thirdpartyassessment.citigroup.com
- Citigroup Inc. -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 0c:b9:d1:bf:95:7d:7a:88:01:b6:6d:b7:d9:43:61:52 was issued on by DigiCert Inc.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization unit: 154405
Organization: Citigroup Inc.
Organization unit: 154405
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:b9:d1:bf:95:7d:7a:88:01:b6:6d:b7:d9:43:61:52Serial Number (int): 16915565070699097838154666570919666002
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 3b:98:49:3f:f6:6c:b4:14:03:d1:48:ce:16:48:b2:80:ca:d9:3b:cd
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): 1b:93:9d:25:1c:d0:96:a1:08:1d:7e:1f:f5:dc:c0:1d:46:22:a2:d1
Fingerprint (sha256): 08:81:d9:09:98:ec:b4:e6:b5:87:c3:71:76:0a:8c:a5:71:70:77:9f:bc:d1:58:ca:82:86:16:40:c3:e2:d9:26
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g2.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g2.crl
Check the revocation status for certificate thirdpartyassessment.citigroup.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thirdpartyassessment.citigroup.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thirdpartyassessment.citigroup.com
Other certificates including the domain name citigroup.com
(limited to 100 certificates)
businessaccess.citibank.citigroup.com
TESTQC31.CITIDIRECT.CITIGROUP.COM
emeasalesautomationuat.citigroup.com
secureCredentialServer.citigroup.com
webcashmanagercitidirectuat.citibank.citigroup.com
cob.tradeimaging.citigroup.com
cdt1up1.brazil.citigroup.com
catsosuat.citigroup.com
secureaccess.nam.citigroup.com
globaltransferagencyuat.cmb.citigroup.com
uatwealthplanneradvisory.taiwan.citigroup.com
responsivesalesautomationrussia.citigroup.com
uattest.tradeprocessing.citigroup.com
PORTFOLIOANALYTICSUAT.TRANSACTIONSERVICES.CITIGROUP.COM
QC21.CITIDIRECT.CITIGROUP.COM
webcashmanagercitidirectuat.citibank.citigroup.com
uat.remoteoffice.citigroup.com
training.citigroup.com
akamai-san187.exacttarget.com
www.electronicbillingtest10.citigroup.com
securemailcenter.citigroup.com
training.citigroup.com
uat2.customer360view.citigroup.com
globaltransferagency.cmb.citigroup.com
SMTPOUTBOUND.CITIGROUP.COM
businessaccess.citibank.citigroup.com
securefiletransferuat.citigroup.com
qc21.citidirect.citigroup.com
banksearchuat.cib.citigroup.com
citigroupsoa.authentication.citigroup.com
contentdelivery.technologyservices.uat.citigroup.com
uat.secureaccessidp.citigroup.com
cookieutility.citigroup.com
training.citigroup.com
digitalcertificate.citigroup.com
citigroupsoasit.citigroup.com
customertest.citidirect.citigroup.com
debtxportaluat.issuerservices.citigroup.com
wealthplanneradvisory.china.citigroup.com
citidirectonlineqc21.citidirect.citigroup.com
uatwealthplanneronline.taiwan.citigroup.com
uattest.tradeprocessing.citigroup.com
citigroupsoauat.citigroup.com
uat2.directsalesagent.citigroup.com
secureaccessweb.uat.nam.citigroup.com
cob.directsalesagent8.citigroup.com
uat2.directsalesautomation.citigroup.com
assinaturadigital.brazil.citigroup.com
UAT.CenterForCulture.Citigroup.com
