esign.svc.cloud.microsoft

- Microsoft Corporation -

Issued by Microsoft Azure RSA TLS Issuing CA 07

About this certificate

This digital certificate with serial number 33:00:12:8e:d8:f1:50:ac:a3:93:45:fc:ba:00:00:00:12:8e:d8 was issued on by Microsoft Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 33:00:12:8e:d8:f1:50:ac:a3:93:45:fc:ba:00:00:00:12:8e:d8
Serial Number (int): 1137344320084472332408893963248096089801395928
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: 06:2a:d2:c0:0f:9f:56:cb:3e:fc:57:b8:9b:09:76:2e:d3:7d:cd:a5
AuthorityKeyId: ce:15:16:3b:ea:02:a3:a6:6b:da:d9:2b:fd:e5:8c:52:be:7a:50:a8

Fingerprint (sha1): 73:81:f5:e3:69:37:7f:0c:c8:ca:e1:62:ae:20:89:4d:cf:0a:ed:31
Fingerprint (sha256): 16:eb:fb:a3:17:23:16:fd:9c:0f:57:d1:cd:8d:b6:ad:2f:0f:40:c4:d9:a5:d5:cc:de:e7:01:df:80:34:11:dc

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007.crl

Check the revocation status for certificate esign.svc.cloud.microsoft

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for esign.svc.cloud.microsoft

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

12 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

esign-gateway-lb.prod.odsp-syntex-esign-gateway.southcentralus-prod.cosmic.office.net
esign.svc.cloud.microsoft

Other certificates including the domain name cloud.microsoft

(limited to 100 certificates)
odc.officeapps.live.com
portal.azure
*.reviewsetservice.ediscovery.svc.cloud.microsoft
augloop.office.com
www.office.com
*.brb.skype.cloud.microsoft
www.office.com
www.office.com
www.office.com
augloop.office.com
www.office.com
portal.azure
www.office.com
esign.svc.cloud.microsoft
msit.neu.pubsub.mb.mobile.m365.svc.cloud.microsoft
status.office.com
esign.svc.cloud.microsoft
augloop.office.com
www.office.com
msit.scus.pubsub.mb.mobile.m365.svc.cloud.microsoft
cloud.microsoft
www.office.com
auth.brb.skype.cloud.microsoft
kevlar-ssl.augloop-dogfood.officeppe.com
augloop.office.com
www.office.com
www.office.com
www.office.com
*.brb.skype.cloud.microsoft
www.office.com
officeapps.live.com
sdf.substrate.svc.cloud.microsoft
www.office.com
www.office.com
augloop.office.com
portal.azure
www.office.com
admin.cloud.microsoft
www.office.com
portal.office.com
augloop.office.com
portal.azure
www.office.com
portal.azure
community.dynamics365.com
insights.cloud.microsoft
www.office.com
catalog.mesh.cloud.microsoft
www.office.com
msit.weu.apis.mobile.m365.svc.cloud.microsoft
www.office.com
www.office.com
community.dynamics365.com
esign.svc.cloud.microsoft
www.office.com
status.cloud.microsoft
www.office.com
odc.officeapps.live.com
eduanalytics-prod.westus.cloudapp.azure.com
dogfood.augloop.svc.cloud.microsoft
portal.azure
www.office.com
*.us1.glint.cloud.microsoft
sway.office.com
*.eu1.glint.cloud.microsoft
www.office.com
viva.cloud.microsoft
esign.svc.cloud.microsoft
esign.svc.cloud.microsoft
augloop.office.com
substrate.svc.cloud.microsoft
www.office.com
kevlar-ssl.augloop.office.com
forms.cloud.microsoft
logapi.brb.teams.cloud.microsoft
*.yammer.com
www.office.com
augloop.office.com
augloop.office.com
*.graphservice.ediscovery.svc.cloud.microsoft
www.office.com
www.office.com
www.office.com
www.office.com
portal.azure
augloop.office.com
viva.cloud.microsoft
sway.office.com
augloop.office.com
www.office.com
brbportal.brb.teams.cloud.microsoft
portal.azure
substrate.svc.cloud.microsoft
hrd.svc.cloud.microsoft
augloop-dogfood.officeppe.com
www.office.com
augloop-dogfood.officeppe.com
df.learning.cloud.microsoft
www.office.com
www.office.com

