secureaccess.nam.citigroup.com
- Citigroup Inc. -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 0d:b9:64:ab:a2:ce:2b:c1:c7:85:8f:c4:a2:fb:d0:b2 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization: Citigroup Inc.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0d:b9:64:ab:a2:ce:2b:c1:c7:85:8f:c4:a2:fb:d0:b2Serial Number (int): 18242580703394821511527696649946910898
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 05:ae:cf:81:84:65:90:f5:c6:d4:09:38:30:1d:06:02:f9:02:da:df
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): 57:0c:0a:46:0b:56:ac:02:68:12:c3:fe:fb:b3:ab:16:1e:0e:64:7d
Fingerprint (sha256): 01:e1:33:13:02:0b:86:b9:cc:6b:4b:6c:c8:48:8e:ce:36:53:ba:4f:aa:61:0e:e0:71:cd:30:2a:09:1f:4d:09
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g3.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g3.crl
Check the revocation status for certificate secureaccess.nam.citigroup.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for secureaccess.nam.citigroup.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
secureaccess.nam.citigroup.com
secureaccess.citigroup.com
secureaccess.citigroup.com
Other certificates including the domain name citigroup.com
(limited to 100 certificates)
businessaccess.citibank.citigroup.com
TESTQC31.CITIDIRECT.CITIGROUP.COM
emeasalesautomationuat.citigroup.com
secureCredentialServer.citigroup.com
webcashmanagercitidirectuat.citibank.citigroup.com
cob.tradeimaging.citigroup.com
cdt1up1.brazil.citigroup.com
catsosuat.citigroup.com
secureaccess.nam.citigroup.com
globaltransferagencyuat.cmb.citigroup.com
uatwealthplanneradvisory.taiwan.citigroup.com
responsivesalesautomationrussia.citigroup.com
uattest.tradeprocessing.citigroup.com
PORTFOLIOANALYTICSUAT.TRANSACTIONSERVICES.CITIGROUP.COM
QC21.CITIDIRECT.CITIGROUP.COM
webcashmanagercitidirectuat.citibank.citigroup.com
uat.remoteoffice.citigroup.com
training.citigroup.com
akamai-san187.exacttarget.com
www.electronicbillingtest10.citigroup.com
securemailcenter.citigroup.com
training.citigroup.com
uat2.customer360view.citigroup.com
globaltransferagency.cmb.citigroup.com
SMTPOUTBOUND.CITIGROUP.COM
businessaccess.citibank.citigroup.com
securefiletransferuat.citigroup.com
qc21.citidirect.citigroup.com
banksearchuat.cib.citigroup.com
citigroupsoa.authentication.citigroup.com
contentdelivery.technologyservices.uat.citigroup.com
uat.secureaccessidp.citigroup.com
cookieutility.citigroup.com
training.citigroup.com
digitalcertificate.citigroup.com
citigroupsoasit.citigroup.com
customertest.citidirect.citigroup.com
debtxportaluat.issuerservices.citigroup.com
wealthplanneradvisory.china.citigroup.com
citidirectonlineqc21.citidirect.citigroup.com
uatwealthplanneronline.taiwan.citigroup.com
uattest.tradeprocessing.citigroup.com
citigroupsoauat.citigroup.com
uat2.directsalesagent.citigroup.com
secureaccessweb.uat.nam.citigroup.com
cob.directsalesagent8.citigroup.com
uat2.directsalesautomation.citigroup.com
assinaturadigital.brazil.citigroup.com
UAT.CenterForCulture.Citigroup.com
thirdpartyassessment.citigroup.com
UAT21.CITIDIRECT.CITIGROUP.COM
uat.emailtracker.citigroup.com
akamai-san187.exacttarget.com
PRIMEBROKER.CITIGROUP.COM
www.investorreporting.transactionservices.citigroup.com
site04.remoteoffice.europe.citigroup.com
citidirectonline31.citidirect.citigroup.com
banksearch.cib.citigroup.com
emeasalesautomationuat.citigroup.com
samluat.citigroup.com
financelearning.citigroup.com
uat2.wealthplanneradvisory.citigroup.com
