images.partner.windowsphone.com
Issued by MSIT Machine Auth CA 2
About this certificate
This digital certificate with serial number 6b:60:22:76:00:01:00:00:51:7c was issued on byMSIT Machine Auth CA 2.
With 41 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
- Subscriber Certificate: authorityInformationAccess MUST contain the HTTP URL of the Issuing CA's OSCP responder. (BRs: 7.1.2.3)
- Subscriber certificates must contain at least one policy identifier that indicates adherence to CAB standards (BRs: 7.1.2.3)
- Subscriber Certificate: certificatePolicies MUST be present and SHOULD NOT be marked critical. (BRs: 7.1.2.3)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
- Subscriber certificates authorityInformationAccess extension should contain the HTTP URL of the issuing CA’s certificate, for public certificates this should not be an internal name (BRs: 7.1.2.10.3)
Certificate Subject
CN=images.partner.windowsphone.com
MSIT Machine Auth CA 2
This certificate has expire since
Certificate Details
Serial Number (hex): 6b:60:22:76:00:01:00:00:51:7cSerial Number (int): 507066584270376991215996
Serial Number lenght: 79 bits, 10 octets
SubjectKeyId: 61:74:9c:23:45:34:3f:c4:e8:c1:b1:42:18:41:73:c3:1b:2a:3d:ad
AuthorityKeyId: eb:db:11:5e:f8:09:9e:d8:d6:62:9c:fd:62:9d:e3:84:4a:28:e1:27
Fingerprint (sha1): 62:fd:36:41:ec:75:47:29:b7:01:f5:b5:b8:20:20:01:1d:38:7c:ea
Fingerprint (sha256): 2a:6d:1d:93:5c:b5:d8:77:ac:35:09:12:24:a1:bb:6a:5b:a2:a8:45:8f:8c:98:6c:9e:e6:00:ca:38:35:0c:af
Issuing Certificate URL: http://www.microsoft.com/pki/mscorp/MSIT%20Machine%20Auth%20CA%202(1).crt
Issuing Certificate URL: http://corppki/aia/MSIT%20Machine%20Auth%20CA%202(1).crt
Revocation information
CRL Distribution Point: http://mscrl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crlCRL Distribution Point: http://crl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crl
CRL Distribution Point: http://corppki/crl/MSIT%20Machine%20Auth%20CA%202(1).crl
Check the revocation status for certificate images.partner.windowsphone.com
41
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for images.partner.windowsphone.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Data Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.microsoft.com
*.msn-int.com
*.msn.com
*.live-int.com
*.windowsphone-int.com
*.windowsphone.com
*.cmsresources.windowsphone-int.com
*.marketplace.windowsmobile-int.com
*.wlxrs-int.com
*.shared.live-int.com
*.shared.live.com
*.wlxrs.com
*.cdn.office.net
*.ads2.msads.net
*.aspnetcdn.com
*.c3scs.jp.msn.com
*.cmsresources.windowsphone.com
*.f1ds.shared.live-int.com
*.f1ds.wlxrs-int.com
*.jp.msn.com
*.live-int.net
*.live.com
*.live.net
*.manage.microsoft.com
*.marketplace.windowsmobile-perf.com
*.marketplace.windowsmobile.com
*.microsoft-sbs-domains.com
*.msads.net
*.partner-df.windowsphone-int.com
*.partners.msn.com
*.s-msn.com
*.st.s-msn.com
*.stb.s-msn.com
*.stc.s-msn.com
*.stj.s-msn.com
*.wlxrsu-int.com
images.partner.windowsphone-int.com
images.partner.windowsphone.com
*.dev.skype.com
*.ucwa.lync.com
*.vo.msecnd.net
*.msn-int.com
*.msn.com
*.live-int.com
*.windowsphone-int.com
*.windowsphone.com
*.cmsresources.windowsphone-int.com
*.marketplace.windowsmobile-int.com
*.wlxrs-int.com
*.shared.live-int.com
*.shared.live.com
*.wlxrs.com
*.cdn.office.net
*.ads2.msads.net
*.aspnetcdn.com
*.c3scs.jp.msn.com
*.cmsresources.windowsphone.com
*.f1ds.shared.live-int.com
*.f1ds.wlxrs-int.com
*.jp.msn.com
*.live-int.net
*.live.com
*.live.net
*.manage.microsoft.com
*.marketplace.windowsmobile-perf.com
*.marketplace.windowsmobile.com
*.microsoft-sbs-domains.com
*.msads.net
*.partner-df.windowsphone-int.com
*.partners.msn.com
*.s-msn.com
*.st.s-msn.com
*.stb.s-msn.com
*.stc.s-msn.com
*.stj.s-msn.com
*.wlxrsu-int.com
images.partner.windowsphone-int.com
images.partner.windowsphone.com