Certificate

The complete raw certificate details for esign.svc.cloud.microsoft in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHYTCCBUmgAwIBAgITMwASjtjxUKyjk0X8ugAAABKO2DANBgkqhkiG9w0BAQwF
ADBdMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MS4wLAYDVQQDEyVNaWNyb3NvZnQgQXp1cmUgUlNBIFRMUyBJc3N1aW5nIENBIDA3
MB4XDTIzMTEyODE2NDExOVoXDTI0MDUyNjE2NDExOVowcDELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv
ZnQgQ29ycG9yYXRpb24xIjAgBgNVBAMTGWVzaWduLnN2Yy5jbG91ZC5taWNyb3Nv
ZnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD8spdHqntyvsOS2EJn
aPoTTwA+jApSpvAZbPwRgnyMZzqraAk3rNGSzqLIHKoKXn6hiTAT79IRDcWcf6lP
o1t7wp2bP1na3fLhKosoZcYinmlpjo5aIHZnV3RmF4j7B81pOtUC1V2I83nHZAK5
kpjJe0HIHBsiIfqwlruZ8+bsJHM/FqInd7MVnCWprySff1FRtFMFe8mWtuJjjuNJ
hBStxApZWrQmHjAXjUEqmf4/PaHV1WydP0X4GFr/SplnnCjN5+tw9Y2/mEpUQFgo
5LqkEZQtVZDn+9528lDX/WmI9DpLihM/HqbkzDgRGerVHZ9HoTvl1M5ZoLaHQgYt
OS1NAgMBAAGjggMFMIIDATATBgorBgEEAdZ5AgQDAQH/BAIFADAnBgkrBgEEAYI3
FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMDwGCSsGAQQBgjcVBwQvMC0G
JSsGAQQBgjcVCIe91xuB5+tGgoGdLo7QDIfw2h1dgqvnMIft8R8CAWQCAS0wgbQG
CCsGAQUFBwEBBIGnMIGkMHMGCCsGAQUFBzAChmdodHRwOi8vd3d3Lm1pY3Jvc29m
dC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMEF6dXJlJTIwUlNBJTIwVExT
JTIwSXNzdWluZyUyMENBJTIwMDclMjAtJTIweHNpZ24uY3J0MC0GCCsGAQUFBzAB
hiFodHRwOi8vb25lb2NzcC5taWNyb3NvZnQuY29tL29jc3AwHQYDVR0OBBYEFAYq
0sAPn1bLPvxXuJsJdi7Tfc2lMA4GA1UdDwEB/wQEAwIFoDB7BgNVHREEdDByglVl
c2lnbi1nYXRld2F5LWxiLnByb2Qub2RzcC1zeW50ZXgtZXNpZ24tZ2F0ZXdheS5z
b3V0aGNlbnRyYWx1cy1wcm9kLmNvc21pYy5vZmZpY2UubmV0ghllc2lnbi5zdmMu
Y2xvdWQubWljcm9zb2Z0MAwGA1UdEwEB/wQCMAAwagYDVR0fBGMwYTBfoF2gW4ZZ
aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIw
QXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwNy5jcmwwZgYDVR0g
BF8wXTBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5t
aWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMAgGBmeBDAEC
AjAfBgNVHSMEGDAWgBTOFRY76gKjpmva2Sv95YxSvnpQqDAdBgNVHSUEFjAUBggr
BgEFBQcDAgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEMBQADggIBAILj2mBLiEv9+oJj
JISmvrJErVcq0eLjrJTcL9VcfDjuUmWcnBgc+QnMUEfh+5mDFI8eESBeDjG4cdEN
/g7W9XC1Isa12InpMcQr+bYi+zuAuu3s7DB0Jqk8XghQa8J566/AR0sEc1K5KKuD
SIBPeUSvJrG6xhaM56ld5vVvJXwGMLq1cIu7M6m7IS96RHaE3UhSFaMdNwCPOoxr
DAsMdejwaacvUrDDGCJsRUnPFjyMc7ezS7TsPu1dBHByt+IKGmbs/btmfw0Bov+3
xwKtme3gROgAoWazu8AdHwNuRAtS5KGZljYqri3du7oO5YYrHdIe3Y0yzu5AF9ZR
VoGGmSgyXJSKSmGM1CLhuWxTNMuJgVg5/wdxic114IlfxaGZknYOX0nkiiGyy4TT
V00Vf+JflJwr/1M3cdk5BWi929fLIt3r3AIjJaXZOW/516oq8jBDlrPJ4eLqhv7E
2tBhoE/CAPnqPPQ4M+gLL2gmUjrB5SnSx8AK3qeDtbwK0ZUG3ovIAHy6FogyGvEe
YQ2wV44ljWYrl6FgP7Uz0LttGp6YYbNwx/FXM0npcoYDnJKCET16M+EWbnjNpfQ7
2wwJ0r0IzvLT0CvkUp2o1QChHB94Ek2rWAH7W2l646tjBQBT7Th1QDgtzZcLm2JV
yujMPyw6Fov5OedeZg0g3+ig32h0
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/LKXR6p7cr7DkthCZ2j6
E08APowKUqbwGWz8EYJ8jGc6q2gJN6zRks6iyByqCl5+oYkwE+/SEQ3FnH+pT6Nb
e8Kdmz9Z2t3y4SqLKGXGIp5paY6OWiB2Z1d0ZheI+wfNaTrVAtVdiPN5x2QCuZKY
