OV SSL/TLS Certificate for outlook.com Issued to Microsoft Corporation

Certificate is witin its validity period

Issued by DigiCert Inc (DigiCert Cloud Services CA-1)

About the outlook.com OV SSL/TLS Certificate

This certificate with serial number 07:ec:fa:b5:80:e0:68:30:e3:ec:58:0e:3c:1d:47:65 for outlook.com was issued on by DigiCert Inc.

With 23 subject alternative names, this certificate can be used to secure multiple FQDNs. This OV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this OV SSL/TLS Certificate review for outlook.com provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

DigiCert Inc

Organization: DigiCert Inc
Country: US

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 07:ec:fa:b5:80:e0:68:30:e3:ec:58:0e:3c:1d:47:65
Serial Number (int): 10535063011692331098818316272276424549
Serial Number Length: 123 bits, 16 octets

Subject Key Identifier: aa:70:07:b5:5a:51:2f:32:0f:fe:47:2d:44:24:48:d7:2c:0b:7f:12
Authority Key Identifier: dd:51:d0:a2:31:73:a9:73:ae:8f:b4:01:7e:5d:8c:57:cb:9f:f0:f7

Fingerprint (SHA-1): a6:f7:ec:fb:2b:f6:31:b3:a8:4f:eb:b0:9f:fd:bb:4e:3b:0f:42:11
Fingerprint (SHA-256): 4f:94:1a:8e:50:52:5e:09:24:4f:8f:fe:75:65:e1:6a:51:dd:10:47:04:74:94:6a:0f:ba:84:6a:86:e4:de:8c

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertCloudServicesCA-1.crt

Revocation Information

OCSP Server: http://ocspx.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertCloudServicesCA-1-g1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertCloudServicesCA-1-g1.crl

Check the revocation status for certificate outlook.com
23
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for outlook.com

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Key Encipherment
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

*.clo.footprintdns.com
*.hotmail.com
*.internal.outlook.com
*.live.com
*.nrb.footprintdns.com
*.office.com
*.office365.com
*.outlook.com
*.outlook.office365.com
attachment.outlook.live.net
attachment.outlook.office.net
attachment.outlook.officeppe.net
attachments.office.net
attachments-sdf.office.net
ccs.login.microsoftonline.com
ccs-sdf.login.microsoftonline.com
hotmail.com
mail.services.live.com
office365.com
outlook.com
outlook.office.com
substrate.office.com
substrate-sdf.office.com

