officeapps.live.com

- Microsoft Corporation -

Issued by Microsoft Azure RSA TLS Issuing CA 03

About this certificate

This digital certificate with serial number 33:00:22:e0:ee:3e:e8:74:be:54:6d:0d:74:00:00:00:22:e0:ee was issued on by Microsoft Corporation.

With 26 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 33:00:22:e0:ee:3e:e8:74:be:54:6d:0d:74:00:00:00:22:e0:ee
Serial Number (int): 1137349873709650726738009341029237597453607150
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: 39:90:be:77:4f:ba:77:67:d1:41:f8:d7:0f:cf:21:db:e5:20:bb:25
AuthorityKeyId: fe:09:71:40:55:05:10:44:d8:a4:81:75:b8:9e:1a:e9:4a:06:88:c8

Fingerprint (sha1): c0:4e:97:a0:80:8b:9a:24:56:09:7e:9e:b4:1f:75:71:ac:c6:2f:4e
Fingerprint (sha256): 43:3c:e7:f9:b3:c2:bd:f9:a1:68:1d:2b:fb:1b:75:a9:4f:56:69:1f:e2:69:9d:4a:2b:77:01:82:98:29:a6:d1

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2003%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2003.crl

Check the revocation status for certificate officeapps.live.com

26

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for officeapps.live.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

12 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

officeapps.live.com
officeppe.live.com
*.office.live.com
office.live.com
*.officeapps.live.com
officeapps-df.live.com
*.officeapps-df.live.com
*.online.office.com
*.online.office365.com
online.office.com
online.office365.com
*.fp.measure.office.com
*.th.officeapps.live.com
*.vhs.officeapps.live.com
*.view.officeapps.live.com
*.optin.online.office.com
tr-ofc-atm.office.com
excel.cloud.microsoft
word.cloud-dev.microsoft
powerpoint.cloud-dev.microsoft
word.cloud.microsoft
powerpoint.cloud.microsoft
excel.cloud-dev.microsoft
df.excel.cloud.microsoft
df.word.cloud.microsoft
df.powerpoint.cloud.microsoft

Other certificates including the domain name live.com

(limited to 100 certificates)
client.hip.live.com
config.edog.officeapps.live.com
outlook-fd-0009.live.com
sa5gl.wpc.edgecastcdn.net
ssl.chinanetcenter.com
officeapps.live.com
odc.edog.officeapps.live.com
blu196.mail.live.com
reporting.fss.live.com
sdx.microsoft.com
*.gateway.messenger.live.com
mrodevicemgr.edog.officeapps.live.com
storage.live.com
settings.familysafety.microsoft.com
sa9gl.wpc.edgecastcdn.net
login.live.com
outlook.com
images.partner.windowsphone.com
graph.windows.net
odc.officeapps.live.com
account.microsoft.com
teamsopenaisvc.prod.teams.live.com
*.ra.live.com
hololens-surfacehub-prod.auth.partner.hip.live.com
groups.prod.teams.live.com
ssw.live.com
ssl.chinanetcenter.com
wordwrs.edog.officeapps.live.com
present.edog.officeapps.live.com
ssl.chinanetcenter.com
ssl.chinanetcenter.com
fpt.microsoft.com
config.edog.officeapps.live.com
graph.windows.net
chatsvcagg.teams.microsoft.com
graph.windows.net
store.office.com
graph.windows.net
outlook-fd-0007.live.com
storage.live.com
outlook.com
fpt.microsoft.com
pptcts.officeapps.live.com
outlook-fd-0009.live.com
client.hip.live.com
uci.edog.officeapps.live.com
outlook.com
graph.windows.net
support.office.com
designerapp.edog.officeapps.live.com
mail.live.com
graph.windows.net
wordwrs.edog.officeapps.live.com
*.domains.live.com
sa167gl.wpc.edgecastcdn.net
sa54gl.wpc.edgecastcdn.net
middletier.prod.teams.live.com
pptmobius.officeapps.live.com
*.vo.msecnd.net
virtualearth.at
excelcs.officeapps.live.com
sendersupport.olc.protection.outlook.com
login.live-int.com
middletier.nonprod.teams.live.com
wordcs.edog.officeapps.live.com
graph.windows.net
g.msn.com
imgw.live.com
graph.windows.net
login.live-int.com
groups.prod.teams.live.com
outlook.live.com
*.maps.live.com
c2rsetup.edog.officeapps.live.com
profile-df.live.com
storage.live.com
shim.hip.live.com
outlook-fd-0009.live.com
account.live.com
www.multimap.com
graph.windows.net
client.hip.live.com
*.storage.msn.com
notifsvc.nonprod.teams.live.com
outlook.com
groups.prod.teams.live.com
ocws.officeapps.live.com
designerapp.officeapps.live.com
graph.windows.net
login.live.com
sa146gl.wpc.edgecastcdn.net
support.office.com
pptwrs.officeapps.live.com
config.officeapps.live.com
login.live.com
authsvc.nonprod.teams.live.com
outlook.com
mail.live.com
sa54gl.wpc.edgecastcdn.net
uci.officeapps.live.com

