esign.svc.cloud.microsoft

- Microsoft Corporation -

Issued by Microsoft Azure TLS Issuing CA 05

About this certificate

This digital certificate with serial number 33:00:d6:23:7f:89:5b:53:ee:d6:7e:8a:82:00:00:00:d6:23:7f was issued on by Microsoft Corporation.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 33:00:d6:23:7f:89:5b:53:ee:d6:7e:8a:82:00:00:00:d6:23:7f
Serial Number (int): 1137410872736770340409963612368028328187536255
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: 04:77:51:41:92:f7:b4:48:b1:ec:be:c7:ee:5d:9e:a2:4d:15:f3:42
AuthorityKeyId: c7:b2:9c:7f:1c:e3:b8:5a:ef:e9:68:1a:a8:5d:94:c1:26:52:6a:68

Fingerprint (sha1): ee:f0:27:f0:61:a3:59:19:4b:55:35:13:75:8c:70:6a:f5:55:0a:e2
Fingerprint (sha256): 21:38:ee:db:43:56:ae:a1:05:31:79:ef:0b:67:b2:46:16:19:10:7e:3d:5f:c7:20:5c:2c:b9:96:51:00:3a:fd

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2005%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2005.crl

Check the revocation status for certificate esign.svc.cloud.microsoft

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for esign.svc.cloud.microsoft

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

12 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

esign-gateway-lb.prod.odsp-syntex-esign-gateway.japaneast-prod.cosmic.office.net
esign.svc.cloud.microsoft

Other certificates including the domain name cloud.microsoft

(limited to 100 certificates)
odc.officeapps.live.com
portal.azure
*.reviewsetservice.ediscovery.svc.cloud.microsoft
augloop.office.com
www.office.com
*.brb.skype.cloud.microsoft
www.office.com
www.office.com
www.office.com
augloop.office.com
www.office.com
portal.azure
www.office.com
esign.svc.cloud.microsoft
msit.neu.pubsub.mb.mobile.m365.svc.cloud.microsoft
status.office.com
esign.svc.cloud.microsoft
augloop.office.com
www.office.com
msit.scus.pubsub.mb.mobile.m365.svc.cloud.microsoft
cloud.microsoft
www.office.com
auth.brb.skype.cloud.microsoft
kevlar-ssl.augloop-dogfood.officeppe.com
augloop.office.com
www.office.com
www.office.com
www.office.com
*.brb.skype.cloud.microsoft
www.office.com
officeapps.live.com
sdf.substrate.svc.cloud.microsoft
www.office.com
www.office.com
augloop.office.com
portal.azure
www.office.com
admin.cloud.microsoft
www.office.com
portal.office.com
augloop.office.com
portal.azure
www.office.com
portal.azure
community.dynamics365.com
insights.cloud.microsoft
www.office.com
catalog.mesh.cloud.microsoft
www.office.com
msit.weu.apis.mobile.m365.svc.cloud.microsoft
www.office.com
www.office.com
community.dynamics365.com
esign.svc.cloud.microsoft
www.office.com
status.cloud.microsoft
www.office.com
odc.officeapps.live.com
eduanalytics-prod.westus.cloudapp.azure.com
dogfood.augloop.svc.cloud.microsoft
portal.azure
www.office.com
*.us1.glint.cloud.microsoft
sway.office.com
*.eu1.glint.cloud.microsoft
www.office.com
viva.cloud.microsoft
esign.svc.cloud.microsoft
esign.svc.cloud.microsoft
augloop.office.com
substrate.svc.cloud.microsoft
www.office.com
kevlar-ssl.augloop.office.com
forms.cloud.microsoft
logapi.brb.teams.cloud.microsoft
*.yammer.com
www.office.com
augloop.office.com
augloop.office.com
*.graphservice.ediscovery.svc.cloud.microsoft
www.office.com
www.office.com
www.office.com
www.office.com
portal.azure
augloop.office.com
viva.cloud.microsoft
sway.office.com
augloop.office.com
www.office.com
brbportal.brb.teams.cloud.microsoft
portal.azure
substrate.svc.cloud.microsoft
hrd.svc.cloud.microsoft
augloop-dogfood.officeppe.com
www.office.com
augloop-dogfood.officeppe.com
df.learning.cloud.microsoft
www.office.com
www.office.com