thirdpartyassessment.citigroup.com
UAT21.CITIDIRECT.CITIGROUP.COM
uat.emailtracker.citigroup.com
akamai-san187.exacttarget.com
PRIMEBROKER.CITIGROUP.COM
www.investorreporting.transactionservices.citigroup.com
site04.remoteoffice.europe.citigroup.com
citidirectonline31.citidirect.citigroup.com
banksearch.cib.citigroup.com
emeasalesautomationuat.citigroup.com
samluat.citigroup.com
financelearning.citigroup.com
uat2.wealthplanneradvisory.citigroup.com
webcashmanagercitidirectuat.citibank.citigroup.com
mumbaitaxinforeporting.fatca.citigroup.com
malaysia.FATCA.Citigroup.com
citidirectonlineuat31.citidirect.citigroup.com
logintotalcomponline.citigroup.com
uat.assinaturadigital.brazil.citigroup.com
webcashmanagercitibusinessuat.citibank.citigroup.com
CITIDIRECT4.UAT.CITIGROUP.COM
citigroupsoa.xenc.citigroup.com
instantsalesautomation.citigroup.com
site05.remoteoffice.europe.citigroup.com
uat.salesautomationonline.citigroup.com
securefiletransfer3.citigroup.com
www.citigroup.com
site05.remoteoffice.europe.citigroup.com
logintotalcomponline.citigroup.com
digitalcertificate7uat.citigroup.com
globaltransferagency.cmb.citigroup.com
citigroupsoauataspac.citigroup.com
securefiletransfer3.citigroup.com
issuerservices.icg.citigroup.com
dev1.remoteoffice.citigroup.com
citiconnect.trade.transactionservices.citigroup.com
uat.salesstationonline.citigroup.com
citigroupsoauataspac.xenc.citigroup.com
uatwealthplanneronline.taiwan.citigroup.com
thirdpartyassessment.citigroup.com
www.citi.com
koreacitidirect.citigroup.com
scheduleplanning.citigroup.com
assinaturadigital.brazil.citigroup.com
wealthplannerondevices1.emea.citigroup.com
citidirectonlineuat31.citidirect.citigroup.com
thirdpartyassessment.citigroup.com
assinaturadigital.brazil.citigroup.com
citigroupsoauat.citigroup.com
webcashmanagercitibusinessuat.citibank.citigroup.com
TESTQC31.CITIDIRECT.CITIGROUP.COM
TESTQC31.CITIDIRECT.CITIGROUP.COM
emeasalesautomationuat.citigroup.com
secureCredentialServer.citigroup.com
webcashmanagercitidirectuat.citibank.citigroup.com
cob.tradeimaging.citigroup.com
cdt1up1.brazil.citigroup.com
catsosuat.citigroup.com
secureaccess.nam.citigroup.com
globaltransferagencyuat.cmb.citigroup.com
uatwealthplanneradvisory.taiwan.citigroup.com
responsivesalesautomationrussia.citigroup.com
uattest.tradeprocessing.citigroup.com
PORTFOLIOANALYTICSUAT.TRANSACTIONSERVICES.CITIGROUP.COM
QC21.CITIDIRECT.CITIGROUP.COM
webcashmanagercitidirectuat.citibank.citigroup.com
uat.remoteoffice.citigroup.com
training.citigroup.com
akamai-san187.exacttarget.com
www.electronicbillingtest10.citigroup.com
securemailcenter.citigroup.com
training.citigroup.com
uat2.customer360view.citigroup.com
globaltransferagency.cmb.citigroup.com
SMTPOUTBOUND.CITIGROUP.COM
businessaccess.citibank.citigroup.com
securefiletransferuat.citigroup.com
qc21.citidirect.citigroup.com
banksearchuat.cib.citigroup.com
citigroupsoa.authentication.citigroup.com
contentdelivery.technologyservices.uat.citigroup.com
uat.secureaccessidp.citigroup.com
cookieutility.citigroup.com
training.citigroup.com
digitalcertificate.citigroup.com
