www.privatebank.citibank.com
- Citigroup Inc. -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 08:7d:a5:4b:6f:75:35:c3:3a:21:4b:75:3b:3a:23:f4 was issued on by DigiCert Inc.
With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization unit: Web Hosting Group - A
Organization: Citigroup Inc.
Organization unit: Web Hosting Group - A
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 08:7d:a5:4b:6f:75:35:c3:3a:21:4b:75:3b:3a:23:f4Serial Number (int): 11286213647787505830033652137412142068
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 7d:ed:e0:47:c2:0c:ac:18:1f:32:77:a9:2f:9f:cf:25:c4:e9:62:72
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): 01:9a:d3:99:36:9c:7f:fa:26:4e:2a:33:c3:64:47:34:4c:e8:93:af
Fingerprint (sha256): 03:58:3c:1d:04:a7:64:6b:a7:4d:4d:a5:5f:53:67:bb:39:f8:9a:c0:ce:a0:d3:a0:e7:2c:d6:6f:c9:67:b3:9f
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl
Check the revocation status for certificate www.privatebank.citibank.com
15
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.privatebank.citibank.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.privatebank.citibank.com
citiprivatebankinview.privatebank.citibank.com
citiprivatebankinview.americas.privatebank.citibank.com
citiprivatebankinview.emea.privatebank.citibank.com
citiprivatebankinview.asia.privatebank.citibank.com
m.citiprivatebankinview.americas.privatebank.citibank.com
m.citiprivatebankinview.emea.privatebank.citibank.com
m.citiprivatebankinview.asia.privatebank.citibank.com
www.bankaccount.globalexecutivebanking.citi.com
www.citigold.privateclient.citibank.com
mobile.privatebank.citibank.com
www.privatebank.citibank.ch
www.privatebank.citibank.com.sg
www.citiprivatebankinview.com
privatebank.citibank.com
citiprivatebankinview.privatebank.citibank.com
citiprivatebankinview.americas.privatebank.citibank.com
citiprivatebankinview.emea.privatebank.citibank.com
citiprivatebankinview.asia.privatebank.citibank.com
m.citiprivatebankinview.americas.privatebank.citibank.com
m.citiprivatebankinview.emea.privatebank.citibank.com
m.citiprivatebankinview.asia.privatebank.citibank.com
www.bankaccount.globalexecutivebanking.citi.com
www.citigold.privateclient.citibank.com
mobile.privatebank.citibank.com
www.privatebank.citibank.ch
www.privatebank.citibank.com.sg
www.citiprivatebankinview.com
privatebank.citibank.com
Other certificates including the domain name citibank.com
(limited to 100 certificates)
cust.exacttarget.com
sit2.idmobile.globalcommonbuild.citibank.com
mobileuat.privatebank.citibank.com
sit1.asia.citibank.com
fxdocs.cititreasury.argentina.citibank.com
www.citibank.com
uat.citi.com
cbgsalesforcesit.citibank.com
uat1.digitalengagement.citibank.com
uat.accountonline.com
sit2.idmobile.globalcommonbuild.citibank.com
m.citiprivatebankinviewqa.americas.privatebank.citibank.com
www.privatebank.citibank.com
uat1.content.api.citibank.com
citiretailservices.dit.citibank.com
portal.brazil.citibank.com
idmobile.gcb.globalcommonbuild.uat1.citibank.com
sit2.sgmobile.globalcommonbuild.citibank.com
shim.citiprivatebankinviewqa.emea.privatebank.citibank.com
campo.argentina.citibank.com
cust.exacttarget.com
mobileuat.privatebank.citibank.com
uat2.marketingportal.citibank.com