X.509 Certificate

The complete raw X.509 certificate details for outlook.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIIpzCCB4+gAwIBAgIQB+z6tYDgaDDj7FgOPB1HZTANBgkqhkiG9w0BAQsFADBL
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSUwIwYDVQQDExxE
aWdpQ2VydCBDbG91ZCBTZXJ2aWNlcyBDQS0xMB4XDTI1MDMyOTAwMDAwMFoXDTI2
MDMyODIzNTk1OVowajELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x
EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv
bjEUMBIGA1UEAxMLb3V0bG9vay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDfeMY0vYVvhe563nCicu8JxM2kxISWsyQxY6SPbbRAGJP5M74xeVlr
X2KqexdgGXwXl2ElOaXXRNqqzko/3AqfbCeWM02EzZzAgFoYmowlzlsNM4ueBNWn
hlpXsC5HPmrpYb81pkGDx/4m8u1D1RPzVmFVof8MajhQGPzKVX2Bycd+7/uEAKAs
jJ/dTkOL7Xzi12eGzEzA7l+zLHgbgkBWa7yETZGr9075tLwWZocK7iFKxT0PZRrk
oveKCW8+fwLM/kExL0KeLH7WzavjPZpLDp5QP1f/PJkMI1SmjUqd7732AQco1cgu
iMRrH2J55ZIS8PR7/HSOpQSYYLyTZxfNAgMBAAGjggVmMIIFYjAfBgNVHSMEGDAW
gBTdUdCiMXOpc66PtAF+XYxXy5/w9zAdBgNVHQ4EFgQUqnAHtVpRLzIP/kctRCRI
1ywLfxIwggIQBgNVHREEggIHMIICA4IWKi5jbG8uZm9vdHByaW50ZG5zLmNvbYIN
Ki5ob3RtYWlsLmNvbYIWKi5pbnRlcm5hbC5vdXRsb29rLmNvbYIKKi5saXZlLmNv
bYIWKi5ucmIuZm9vdHByaW50ZG5zLmNvbYIMKi5vZmZpY2UuY29tgg8qLm9mZmlj
ZTM2NS5jb22CDSoub3V0bG9vay5jb22CFyoub3V0bG9vay5vZmZpY2UzNjUuY29t
ghthdHRhY2htZW50Lm91dGxvb2subGl2ZS5uZXSCHWF0dGFjaG1lbnQub3V0bG9v
ay5vZmZpY2UubmV0giBhdHRhY2htZW50Lm91dGxvb2sub2ZmaWNlcHBlLm5ldIIW
YXR0YWNobWVudHMub2ZmaWNlLm5ldIIaYXR0YWNobWVudHMtc2RmLm9mZmljZS5u
ZXSCHWNjcy5sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tgiFjY3Mtc2RmLmxvZ2lu
Lm1pY3Jvc29mdG9ubGluZS5jb22CC2hvdG1haWwuY29tghZtYWlsLnNlcnZpY2Vz
LmxpdmUuY29tgg1vZmZpY2UzNjUuY29tggtvdXRsb29rLmNvbYISb3V0bG9vay5v
ZmZpY2UuY29tghRzdWJzdHJhdGUub2ZmaWNlLmNvbYIYc3Vic3RyYXRlLXNkZi5v
ZmZpY2UuY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0
dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydENsb3VkU2VydmljZXNDQS0x
LWcxLmNybDA/oD2gO4Y5aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
Q2xvdWRTZXJ2aWNlc0NBLTEtZzEuY3JsMHwGCCsGAQUFBwEBBHAwbjAlBggrBgEF
BQcwAYYZaHR0cDovL29jc3B4LmRpZ2ljZXJ0LmNvbTBFBggrBgEFBQcwAoY5aHR0
cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0Q2xvdWRTZXJ2aWNlc0NB
LTEuY3J0MAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3
AJaXZL9VWJet90OHaDcIQnfp8DrV9qTzNm5GpD8PyqnGAAABleMrBKEAAAQDAEgw
RgIhAM0xMmUWjpa1b00NLgvQ2jfRY/fuFWE5owMdTkcUvTFVAiEA1iBUiAffUyNX
q0O0da8bRrSSI4NhjJRe9iuZkImu6LMAdgBkEcRspBLsp4kcogIuALyrTygH1B41
J6vq/tUDyX3N8AAAAZXjKwSuAAAEAwBHMEUCIQCVMHnLO/4/cmo2HxLsC/eH+/O4
y3a29wJqYoL0+id4FwIgcqGRvIcBzS0jYvjq42ashXgNhQ0dslfAm33yUc6uBToA
dgBJnJtp3h187Pw23s2HZKa4W68Kh4AZ0VVS++nrKd34wwAAAZXjKwS/AAAEAwBH
MEUCIQD1HLlWwVT4cU5DHmc/7AqzlMssmhEfXigh9AtwmiCXIwIgeQDd3HdNi+cT
qnpwLvib86/3jpmJAEwm74Xv0xKxBqIwDQYJKoZIhvcNAQELBQADggEBAHaleLbu
DJfhddrx+vWi/+Z/XuqKlGpZchx/zh7hUmLMDvlIHVGBt8DICYS+kBEclUVLU9MC
uoaTFNQX8Xhn+1aLx23bF59ojaCauwMPaNENHX2inpxrvRvEs08Vg9ZEXzOZ884/
nKr+oCcwzTlHJ9Y7F4EYXNqDZHyG+pF7L9e4l91hXPkUDfY3+gMMKl0IOw7a69Cx
9ijcAhrTez/SWovVPB8UELJTLJeyfBP4yQiTKuHnRjg0+KD9wf3m6M8K4DHGozDU
WeDxWUZXTOwjIZLmvWil8CkurZF4yB1Ry6TrHXocVkm59FrHnlnSVjZmDL0rKP2M
rZYcg1VZlRQ1Nhc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33jGNL2Fb4Xuet5wonLv
CcTNpMSElrMkMWOkj220QBiT+TO+MXlZa19iqnsXYBl8F5dhJTml10Taqs5KP9wK
n2wnljNNhM2cwIBaGJqMJc5bDTOLngTVp4ZaV7AuRz5q6WG/NaZBg8f+JvLtQ9UT
81ZhVaH/DGo4UBj8ylV9gcnHfu/7hACgLIyf3U5Di+184tdnhsxMwO5fsyx4G4JA
Vmu8hE2Rq/dO+bS8FmaHCu4hSsU9D2Ua5KL3iglvPn8CzP5BMS9Cnix+1s2r4z2a
Sw6eUD9X/zyZDCNUpo1Kne+99gEHKNXILojEax9ieeWSEvD0e/x0jqUEmGC8k2cX
zQIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10535063011692331098818316272276424549