citigroupsoasit.citigroup.com
customertest.citidirect.citigroup.com
debtxportaluat.issuerservices.citigroup.com
wealthplanneradvisory.china.citigroup.com
citidirectonlineqc21.citidirect.citigroup.com
uatwealthplanneronline.taiwan.citigroup.com
uattest.tradeprocessing.citigroup.com
citigroupsoauat.citigroup.com
uat2.directsalesagent.citigroup.com
secureaccessweb.uat.nam.citigroup.com
cob.directsalesagent8.citigroup.com
uat2.directsalesautomation.citigroup.com
assinaturadigital.brazil.citigroup.com
UAT.CenterForCulture.Citigroup.com
thirdpartyassessment.citigroup.com
UAT21.CITIDIRECT.CITIGROUP.COM
uat.emailtracker.citigroup.com
akamai-san187.exacttarget.com
PRIMEBROKER.CITIGROUP.COM
www.investorreporting.transactionservices.citigroup.com
site04.remoteoffice.europe.citigroup.com
citidirectonline31.citidirect.citigroup.com
banksearch.cib.citigroup.com
emeasalesautomationuat.citigroup.com
samluat.citigroup.com
financelearning.citigroup.com
uat2.wealthplanneradvisory.citigroup.com
webcashmanagercitidirectuat.citibank.citigroup.com
mumbaitaxinforeporting.fatca.citigroup.com
malaysia.FATCA.Citigroup.com
citidirectonlineuat31.citidirect.citigroup.com
logintotalcomponline.citigroup.com
uat.assinaturadigital.brazil.citigroup.com
webcashmanagercitibusinessuat.citibank.citigroup.com
CITIDIRECT4.UAT.CITIGROUP.COM
citigroupsoa.xenc.citigroup.com
instantsalesautomation.citigroup.com
site05.remoteoffice.europe.citigroup.com
uat.salesautomationonline.citigroup.com
securefiletransfer3.citigroup.com
www.citigroup.com
site05.remoteoffice.europe.citigroup.com
logintotalcomponline.citigroup.com
digitalcertificate7uat.citigroup.com
globaltransferagency.cmb.citigroup.com
citigroupsoauataspac.citigroup.com
securefiletransfer3.citigroup.com
issuerservices.icg.citigroup.com
dev1.remoteoffice.citigroup.com
citiconnect.trade.transactionservices.citigroup.com
uat.salesstationonline.citigroup.com
citigroupsoauataspac.xenc.citigroup.com
uatwealthplanneronline.taiwan.citigroup.com
thirdpartyassessment.citigroup.com
www.citi.com
koreacitidirect.citigroup.com
scheduleplanning.citigroup.com
assinaturadigital.brazil.citigroup.com
wealthplannerondevices1.emea.citigroup.com
citidirectonlineuat31.citidirect.citigroup.com
thirdpartyassessment.citigroup.com
assinaturadigital.brazil.citigroup.com
citigroupsoauat.citigroup.com
webcashmanagercitibusinessuat.citibank.citigroup.com
TESTQC31.CITIDIRECT.CITIGROUP.COM
Certificate
The complete raw certificate details for thirdpartyassessment.citigroup.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIaTCCB1GgAwIBAgIQDLnRv5V9eogBtm232UNhUjANBgkqhkiG9w0BAQsFADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIwMDExNjAwMDAwMFoXDTIyMDMwNTEy MDAwMFowgesxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQF EwcyMTU0MjU0MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNV BAcTCE5ldyBZb3JrMRcwFQYDVQQKEw5DaXRpZ3JvdXAgSW5jLjEPMA0GA1UECxMG MTU0NDA1MSswKQYDVQQDEyJ0aGlyZHBhcnR5YXNzZXNzbWVudC5jaXRpZ3JvdXAu Y29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0hMkiycYyMGzN4T2 