsfpeWa+G/BZje8cKx5PP6I4KmVcE7pg/6sxl9HdOPrLEs422/cgpTfj
1+vik7oDKd6TdESq9dobPuWpKVOPwiRTUUKigVRJ2DzPs8VZcH5+25BQiKAJsXU9
xZyqqWW9Iksrh1Mld0aTPiWaAFDrP6Jl3QVv8wIa9p6lK7fh4NGxh8GKlFcEC9y7
KklhA1oIX6yEeggNDTqtNqJWDfT91EkCAwEAAaOCAnswggJ3MB0GA1UdDgQWBBSn
geiVv5qU+trSmOl3F/tHkRtBfDAfBgNVHSMEGDAWgBTr2xFe+Ame2NZinP1ineOE
SijhJzCB7gYDVR0fBIHmMIHjMIHgoIHdoIHahk9odHRwOi8vbXNjcmwubWljcm9z
b2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NU0lUJTIwTWFjaGluZSUyMEF1dGglMjBD
QSUyMDIoMSkuY3Jshk1odHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29y
cC9jcmwvTVNJVCUyME1hY2hpbmUlMjBBdXRoJTIwQ0ElMjAyKDEpLmNybIY4aHR0
cDovL2NvcnBwa2kvY3JsL01TSVQlMjBNYWNoaW5lJTIwQXV0aCUyMENBJTIwMigx
KS5jcmwwga0GCCsGAQUFBwEBBIGgMIGdMFUGCCsGAQUFBzAChklodHRwOi8vd3d3
Lm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9NU0lUJTIwTWFjaGluZSUyMEF1dGgl
MjBDQSUyMDIoMSkuY3J0MEQGCCsGAQUFBzAChjhodHRwOi8vY29ycHBraS9haWEv
TVNJVCUyME1hY2hpbmUlMjBBdXRoJTIwQ0ElMjAyKDEpLmNydDA/BgkrBgEEAYI3
FQcEMjAwBigrBgEEAYI3FQiDz4lNrfIChaGfDIL6yn2B4ft0gU+Dwu2FCI6p0oVj
AgFkAgEKMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATALBgNVHQ8EBAMC
BLAwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAKBggrBgEFBQcDATANBgkq
hkiG9w0BAQUFAAOCAQEAKlIxAGwVOVKAKNrOrBv9uqsFnzJwaYS1AZG3RpcsYQxH
rFMfr8VBdBvLw8FliNEXN8P1w3rvG2/9GSK+E7nHUDfG8BiwdDfOoj6zcn73RYde
ODx58C+gCDvB76R+p6dyHNqIcjZYLeZ1ZdOKgsch8xZUyv3lcfHpM6LidU9LdMdN
QhA/Twr/i3MiLoSxr3ix6wWYUKScdzEx1pxwtMOG8uK12AM507c0ksEebvHwKqhk
G6boZoB136bNFjbGUy3NzhGqv9d6WlwStBoqFLJy41UsfJYem8e2aP/EFxtmqhq1
hJBObHH+EAOTlJbRG6LuXCarJUoaSzeZ63Pvrpw9Fg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoERXmTvF5bkstGNxj5LN
PYI2iJxZAwI3NW0cRK0vGELeMJZVxeC3MtJshwTn/YksH8X4a2mVnQiNu96DRKKR
539Qy3KsMuBCHPg2L8VJizyacCyuuCWinehOkUFQ8F2qx+l5Zr4b8FmN7xwrHk8/
ojgqZVwTumD/qzGX0d04+ssSzjbb9yClN+PX6+KTugMp3pN0RKr12hs+5akpU4/C
JFNRQqKBVEnYPM+zxVlwfn7bkFCIoAmxdT3FnKqpZb0iSyuHUyV3RpM+JZoAUOs/
omXdBW/zAhr2nqUrt+Hg0bGHwYqUVwQL3LsqSWEDWghfrIR6CA0NOq02olYN9P3U
SQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 286010567376508840615658
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'microsoft'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'corp'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MSIT Machine Auth CA 2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-09-04 16:51:15 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-09-04 16:51:15 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Seattle'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Teach.org'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Teach.org'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.teach.org'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20231829580513449708887112569982382153197857836463469562607114920671870245607193664445330622716898080321621209791670744894683731080478461671776753907700337078473215681394287702329027819289522545668945507099609415532980962227734591812170702247710027563907430670247520753277748420689434356048040590198854801647806490058272941072906456196483661189282448328343670399548881180635722043785110684591978704994743632007956038400031594325093901607155774804251483842903775483544416272501417324052869732293332353324934065582678999276062997125699247535713954462429466214750208265578529311203661376758405856683539943748061859009609
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a781e895bf9a94fadad298e97717fb47911b417c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebdb115ef8099ed8d6629cfd629de3844a28e127
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (230 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://corppki/crl/MSIT%20Machine%20Auth%20CA%202(1).crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (160 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/MSIT%20Machine%20Auth%20CA%202(1).crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://corppki/aia/MSIT%20Machine%20Auth%20CA%202(1).crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER asn1: structure error: base 128 integer too large
1.3.6.1.4.1.311.21.8.7587021.751874.11030412.6202749.3702260.207.945504904.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 10
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002a5231006c1539528028daceac1bfdbaab059f32706984b50191b746972c610c47ac531fafc541741bcbc3c16588d11737c3f5c37aef1b6ffd1922be13b9c75037c6f018b07437cea23eb3727ef745875e383c79f02fa0083bc1efa47ea7a7721cda887236582de67565d38a82c721f31654cafde571f1e933a2e2754f4b74c74d42103f4f0aff8b73222e84b1af78b1eb059850a49c773131d69c70b4c386f2e2b5d80339d3b73492c11e6ef1f02aa8641ba6e8668075dfa6cd1636c6532dcdce11aabfd77a5a5c12b41a2a14b272e3552c7c961e9bc7b668ffc4171b66aa1ab584904e6c71fe1003939496d11ba2ee5c26ab254a1a4b3799eb73efae9c3d16