www.citibank.com
citibusinessonline.da-us.citibank.com
uat2.thgcb.globalcommonbuild.citibank.com
www.uatmerchant.asia.citibank.com
wpm02.eccmp.com
feedback.citibank.com
sit2.cnmobile.globalcommonbuild.citibank.com
www.ew8.privatebank.citibank.com
metrics1.citibank.com
dit2b.hkmobile.globalcommonbuild.citibank.com
www2.citibank.com
portal.brazil.citibank.com
israelsfe.citibank.com
www.uatmerchantserver.citibank.com
sit08.mobile.citibank.com
WWW.ASIAEXTENDEDSERVICES.CITIBANK.COM
www.merchant.citibank.com
uat06.mobile.citibank.com
sit2.hkmobile.globalcommonbuild.citibank.com
sit2.ipbmobile.globalcommonbuild.citibank.com
uat1.asia.citibank.com
dit2.cnmobile.globalcommonbuild.citibank.com
disputes.accountonline.com
www.privatebank.citibank.com
uat.citi.com
citiprivatebankinview.privatebank.citibank.com
serviceemail2.citibank.com
www.cdn.citibank.com
www.citiconnect.asia.citibank.com
online.citibank.com
uat2.vngcb.globalcommonbuild.citibank.com
sit09.mobile.citibank.com
b2bservices.citibank.com
uat.citi.com
centralamerica.citibank.com
uat2.cdn.citibank.com
sit11.mobile.citibank.com
shim.citiprivatebankinview.emea.privatebank.citibank.com
uat2.content.api.citibank.com
dit02.mobile.citibank.com
www.asiaextendedservices.citibank.com
sit2.mobile.aucolesfinancial.globalcommonbuild.citibank.com
www.ceemea.citibank.com
offer.citibank.com
uat2.socialconnect.globalcommonbuild.citibank.com
www.ceemea.citibank.com
marketingportal.citibank.com
www.accountonline.com
sit2.ipbmobile.globalcommonbuild.citibank.com
wpm02.eccmp.com
www.citibank.com
cust.exacttarget.com
marketingportal.citibank.com
uat2.vnmobile.globalcommonbuild.citibank.com
webcashmanagercitidirect.citibank.com
legal.brazil.citibank.com
websocketsit.americas.privatebank.citibank.com
sit2.cnmobile.globalcommonbuild.citibank.com
www.qacobrosonline.citibank.com
sgmobile.ipb.globalcommonbuild.uat1.citibank.com
uat1.phgcb.globalcommonbuild.citibank.com
sit2.mycbz.globalcommonbuild.citibank.com
uat1.vngcb.globalcommonbuild.citibank.com
cust.exacttarget.com
m.uat.asia.citibank.com
uat1.online.citi.com
corporateportal.brazil.citibank.com
campo.argentina.citibank.com
uat07.mobile.citibank.com
relsalesforcedev.citibank.com
cbnasalesforceprod.citibank.com
www.asiaextendedservicesuat1.citibank.com
sit08.mobile.citibank.com
hkmobile.gcb.globalcommonbuild.uat.citibank.com
alerts.citibank.com
wpm01.eccmp.com
dit02.mobile.citibank.com
sit2.idmobile.globalcommonbuild.citibank.com
mobileuat.privatebank.citibank.com
sit1.asia.citibank.com
fxdocs.cititreasury.argentina.citibank.com
www.citibank.com
uat.citi.com
cbgsalesforcesit.citibank.com
uat1.digitalengagement.citibank.com
uat.accountonline.com
sit2.idmobile.globalcommonbuild.citibank.com
m.citiprivatebankinviewqa.americas.privatebank.citibank.com
www.privatebank.citibank.com
uat1.content.api.citibank.com
citiretailservices.dit.citibank.com
portal.brazil.citibank.com
idmobile.gcb.globalcommonbuild.uat1.citibank.com
sit2.sgmobile.globalcommonbuild.citibank.com
shim.citiprivatebankinviewqa.emea.privatebank.citibank.com
campo.argentina.citibank.com
cust.exacttarget.com
mobileuat.privatebank.citibank.com
uat2.marketingportal.citibank.com
www.citibank.com
citibusinessonline.da-us.citibank.com
