onedrive.com

- Microsoft Corporation -

Issued by Microsoft Azure TLS Issuing CA 05

About this certificate

This digital certificate with serial number 33:00:69:bb:9a:ac:f2:33:ab:2e:49:91:72:00:00:00:69:bb:9a was issued on by Microsoft Corporation.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • KeyUsage [DataEncipherment DigitalSignature KeyEncipherment] (00001101) inconsistent with multiple purpose ExtKeyUsage [clientAuth serverAuth] The certificate MUST only be used for a purpose consistent with both key usage extension and extended key usage extension. (RFC 5280, Section 4.2.1.12.)
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Microsoft Corporation

Organization: Microsoft Corporation
State / Province: WA
Locality: Redmond
Country: US

Microsoft Corporation

Organization: Microsoft Corporation
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 33:00:69:bb:9a:ac:f2:33:ab:2e:49:91:72:00:00:00:69:bb:9a
Serial Number (int): 1137373984142345170408453915320748805615893402
Serial Number lenght: 150 bits, 19 octets

SubjectKeyId: dd:14:27:61:49:54:43:d0:9f:9c:c3:1e:6f:fa:60:45:4a:c3:da:ef
AuthorityKeyId: c7:b2:9c:7f:1c:e3:b8:5a:ef:e9:68:1a:a8:5d:94:c1:26:52:6a:68

Fingerprint (sha1): 4e:11:98:32:9d:ab:e8:3b:be:4e:e9:05:86:88:8d:67:16:9b:c0:9b
Fingerprint (sha256): ef:fa:bf:84:a5:6b:0b:d9:25:39:86:a2:ca:f4:32:7c:83:2c:e8:25:7b:a7:7e:a9:9b:01:20:e6:f9:77:f0:f1

Issuing Certificate URL: http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2005%20-%20xsign.crt

Revocation information

OCSP Server: http://oneocsp.microsoft.com/ocsp
CRL Distribution Point: http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2005.crl

Check the revocation status for certificate onedrive.com

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for onedrive.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment
Data Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

12 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

onedrive.com
p.sfx.ms
*.live.com
*.live.net
*.skydrive.live.com
*.onedrive.live.com
*.onedrive.com
d.sfx-df.ms
*.odwebb.svc.ms
*.odwebp.svc.ms
*.odwebdf.svc.ms
*.odwebpl.svc.ms

Other certificates including the domain name onedrive.com

(limited to 100 certificates)
storage.live.com
photos.onedrive.com
mail.live.com
storage.live.com
mail.live.com
dev.onedrive.com
blog.onedrive.com
storage.live.com
akamai-san11.exacttarget.com
onedrive.com
storage.live.com
storage.live.com
dev.onedrive.com
svc.ms
storage.live.com
onedrive.live.com
storage.live.com
photos.onedrive.com
SPO-Prod-ODWeb-O365Shell.onedrive.com
onedrive-df.live.com
dev-staging.onedrive.com
storage.live.com
onedrive.com
onedrive.live.com
storage.live.com
storage.live.com
akamai-san11.exacttarget.com
storage.live.com
storage.live.com
blog.onedrive.com
onedrive.live.com
onedrive.live.com
svc.ms
storage.live.com
photos.onedrive.com
photos.onedrive.com
storage.live.com
akamai-san11.exacttarget.com
storage.live.com
*.svc.ms
www1.onedrive.com
storage.live.com
storage.live.com
storage.live.com
storage.live.com
storage.live.com
qos.admin.onedrive.com
blog.onedrive.com
onedrive.com
onedrive.live.com
blog.onedrive.com
customersuccessblog.onedrive.com
storage.live.com
storage.live.com
storage.live.com
df.storage.live.com
onedrive.com
onedrive.com
storage.live.com
storage.live.com
*.mail.onedrive.com
storage.live.com
dev-staging.onedrive.com
*.mail.onedrive.com
blog.onedrive.com
storage.live.com
onedrive.live.com
storage.live.com
akamai-san11.exacttarget.com
*.mail.onedrive.com
onedrive.com
storage.live.com
pushchanneltst.cma.onedrive.com
onedrive.live.com
blog.onedrive.com
storage.live.com
onedrive.com
onedrive.live.com
*.svc.ms
onedrive.com
pushchannelprod.cma.onedrive.com
akamai-san11.exacttarget.com
storage.live.com
storage.live.com
onedrive.com
df.badger.onedrive.com
onedrive.com
storage.live.com
storage.live.com
photos.onedrive.com
photos.onedrive.com
onedrive-df.live.com
storage.live.com
storage.live.com
storage.live.com
*.mail.onedrive.com
onedrive.live.com
storage.live.com
spdf.badgerspo.onedrive.com
*.mail.onedrive.com

