ch2swuiapp1.nam.nsroot.net
- Citigroup Inc. -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 06:38:41:7d:ae:d0:7b:39:78:c1:27:e0:11:2b:38:12 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization unit: 155955
Organization: Citigroup Inc.
Organization unit: 155955
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 06:38:41:7d:ae:d0:7b:39:78:c1:27:e0:11:2b:38:12Serial Number (int): 8267464913034427416877275713073002514
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 89:70:71:bd:45:b6:6d:a6:21:cb:66:65:da:1c:bd:e9:ac:c6:32:14
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): 7f:ac:a2:c1:0f:78:c5:94:3c:f7:4d:da:9b:af:45:87:66:f9:e2:21
Fingerprint (sha256): 01:8a:92:55:4d:cb:14:5c:df:82:ca:d9:b8:a1:5a:1c:8c:9c:c6:1a:95:ec:f0:54:0a:c4:06:b9:19:40:f5:3f
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl
Check the revocation status for certificate ch2swuiapp1.nam.nsroot.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ch2swuiapp1.nam.nsroot.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ch2swuiapp1.nam.nsroot.net
Other certificates including the domain name nsroot.net
(limited to 100 certificates)
server-7.goldpac.apac.nsroot.net
ecmsynd-uat.nam.nsroot.net
academy-ukr.apac.nsroot.net
cdasmwp15z1.nam.nsroot.net
GTUATORG01.nam.nsroot.net
cob.citibankchina.goldpac.apac.nsroot.net
sfnamuat.wlb2.nam.nsroot.net
ctrxemeauatj.eur.nsroot.net
CAPAMS2XMLSWDC-vip.nam.nsroot.net
vm-unam2-cimp00.nam.nsroot.net
citi.retail.ips-uat.ptnr-b-data.nam.nsroot.net
digitalopsuat.nam.nsroot.net
NAMLY13ENYUAT12.namuat.nsrootuat.dyn.nsroot.net
LyncProdDR.EUR.NSROOT.NET
ch2mwpiapp1.nam.nsroot.net
shim.citiprivatebankinviewqa.emea.privatebank.citibank.com
ch2swuiapp1.nam.nsroot.net
CTRXEUXDRDC70-vip.eur.nsroot.net
speengineuat.wlb3.nam.nsroot.net
MP01VIP2.MP01.MEX.NSROOT.NET
RSGDVIPA.apac.nsroot.net
ccfundnotifications.nam.nsroot.net
webfarm-staging.eur.nsroot.net
UFP1-CIPP01.nam.nsroot.net
LYNC10GTPST01.nam.nsroot.net
m4defdc-aes10-dl360g8.eur.nsroot.net
sbc0401aconp01v.nam.nsroot.net
indo-snok-cob.eur.nsroot.net
CAPAPACPNAXMLHKAST-vip.apac.nsroot.net
lync13pooldev2.namuat.nsrootuat.dyn.nsroot.net
lacbra001as0011.lac.nsroot.net
ccooprod.nam.nsroot.net
consumer.wlb2.nam.nsroot.net
CitiDirectPRODSSO.nam.nsroot.net
sydndm3u.aus.nsroot.net
ctrxnasf-PNA.wlb2.nam.nsroot.net
citi.p-fduc-data.sec.nam.nsroot.net
hcasbat_pkr.apac.nsroot.net
uat.realtime.grosspayment.gateway.citigroup.net
jfxlbeoluat.eur.nsroot.net
vtcgtdcuweb1.nam.nsroot.net
CAPAPACTPAXMLSGCT2-vip.apac.nsroot.net
tneu.nam.nsroot.net
clouddesktop-sgdc01-vip.apac.nsroot.net
speengineuat.wlb3.nam.nsroot.net
GTUATCXC01qmv75.nam.nsroot.net
CAPAMSUATXMLRUTH-vip.nam.nsroot.net
menaisrflxu.eur.nsroot.net
GTAEMF4_QM.DIT_qmv75.nam.nsroot.net
clouddesktop-sgdc01-vip.apac.nsroot.net
acheprod.nam.nsroot.net
vusmwdc-ica01-mpx8200-callback.nam.nsroot.net
yieldbook.nam.nsroot.net
tenb51-sit-gsrenapc.nam.nsroot.net