yXtByBwbIiH6sJa7mfPm7CRzPxaiJ3ezFZwlqa8kn39RUbRTBXvJlrbiY47jSYQU
rcQKWVq0Jh4wF41BKpn+Pz2h1dVsnT9F+Bha/0qZZ5wozefrcPWNv5hKVEBYKOS6
pBGULVWQ5/vedvJQ1/1piPQ6S4oTPx6m5Mw4ERnq1R2fR6E75dTOWaC2h0IGLTkt
TQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137344320084472332408893963248096089801395928
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure RSA TLS Issuing CA 07'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-28 16:41:19 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-26 16:41:19 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'esign.svc.cloud.microsoft'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31900119324904695525568439102536948551937249193818494670949824916268416530717987505257059109098060497313443938456269549550067063916225993571307980022119723595978623402496409996989853014040077167196482857184166411082709338833414275331106693825653915645063827432209027501456488144613895385073913699268571920780918035280498472018018220861420815852690448513523205302796959232328024789550790669888806298804452548458298835205144996108631099310226492464441606627604653513921960662486293599896006873822284741065605294011961063550643434349250813402498129544152103922542921874745700178064480910884277680968996494887234884414797
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4912048.16480415
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 45
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (167 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							062ad2c00f9f56cb3efc57b89b09762ed37dcda5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esign-gateway-lb.prod.odsp-syntex-esign-gateway.southcentralus-prod.cosmic.office.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esign.svc.cloud.microsoft'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2007.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ce15163bea02a3a66bdad92bfde58c52be7a50a8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0082e3da604b884bfdfa82632484a6beb244ad572ad1e2e3ac94dc2fd55c7c38ee52659c9c181cf909cc5047e1fb9983148f1e11205e0e31b871d10dfe0ed6f570b522c6b5d889e931c42bf9b622fb3b80baedecec307426a93c5e08506bc279ebafc0474b047352b928ab8348804f7944af26b1bac6168ce7a95de6f56f257c0630bab5708bbb33a9bb212f7a447684dd485215a31d37008f3a8c6b0c0b0c75e8f069a72f52b0c318226c4549cf163c8c73b7b34bb4ec3eed5d047072b7e20a1a66ecfdbb667f0d01a2ffb7c702ad99ede044e800a166b3bbc01d1f036e440b52e4a19996362aae2dddbbba0ee5862b1dd21edd8d32ceee4017d6515681869928325c948a4a618cd422e1b96c5334cb89815839ff077189cd75e0895fc5a19992760e5f49e48a21b2cb84d3574d157fe25f949c2bff533771d9390568bddbd7cb22ddebdc022325a5d9396ff9d7aa2af2304396b3c9e1e2ea86fec4dad061a04fc200f9ea3cf43833e80b2f6826523ac1e529d2c7c00adea783b5bc0ad19506de8bc8007cba1688321af11e610db0578e258d662b97a1603fb533d0bb6d1a9e9861b370c7f1573349e97286039c9282113d7a33e1166e78cda5f43bdb0c09d2bd08cef2d3d02be4529da8d500a11c1f78124dab5801fb5b697ae3ab63050053ed387540382dcd970b9b6255cae8cc3f2c3a168bf939e75e660d20dfe8a0df6874