Certificate

The complete raw certificate details for onedrive.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII/zCCBuegAwIBAgITMwBpu5qs8jOrLkmRcgAAAGm7mjANBgkqhkiG9w0BAQwF
ADBZMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MSowKAYDVQQDEyFNaWNyb3NvZnQgQXp1cmUgVExTIElzc3VpbmcgQ0EgMDUwHhcN
MjIxMTA5MTk0NTIyWhcNMjMxMTA0MTk0NTIyWjBjMQswCQYDVQQGEwJVUzELMAkG
A1UECBMCV0ExEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD
b3Jwb3JhdGlvbjEVMBMGA1UEAxMMb25lZHJpdmUuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAnb9CHmdN7M4MzmTrHXdU9HJ+k0c3QVYRbTnULi5K
eGM8fDAeIgpwvoIbuwGqbVyTgWptZFE5QoB6Odn3mQW6V2OQDdlY7+K+ue/9UdhU
EBTbQl+ZQxuRqGv+tREkSqTUyu2rzJsjoqplzDHhbrXZbErMzGElMVKsHWg2OkjN
QurXZ6b6Vhz+T0blIgvrR+wXsFyo+jlRg+tQgLACZWQ20RoQOU0DEbnr7KN3RUlP
3whLAqqhhVzo3vDGFHLdRiyG7Eiy7QVdPnYLEZ/s8RNZg7SLonvemgcCITQ62Jh+
ij+iZnrhm9aq794lkIfj7i2Fz3UuMOq/tcX+O7M0XhiqlQIDAQABo4IEtDCCBLAw
ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1AOg+0No+9QY1MudXKLyJa8kD08vR
EWvs62nhd31tBr1uAAABhF32LpQAAAQDAEYwRAIgLfB8lcnBBtSz83sfcF2P2At6
0YbdEQUMngnv9U4HAi0CIER09WrYP9tH7UBqAUn5CcF2Qfe/A8OczXUt74+X6Pbd
AHcAejKMVNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGEXfYuxAAABAMA
SDBGAiEA7G47cZaM688zmbAUOjOCcNHlfyPflIgoTdQzH8tzS/gCIQCYPzzjR3Ai
iDEVaWBR2tqdiFhjG68hDukvkK4MCoWo5wB2AK33vvp8/xDIi509nB4+GGq0Zyld
z7EMJMqFhjTr3IKKAAABhF32LmQAAAQDAEcwRQIhALoGXbmgLK8yu10CuVO6b3Z3
1dlROgJwWWm2TpZx2bxmAiAu9vbpMRDJ3uB3uFwvG3rmn+G46qcc/vfUcRhMFYTb
rjAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMBMDwGCSsG
AQQBgjcVBwQvMC0GJSsGAQQBgjcVCIe91xuB5+tGgoGdLo7QDIfw2h1dgoTlaYLz
pz4CAWQCASUwga4GCCsGAQUFBwEBBIGhMIGeMG0GCCsGAQUFBzAChmFodHRwOi8v
d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMEF6dXJl
JTIwVExTJTIwSXNzdWluZyUyMENBJTIwMDUlMjAtJTIweHNpZ24uY3J0MC0GCCsG
AQUFBzABhiFodHRwOi8vb25lb2NzcC5taWNyb3NvZnQuY29tL29jc3AwHQYDVR0O
BBYEFN0UJ2FJVEPQn5zDHm/6YEVKw9rvMA4GA1UdDwEB/wQEAwIEsDCByAYDVR0R
BIHAMIG9ggxvbmVkcml2ZS5jb22CCHAuc2Z4Lm1zggoqLmxpdmUuY29tggoqLmxp
dmUubmV0ghMqLnNreWRyaXZlLmxpdmUuY29tghMqLm9uZWRyaXZlLmxpdmUuY29t
gg4qLm9uZWRyaXZlLmNvbYILZC5zZngtZGYubXOCDyoub2R3ZWJiLnN2Yy5tc4IP
Ki5vZHdlYnAuc3ZjLm1zghAqLm9kd2ViZGYuc3ZjLm1zghAqLm9kd2VicGwuc3Zj
Lm1zMAwGA1UdEwEB/wQCMAAwZAYDVR0fBF0wWzBZoFegVYZTaHR0cDovL3d3dy5t
aWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwQXp1cmUlMjBUTFMl
MjBJc3N1aW5nJTIwQ0ElMjAwNS5jcmwwZgYDVR0gBF8wXTBRBgwrBgEEAYI3TIN9
AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9w
cy9Eb2NzL1JlcG9zaXRvcnkuaHRtMAgGBmeBDAECAjAfBgNVHSMEGDAWgBTHspx/
HOO4Wu/paBqoXZTBJlJqaDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw
DQYJKoZIhvcNAQEMBQADggIBAFUN5Dpk9Mf26vlkwYREcsBSl//VtZLm5weJDwZA
Imll5mFerYssB1tntYcLx5i3dDO1x08AfnDNaD2u45aSNvSkE/8R205SpqssLuON
JoB2SefU/pj0h0K4HRVQhrdzewn/kI+V5EyH8acFZk0wLdf9roIRcrqbzHyb6Rpf
DtTzgPlbJWx4tA3lPaEx1q8AxmyDQUFR0eXh8+5bIWZwKXAqbAAFK2LaTIrsxeAr