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Cloud Services CA-1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-03-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'outlook.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28210698005968676090417510368452796110955359210898902888281911261813442308663798743709833475464456607975916250647909290372996335218522769788183988378247307626061769891869244205032149976686204467698027090943115502163204807548568470133914054885812273077746335564438354755392194944685634110879785429620196375499486846980000083968613871426040862581255463965537426894285077211934279517203186142005451968447875614129456613284023829537517127444798204996302625831597046234201383480264701554953508506554685068593911454686491781968579129875533252969518165314958289172723464399002784056431993425578127727683359355267368475891661
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName dd51d0a23173a973ae8fb4017e5d8c57cb9ff0f7
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							aa7007b55a512f320ffe472d442448d72c0b7f12
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (519 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.clo.footprintdns.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hotmail.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.internal.outlook.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.nrb.footprintdns.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.office365.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.outlook.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.outlook.office365.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'attachment.outlook.live.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'attachment.outlook.office.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'attachment.outlook.officeppe.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'attachments.office.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'attachments-sdf.office.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ccs.login.microsoftonline.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ccs-sdf.login.microsoftonline.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hotmail.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.services.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'office365.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'outlook.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'outlook.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'substrate.office.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'substrate-sdf.office.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertCloudServicesCA-1-g1.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertCloudServicesCA-1-g1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocspx.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertCloudServicesCA-1.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							0169007700969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c600000195e32b04a10000040300483046022100cd313265168e96b56f4d0d2e0bd0da37d163f7ee156139a3031d4e4714bd3155022100d620548807df532357ab43b475af1b46b4922383618c945ef62b999089aee8b30076006411c46ca412eca7891ca2022e00bcab4f2807d41e3527abeafed503c97dcdf000000195e32b04ae0000040300473045022100953079cb3bfe3f726a361f12ec0bf787fbf3b8cb76b6f7026a6282f4fa277817022072a191bc8701cd2d2362f8eae366ac85780d850d1db257c09b7df251ceae053a007600499c9b69de1d7cecfc36decd8764a6b85baf0a878019d15552fbe9eb29ddf8c300000195e32b04bf0000040300473045022100f51cb956c154f8714e431e673fec0ab394cb2c9a111f5e2821f40b709a20972302207900dddc774d8be713aa7a702ef89bf3aff78e9989004c26ef85efd312b106a2
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0076a578b6ee0c97e175daf1faf5a2ffe67f5eea8a946a59721c7fce1ee15262cc0ef9481d5181b7c0c80984be90111c95454b53d302ba869314d417f17867fb568bc76ddb179f688da09abb030f68d10d1d7da29e9c6bbd1bc4b34f1583d6445f3399f3ce3f9caafea02730cd394727d63b1781185cda83647c86fa917b2fd7b897dd615cf9140df637fa030c2a5d083b0edaebd0b1f628dc021ad37b3fd25a8bd53c1f1410b2532c97b27c13f8c908932ae1e7463834f8a0fdc1fde6e8cf0ae031c6a330d459e0f15946574cec232192e6bd68a5f0292ead9178c81d51cba4eb1d7a1c5649b9f45ac79e59d25636660cbd2b28fd8cad961c8355599514353617