*.dev.skype.com
*.ucwa.lync.com
*.vo.msecnd.net
Other certificates including the domain name windowsphone.com
(limited to 100 certificates)
dgrepv2-frontend-ppe.trafficmanager.net
accesscontrol.windowsphone.com
images.partner.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.vo.msecnd.net
www.windowsphone.com
www.windowsphone.com
*.vo.msecnd.net
dgrepv2-frontend-prod.trafficmanager.net
*.vo.msecnd.net
*.windowsphone.com
workflowservice.dps.mp.microsoft.com
workflowservice.dps.mp.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
dcpservice.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
storemanagement.microsoft.com
devx.windows.com
dgrepv2-frontend-ppe.trafficmanager.net
assets.windowsphone.com
*.vo.msecnd.net
*.windowsphone.com
storemanagement.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
workflowservice.dps.mp.microsoft.com
*.vo.msecnd.net
simpleuserdeviceservice.windowsphone.com
api.windowsphone.com
www.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.windowsphone.com
*.windowsphone.com
nextrealms.windowsphone.com
workflowservice.dps.mp.microsoft.com
dcs-client.windowsphone.com
workflowservice.dps.mp.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
www.windowsphone.com
discoveryservice.windowsphone.com
discoveryservice.windowsphone.com
*.scm.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.windowsphone.com
manualreview.dps.mp.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
*.scm.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.vo.msecnd.net
workflowservice.dps.mp.microsoft.com
*.vo.msecnd.net
dgrepv2-frontend-ppe.trafficmanager.net
dgrepv2-frontend-prod.trafficmanager.net
dgrepv2-frontend-ppe.trafficmanager.net
workflowservice.dps.mp.microsoft.com
workflowservice.dps.mp.microsoft.com
workflowservice.dps.mp.microsoft.com
mockpreview.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.scm.windowsphone.com
*.vo.msecnd.net
workflowservice.dps.mp.microsoft.com
workflowservice.dps.mp.microsoft.com
devicecertificateservice.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
dgrepv2-frontend-ppe.trafficmanager.net
*.moservices.microsoft.com
ProdGemini.windowsphone.com
*.vo.msecnd.net
workflowservice.dps.mp.microsoft.com
dcpservice.windowsphone.com
workflowservice.dps.mp.microsoft.com
*.vo.msecnd.net
*.vo.msecnd.net
*.vo.msecnd.net
workflowservice.dps.mp.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
preview.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
dgrepv2-frontend-ppe.trafficmanager.net
oaspcontent.microsoft.com
feedback.msdn.microsoft.com
loc.cmspreview.windowsphone.com
workflowservice.dps.mp.microsoft.com
dev.windows.com
www.windowsphone.com
oaspcontent.microsoft.com
*.windowsphone.com
wifiservice.windowsphone.com
oas.support.microsoft.com
beta.windowsphone.com
*.vo.msecnd.net
*.windowsphone.com
workflowservice.dps.mp.microsoft.com
*.vo.msecnd.net
dgrepv2-frontend-ppe.trafficmanager.net
manualreview.dps.mp.microsoft.com
manualreview.dps.mp.microsoft.com
www.windowsphone.com
workflowservice.dps.mp.microsoft.com
partner.windowsphone.com
accesscontrol.windowsphone.com
images.partner.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.vo.msecnd.net
www.windowsphone.com
www.windowsphone.com
*.vo.msecnd.net
dgrepv2-frontend-prod.trafficmanager.net
*.vo.msecnd.net
*.windowsphone.com
workflowservice.dps.mp.microsoft.com
workflowservice.dps.mp.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
dcpservice.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
storemanagement.microsoft.com
devx.windows.com
dgrepv2-frontend-ppe.trafficmanager.net
assets.windowsphone.com
*.vo.msecnd.net
*.windowsphone.com
storemanagement.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
workflowservice.dps.mp.microsoft.com
*.vo.msecnd.net
simpleuserdeviceservice.windowsphone.com
api.windowsphone.com