usQ9GTV6AkUNOJHUOed6lQX/S+wFx7KnS9vsiB3bdGspK8npqxj8h6Q9LXB8pEsx
d+fr6MSY8cEYWkqhewf4FIurTyeSD83RMl8yKDBBggAIWpsopxJp+Kh16s1XeRWY
0+6PfzHkVDTm6RnNc5RrWMF85j/TNx/WaqB6RrZwZQBwDxjXv3q6gttCYp2baauY
7gTpiP3BqnkxwZ5eU0EK6F7YFzMPmfp4OsUhmBkoD/xyf+0bBGjdylLuH87cRWyR
vAnK1+112810sD3CeXZ3pX5njoYiOguJAQWi9ZugchJVuTH1Yd0aCpYjvtNicj5h
4c+Azn5Ni9j57I7eALu3yOiywe2JErw3l1yNk/nN3y+S830Dqt6lDtyXtyvXK3Wa
x0YPps8rmnuTZT/KLqQvylCD5y3lr9crTrIbamrUhL/SctU1xDlEeAwS1R1n4ZoI
27Mv
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb9CHmdN7M4MzmTrHXdU
9HJ+k0c3QVYRbTnULi5KeGM8fDAeIgpwvoIbuwGqbVyTgWptZFE5QoB6Odn3mQW6
V2OQDdlY7+K+ue/9UdhUEBTbQl+ZQxuRqGv+tREkSqTUyu2rzJsjoqplzDHhbrXZ
bErMzGElMVKsHWg2OkjNQurXZ6b6Vhz+T0blIgvrR+wXsFyo+jlRg+tQgLACZWQ2
0RoQOU0DEbnr7KN3RUlP3whLAqqhhVzo3vDGFHLdRiyG7Eiy7QVdPnYLEZ/s8RNZ
g7SLonvemgcCITQ62Jh+ij+iZnrhm9aq794lkIfj7i2Fz3UuMOq/tcX+O7M0Xhiq
lQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 1137373984142345170408453915320748805615893402
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Azure TLS Issuing CA 05'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-09 19:45:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-04 19:45:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'WA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Redmond'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Microsoft Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'onedrive.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19913726850867019146655050573120323257737220052015315884317462882258306430049465126149077710378713862044574988190153424761735663322131138156383101558512087428251889947277508421498435528798911455802729886040245923269599827611571410318634884106761203002240913722323073216185860353719187405789974796610814201648789086305790940513775841973967410485566189072624119614064036522699580488197009729283081430339639725489515149270902402388135449845496762929261492841526521144596243048137613275518466818060217066581270736375760727917625208022600944561709985043924524977640608451076111542350093270744475861370249119645676347107989
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001845df62e94000004030046304402202df07c95c9c106d4b3f37b1f705d8fd80b7ad186dd11050c9e09eff54e07022d02204474f56ad83fdb47ed406a0149f909c17641f7bf03c39ccd752def8f97e8f6dd0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001845df62ec40000040300483046022100ec6e3b71968cebcf3399b0143a338270d1e57f23df9488284dd4331fcb734bf8022100983f3ce3477022883115696051dada9d8858631baf210ee92f90ae0c0a85a8e7007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001845df62e640000040300473045022100ba065db9a02caf32bb5d02b953ba6f7677d5d9513a02705969b64e9671d9bc6602202ef6f6e93110c9dee077b85c2f1b7ae69fe1b8eaa71cfef7d471184c1584dbae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.10 (applicationCertPolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.7 (certificateTemplate)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.21.8.15690651.3798470.4214446.239628.16526621.93.4272873.6083518