Certificate

The complete raw certificate details for officeapps.live.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIK1DCCCLygAwIBAgITMwAi4O4+6HS+VG0NdAAAACLg7jANBgkqhkiG9w0BAQwF
ADBdMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MS4wLAYDVQQDEyVNaWNyb3NvZnQgQXp1cmUgUlNBIFRMUyBJc3N1aW5nIENBIDAz
MB4XDTI0MDEyMjE4MDIxOFoXDTI1MDExNjE4MDIxOFowajELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAldBMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv
ZnQgQ29ycG9yYXRpb24xHDAaBgNVBAMTE29mZmljZWFwcHMubGl2ZS5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp3AHxkkE+E1Iq2ra9Y2Nw99b1
4T+GZnEjWpax+zjc/LugyGUmAr4hSmqr7FxnMyAdf4eMT/8jqpDZ01nA+1gMz/FQ
qB7b1woeIeIy7jRz8s9BUffR/EmC02VWkyu4i/C6G5O3dwbpTJDETKJy808F3jZt
q8FuFxhJQC83oawP3PVVlIDPWp7P3+mcPy4JkPWDLW6iPGZ308zimb298pmw2HQ9
s53wTzDJy5dkKMln6CQWnb/en1OAF3DuM9/Ke6RNpNH9TFidNBzn76lnGahBJS2d
8W8wkDiTUnPmftjwd4mEK8mWne4SGmmaTGb2Uh/u/04PgqjKKQC7JwrmpjTJAgMB
AAGjggZ+MIIGejCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYAzxFW7tUufK/z
h1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGNMl+WBwAABAMARzBFAiA9tzsMq0OT
WWwppyRIxldRmBN/CXymbf6z7m3oguGW+AIhAKHT+kjbeOLZ9ZK4+/NHZvl6egGH
KTFVFDLZVg205UaMAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgA
AAGNMl+VswAABAMARzBFAiAqpysplLSBRuqIMQJeXAaQ73PY395RrKt+OD3dgwe7
CAIhALH7mW7W5op9xs2gLv63/C8Gf8SIBSQolW4s23rtOQITAHYATnWjJ1yaEMM4
W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGNMl+VowAABAMARzBFAiEAkO9oSpKZ
fdPrm1PQHO3wymQc4kOtGjsnPfAmknn+vqYCIEUef/U4BXxm44MkqFLav/jzx9ge
8aIX2kn3D/sot1/MMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwIwCgYIKwYB
BQUHAwEwPAYJKwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIh73XG4Hn60aCgZ0ujtAM
h/DaHV2ChOVpgvOnPgIBZAIBJjCBtAYIKwYBBQUHAQEEgacwgaQwcwYIKwYBBQUH
MAKGZ2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9z
b2Z0JTIwQXp1cmUlMjBSU0ElMjBUTFMlMjBJc3N1aW5nJTIwQ0ElMjAwMyUyMC0l
MjB4c2lnbi5jcnQwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vbmVvY3NwLm1pY3Jvc29m
dC5jb20vb2NzcDAdBgNVHQ4EFgQUOZC+d0+6d2fRQfjXD88h2+UguyUwDgYDVR0P
AQH/BAQDAgWgMIIChQYDVR0RBIICfDCCAniCE29mZmljZWFwcHMubGl2ZS5jb22C
Em9mZmljZXBwZS5saXZlLmNvbYIRKi5vZmZpY2UubGl2ZS5jb22CD29mZmljZS5s
aXZlLmNvbYIVKi5vZmZpY2VhcHBzLmxpdmUuY29tghZvZmZpY2VhcHBzLWRmLmxp
dmUuY29tghgqLm9mZmljZWFwcHMtZGYubGl2ZS5jb22CEyoub25saW5lLm9mZmlj
ZS5jb22CFioub25saW5lLm9mZmljZTM2NS5jb22CEW9ubGluZS5vZmZpY2UuY29t
ghRvbmxpbmUub2ZmaWNlMzY1LmNvbYIXKi5mcC5tZWFzdXJlLm9mZmljZS5jb22C
GCoudGgub2ZmaWNlYXBwcy5saXZlLmNvbYIZKi52aHMub2ZmaWNlYXBwcy5saXZl
LmNvbYIaKi52aWV3Lm9mZmljZWFwcHMubGl2ZS5jb22CGSoub3B0aW4ub25saW5l
Lm9mZmljZS5jb22CFXRyLW9mYy1hdG0ub2ZmaWNlLmNvbYIVZXhjZWwuY2xvdWQu
bWljcm9zb2Z0ghh3b3JkLmNsb3VkLWRldi5taWNyb3NvZnSCHnBvd2VycG9pbnQu
Y2xvdWQtZGV2Lm1pY3Jvc29mdIIUd29yZC5jbG91ZC5taWNyb3NvZnSCGnBvd2Vy
cG9pbnQuY2xvdWQubWljcm9zb2Z0ghlleGNlbC5jbG91ZC1kZXYubWljcm9zb2Z0
ghhkZi5leGNlbC5jbG91ZC5taWNyb3NvZnSCF2RmLndvcmQuY2xvdWQubWljcm9z
b2Z0gh1kZi5wb3dlcnBvaW50LmNsb3VkLm1pY3Jvc29mdDAMBgNVHRMBAf8EAjAA
MGoGA1UdHwRjMGEwX6BdoFuGWWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lv
cHMvY3JsL01pY3Jvc29mdCUyMEF6dXJlJTIwUlNBJTIwVExTJTIwSXNzdWluZyUy
MENBJTIwMDMuY3JsMGYGA1UdIARfMF0wUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYB
BQUHAgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBv
c2l0b3J5Lmh0bTAIBgZngQwBAgIwHwYDVR0jBBgwFoAU/glxQFUFEETYpIF1uJ4a
6UoGiMgwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEB
DAUAA4ICAQATi5E0oryGlW+7A5xa9mfKlhMlEZtK84165sWW16+/Wcbr/KclrNH9
J96eFR+hxqN1+RBTYu0bdw+SIS/Dg7o0Jo1XNF7oGU2b1Bec252j01oyb8rDYj74
FG6Es4RcEgOv+WworUMUNDuPezPZ2naZPby1cddh8n8BGmMKMxGfHrbJT7pJ6qUh
ITzSqMT6A7bSAJIUc46vEsdBig3wtsKPJE4C9DDgP4P9iGImAlmWQyWKntYyUqUX
fF1rdBEZmUtAL6XiABP0kYowgu6FkkgY05xWaGvB97Wt+AHDuLNKbrDse70UOzRF
jfzMN8/S4vwfGu+1drzx/tjvjBB6tgsCiQP1RHZSDRe9ls976zKWYHqmJu5tHDG2
V7jxWpV1Y7k4inXnA0Y//78H0Jm8+T+1Im8Ql1HdRigRvHxtJyFdBhLyaWQoWz6B
35yjTDj/tQ9hCoXOaV8/FnaNNn1Ein0scI0pFx3UaJqRqztII29xDgstPeoga/af
ivUIYFD2L05+TfMdpm8y0NM5KvVigFnlHF6MYZUvGqvtwq88ub9S0KxIiOSRuny2
L6qNefqTVNALC1908X+Pw1s8X9+nPYoyqgXIVQ8IehJwToZ406sp8o79E3r8cK9B
GviBbdPzmhvSEatingoGBdDiqQw6QP/u1oj9Pc1Qu9EFvxl+gFE/Aw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdwB8ZJBPhNSKtq2vWNj
cPfW9eE/hmZxI1qWsfs43Py7oMhlJgK+IUpqq+xcZzMgHX+HjE//I6qQ2dNZwPtY
DM/xUKge29cKHiHiMu40c/LPQVH30fxJgtNlVpMruIvwuhuTt3cG6UyQxEyicvNP
Bd42bavBbhcYSUAvN6GsD9z1VZSAz1qez9/pnD8uCZD1gy1uojxmd9PM4pm9vfKZ
sNh0PbOd8E8wycuXZCjJZ+gkFp2/3p9TgBdw7jPfynukTaTR/UxYnTQc5++pZxmo
QSUtnfFvMJA4k1Jz5n7Y8HeJhCvJlp3uEhppmkxm9lIf7v9OD4KoyikAuycK5qY0
yQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137349873709650726738009341029237597453607150
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure RSA TLS Issuing CA 03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-22 18:02:18 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-16 18:02:18 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'officeapps.live.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21442763326514352069218814311775138327068268937690368771292671058343303747012408904790542405891933819056531527838360561464580646927760067720099208050204599777572894807328952054610759687049881836658455413024047309384601120157687192143490944781101720871939290210731046553830238563036720180683089657884000807111570925855407060261310796659075590226317154715629043735253860444644360995513945924830926419617859900114150523964648903581354643487993801345614139328303070039266506901725242401313815958848799796961339176237885439932551013815000151989697384409127978050735122705319097617876744910793262957422553551608992533722313
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018d325f9607000004030047304502203db73b0cab4393596c29a72448c6575198137f097ca66dfeb3ee6de882e196f8022100a1d3fa48db78e2d9f592b8fbf34766f97a7a01872931551432d9560db4e5468c0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018d325f95b3000004030047304502202aa72b2994b48146ea8831025e5c0690ef73d8dfde51acab7e383ddd8307bb08022100b1fb996ed6e68a7dc6cda02efeb7fc2f067fc488052428956e2cdb7aed3902130076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d325f95a3000004030047304502210090ef684a92997dd3eb9b53d01cedf0ca641ce243ad1a3b273df0269279febea60220451e7ff538057c66e38324a852dabff8f3c7d81ef1a217da49f70ffb28b75fcc
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 38
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (167 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2003%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3990be774fba7767d141f8d70fcf21dbe520bb25