webcashmanagercitidirectuat.citibank.citigroup.com
mumbaitaxinforeporting.fatca.citigroup.com
malaysia.FATCA.Citigroup.com
citidirectonlineuat31.citidirect.citigroup.com
logintotalcomponline.citigroup.com
uat.assinaturadigital.brazil.citigroup.com
webcashmanagercitibusinessuat.citibank.citigroup.com
CITIDIRECT4.UAT.CITIGROUP.COM
citigroupsoa.xenc.citigroup.com
instantsalesautomation.citigroup.com
site05.remoteoffice.europe.citigroup.com
uat.salesautomationonline.citigroup.com
securefiletransfer3.citigroup.com
www.citigroup.com
site05.remoteoffice.europe.citigroup.com
logintotalcomponline.citigroup.com
digitalcertificate7uat.citigroup.com
globaltransferagency.cmb.citigroup.com
citigroupsoauataspac.citigroup.com
securefiletransfer3.citigroup.com
issuerservices.icg.citigroup.com
dev1.remoteoffice.citigroup.com
citiconnect.trade.transactionservices.citigroup.com
uat.salesstationonline.citigroup.com
citigroupsoauataspac.xenc.citigroup.com
uatwealthplanneronline.taiwan.citigroup.com
thirdpartyassessment.citigroup.com
www.citi.com
koreacitidirect.citigroup.com
scheduleplanning.citigroup.com
assinaturadigital.brazil.citigroup.com
wealthplannerondevices1.emea.citigroup.com
citidirectonlineuat31.citidirect.citigroup.com
thirdpartyassessment.citigroup.com
assinaturadigital.brazil.citigroup.com
citigroupsoauat.citigroup.com
webcashmanagercitibusinessuat.citibank.citigroup.com
TESTQC31.CITIDIRECT.CITIGROUP.COM
TESTQC31.CITIDIRECT.CITIGROUP.COM
emeasalesautomationuat.citigroup.com
secureCredentialServer.citigroup.com
webcashmanagercitidirectuat.citibank.citigroup.com
cob.tradeimaging.citigroup.com
cdt1up1.brazil.citigroup.com
catsosuat.citigroup.com
secureaccess.nam.citigroup.com
globaltransferagencyuat.cmb.citigroup.com
uatwealthplanneradvisory.taiwan.citigroup.com
responsivesalesautomationrussia.citigroup.com
uattest.tradeprocessing.citigroup.com
PORTFOLIOANALYTICSUAT.TRANSACTIONSERVICES.CITIGROUP.COM
QC21.CITIDIRECT.CITIGROUP.COM
webcashmanagercitidirectuat.citibank.citigroup.com
uat.remoteoffice.citigroup.com
training.citigroup.com
akamai-san187.exacttarget.com
www.electronicbillingtest10.citigroup.com
securemailcenter.citigroup.com
training.citigroup.com
uat2.customer360view.citigroup.com
globaltransferagency.cmb.citigroup.com
SMTPOUTBOUND.CITIGROUP.COM
businessaccess.citibank.citigroup.com
securefiletransferuat.citigroup.com
qc21.citidirect.citigroup.com
banksearchuat.cib.citigroup.com
citigroupsoa.authentication.citigroup.com
contentdelivery.technologyservices.uat.citigroup.com
uat.secureaccessidp.citigroup.com
cookieutility.citigroup.com
training.citigroup.com
digitalcertificate.citigroup.com
citigroupsoasit.citigroup.com
customertest.citidirect.citigroup.com
debtxportaluat.issuerservices.citigroup.com
wealthplanneradvisory.china.citigroup.com
citidirectonlineqc21.citidirect.citigroup.com
uatwealthplanneronline.taiwan.citigroup.com
uattest.tradeprocessing.citigroup.com
citigroupsoauat.citigroup.com
uat2.directsalesagent.citigroup.com
secureaccessweb.uat.nam.citigroup.com
cob.directsalesagent8.citigroup.com
uat2.directsalesautomation.citigroup.com
assinaturadigital.brazil.citigroup.com
UAT.CenterForCulture.Citigroup.com
thirdpartyassessment.citigroup.com
UAT21.CITIDIRECT.CITIGROUP.COM
uat.emailtracker.citigroup.com
akamai-san187.exacttarget.com
PRIMEBROKER.CITIGROUP.COM
www.investorreporting.transactionservices.citigroup.com
site04.remoteoffice.europe.citigroup.com
citidirectonline31.citidirect.citigroup.com
banksearch.cib.citigroup.com
emeasalesautomationuat.citigroup.com