Uwvsv2//AInWtuylhyycQ2a48NmZGSNyM1qrtS4OOH4Li/WpjFS5F8CRXHGabL3R aw4+Pknnznt0N5o9Vfzs7Hn/gBxF5iKSZuhjkb+1ESOMbsI1Kj6DkQdljH4Rlk/s kcPW2vQuBMIcJo779uuRagjWRT2ycbms4yg9txpMpWYN+tKRQEHeOSu2Qlx0Vlcr lhcqQKczIgOGrsJcQ2rpV40oRrOnOor150upPOIgRC93Fu8lChqAgZ725LBdUAV7 eQgLr678qGo+SIssMgXUWNBg0NXgDn8+eOW3J5BR7Sz4fs57Cy9k+sKzyvoBzPah UYeYHhOorPOPRYrW6uNnPZx0JA9BPsKPBBnFpIAfTbw9yLVjnMPPJRCGtSMZVmX3 uPG+Z69jiqQsyX5/H0Q0ZD48Bs2r3FXUCkv0Z2UsDQT20ij8fJMNPLofdVunX2Wh i5ne9xWVNMUNjf9dJKzBop3BewVy5a6szfK57uBkVat7TPbyLs0qgRFdES6BaPQ4 xnaGjikWPBzpEeNZ+NGP/4KpYW81VQ48eU+p9MRD+P4oHlL1Ti9gFpnXJtsBcXV1 1GYV2EXDNNPCb9Kst7c+14Ju+jYE9TrgAdrKnLSJIGF9uMgZdUBrv3q4qA07jYzD 8SF/Bdxe4hU6+r4/qdeIP38FiMECAwEAAaOCA3wwggN4MB8GA1UdIwQYMBaAFD3T UKXWoK3u80pgCmXTIdT4+NYPMB0GA1UdDgQWBBQ7mEk/9my0FAPRSM4WSLKAytk7 zTAtBgNVHREEJjAkgiJ0aGlyZHBhcnR5YXNzZXNzbWVudC5jaXRpZ3JvdXAuY29t MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw dQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL3NoYTIt ZXYtc2VydmVyLWcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGlnaWNlcnQuY29t L3NoYTItZXYtc2VydmVyLWcyLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAq MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeB DAEBMIGIBggrBgEFBQcBAQR8MHowJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp Z2ljZXJ0LmNvbTBSBggrBgEFBQcwAoZGaHR0cDovL2NhY2VydHMuZGlnaWNlcnQu Y29tL0RpZ2lDZXJ0U0hBMkV4dGVuZGVkVmFsaWRhdGlvblNlcnZlckNBLmNydDAJ BgNVHRMEAjAAMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdQCkuQmQtBhYFIe7 E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAW+tjXxmAAAEAwBGMEQCID+891g7MWOX VnGPDEGnzBYIwmEJWBDRqQmEE/fccx7JAiBJSqfrsvJT+n4CLaAA7WnxnrVsuA80 TddzDr3e/D5NewB1AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDdAAAB b62NfNAAAAQDAEYwRAIgftx4V8dagq6yhBMTD/vkb8DZUeVggQhzyjxVvoRNqv4C IGiop2fzD69cx76J3oTVFfzvyoD6fSDpc9jjvmLGYNBIAHYAu9nfvB+KcbWTlCOX qpJ7RzhXlQqrUugakJZkNo4e0YUAAAFvrY18YQAABAMARzBFAiEAlf5cqO7xr1YF 3ySo1iz4iHvQdfYAUjwkpBZzZOzXd4MCIEvASVtYBjPbWBzWQdNOaXFv22g80HNd Bh9HxoEpAIXgMA0GCSqGSIb3DQEBCwUAA4IBAQAhmjwidEoLRnjis0EDF7aU6bKr bgUPWsohkeK43RhxTQuFZqiV3OmQrtyWRlHWfsDlW6wYg3epXe77lkqVzA89fA2L oDB4v30UKl/c7hE2En3AXrJXMauWBLb/dw5hen51VcBbx3BnHnhLinXB0ZNiUdVz +LuplrUoOUTPi0MMP1CYm+JEP9GATLBIYqGy5NW3ja8Foq1Sf3aE0jxOcbSyLcMN qdffWR0CYOg046tzrgyuvhWTLob72nxo3tKD09PO3ZHembqsZTAVfSglRY4gpkeP RK1d5ZKZWrhF9VkJe8isU7tnuis5ji9Unq7G5RshTXVej00c9oknQuu7Jc4z -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0hMkiycYyMGzN4T2Uwvs v2//AInWtuylhyycQ2a48NmZGSNyM1qrtS4OOH4Li/WpjFS5F8CRXHGabL3Raw4+ Pknnznt0N5o9Vfzs7Hn/gBxF5iKSZuhjkb+1ESOMbsI1Kj6DkQdljH4Rlk/skcPW 2vQuBMIcJo779uuRagjWRT2ycbms4yg9txpMpWYN+tKRQEHeOSu2Qlx0Vlcrlhcq QKczIgOGrsJcQ2rpV40oRrOnOor150upPOIgRC93Fu8lChqAgZ725LBdUAV7eQgL r678qGo+SIssMgXUWNBg0NXgDn8+eOW3J5BR7Sz4fs57Cy9k+sKzyvoBzPahUYeY HhOorPOPRYrW6uNnPZx0JA9BPsKPBBnFpIAfTbw9yLVjnMPPJRCGtSMZVmX3uPG+ Z69jiqQsyX5/H0Q0ZD48Bs2r3FXUCkv0Z2UsDQT20ij8fJMNPLofdVunX2Whi5ne 9xWVNMUNjf9dJKzBop3BewVy5a6szfK57uBkVat7TPbyLs0qgRFdES6BaPQ4xnaG jikWPBzpEeNZ+NGP/4KpYW81VQ48eU+p9MRD+P4oHlL1Ti9gFpnXJtsBcXV11GYV 2EXDNNPCb9Kst7c+14Ju+jYE9TrgAdrKnLSJIGF9uMgZdUBrv3q4qA07jYzD8SF/ Bdxe4hU6+r4/qdeIP38FiMECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16915565070699097838154666570919666002 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-05 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '154405' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thirdpartyassessment.citigroup.