Certificate

The complete raw certificate details for esign.svc.cloud.microsoft in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHTDCCBTSgAwIBAgITMwDWI3+JW1Pu1n6KggAAANYjfzANBgkqhkiG9w0BAQwF
ADBZMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MSowKAYDVQQDEyFNaWNyb3NvZnQgQXp1cmUgVExTIElzc3VpbmcgQ0EgMDUwHhcN
MjMwOTE4MTAwMDMzWhcNMjQwMzE2MTAwMDMzWjBwMQswCQYDVQQGEwJVUzELMAkG
A1UECBMCV0ExEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD
b3Jwb3JhdGlvbjEiMCAGA1UEAxMZZXNpZ24uc3ZjLmNsb3VkLm1pY3Jvc29mdDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKb3PkXN3+GExQobXCKhrvaH
ynaf+W/GLIMBKpbKjf1XrSAHeOajWrSWrx3sVqisF5S1WKJScZWC9U9SxwECEk7o
b7tP9gmyx7Q6Zc5FR5KlZy4FKGD/MggEOnEABHnicdNyYp/jZD0OKbEbieTlEzZ2
Bijw6J9f3zuObb7VhhLb2ZDjP0tFGBPmI9LcwgtX0L+Hr7Omu+/JJT0/OpK0R5bQ
A6z42qr3/jRKlPEfaq97MndjrYmQ+9y7xmOCXI3z+vw4bnKMMuwxEpFhKTjMGHzb
3l2+DaKiKwjJW0FuVs34qIafmhgULL8TquHlTSN0Ubdk+dUseBeFrcOd6NjCXVEC
AwEAAaOCAvQwggLwMBMGCisGAQQB1nkCBAMBAf8EAgUAMCcGCSsGAQQBgjcVCgQa
MBgwCgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYB
BAGCNxUIh73XG4Hn60aCgZ0ujtAMh/DaHV2Cq+cwh+3xHwIBZAIBLTCBrgYIKwYB
BQUHAQEEgaEwgZ4wbQYIKwYBBQUHMAKGYWh0dHA6Ly93d3cubWljcm9zb2Z0LmNv
bS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwQXp1cmUlMjBUTFMlMjBJc3N1aW5n
JTIwQ0ElMjAwNSUyMC0lMjB4c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9v
bmVvY3NwLm1pY3Jvc29mdC5jb20vb2NzcDAdBgNVHQ4EFgQUBHdRQZL3tEix7L7H
7l2eok0V80IwDgYDVR0PAQH/BAQDAgWgMHYGA1UdEQRvMG2CUGVzaWduLWdhdGV3
YXktbGIucHJvZC5vZHNwLXN5bnRleC1lc2lnbi1nYXRld2F5LmphcGFuZWFzdC1w
cm9kLmNvc21pYy5vZmZpY2UubmV0ghllc2lnbi5zdmMuY2xvdWQubWljcm9zb2Z0
MAwGA1UdEwEB/wQCMAAwZAYDVR0fBF0wWzBZoFegVYZTaHR0cDovL3d3dy5taWNy
b3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwQXp1cmUlMjBUTFMlMjBJ
c3N1aW5nJTIwQ0ElMjAwNS5jcmwwZgYDVR0gBF8wXTBRBgwrBgEEAYI3TIN9AQEw
QTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9E
b2NzL1JlcG9zaXRvcnkuaHRtMAgGBmeBDAECAjAfBgNVHSMEGDAWgBTHspx/HOO4
Wu/paBqoXZTBJlJqaDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDQYJ
KoZIhvcNAQEMBQADggIBAIDXJWPBIRv13H5wgEWDk68x5txEbJB6mbWxwU1Bls/s
FnPHOvrVOfptuy2GdHJRmgaq1o0k9ogDEPrG3/zEEBisA7VpMnM9q+pJC4/yuMz8
cyCkaHnwj1oD2UkLYKzX9eOl66pQIR2J9lEXvD+6EX9mc3OiQo31/VJ7UFu78jd0
b/6kLOqeTHw5E+3s4/6rYfuCHy8JrPIqOeTvo4DomMA+WS2z4V+T0VYEszSFrcWl
/UHv4Ew3C7nV+MeJDufEN09WS/FRRDNycgsyGQzKfObm86MXH7/BV30hdgKT6JCQ
KTEUqP6THHREXQ1c7InsXv01KwKGxrrFx7GO2ZK7/fcizMvATCr0+8HWyAemMBuy
4P4tdQZIstw/4AAK+X/PJJ3XG02USV9OtAesIrWelV1fxchJWPYhmsSrppFWNhxB
MEUzZjIKjmlafUU2sNDEY1Rwip6o55KSUqpVVp1SmUt5QmMqxdN0H/g2kP2a0d00
qUf9LlQdIEovxfVZMq6YLNHxoWpkQP4ixx9VEzJbjxJ+jKfR6J4T5oHDo8m/GEyu
VAkbQ+511yP8gY7XywCI0ISCJf3n+0krWmreFbK2XzUU5sKWkYXVdaSp5NuuM2Lk
0OgIHY+Xoiu7I5Gdgom/0ZgriZeYZBUImXyku8y6NFWSevMPB9FaVRsz0OpPRZh9
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvc+Rc3f4YTFChtcIqGu
9ofKdp/5b8YsgwEqlsqN/VetIAd45qNatJavHexWqKwXlLVYolJxlYL1T1LHAQIS
Tuhvu0/2CbLHtDplzkVHkqVnLgUoYP8yCAQ6cQAEeeJx03Jin+NkPQ4psRuJ5OUT
NnYGKPDon1/fO45tvtWGEtvZkOM/S0UYE+Yj0tzCC1fQv4evs6a778klPT86krRH