uat2.thgcb.globalcommonbuild.citibank.com
www.uatmerchant.asia.citibank.com
wpm02.eccmp.com
feedback.citibank.com
sit2.cnmobile.globalcommonbuild.citibank.com
www.ew8.privatebank.citibank.com
metrics1.citibank.com
dit2b.hkmobile.globalcommonbuild.citibank.com
www2.citibank.com
portal.brazil.citibank.com
israelsfe.citibank.com
www.uatmerchantserver.citibank.com
sit08.mobile.citibank.com
WWW.ASIAEXTENDEDSERVICES.CITIBANK.COM
www.merchant.citibank.com
uat06.mobile.citibank.com
sit2.hkmobile.globalcommonbuild.citibank.com
sit2.ipbmobile.globalcommonbuild.citibank.com
uat1.asia.citibank.com
dit2.cnmobile.globalcommonbuild.citibank.com
disputes.accountonline.com
www.privatebank.citibank.com
uat.citi.com
citiprivatebankinview.privatebank.citibank.com
serviceemail2.citibank.com
www.cdn.citibank.com
www.citiconnect.asia.citibank.com
online.citibank.com
uat2.vngcb.globalcommonbuild.citibank.com
sit09.mobile.citibank.com
b2bservices.citibank.com
uat.citi.com
centralamerica.citibank.com
uat2.cdn.citibank.com
sit11.mobile.citibank.com
shim.citiprivatebankinview.emea.privatebank.citibank.com
uat2.content.api.citibank.com
dit02.mobile.citibank.com
www.asiaextendedservices.citibank.com
sit2.mobile.aucolesfinancial.globalcommonbuild.citibank.com
www.ceemea.citibank.com
offer.citibank.com
uat2.socialconnect.globalcommonbuild.citibank.com
www.ceemea.citibank.com
marketingportal.citibank.com
www.accountonline.com
sit2.ipbmobile.globalcommonbuild.citibank.com
wpm02.eccmp.com
www.citibank.com
cust.exacttarget.com
marketingportal.citibank.com
uat2.vnmobile.globalcommonbuild.citibank.com
webcashmanagercitidirect.citibank.com
legal.brazil.citibank.com
websocketsit.americas.privatebank.citibank.com
sit2.cnmobile.globalcommonbuild.citibank.com
www.qacobrosonline.citibank.com
sgmobile.ipb.globalcommonbuild.uat1.citibank.com
uat1.phgcb.globalcommonbuild.citibank.com
sit2.mycbz.globalcommonbuild.citibank.com
uat1.vngcb.globalcommonbuild.citibank.com
cust.exacttarget.com
m.uat.asia.citibank.com
uat1.online.citi.com
corporateportal.brazil.citibank.com
campo.argentina.citibank.com
uat07.mobile.citibank.com
relsalesforcedev.citibank.com
cbnasalesforceprod.citibank.com
www.asiaextendedservicesuat1.citibank.com
sit08.mobile.citibank.com
hkmobile.gcb.globalcommonbuild.uat.citibank.com
alerts.citibank.com
wpm01.eccmp.com
dit02.mobile.citibank.com
Certificate
The complete raw certificate details for www.privatebank.citibank.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJ3zCCCMegAwIBAgIQCH2lS291NcM6IUt1Ozoj9DANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTE4MDYxODAwMDAwMFoXDTE5MTEwMjEy MDAwMFowgfQxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF EwcyMTU0MjU0MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNV BAcTCE5ldyBZb3JrMRcwFQYDVQQKEw5DaXRpZ3JvdXAgSW5jLjEeMBwGA1UECxMV V2ViIEhvc3RpbmcgR3JvdXAgLSBBMSUwIwYDVQQDExx3d3cucHJpdmF0ZWJhbmsu Y2l0aWJhbmsuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7SE QxNz4eo8zeIwTaJ07Jk5WP/kP66GSLX74h3VXxHksDwcPxQvJeAVvS+qr2zFNGi5 EOTBj8KUjyq3+Pi3x8sM7n9o6huFthHYgc+bfXf5HVdMrvsNj25yZzJPPO/uxAo5 lwTuxQQL8FLs6e0Nl69XNWVCgiOP3Mbg9a68fNZ8HZAVRwFTq6ubr/GFXIgX0nfN zV36B3IRuGwQ37orGS2zI0fn4JSJbI+nXnlcp1eSs4Bmpgov2udZuw9/nevs9hn6 ftIywtrq/sVGncCgq6KDH3HD0RUJTxaYodw6gLVsKSxPQO59gnzF2tfNAkYYOFR+ VDXyhnAWwfVvgMXPqQIDAQABo4IF6TCCBeUwHwYDVR0jBBgwFoAUPdNQpdagre7z SmAKZdMh1Pj41g8wHQYDVR0OBBYEFH3t4EfCDKwYHzJ3qS+fzyXE6WJyMIICmQYD VR0RBIICkDCCAoyCHHd3dy5wcml2YXRlYmFuay5jaXRpYmFuay5jb22CLmNpdGlw cml2YXRlYmFua2ludmlldy5wcml2YXRlYmFuay5jaXRpYmFuay5jb22CN2NpdGlw cml2YXRlYmFua2ludmlldy5hbWVyaWNhcy5wcml2YXRlYmFuay5jaXRpYmFuay5j b22CM2NpdGlwcml2YXRlYmFua2ludmlldy5lbWVhLnByaXZhdGViYW5rLmNpdGli YW5rLmNvbYIzY2l0aXByaXZhdGViYW5raW52aWV3LmFzaWEucHJpdmF0ZWJhbmsu Y2l0aWJhbmsuY29tgjltLmNpdGlwcml2YXRlYmFua2ludmlldy5hbWVyaWNhcy5w cml2YXRlYmFuay5jaXRpYmFuay5jb22CNW0uY2l0aXByaXZhdGViYW5raW52aWV3 LmVtZWEucHJpdmF0ZWJhbmsuY2l0aWJhbmsuY29tgjVtLmNpdGlwcml2YXRlYmFu a2ludmlldy5hc2lhLnByaXZhdGViYW5rLmNpdGliYW5rLmNvbYIvd3d3LmJhbmth Y2NvdW50Lmdsb2JhbGV4ZWN1dGl2ZWJhbmtpbmcuY2l0aS5jb22CJ3d3dy5jaXRp Z29sZC5wcml2YXRlY2xpZW50LmNpdGliYW5rLmNvbYIfbW9iaWxlLnByaXZhdGVi YW5rLmNpdGliYW5rLmNvbYIbd3d3LnByaXZhdGViYW5rLmNpdGliYW5rLmNogh93 d3cucHJpdmF0ZWJhbmsuY2l0aWJhbmsuY29tLnNngh13d3cuY2l0aXByaXZhdGVi YW5raW52aWV3LmNvbYIYcHJpdmF0ZWJhbmsuY2l0aWJhbmsuY29tMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4w bDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVy LWcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYt c2VydmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUF BwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMIGIBggr BgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv bTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lD ZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAJBgNVHRMEAjAA MIIBewYKKwYBBAHWeQIEAgSCAWsEggFnAWUAdQCkuQmQtBhYFIe7E6LMZ3AKPDWY BPkb37jjd80OyA3cEAAAAWQTsGwfAAAEAwBGMEQCIBvNg5tQykaIeUD1DpnuRL1J XgY91UviDLrR3Zr6T1d7AiBIA0tiIi2w9a5FhE+BawpLzHIqt2oqb42ocdusMEy6 uQB0AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAABZBOwbIsAAAQD AEUwQwIgFx/qSTP45hmmZRepNmQMpbeFYkT+s+9gy1Pch8wszcgCH0z5WwsX4V8x ASa0Mz3DRpRqK2uWVzKn6bipZZT3j4cAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS 6BqQlmQ2jh7RhQAAAWQTsG0SAAAEAwBHMEUCIDLkfu98jzdKYSp6S0U7cV+Xq2UY lnFkznD8GuiqoLJdAiEAzvaYm/BXWXuxc7JtBsofqgSfg9dU+bGdEe1NOACxpmYw DQYJKoZIhvcNAQELBQADggEBAIFUbNFBcO755qHlfy1Dmvqohs1IXZWlZo/YVNNb TU5yE4COpIarWxdNACfpFQhA1RLGdqBSmqYh1hVETcJ7iXMiYkSc/ugFs8sUr2vR lk4xDyTC8HOaLc2mMJejcNXScxi+GsJ6bjBHPzBbn25DZgnXBk13vmCl77fDfh3r bRMorN3xkU70hKPDv8De/NTDRvnNyOkUviZrbfaFibxWG5vq95WHKZEYd52wPqAw vt8RY+wgw0SofFGwONDF2/7eWbwLkjN3P0WB7Fp1hRgJmAwnCBg8xv4TCSa3vhge MeAKI2ikJ+34eIkffp16sVRV4q1/YtlXRjpD3pv4sW1nmO8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7SEQxNz4eo8zeIwTaJ0 7Jk5WP/kP66GSLX74h3VXxHksDwcPxQvJeAVvS+qr2zFNGi5EOTBj8KUjyq3+Pi3 x8sM7n9o6huFthHYgc+bfXf5HVdMrvsNj25yZzJPPO/uxAo5lwTuxQQL8FLs6e0N l69XNWVCgiOP3Mbg9a68fNZ8HZAVRwFTq6ubr/GFXIgX0nfNzV36B3IRuGwQ37or GS2zI0fn4JSJbI+nXnlcp1eSs4Bmpgov2udZuw9/nevs9hn6ftIywtrq/sVGncCg q6KDH3HD0RUJTxaYodw6gLVsKSxPQO59gnzF2tfNAkYYOFR+VDXyhnAWwfVvgMXP qQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11286213647787505830033652137412142068 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-06-18 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-02 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Web Hosting Group - A' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.privatebank.citibank.