bolsit.nam.nsroot.net
- Citigroup Inc. -
Issued by DigiCert Global CA G2
About this certificate
This digital certificate with serial number 01:88:3d:0b:26:de:3c:99:d3:e3:95:17:e8:2c:11:4c was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization unit: 151477
Organization: Citigroup Inc.
Organization unit: 151477
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:88:3d:0b:26:de:3c:99:d3:e3:95:17:e8:2c:11:4cSerial Number (int): 2036618479070360923962115708594950476
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: 42:99:7a:28:1f:cf:47:44:f2:be:85:66:41:64:b9:3a:04:04:ec:32
AuthorityKeyId: 24:6e:2b:2d:d0:6a:92:51:51:25:69:01:aa:9a:47:a6:89:e7:40:20
Fingerprint (sha1): 21:e2:e5:1b:a4:57:c7:4f:c6:38:ef:c6:b2:b2:4f:51:09:bd:62:dc
Fingerprint (sha256): 06:2c:d5:98:23:5a:c2:f9:8d:15:82:d0:75:d5:1d:fd:e3:85:42:a3:89:e8:28:f8:71:ea:5b:6f:30:67:eb:a2
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalCAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalCAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalCAG2.crl
Check the revocation status for certificate bolsit.nam.nsroot.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bolsit.nam.nsroot.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bolsit2.nam.nsroot.net
bolsit.nam.nsroot.net
bolsit.nam.nsroot.net
Other certificates including the domain name nsroot.net
(limited to 100 certificates)
server-7.goldpac.apac.nsroot.net
ecmsynd-uat.nam.nsroot.net
academy-ukr.apac.nsroot.net
cdasmwp15z1.nam.nsroot.net
GTUATORG01.nam.nsroot.net
cob.citibankchina.goldpac.apac.nsroot.net
sfnamuat.wlb2.nam.nsroot.net
ctrxemeauatj.eur.nsroot.net
CAPAMS2XMLSWDC-vip.nam.nsroot.net
vm-unam2-cimp00.nam.nsroot.net
citi.retail.ips-uat.ptnr-b-data.nam.nsroot.net
digitalopsuat.nam.nsroot.net
NAMLY13ENYUAT12.namuat.nsrootuat.dyn.nsroot.net
LyncProdDR.EUR.NSROOT.NET
ch2mwpiapp1.nam.nsroot.net
shim.citiprivatebankinviewqa.emea.privatebank.citibank.com
ch2swuiapp1.nam.nsroot.net
CTRXEUXDRDC70-vip.eur.nsroot.net
speengineuat.wlb3.nam.nsroot.net
MP01VIP2.MP01.MEX.NSROOT.NET
RSGDVIPA.apac.nsroot.net
ccfundnotifications.nam.nsroot.net
webfarm-staging.eur.nsroot.net
UFP1-CIPP01.nam.nsroot.net
LYNC10GTPST01.nam.nsroot.net
m4defdc-aes10-dl360g8.eur.nsroot.net
sbc0401aconp01v.nam.nsroot.net
indo-snok-cob.eur.nsroot.net
CAPAPACPNAXMLHKAST-vip.apac.nsroot.net
lync13pooldev2.namuat.nsrootuat.dyn.nsroot.net
lacbra001as0011.lac.nsroot.net
ccooprod.nam.nsroot.net
consumer.wlb2.nam.nsroot.net
CitiDirectPRODSSO.nam.nsroot.net
sydndm3u.aus.nsroot.net
ctrxnasf-PNA.wlb2.nam.nsroot.net
citi.p-fduc-data.sec.nam.nsroot.net
hcasbat_pkr.apac.nsroot.net
uat.realtime.grosspayment.gateway.citigroup.net
jfxlbeoluat.eur.nsroot.net
vtcgtdcuweb1.nam.nsroot.net
CAPAPACTPAXMLSGCT2-vip.apac.nsroot.net
tneu.nam.nsroot.net
clouddesktop-sgdc01-vip.apac.nsroot.net
speengineuat.wlb3.nam.nsroot.net
GTUATCXC01qmv75.nam.nsroot.net
CAPAMSUATXMLRUTH-vip.nam.nsroot.net
menaisrflxu.eur.nsroot.net
GTAEMF4_QM.DIT_qmv75.nam.nsroot.net
clouddesktop-sgdc01-vip.apac.nsroot.net
acheprod.nam.nsroot.net