ltADrPjaqvf+NEqU8R9qr3syd2OtiZD73LvGY4JcjfP6/Dhucowy7DESkWEpOMwY
fNveXb4NoqIrCMlbQW5Wzfiohp+aGBQsvxOq4eVNI3RRt2T51Sx4F4Wtw53o2MJd
UQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137410872736770340409963612368028328187536255
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure TLS Issuing CA 05'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-18 10:00:33 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-16 10:00:33 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'esign.svc.cloud.microsoft'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21077478816264143907474505395600255681140659666983619366234971494366747153403590284436491335090421336266845983389218946515452612494629196130085743761138182906967842819412485437816683993193814670149854240213985488068179518255635863508246646235362129668693618096943400152904670780850163927519498246939594703617767637117762251117339674682971440376063076853806617873783991605788154390892727301399321201659455814682840906852056404262390975208872083216589467521253726846884466408628120064092919796214411043451177748780285955948900101453561021497736137276428033772329081945401409280975570882520338698757798479536673989483857
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4912048.16480415
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 45
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2005%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0477514192f7b448b1ecbec7ee5d9ea24d15f342
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (111 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esign-gateway-lb.prod.odsp-syntex-esign-gateway.japaneast-prod.cosmic.office.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esign.svc.cloud.microsoft'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2005.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c7b29c7f1ce3b85aefe9681aa85d94c126526a68
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		0080d72563c1211bf5dc7e7080458393af31e6dc446c907a99b5b1c14d4196cfec1673c73afad539fa6dbb2d867472519a06aad68d24f6880310fac6dffcc41018ac03b56932733dabea490b8ff2b8ccfc7320a46879f08f5a03d9490b60acd7f5e3a5ebaa50211d89f65117bc3fba117f667373a2428df5fd527b505bbbf237746ffea42cea9e4c7c3913edece3feab61fb821f2f09acf22a39e4efa380e898c03e592db3e15f93d15604b33485adc5a5fd41efe04c370bb9d5f8c7890ee7c4374f564bf151443372720b32190cca7ce6e6f3a3171fbfc1577d21760293e89090293114a8fe931c74445d0d5cec89ec5efd352b0286c6bac5c7b18ed992bbfdf722cccbc04c2af4fbc1d6c807a6301bb2e0fe2d750648b2dc3fe0000af97fcf249dd71b4d94495f4eb407ac22b59e955d5fc5c84958f6219ac4aba69156361c4130453366320a8e695a7d4536b0d0c46354708a9ea8e7929252aa55569d52994b7942632ac5d3741ff83690fd9ad1dd34a947fd2e541d204a2fc5f55932ae982cd1f1a16a6440fe22c71f5513325b8f127e8ca7d1e89e13e681c3a3c9bf184cae54091b43ee75d723fc818ed7cb0088d0848225fde7fb492b5a6ade15b2b65f3514e6c2969185d575a4a9e4dbae3362e4d0e8081d8f97a22bbb23919d8289bfd1982b899798641508997ca4bbccba3455927af30f07d15a551b33d0ea4f45987d