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26220345205023290288401339545184298425760154236591474912188964025800303875632394970591269983263405293691675800733759812363322367269425077831451398466276935433835766760494513079216472921735277080383687920194920452980035196496515796446204775756847749588152020739713252718873013242217067190262316629063614678801476895974417115907739036984208513899087109512734111863305351335093482986905733380935259822655788208810633866518687327501180564915187688965006037510024189937067443463542532292055525717464427644164874861656345418951497013422988510893547652643456905682604702686119356192546367721099942545282995894766630399758249 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7dede047c20cac181f3277a92f9fcf25c4e96272 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (656 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citiprivatebankinview.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citiprivatebankinview.americas.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citiprivatebankinview.emea.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citiprivatebankinview.asia.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.citiprivatebankinview.americas.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.citiprivatebankinview.emea.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.citiprivatebankinview.asia.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.bankaccount.globalexecutivebanking.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citigold.privateclient.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobile.privatebank.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privatebank.citibank.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.privatebank.citibank.com.sg' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citiprivatebankinview.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privatebank.citibank.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (359 bytes) 0165007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016413b06c1f000004030046304402201bcd839b50ca46887940f50e99ee44bd495e063dd54be20cbad1dd9afa4f577b022048034b62222db0f5ae45844f816b0a4bcc722ab76a2a6f8da871dbac304cbab90074005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000016413b06c8b00000403004530430220171fea4933f8e619a66517a936640ca5b7856244feb3ef60cb53dc87cc2ccdc8021f4cf95b0b17e15f310126b4333dc346946a2b6b965732a7e9b8a96594f78f87007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016413b06d120000040300473045022032e47eef7c8f374a612a7a4b453b715f97ab6518967164ce70fc1ae8aaa0b25d022100cef6989bf057597bb173b26d06ca1faa049f83d754f9b19d11ed4d3800b1a666 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0081546cd14170eef9e6a1e57f2d439afaa886cd485d95a5668fd854d35b4d4e7213808ea486ab5b174d0027e9150840d512c676a0529aa621d615444dc27b89732262449cfee805b3cb14af6bd1964e310f24c2f0739a2dcda63097a370d5d27318be1ac27a6e30473f305b9f6e436609d7064d77be60a5efb7c37e1deb6d1328acddf1914ef484a3c3bfc0defcd4c346f9cdc8e914be266b6df68589bc561b9beaf79587299118779db03ea030bedf1163ec20c344a87c51b038d0c5dbfede59bc0b9233773f4581ec5a75851809980c2708183cc6fe130926b7be181e31e00a2368a427edf878891f7e9d7ab15455e2ad7f62d957463a43de9bf8b16d6798ef