vusmwdc-ica01-mpx8200-callback.nam.nsroot.net
yieldbook.nam.nsroot.net
tenb51-sit-gsrenapc.nam.nsroot.net
gtcrd-cblla01u.nam.nsroot.net
MessagingclientAceInternationalPR.lac.nsroot.net
apsgontw7w2307.apac.nsroot.net
aawebsocket-uat.wlb.nam.nsroot.net
imbdlpbuf-ru03.nam.nsroot.net
ctrxemeasf-U-PNA.wlb2.eur.nsroot.net
mdefdc-vcs01-vcsco.eur.nsroot.net
esbuat.emeaconsumer.citigroup.net
fxmmilnap1u.eur.nsroot.net
CTRXAPACXDSG7-vip.apac.nsroot.net
s3dev_hrss.nam.nsroot.net
ASUSMD831FIN9V.NAM.NSROOT.NET
imbtcrelay-ru03.nam.nsroot.net
ufcappln.apac.nsroot.net
RSGDVIPA.apac.nsroot.net
banamexsoaperf.banamex.com
devcitisource.nam.nsroot.net
icl-ironkey-va01.nam.nsroot.net
smcpint.ny.ssmb.com
imbtcrelay-gt03.nam.nsroot.net
Lync13ProdDR.apac.nsroot.net
CLOUDDESKTOP-GTDC01-vip.nam.nsroot.net
mgbrdc-pexv07-c220.eur.nsroot.net
www.bnepremium.lac.nsroot.net
RUS111W-MAN02-6509-TENGE2-4.nam.nsroot.net
bolsit.nam.nsroot.net
gmi-dev.nam.nsroot.net
LyncProdDR.EUR.NSROOT.NET
jfpprdhu-rbw-maint-svr1.eur.nsroot.net
TRADERECORDSINFOINDIA.ICG.CITIGROUP.NET
citibankdr.banctecportal.eur.nsroot.net
citisft-usrtdc-pr3-edge-g1.nam.nsroot.net
apacthdsibpm001.apac.nsroot.net
rgbrdc-b2b44-2911.eur.nsroot.net
SBC1802DCONP01V.nam.nsroot.net
digitalopsdev.nam.nsroot.net
uatndm.octopus.gcbhk.apac.nsroot.net
mdefdc-vcs02-vcsex.eur.nsroot.net
uat.eoscar3.nam.nsroot.net
sd-cd7f-c896.nam.nsroot.net
ctrxlatcts.wlb.lac.nsroot.net
apac.nsroot.net
latamesbsit-icg.nam.nsroot.net
CTRXAPACXDSG7-vip.apac.nsroot.net
gmi.nam.nsroot.net
m1gbrdc-svx01-aes.eur.nsroot.net
ecmsynd-uat.nam.nsroot.net
academy-ukr.apac.nsroot.net
cdasmwp15z1.nam.nsroot.net
GTUATORG01.nam.nsroot.net
cob.citibankchina.goldpac.apac.nsroot.net
sfnamuat.wlb2.nam.nsroot.net
ctrxemeauatj.eur.nsroot.net
CAPAMS2XMLSWDC-vip.nam.nsroot.net
vm-unam2-cimp00.nam.nsroot.net
citi.retail.ips-uat.ptnr-b-data.nam.nsroot.net
digitalopsuat.nam.nsroot.net
NAMLY13ENYUAT12.namuat.nsrootuat.dyn.nsroot.net
LyncProdDR.EUR.NSROOT.NET
ch2mwpiapp1.nam.nsroot.net
shim.citiprivatebankinviewqa.emea.privatebank.citibank.com
ch2swuiapp1.nam.nsroot.net
CTRXEUXDRDC70-vip.eur.nsroot.net
speengineuat.wlb3.nam.nsroot.net
MP01VIP2.MP01.MEX.NSROOT.NET
RSGDVIPA.apac.nsroot.net
ccfundnotifications.nam.nsroot.net
webfarm-staging.eur.nsroot.net
UFP1-CIPP01.nam.nsroot.net
LYNC10GTPST01.nam.nsroot.net
m4defdc-aes10-dl360g8.eur.nsroot.net
sbc0401aconp01v.nam.nsroot.net
indo-snok-cob.eur.nsroot.net
CAPAPACPNAXMLHKAST-vip.apac.nsroot.net
lync13pooldev2.namuat.nsrootuat.dyn.nsroot.net
lacbra001as0011.lac.nsroot.net
ccooprod.nam.nsroot.net
consumer.wlb2.nam.nsroot.net
CitiDirectPRODSSO.nam.nsroot.net
sydndm3u.aus.nsroot.net
ctrxnasf-PNA.wlb2.nam.nsroot.net
citi.p-fduc-data.sec.nam.nsroot.net
hcasbat_pkr.apac.nsroot.net
uat.realtime.grosspayment.gateway.citigroup.net
jfxlbeoluat.eur.nsroot.net
vtcgtdcuweb1.nam.nsroot.net
CAPAPACTPAXMLSGCT2-vip.apac.nsroot.net
tneu.nam.nsroot.net
clouddesktop-sgdc01-vip.apac.nsroot.net
speengineuat.wlb3.nam.nsroot.net
GTUATCXC01qmv75.nam.nsroot.net
CAPAMSUATXMLRUTH-vip.nam.nsroot.net
menaisrflxu.eur.nsroot.net