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (636 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'officeapps.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'officeppe.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.office.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'office.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.officeapps.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'officeapps-df.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.officeapps-df.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.online.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.online.office365.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.office365.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.fp.measure.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.th.officeapps.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.vhs.officeapps.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.view.officeapps.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.optin.online.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tr-ofc-atm.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'excel.cloud.microsoft'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'word.cloud-dev.microsoft'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'powerpoint.cloud-dev.microsoft'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'word.cloud.microsoft'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'powerpoint.cloud.microsoft'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'excel.cloud-dev.microsoft'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'df.excel.cloud.microsoft'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'df.word.cloud.microsoft'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'df.powerpoint.cloud.microsoft'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20RSA%20TLS%20Issuing%20CA%2003.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName fe09714055051044d8a48175b89e1ae94a0688c8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00138b9134a2bc86956fbb039c5af667ca961325119b4af38d7ae6c596d7afbf59c6ebfca725acd1fd27de9e151fa1c6a375f9105362ed1b770f92212fc383ba34268d57345ee8194d9bd4179cdb9da3d35a326fcac3623ef8146e84b3845c1203aff96c28ad4314343b8f7b33d9da76993dbcb571d761f27f011a630a33119f1eb6c94fba49eaa521213cd2a8c4fa03b6d2009214738eaf12c7418a0df0b6c28f244e02f430e03f83fd88622602599643258a9ed63252a5177c5d6b741119994b402fa5e20013f4918a3082ee85924818d39c56686bc1f7b5adf801c3b8b34a6eb0ec7bbd143b34458dfccc37cfd2e2fc1f1aefb576bcf1fed8ef8c107ab60b028903f54476520d17bd96cf7beb3296607aa626ee6d1c31b657b8f15a957563b9388a75e703463fffbf07d099bcf93fb5226f109751dd462811bc7c6d27215d0612f26964285b3e81df9ca34c38ffb50f610a85ce695f3f16768d367d448a7d2c708d29171dd4689a91ab3b48236f710e0b2d3dea206bf69f8af5086050f62f4e7e4df31da66f32d0d3392af5628059e51c5e8c61952f1aabedc2af3cb9bf52d0ac4888e491ba7cb62faa8d79fa9354d00b0b5f74f17f8fc35b3c5fdfa73d8a32aa05c8550f087a12704e8678d3ab29f28efd137afc70af411af8816dd3f39a1bd211ab629e0a0605d0e2a90c3a40ffeed688fd3dcd50bbd105bf197e80513f03