samluat.citigroup.com
financelearning.citigroup.com
uat2.wealthplanneradvisory.citigroup.com
webcashmanagercitidirectuat.citibank.citigroup.com
mumbaitaxinforeporting.fatca.citigroup.com
malaysia.FATCA.Citigroup.com
citidirectonlineuat31.citidirect.citigroup.com
logintotalcomponline.citigroup.com
uat.assinaturadigital.brazil.citigroup.com
webcashmanagercitibusinessuat.citibank.citigroup.com
CITIDIRECT4.UAT.CITIGROUP.COM
citigroupsoa.xenc.citigroup.com
instantsalesautomation.citigroup.com
site05.remoteoffice.europe.citigroup.com
uat.salesautomationonline.citigroup.com
securefiletransfer3.citigroup.com
www.citigroup.com
site05.remoteoffice.europe.citigroup.com
logintotalcomponline.citigroup.com
digitalcertificate7uat.citigroup.com
globaltransferagency.cmb.citigroup.com
citigroupsoauataspac.citigroup.com
securefiletransfer3.citigroup.com
issuerservices.icg.citigroup.com
dev1.remoteoffice.citigroup.com
citiconnect.trade.transactionservices.citigroup.com
uat.salesstationonline.citigroup.com
citigroupsoauataspac.xenc.citigroup.com
uatwealthplanneronline.taiwan.citigroup.com
thirdpartyassessment.citigroup.com
www.citi.com
koreacitidirect.citigroup.com
scheduleplanning.citigroup.com
assinaturadigital.brazil.citigroup.com
wealthplannerondevices1.emea.citigroup.com
citidirectonlineuat31.citidirect.citigroup.com
thirdpartyassessment.citigroup.com
assinaturadigital.brazil.citigroup.com
citigroupsoauat.citigroup.com
webcashmanagercitibusinessuat.citibank.citigroup.com
TESTQC31.CITIDIRECT.CITIGROUP.COM
Certificate
The complete raw certificate details for secureaccess.nam.citigroup.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHazCCBlOgAwIBAgIQDblkq6LOK8HHhY/EovvQsjANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIzMDQxMjAwMDAwMFoXDTI0MDQxMjIz NTk1OVowgdYxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMI RGVsYXdhcmUxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQF EwcyMTU0MjU0MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNV BAcTCE5ldyBZb3JrMRcwFQYDVQQKEw5DaXRpZ3JvdXAgSW5jLjEnMCUGA1UEAxMe c2VjdXJlYWNjZXNzLm5hbS5jaXRpZ3JvdXAuY29tMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEA8YkqKMlmMqL7Bt2tm5f3uddXkDRdkH+MuypPQLsIoxqk E005/f2qE0T+VN//PpjmI5CE4fuxEl5+jDnWQ5GIK93kYoL2E/hRqdHHwWDb/ODl ALNv4y3/ghJw/QZEqlbanchgNpeb1nMw45Rvmjf3Eqd12ax14RxuNIBIfNax+h5N qaTtYf/bUAeHL0QEYhv58nhwe6FSbaZ1mm2VtP96sww2d+up7frE7aThgDACUHpQ Nvzft+xJL48gkOUiqWaLVQLotvRC8RSC8Ex/MoO1CBfczofanyhWpbGoUO6Jn0oq oXrM/WCaZyhkv7H7gAyq7QiTDKmCHHZ5defwce8oUwIDAQABo4IDkzCCA48wHwYD VR0jBBgwFoAUPdNQpdagre7zSmAKZdMh1Pj41g8wHQYDVR0OBBYEFAWuz4GEZZD1 xtQJODAdBgL5AtrfMEUGA1UdEQQ+MDyCHnNlY3VyZWFjY2Vzcy5uYW0uY2l0aWdy b3VwLmNvbYIac2VjdXJlYWNjZXNzLmNpdGlncm91cC5jb20wDgYDVR0PAQH/BAQD AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSg MqAwhi5odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2ZXItZzMu Y3JsMDSgMqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1ldi1zZXJ2 ZXItZzMuY3JsMEoGA1UdIARDMEEwCwYJYIZIAYb9bAIBMDIGBWeBDAEBMCkwJwYI KwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBiAYIKwYBBQUH AQEEfDB6MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUgYI KwYBBQUHMAKGRmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFNI QTJFeHRlbmRlZFZhbGlkYXRpb25TZXJ2ZXJDQS5jcnQwCQYDVR0TBAIwADCCAXwG CisGAQQB1nkCBAIEggFsBIIBaAFmAHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGHc4/GbQAABAMARjBEAiAs1+WmmdSPx3wMMhniVkcCuXfsgshr Hz1aXGtux9uDCAIgTljVP2jYyChLryhKF3CDLa7gMdTxIZgne5sDug/541cAdgBz 2Z6JG0yWeKAgfUed5rLGHNBRXnEZKoxrgBB6wXdytQAAAYdzj8a5AAAEAwBHMEUC