GTAEMF4_QM.DIT_qmv75.nam.nsroot.net
clouddesktop-sgdc01-vip.apac.nsroot.net
acheprod.nam.nsroot.net
vusmwdc-ica01-mpx8200-callback.nam.nsroot.net
yieldbook.nam.nsroot.net
tenb51-sit-gsrenapc.nam.nsroot.net
gtcrd-cblla01u.nam.nsroot.net
MessagingclientAceInternationalPR.lac.nsroot.net
apsgontw7w2307.apac.nsroot.net
aawebsocket-uat.wlb.nam.nsroot.net
imbdlpbuf-ru03.nam.nsroot.net
ctrxemeasf-U-PNA.wlb2.eur.nsroot.net
mdefdc-vcs01-vcsco.eur.nsroot.net
esbuat.emeaconsumer.citigroup.net
fxmmilnap1u.eur.nsroot.net
CTRXAPACXDSG7-vip.apac.nsroot.net
s3dev_hrss.nam.nsroot.net
ASUSMD831FIN9V.NAM.NSROOT.NET
imbtcrelay-ru03.nam.nsroot.net
ufcappln.apac.nsroot.net
RSGDVIPA.apac.nsroot.net
banamexsoaperf.banamex.com
devcitisource.nam.nsroot.net
icl-ironkey-va01.nam.nsroot.net
smcpint.ny.ssmb.com
imbtcrelay-gt03.nam.nsroot.net
Lync13ProdDR.apac.nsroot.net
CLOUDDESKTOP-GTDC01-vip.nam.nsroot.net
mgbrdc-pexv07-c220.eur.nsroot.net
www.bnepremium.lac.nsroot.net
RUS111W-MAN02-6509-TENGE2-4.nam.nsroot.net
bolsit.nam.nsroot.net
gmi-dev.nam.nsroot.net
LyncProdDR.EUR.NSROOT.NET
jfpprdhu-rbw-maint-svr1.eur.nsroot.net
TRADERECORDSINFOINDIA.ICG.CITIGROUP.NET
citibankdr.banctecportal.eur.nsroot.net
citisft-usrtdc-pr3-edge-g1.nam.nsroot.net
apacthdsibpm001.apac.nsroot.net
rgbrdc-b2b44-2911.eur.nsroot.net
SBC1802DCONP01V.nam.nsroot.net
digitalopsdev.nam.nsroot.net
uatndm.octopus.gcbhk.apac.nsroot.net
mdefdc-vcs02-vcsex.eur.nsroot.net
uat.eoscar3.nam.nsroot.net
sd-cd7f-c896.nam.nsroot.net
ctrxlatcts.wlb.lac.nsroot.net
apac.nsroot.net
latamesbsit-icg.nam.nsroot.net
CTRXAPACXDSG7-vip.apac.nsroot.net
gmi.nam.nsroot.net
m1gbrdc-svx01-aes.eur.nsroot.net
Certificate
The complete raw certificate details for bolsit.nam.nsroot.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFuDCCBKCgAwIBAgIQAYg9CybePJnT45UX6CwRTDANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTgxMTMwMDAwMDAwWhcNMjAxMTI5MTIw MDAwWjCB3jEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEE AYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVsYXdhcmUxEDAOBgNVBAUT BzIxNTQyNTQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UE BxMITmV3IFlvcmsxFzAVBgNVBAoTDkNpdGlncm91cCBJbmMuMQ8wDQYDVQQLEwYx NTE0NzcxHjAcBgNVBAMTFWJvbHNpdC5uYW0ubnNyb290Lm5ldDCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAIbVyw6Z2cB5YEKLZpWDqVSKQYWjUsJqEktB xQLdqUN7Mb21WN5tPHqHK1kyuDXxHBTsmutLc/HapjVcBY7KWANwaaujrBMJfC6/ A+VkUBoPo/x+3KSSS09PrX+9dpdwlP+im5r0fevr3lu7tlgaKHOm1JAN2xczmSv9 RH2GyykdlVg87AyCab7FyJbMNCrLeY1e8Lph4GCC+U9O9wTf7ZAg2t9lpl73F49N h6IR0BUDxOWlDPH0EOq3xWWwWKeO+9rXJEPDnB3wHdZuqk/MQOTeOSM+XNJ0Y6rb mhZnFYFpon3D1Pjw0iCIxyIU2ECMFlmCftAuB0IutlnQOcTaUCkCAwEAAaOCAgkw ggIFMB8GA1UdIwQYMBaAFCRuKy3QapJRUSVpAaqaR6aJ50AgMB0GA1UdDgQWBBRC mXooH89HRPK+hWZBZLk6BATsMjA4BgNVHREEMTAvghZib2xzaXQyLm5hbS5uc3Jv b3QubmV0ghVib2xzaXQubmFtLm5zcm9vdC5uZXQwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB3BgNVHR8EcDBuMDWgM6Axhi9o dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNybDA1 oDOgMYYvaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsQ0FH Mi5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0 cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATB0BggrBgEFBQcBAQRo MGYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA+BggrBgEF BQcwAoYyaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFs Q0FHMi5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG 9w0BAQsFAAOCAQEACrRddEQTXkuJqlyPhLVRaAsEUOwzfzXd2wWvJwGwHUcCejYD dTuWdVtG1jOfiFNSe99wwhxWH1+fSASBq0AOV9d/TixBxOvfeeJrOE2YAgx5sdiO vcTPssRMsnexcYw+ouE1IBT0iOmA8xxnIIqZkXraRSqdcFvZQJOegh757QdFLrCa QtFVWqKRT4VGx0a542FKhGxVKihXnGc0Q1yDa7j6XXvGu6gloqJ/NgtL/8RwezuO oLe2A3VPUxE833Cdca/q4ZIZaA/+xkVT09xq/87eWMWWwQzs6pkQRiAjbcFERofC Y1AEIc5SfIwrJfoFzhCKNzbT4rfcAGxwCcmoLw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtXLDpnZwHlgQotmlYOp VIpBhaNSwmoSS0HFAt2pQ3sxvbVY3m08eocrWTK4NfEcFOya60tz8dqmNVwFjspY A3Bpq6OsEwl8Lr8D5WRQGg+j/H7cpJJLT0+tf712l3CU/6KbmvR96+veW7u2WBoo c6bUkA3bFzOZK/1EfYbLKR2VWDzsDIJpvsXIlsw0Kst5jV7wumHgYIL5T073BN/t kCDa32WmXvcXj02HohHQFQPE5aUM8fQQ6rfFZbBYp4772tckQ8OcHfAd1m6qT8xA 5N45Iz5c0nRjqtuaFmcVgWmifcPU+PDSIIjHIhTYQIwWWYJ+0C4HQi62WdA5xNpQ KQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 2036618479070360923962115708594950476 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-29 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '151477' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bolsit.nam.nsroot.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17021358217458514137349692132056239041339682015250467645524738902295324582124197433427340761371636572717701424062142683269575975857031667910212220387369641553713999548716280671582955390374748905423173061440359701484309919050573209160160563870672799255921054493905097140773145544081527053147954024830914341856116681023922732407198923281525275214754485908070170821164142852635517028598324964022407386132051941886500353467852727315589780436069379608301583159625308962077629987123470579491175580829022010563412198103716699968009280565928976267940734885117176099047271839506660523212663725312682627716573684728760607854633 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 246e2b2dd06a925151256901aa9a47a689e74020 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 42997a281fcf4744f2be85664164b93a0404ec32 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (49 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bolsit2.nam.nsroot.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bolsit.nam.nsroot.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalCAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalCAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000ab45d7444135e4b89aa5c8f84b551680b0450ec337f35dddb05af2701b01d47027a3603753b96755b46d6339f8853527bdf70c21c561f5f9f480481ab400e57d77f4e2c41c4ebdf79e26b384d98020c79b1d88ebdc4cfb2c44cb277b1718c3ea2e1352014f488e980f31c67208a99917ada452a9d705bd940939e821ef9ed07452eb09a42d1555aa2914f8546c746b9e3614a846c552a28579c6734435c836bb8fa5d7bc6bba825a2a27f360b4bffc4707b3b8ea0b7b603754f53113cdf709d71afeae19219680ffec64553d3dc6affcede58c596c10cecea99104620236dc1444687c263500421ce527c8c2b25fa05ce108a3736d3e2b7dc006c7009c9a82f