www.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.windowsphone.com
*.windowsphone.com
nextrealms.windowsphone.com
workflowservice.dps.mp.microsoft.com
dcs-client.windowsphone.com
workflowservice.dps.mp.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
www.windowsphone.com
discoveryservice.windowsphone.com
discoveryservice.windowsphone.com
*.scm.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.windowsphone.com
manualreview.dps.mp.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
*.scm.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.vo.msecnd.net
workflowservice.dps.mp.microsoft.com
*.vo.msecnd.net
dgrepv2-frontend-ppe.trafficmanager.net
dgrepv2-frontend-prod.trafficmanager.net
dgrepv2-frontend-ppe.trafficmanager.net
workflowservice.dps.mp.microsoft.com
workflowservice.dps.mp.microsoft.com
workflowservice.dps.mp.microsoft.com
mockpreview.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
*.scm.windowsphone.com
*.vo.msecnd.net
workflowservice.dps.mp.microsoft.com
workflowservice.dps.mp.microsoft.com
devicecertificateservice.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
dgrepv2-frontend-ppe.trafficmanager.net
*.moservices.microsoft.com
ProdGemini.windowsphone.com
*.vo.msecnd.net
workflowservice.dps.mp.microsoft.com
dcpservice.windowsphone.com
workflowservice.dps.mp.microsoft.com
*.vo.msecnd.net
*.vo.msecnd.net
*.vo.msecnd.net
workflowservice.dps.mp.microsoft.com
dgrepv2-frontend-ppe.trafficmanager.net
preview.windowsphone.com
dgrepv2-frontend-ppe.trafficmanager.net
dgrepv2-frontend-ppe.trafficmanager.net
oaspcontent.microsoft.com
feedback.msdn.microsoft.com
loc.cmspreview.windowsphone.com
workflowservice.dps.mp.microsoft.com
dev.windows.com
www.windowsphone.com
oaspcontent.microsoft.com
*.windowsphone.com
wifiservice.windowsphone.com
oas.support.microsoft.com
beta.windowsphone.com
*.vo.msecnd.net
*.windowsphone.com
workflowservice.dps.mp.microsoft.com
*.vo.msecnd.net
dgrepv2-frontend-ppe.trafficmanager.net
manualreview.dps.mp.microsoft.com
manualreview.dps.mp.microsoft.com
www.windowsphone.com
workflowservice.dps.mp.microsoft.com
partner.windowsphone.com
Certificate
The complete raw certificate details for images.partner.windowsphone.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJIzCCCAugAwIBAgIKa2AidgABAABRfDANBgkqhkiG9w0BAQUFADCBgDETMBEG CgmSJomT8ixkARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEUMBIG CgmSJomT8ixkARkWBGNvcnAxFzAVBgoJkiaJk/IsZAEZFgdyZWRtb25kMR8wHQYD VQQDExZNU0lUIE1hY2hpbmUgQXV0aCBDQSAyMB4XDTEzMDMyMTIwMTAxOFoXDTE1 MDMyMTIwMTAxOFowKjEoMCYGA1UEAxMfaW1hZ2VzLnBhcnRuZXIud2luZG93c3Bo b25lLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOhcGaGgkbTl bm3bH0FISDofdrNSFPLBvD7TNfIxHsOAL/W6t9ljX/rWOulXbWXD9oEWoOD8cK1d llkUHJuaCxTsXrBHnkvQkplV914bKFHW2UTcKgnGESeuYmMZA4K4oHALyAO8EsXj fXKnTjC8dk+ilS9NNG/ulg0qE4xsVRqqEa0b9OLDm+/9pJYgEIDf6tR5hSqUacrn v+yqqr2QMU8YaxC3wGT3riWYt3i9nWoRs6oL/rok4sD+Z7hS3FyI2quy3c2p3sq5 rtGxalxNtxqWK4tL37IC7DbGVUiXIefmsODChAUaSrmC45PsdL93h51Mzjbojj29 0zyva8N5/aUCAwEAAaOCBfIwggXuMB0GA1UdDgQWBBRhdJwjRTQ/xOjBsUIYQXPD Gyo9rTALBgNVHQ8EBAMCBLAwHwYDVR0jBBgwFoAU69sRXvgJntjWYpz9Yp3jhEoo 4Scwge4GA1UdHwSB5jCB4zCB4KCB3aCB2oZPaHR0cDovL21zY3JsLm1pY3Jvc29m dC5jb20vcGtpL21zY29ycC9jcmwvTVNJVCUyME1hY2hpbmUlMjBBdXRoJTIwQ0El MjAyKDEpLmNybIZNaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAv Y3JsL01TSVQlMjBNYWNoaW5lJTIwQXV0aCUyMENBJTIwMigxKS5jcmyGOGh0dHA6 Ly9jb3JwcGtpL2NybC9NU0lUJTIwTWFjaGluZSUyMEF1dGglMjBDQSUyMDIoMSku Y3JsMIGtBggrBgEFBQcBAQSBoDCBnTBVBggrBgEFBQcwAoZJaHR0cDovL3d3dy5t aWNyb3NvZnQuY29tL3BraS9tc2NvcnAvTVNJVCUyME1hY2hpbmUlMjBBdXRoJTIw Q0ElMjAyKDEpLmNydDBEBggrBgEFBQcwAoY4aHR0cDovL2NvcnBwa2kvYWlhL01T SVQlMjBNYWNoaW5lJTIwQXV0aCUyMENBJTIwMigxKS5jcnQwPwYJKwYBBAGCNxUH BDIwMAYoKwYBBAGCNxUIg8+JTa3yAoWhnwyC+sp9geH7dIFPg8LthQiOqdKFYwIB ZAIBCjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwJwYJKwYBBAGCNxUK BBowGDAKBggrBgEFBQcDAjAKBggrBgEFBQcDATCCA3MGA1UdEQSCA2owggNmgg8q Lm1pY3Jvc29mdC5jb22CDSoubXNuLWludC5jb22CCSoubXNuLmNvbYIOKi5saXZl LWludC5jb22CFioud2luZG93c3Bob25lLWludC5jb22CEioud2luZG93c3Bob25l LmNvbYIjKi5jbXNyZXNvdXJjZXMud2luZG93c3Bob25lLWludC5jb22CIyoubWFy a2V0cGxhY2Uud2luZG93c21vYmlsZS1pbnQuY29tgg8qLndseHJzLWludC5jb22C FSouc2hhcmVkLmxpdmUtaW50LmNvbYIRKi5zaGFyZWQubGl2ZS5jb22CCyoud2x4 cnMuY29tghAqLmNkbi5vZmZpY2UubmV0ghAqLmFkczIubXNhZHMubmV0gg8qLmFz cG5ldGNkbi5jb22CEiouYzNzY3MuanAubXNuLmNvbYIfKi5jbXNyZXNvdXJjZXMu d2luZG93c3Bob25lLmNvbYIaKi5mMWRzLnNoYXJlZC5saXZlLWludC5jb22CFCou ZjFkcy53bHhycy1pbnQuY29tggwqLmpwLm1zbi5jb22CDioubGl2ZS1pbnQubmV0 ggoqLmxpdmUuY29tggoqLmxpdmUubmV0ghYqLm1hbmFnZS5taWNyb3NvZnQuY29t giQqLm1hcmtldHBsYWNlLndpbmRvd3Ntb2JpbGUtcGVyZi5jb22CHyoubWFya2V0 cGxhY2Uud2luZG93c21vYmlsZS5jb22CGyoubWljcm9zb2Z0LXNicy1kb21haW5z LmNvbYILKi5tc2Fkcy5uZXSCISoucGFydG5lci1kZi53aW5kb3dzcGhvbmUtaW50 LmNvbYISKi5wYXJ0bmVycy5tc24uY29tggsqLnMtbXNuLmNvbYIOKi5zdC5zLW1z bi5jb22CDyouc3RiLnMtbXNuLmNvbYIPKi5zdGMucy1tc24uY29tgg8qLnN0ai5z LW1zbi5jb22CECoud2x4cnN1LWludC5jb22CI2ltYWdlcy5wYXJ0bmVyLndpbmRv d3NwaG9uZS1pbnQuY29tgh9pbWFnZXMucGFydG5lci53aW5kb3dzcGhvbmUuY29t gg8qLmRldi5za3lwZS5jb22CDyoudWN3YS5seW5jLmNvbYIPKi52by5tc2VjbmQu bmV0MA0GCSqGSIb3DQEBBQUAA4IBAQBbZw11YnegSVFNBgW42OOui71yp1ikK2Ik +YD4MiED50bdjvh8LVA2M+V2WorMIV0oyR2a8PxLwZvNGlnSA4RzevZKl3dV1NJK dozP6yLsmLw3FOTEWlu+Sbl4Cv/SI7BTjqm30WgFQpTWNHRJbh26ung1aQpmKO1q 19gIaM+T2Ikh5dFZnfPl3BUhtlVM+T65AP245sj9rRTk5oK65DlG6dndXbTh+JDM 38usxssmeBo9BeQ613NLFFIsqgixRK9AaICLoStBJcIhbVc+PMylGsjWAwBLtjl0 ZGC9NHzgf9j2HUMFq5SOcpuYhXpW0R8q+ulhVi2BQzoJ8s60unc2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FwZoaCRtOVubdsfQUhI Oh92s1IU8sG8PtM18jEew4Av9bq32WNf+tY66VdtZcP2gRag4PxwrV2WWRQcm5oL FOxesEeeS9CSmVX3XhsoUdbZRNwqCcYRJ65iYxkDgrigcAvIA7wSxeN9cqdOMLx2 T6KVL000b+6WDSoTjGxVGqoRrRv04sOb7/2kliAQgN/q1HmFKpRpyue/7KqqvZAx TxhrELfAZPeuJZi3eL2dahGzqgv+uiTiwP5nuFLcXIjaq7Ldzaneyrmu0bFqXE23 GpYri0vfsgLsNsZVSJch5+aw4MKEBRpKuYLjk+x0v3eHnUzONuiOPb3TPK9rw3n9 pQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 507066584270376991215996 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'microsoft' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'corp' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 0.9.2342.19200300.100.1.25 (domainComponent) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'redmond' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'MSIT Machine Auth CA 2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-03-21 20:10:18 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-03-21 20:10:18 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'images.partner.windowsphone.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29332703015210608404772186355035374203639297339417153442106356769156549377278766565706681583937326988001934040763263601694823451655061911527793906469489851376969268408863651653026213026129859103317740119292648918568171556501242747587579736421647138957555398298435030966527823492435708612163971180181021830791154527449186673576529785382416747327651713528296078709739202502601486217258586858411140872374961668892118602441430217834999092991250771864267567031167397185268313768614374805005007766261287377592562330815363777168360137830009552668311520785261342036839319439415347447012185572404441506416222172837618470485413 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 61749c2345343fc4e8c1b142184173c31b2a3dad . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits) 04b0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName ebdb115ef8099ed8d6629cfd629de3844a28e127 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (230 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://mscrl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.microsoft.com/pki/mscorp/crl/MSIT%20Machine%20Auth%20CA%202(1).crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://corppki/crl/MSIT%20Machine%20Auth%20CA%202(1).crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (160 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pki/mscorp/MSIT%20Machine%20Auth%20CA%202(1).crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://corppki/aia/MSIT%20Machine%20Auth%20CA%202(1).crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER asn1: structure error: base 128 integer too large 1.3.6.1.4.1.311.21.8.7587021.751874.11030412.6202749.3702260.207.945504904.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 10 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (874 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.microsoft.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.live-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.windowsphone-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.windowsphone.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cmsresources.windowsphone-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.marketplace.windowsmobile-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wlxrs-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shared.live-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.shared.live.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wlxrs.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cdn.office.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ads2.msads.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aspnetcdn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.c3scs.jp.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cmsresources.windowsphone.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.f1ds.shared.live-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.f1ds.wlxrs-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.jp.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.live-int.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.live.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.live.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.manage.microsoft.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.marketplace.windowsmobile-perf.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.marketplace.windowsmobile.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.microsoft-sbs-domains.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.msads.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.partner-df.windowsphone-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.partners.msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.s-msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.st.s-msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stb.s-msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stc.s-msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stj.s-msn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wlxrsu-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.partner.windowsphone-int.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.partner.windowsphone.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev.skype.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ucwa.lync.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vo.msecnd.net' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005b670d756277a049514d0605b8d8e3ae8bbd72a758a42b6224f980f8322103e746dd8ef87c2d503633e5765a8acc215d28c91d9af0fc4bc19bcd1a59d20384737af64a977755d4d24a768ccfeb22ec98bc3714e4c45a5bbe49b9780affd223b0538ea9b7d168054294d63474496e1dbaba7835690a6628ed6ad7d80868cf93d88921e5d1599df3e5dc1521b6554cf93eb900fdb8e6c8fdad14e4e682bae43946e9d9dd5db4e1f890ccdfcbacc6cb26781a3d05e43ad7734b14522caa08b144af4068808ba12b4125c2216d573e3ccca51ac8d603004bb639746460bd347ce07fd8f61d4305ab948e729b98857a56d11f2afae961562d81433a09f2ceb4ba7736