IA84cMN/kTDEBCb2cICl4l5D9ad4FONO4ndUGpBRv/kkAiEAnwmCWgiWWgQevSxa lm2ulCLD9sAFgohS+YFWl7gN3WwAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZ u7+rOdiEcwAAAYdzj8a6AAAEAwBGMEQCIHcmhw5gQfnT69MLGDmCgPvpg8TR+SsU PzcvrY2r2QBtAiAGOXss+pdn3zlZuvt8Z5RTe+e+Nv8sSaWzISXhO5vDHjANBgkq hkiG9w0BAQsFAAOCAQEABhvhvNCXC95Drde+uptZQjNLXimrccHblsK9bp961VUU FqQv62TLqRyTP8i7kdAY2F1FvQy2OpCPHv9p5+fKHl1pdfaCoeHrVTmhEk0s6ZZk 6Y28jhDcpeYUxENTW41bjDp+4Mp3K/jS03ldidGnTZRCXjPYbzZ3FAt+uH4Jh6Od FaaY+Y9DiqyK5/xmQ27r/rYI+tJ2Nw3LYkxZZHaTqSUcNBa/DJnm+mUScH8d2gqp Ow1QdFhgtspJRbAqpBuh6uhSvbRRKmbQMgBFO8T56vKPwukPiO4yNywOLGwvC6mG BmmuZCnEN7puDwHxx2WwMZouiw4tZrrrzbAO8s/cUQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8YkqKMlmMqL7Bt2tm5f3 uddXkDRdkH+MuypPQLsIoxqkE005/f2qE0T+VN//PpjmI5CE4fuxEl5+jDnWQ5GI K93kYoL2E/hRqdHHwWDb/ODlALNv4y3/ghJw/QZEqlbanchgNpeb1nMw45Rvmjf3 Eqd12ax14RxuNIBIfNax+h5NqaTtYf/bUAeHL0QEYhv58nhwe6FSbaZ1mm2VtP96 sww2d+up7frE7aThgDACUHpQNvzft+xJL48gkOUiqWaLVQLotvRC8RSC8Ex/MoO1 CBfczofanyhWpbGoUO6Jn0oqoXrM/WCaZyhkv7H7gAyq7QiTDKmCHHZ5defwce8o UwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 18242580703394821511527696649946910898 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'secureaccess.nam.citigroup.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30491069923841265761544852596006879073157460151443490788693517346558643698102294770158420847200322531073101658692524236360422526237551219301964672465754698839011522600181828745618557431216650241070120769424226858237607815734011706886010192346143361385674238232100297623350863157166366785790159632274480883503988318228248758415000878002225529347001576861545784907538481244104577755003017150853899026492150566417778377761286869223362548624246788696076620293915326208947167712816940100804884448160157419278116678361030105252638763170794087194399087129675456356070083002478611001865118761971796029124599883802103325337683 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 05aecf81846590f5c6d40938301d0602f902dadf . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (62 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secureaccess.nam.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secureaccess.citigroup.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g3.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000187738fc66d000004030046304402202cd7e5a699d48fc77c0c3219e2564702b977ec82c86b1f3d5a5c6b6ec7db830802204e58d53f68d8c8284baf284a1770832daee031d4f12198277b9b03ba0ff9e35700760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000187738fc6b9000004030047304502200f3870c37f9130c40426f67080a5e25e43f5a77814e34ee277541a9051bff9240221009f09825a08965a041ebd2c5a966dae9422c3f6c005828852f9815697b80ddd6c00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000187738fc6ba000004030046304402207726870e6041f9d3ebd30b18398280fbe983c4d1f92b143f372fad8dabd9006d022006397b2cfa9767df3959bafb7c6794537be7be36ff2c49a5b32125e13b9bc31e . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00061be1bcd0970bde43add7beba9b5942334b5e29ab71c1db96c2bd6e9f7ad5551416a42feb64cba91c933fc8bb91d018d85d45bd0cb63a908f1eff69e7e7ca1e5d6975f682a1e1eb5539a1124d2ce99664e98dbc8e10dca5e614c443535b8d5b8c3a7ee0ca772bf8d2d3795d89d1a74d94425e33d86f3677140b7eb87e0987a39d15a698f98f438aac8ae7fc66436eebfeb608fad276370dcb624c59647693a9251c3416bf0c99e6fa6512707f1dda0aa93b0d50745860b6ca4945b02aa41ba1eae852bdb4512a66d03200453bc4f9eaf28fc2e90f88ee32372c0e2c6c2f0ba9860669ae6429c437ba6e0f01f1c765b0319a2e8b0e2d66baebcdb00ef2cfdc51