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 100
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 37
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2005%20-%20xsign.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://oneocsp.microsoft.com/ocsp'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							dd142761495443d09f9cc31e6ffa60454ac3daef
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4 bits)
							04b0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (192 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'onedrive.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p.sfx.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.live.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.skydrive.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.onedrive.live.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.onedrive.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'd.sfx-df.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.odwebb.svc.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.odwebp.svc.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.odwebdf.svc.ms'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.odwebpl.svc.ms'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2005.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (95 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.76.509.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.microsoft.com/pkiops/Docs/Repository.htm'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c7b29c7f1ce3b85aefe9681aa85d94c126526a68
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00550de43a64f4c7f6eaf964c1844472c05297ffd5b592e6e707890f0640226965e6615ead8b2c075b67b5870bc798b77433b5c74f007e70cd683daee3969236f4a413ff11db4e52a6ab2c2ee38d26807649e7d4fe98f48742b81d155086b7737b09ff908f95e44c87f1a705664d302dd7fdae821172ba9bcc7c9be91a5f0ed4f380f95b256c78b40de53da131d6af00c66c83414151d1e5e1f3ee5b21667029702a6c00052b62da4c8aecc5e02bbac43d19357a02450d3891d439e77a9505ff4bec05c7b2a74bdbec881ddb746b292bc9e9ab18fc87a43d2d707ca44b3177e7ebe8c498f1c1185a4aa17b07f8148bab4f27920fcdd1325f322830418200085a9b28a71269f8a875eacd57791598d3ee8f7f31e45434e6e919cd73946b58c17ce63fd3371fd66aa07a46b6706500700f18d7bf7aba82db42629d9b69ab98ee04e988fdc1aa7931c19e5e53410ae85ed817330f99fa783ac5219819280ffc727fed1b0468ddca52ee1fcedc456c91bc09cad7ed75dbcd74b03dc2797677a57e678e86223a0b890105a2f59ba0721255b931f561dd1a0a9623bed362723e61e1cf80ce7e4d8bd8f9ec8ede00bbb7c8e8b2c1ed8912bc37975c8d93f9cddf2f92f37d03aadea50edc97b72bd72b759ac7460fa6cf2b9a7b93653fca2ea42fca5083e72de5afd72b4eb21b6a6ad484bfd272d535c43944780c12d51d67e19a08dbb32f