gtcrd-cblla01u.nam.nsroot.net
MessagingclientAceInternationalPR.lac.nsroot.net
apsgontw7w2307.apac.nsroot.net
aawebsocket-uat.wlb.nam.nsroot.net
imbdlpbuf-ru03.nam.nsroot.net
ctrxemeasf-U-PNA.wlb2.eur.nsroot.net
mdefdc-vcs01-vcsco.eur.nsroot.net
esbuat.emeaconsumer.citigroup.net
fxmmilnap1u.eur.nsroot.net
CTRXAPACXDSG7-vip.apac.nsroot.net
s3dev_hrss.nam.nsroot.net
ASUSMD831FIN9V.NAM.NSROOT.NET
imbtcrelay-ru03.nam.nsroot.net
ufcappln.apac.nsroot.net
RSGDVIPA.apac.nsroot.net
banamexsoaperf.banamex.com
devcitisource.nam.nsroot.net
icl-ironkey-va01.nam.nsroot.net
smcpint.ny.ssmb.com
imbtcrelay-gt03.nam.nsroot.net
Lync13ProdDR.apac.nsroot.net
CLOUDDESKTOP-GTDC01-vip.nam.nsroot.net
mgbrdc-pexv07-c220.eur.nsroot.net
www.bnepremium.lac.nsroot.net
RUS111W-MAN02-6509-TENGE2-4.nam.nsroot.net
bolsit.nam.nsroot.net
gmi-dev.nam.nsroot.net
LyncProdDR.EUR.NSROOT.NET
jfpprdhu-rbw-maint-svr1.eur.nsroot.net
TRADERECORDSINFOINDIA.ICG.CITIGROUP.NET
citibankdr.banctecportal.eur.nsroot.net
citisft-usrtdc-pr3-edge-g1.nam.nsroot.net
apacthdsibpm001.apac.nsroot.net
rgbrdc-b2b44-2911.eur.nsroot.net
SBC1802DCONP01V.nam.nsroot.net
digitalopsdev.nam.nsroot.net
uatndm.octopus.gcbhk.apac.nsroot.net
mdefdc-vcs02-vcsex.eur.nsroot.net
uat.eoscar3.nam.nsroot.net
sd-cd7f-c896.nam.nsroot.net
ctrxlatcts.wlb.lac.nsroot.net
apac.nsroot.net
latamesbsit-icg.nam.nsroot.net
CTRXAPACXDSG7-vip.apac.nsroot.net
gmi.nam.nsroot.net
m1gbrdc-svx01-aes.eur.nsroot.net
ecmsynd-uat.nam.nsroot.net
academy-ukr.apac.nsroot.net
cdasmwp15z1.nam.nsroot.net
GTUATORG01.nam.nsroot.net
cob.citibankchina.goldpac.apac.nsroot.net
sfnamuat.wlb2.nam.nsroot.net
ctrxemeauatj.eur.nsroot.net
CAPAMS2XMLSWDC-vip.nam.nsroot.net
vm-unam2-cimp00.nam.nsroot.net
citi.retail.ips-uat.ptnr-b-data.nam.nsroot.net
digitalopsuat.nam.nsroot.net
NAMLY13ENYUAT12.namuat.nsrootuat.dyn.nsroot.net
LyncProdDR.EUR.NSROOT.NET
ch2mwpiapp1.nam.nsroot.net
shim.citiprivatebankinviewqa.emea.privatebank.citibank.com
ch2swuiapp1.nam.nsroot.net
CTRXEUXDRDC70-vip.eur.nsroot.net
speengineuat.wlb3.nam.nsroot.net
MP01VIP2.MP01.MEX.NSROOT.NET
RSGDVIPA.apac.nsroot.net
ccfundnotifications.nam.nsroot.net
webfarm-staging.eur.nsroot.net
UFP1-CIPP01.nam.nsroot.net
LYNC10GTPST01.nam.nsroot.net
m4defdc-aes10-dl360g8.eur.nsroot.net
sbc0401aconp01v.nam.nsroot.net
indo-snok-cob.eur.nsroot.net
CAPAPACPNAXMLHKAST-vip.apac.nsroot.net
lync13pooldev2.namuat.nsrootuat.dyn.nsroot.net
lacbra001as0011.lac.nsroot.net
ccooprod.nam.nsroot.net
consumer.wlb2.nam.nsroot.net
CitiDirectPRODSSO.nam.nsroot.net
sydndm3u.aus.nsroot.net
ctrxnasf-PNA.wlb2.nam.nsroot.net
citi.p-fduc-data.sec.nam.nsroot.net
hcasbat_pkr.apac.nsroot.net
uat.realtime.grosspayment.gateway.citigroup.net
jfxlbeoluat.eur.nsroot.net
vtcgtdcuweb1.nam.nsroot.net
CAPAPACTPAXMLSGCT2-vip.apac.nsroot.net
tneu.nam.nsroot.net
clouddesktop-sgdc01-vip.apac.nsroot.net
speengineuat.wlb3.nam.nsroot.net
GTUATCXC01qmv75.nam.nsroot.net
CAPAMSUATXMLRUTH-vip.nam.nsroot.net