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 857030315219992230414067425136118337179414734446604795715229865859636429625906152321896227307059545974117304882597914572475583877388359073830777383699939189810423270331569618067225802861836140083035776842840076508857088412185087519216790646584014214498287474420719797494088166510026735080488211046743618241697495259478292816622228857775594037283428959717437307593934023329723520103841222841938105011197392892242054005013600128117225835371133387524329516577222357528278442322723312694777401104856309838029844005229694808236695965771840513337681682113612540219118327157393074586371733484602718687296722312765727664194479162402747862287150851729765614983653077832925656523544004135543630508992715196323215364214076171333807209737151911385347711636532369996444415026554921752700427438201177498733607829494398967431993857050301235974479362468443501054503398036574182025449977840897661597131514932296167538431950934509488658144030715360926757191374844549113249691462053997588298188238125169572975574507200515951399202258603745965366504268978274617174245643321154771704461134130692792545576588454919655952834083637515195934926623722413317693833562846847676922275970658772641784990814035904249204842703816620207895128969026840654874331678913 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3b98493ff66cb41403d148ce1648b280cad93bcd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thirdpartyassessment.citigroup.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 0166007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016fad8d7c66000004030046304402203fbcf7583b31639756718f0c41a7cc1608c261095810d1a9098413f7dc731ec90220494aa7ebb2f253fa7e022da000ed69f19eb56cb80f344dd7730ebddefc3e4d7b0075005614069a2fd7c2ecd3f5e1bd44b23ec74676b9bc99115cc0ef949855d689d0dd0000016fad8d7cd0000004030046304402207edc7857c75a82aeb28413130ffbe46fc0d951e560810873ca3c55be844daafe022068a8a767f30faf5cc7be89de84d515fcefca80fa7d20e973d8e3be62c660d048007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016fad8d7c61000004030047304502210095fe5ca8eef1af5605df24a8d62cf8887bd075f600523c24a4167364ecd7778302204bc0495b580633db581cd641d34e69716fdb683cd0735d061f47c681290085e0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00219a3c22744a0b4678e2b3410317b694e9b2ab6e050f5aca2191e2b8dd18714d0b8566a895dce990aedc964651d67ec0e55bac188377a95deefb964a95cc0f3d7c0d8ba03078bf7d142a5fdcee1136127dc05eb25731ab9604b6ff770e617a7e7555c05bc770671e784b8a75c1d1936251d573f8bba996b5283944cf8b430c3f50989be2443fd1804cb04862a1b2e4d5b78daf05a2ad527f7684d23c4e71b4b22dc30da9d7df591d0260e834e3ab73ae0caebe15932e86fbda7c68ded283d3d3cedd91de99baac6530157d2825458e20a6478f44ad5de592995ab845f559097bc8ac53bb67ba2b398e2f549eaec6e51b214d755e8f4d1cf6892742ebbb25ce33