menaisrflxu.eur.nsroot.net
GTAEMF4_QM.DIT_qmv75.nam.nsroot.net
clouddesktop-sgdc01-vip.apac.nsroot.net
acheprod.nam.nsroot.net
vusmwdc-ica01-mpx8200-callback.nam.nsroot.net
yieldbook.nam.nsroot.net
tenb51-sit-gsrenapc.nam.nsroot.net
gtcrd-cblla01u.nam.nsroot.net
MessagingclientAceInternationalPR.lac.nsroot.net
apsgontw7w2307.apac.nsroot.net
aawebsocket-uat.wlb.nam.nsroot.net
imbdlpbuf-ru03.nam.nsroot.net
ctrxemeasf-U-PNA.wlb2.eur.nsroot.net
mdefdc-vcs01-vcsco.eur.nsroot.net
esbuat.emeaconsumer.citigroup.net
fxmmilnap1u.eur.nsroot.net
CTRXAPACXDSG7-vip.apac.nsroot.net
s3dev_hrss.nam.nsroot.net
ASUSMD831FIN9V.NAM.NSROOT.NET
imbtcrelay-ru03.nam.nsroot.net
ufcappln.apac.nsroot.net
RSGDVIPA.apac.nsroot.net
banamexsoaperf.banamex.com
devcitisource.nam.nsroot.net
icl-ironkey-va01.nam.nsroot.net
smcpint.ny.ssmb.com
imbtcrelay-gt03.nam.nsroot.net
Lync13ProdDR.apac.nsroot.net
CLOUDDESKTOP-GTDC01-vip.nam.nsroot.net
mgbrdc-pexv07-c220.eur.nsroot.net
www.bnepremium.lac.nsroot.net
RUS111W-MAN02-6509-TENGE2-4.nam.nsroot.net
bolsit.nam.nsroot.net
gmi-dev.nam.nsroot.net
LyncProdDR.EUR.NSROOT.NET
jfpprdhu-rbw-maint-svr1.eur.nsroot.net
TRADERECORDSINFOINDIA.ICG.CITIGROUP.NET
citibankdr.banctecportal.eur.nsroot.net
citisft-usrtdc-pr3-edge-g1.nam.nsroot.net
apacthdsibpm001.apac.nsroot.net
rgbrdc-b2b44-2911.eur.nsroot.net
SBC1802DCONP01V.nam.nsroot.net
digitalopsdev.nam.nsroot.net
uatndm.octopus.gcbhk.apac.nsroot.net
mdefdc-vcs02-vcsex.eur.nsroot.net
uat.eoscar3.nam.nsroot.net
sd-cd7f-c896.nam.nsroot.net
ctrxlatcts.wlb.lac.nsroot.net
apac.nsroot.net
latamesbsit-icg.nam.nsroot.net
CTRXAPACXDSG7-vip.apac.nsroot.net
gmi.nam.nsroot.net
m1gbrdc-svx01-aes.eur.nsroot.net
Certificate
The complete raw certificate details for ch2swuiapp1.nam.nsroot.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF7jCCBNagAwIBAgIQBjhBfa7Qezl4wSfgESs4EjANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE5MDkwNDAwMDAwMFoXDTIxMDkwNDEy MDAwMFowgeMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF EwcyMTU0MjU0MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNV BAcTCE5ldyBZb3JrMRcwFQYDVQQKEw5DaXRpZ3JvdXAgSW5jLjEPMA0GA1UECxMG MTU1OTU1MSMwIQYDVQQDExpjaDJzd3VpYXBwMS5uYW0ubnNyb290Lm5ldDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKDwh9kg5fhCWb2hDIBM3RsGut5w lsdZBIYq9BWGuzkJTNTfPvucEtAmgdqXrwk5nJKyjSyC4e+E5j+JEYxdVzJ4b29D Ce1l0wr0rqAMJxvTw1YUzX1AsEDs/gjvcXfMY5jQTSE5q3t1tXlV0NRRPCXv70Fg /0Z4JI+B7zR//dPK3cumO+clsONFC1HNTYZ0nXZmTk6ZzEgnAkc4l6nKCpyyi+hE NIEQ2VpzcExzHZuqi81cstvTCZelZhHAQR8ZN6g0t3L7KtdJwmeUORJLhZ5i0xce kj6ycO7M91u1d4iJgAbczpHCOJvXJciqpKZoyXz45pKiGGvbWXAOZCghtkkCAwEA AaOCAgkwggIFMB8GA1UdIwQYMBaAFD3TUKXWoK3u80pgCmXTIdT4+NYPMB0GA1Ud DgQWBBSJcHG9RbZtpiHLZmXaHL3prMYyFDAlBgNVHREEHjAcghpjaDJzd3VpYXBw MS5uYW0ubnNyb290Lm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB BQUHAwEGCCsGAQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRp Z2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwNKAyoDCGLmh0dHA6Ly9j cmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWV2LXNlcnZlci1nMi5jcmwwSwYDVR0gBEQw QjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl cnQuY29tL0NQUzAHBgVngQwBATCBiAYIKwYBBQUHAQEEfDB6MCQGCCsGAQUFBzAB hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUgYIKwYBBQUHMAKGRmh0dHA6Ly9j YWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNIQTJFeHRlbmRlZFZhbGlkYXRp b25TZXJ2ZXJDQS5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADAN BgkqhkiG9w0BAQsFAAOCAQEAd3jdkfG8WNQusGd6HVtH4I3CFxvyyHiV8qxkaGMe PgHPzagUpqcqXuGiWaa/2VxhgtIC3pKptyjFn6M+Q6LEVBAtFFi0JzKEWBnjTJU7 DJ1O0fc1Y5KoYcFX56kLIQ2o5U8Tc45bq3nwg3wZvngVnQwfIw0ijP1dql8OXUH5 tk0JpGWBR8zwb6v+biJ05/pyxYZ3T2Te9JcTWZ5wBzpB8GH69wso5Hs4LR1HqFqw zETRnG9BmI02gzH5/gI5hssOSjqVxfKTWwFioaUgcvGUn4gZT28YVMTQWv/3jO+H rZUU9no1dTPbg74AUtHT9/+f2D5fk6dktw6/qbmrVKEnaw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPCH2SDl+EJZvaEMgEzd Gwa63nCWx1kEhir0FYa7OQlM1N8++5wS0CaB2pevCTmckrKNLILh74TmP4kRjF1X Mnhvb0MJ7WXTCvSuoAwnG9PDVhTNfUCwQOz+CO9xd8xjmNBNITmre3W1eVXQ1FE8 Je/vQWD/Rngkj4HvNH/908rdy6Y75yWw40ULUc1NhnSddmZOTpnMSCcCRziXqcoK nLKL6EQ0gRDZWnNwTHMdm6qLzVyy29MJl6VmEcBBHxk3qDS3cvsq10nCZ5Q5EkuF nmLTFx6SPrJw7sz3W7V3iImABtzOkcI4m9clyKqkpmjJfPjmkqIYa9tZcA5kKCG2 SQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 8267464913034427416877275713073002514 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-09-04 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '155955' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ch2swuiapp1.nam.nsroot.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20316738882129551574114787933053577492559283779688645712217929391859542047831599736982505740119351412841492915294928392135284969216468471489978421225395341585938113995395167088307333437772854061545696550913799225219615599108493407404829461395863104250197964119989238332924635079778590661808783557451202908129515969793868295459576709817378218727136104760420957609001541030854737506728249831829052335445448146181940885461885625047638887300250156063534713581749622634643527962907595373526043392896191385419036692375416828141941191626517039328827915540196114095885370878789392393333833491253384630760967928170283320587849 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 897071bd45b66da621cb6665da1cbde9acc63214 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ch2swuiapp1.nam.nsroot.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007778dd91f1bc58d42eb0677a1d5b47e08dc2171bf2c87895f2ac6468631e3e01cfcda814a6a72a5ee1a259a6bfd95c6182d202de92a9b728c59fa33e43a2c454102d1458b42732845819e34c953b0c9d4ed1f7356392a861c157e7a90b210da8e54f13738e5bab79f0837c19be78159d0c1f230d228cfd5daa5f0e5d41f9b64d09a4658147ccf06fabfe6e2274e7fa72c586774f64def49713599e70073a41f061faf70b28e47b382d1d47a85ab0cc44d19c6f41988d368331f9fe023986cb0e4a3a95c5f2935b0162a1a52072f1949f88194f6f1854c4d05afff78cef87ad9514f67a357533db83be0052d1d3f7ff9fd83e5f93a764b70ebfa9b9ab54a1276b