citi-test.plaid.com
- Plaid Inc -
Issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1
About this certificate
This digital certificate with serial number 0e:54:80:cb:cc:e4:ae:63:14:08:27:5d:1a:7f:a4:34 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Plaid Inc
Organization:
Plaid Inc
State / Province:
California
Locality: San Francisco
Country: US
Locality: San Francisco
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0e:54:80:cb:cc:e4:ae:63:14:08:27:5d:1a:7f:a4:34Serial Number (int): 19047957172263406160790316321769235508
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: ca:24:30:26:c4:72:78:02:77:39:33:dc:2d:4b:65:d3:58:dc:64:0d
AuthorityKeyId: 74:85:80:c0:66:c7:df:37:de:cf:bd:29:37:aa:03:1d:be:ed:cd:17
Fingerprint (sha1): 54:78:2e:ff:e5:b5:a1:c6:67:03:91:99:f9:9e:59:5b:af:d5:f4:91
Fingerprint (sha256): 0e:99:aa:3b:2f:4f:b1:4c:ae:b3:96:10:ea:46:ca:b7:e0:8d:34:a1:1a:12:b2:fa:41:7f:d3:ba:55:c7:f7:2b
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Check the revocation status for certificate citi-test.plaid.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for citi-test.plaid.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
citi-test.plaid.com
www.citi-test.plaid.com
www.citi-test.plaid.com
Other certificates including the domain name plaid.com
(limited to 100 certificates)
*.plaid.com
*.plaid.com
*.testing.ue1.plaid.com
em.plaid.com
*.plaid.com
support.plaid.com
*.plaid.com
api.dashboard.plaid.com
ac.awesomedrives.com
*.plaid.com
*.plaid.com
*.prod.ue1.plaid.com
ac.awesomedrives.com
*.tartan.ue1.plaid.com
ja.riws.status.ricoh.com
*.plaid.com
*.prod.ue1.plaid.com
ac.awesomedrives.com
production-card.plaid.com
*.plaid.com
*.k8s-batch-2.prod.ue1.plaid.io
*.prod.ue1.plaid.com
amex-prod-api-20230127.plaid.com
consumer-portal.prod.ue1.plaid.com
*.plaid.com
api.my.plaid.com
*.plaid.com
api.dashboard.plaid.com
*.plaid.com
ac.awesomedrives.com
*.plaid.com
*.sandbox.ue1.plaid.com
*.testing.ue1.plaid.com
*.prod.ue1.plaid.com
api.my.plaid.com
*.plaid.com
*.prod.ue1.plaid.com
cdn.plaid.com
support.plaid.com
tines.plaid.com
tines.zdrake.com
*.plaid.com
*.prod.ue1.plaid.com
my-testing.plaid.com
*.prod.ue1.plaid.com
euwest1a.tines.com
*.util.ue1.plaid.com
*.prod.ue1.plaid.com
api.dashboard.plaid.com
*.testing.ue1.plaid.com
ac.awesomedrives.com
api.my-sandbox.plaid.com
*.plaid.com
citi-prod.plaid.com
*.testing.ue1.plaid.com
envoy-cxp.tartan.ue1.plaid.com
production.plaid.com
ice.status.symantec.com
api.my-testing.plaid.com
api.dashboard.plaid.com
ice.status.symantec.com
*.plaid.com
production.plaid.com
ac.awesomedrives.com
envoy-cxp.sandbox.ue1.plaid.com
*.plaid.com
fin.plaid.com
fin.plaid.com
go.plaid.com
*.prod.ue1.plaid.com
development-card.plaid.com
*.plaid.com
*.plaid.com
citi-test.plaid.com
cdn.plaid.com
*.plaid.com
plogger6.plaid.com
*.testing.ue1.plaid.com
api.my-commits.plaid.com
*.plaid.com
support.plaid.com
api.my-development.plaid.com
api.dashboard.plaid.com
api.my-sandbox.plaid.com
*.prod.ue1.plaid.com
ja.riws.status.ricoh.com
*.tartan.ue1.plaid.com
k8s.plaid.com
support.plaid.com
ac.awesomedrives.com
metrics.plaid.com
ac.awesomedrives.com
*.testing.ue1.plaid.com
*.testing.ue1.plaid.com
ac.awesomedrives.com
ac.awesomedrives.com
px-integration-validator.testing.ue1.plaid.com
ja.riws.status.ricoh.com
api.plaid.com
pa-vpn2-ext.util.ue1.plaid.com
*.plaid.com
*.testing.ue1.plaid.com
em.plaid.com
*.plaid.com
support.plaid.com
*.plaid.com
api.dashboard.plaid.com
ac.awesomedrives.com
*.plaid.com
*.plaid.com
*.prod.ue1.plaid.com
ac.awesomedrives.com
*.tartan.ue1.plaid.com
ja.riws.status.ricoh.com
*.plaid.com
*.prod.ue1.plaid.com
ac.awesomedrives.com
production-card.plaid.com
*.plaid.com
*.k8s-batch-2.prod.ue1.plaid.io
*.prod.ue1.plaid.com
amex-prod-api-20230127.plaid.com
consumer-portal.prod.ue1.plaid.com
*.plaid.com
api.my.plaid.com
*.plaid.com
api.dashboard.plaid.com
*.plaid.com
ac.awesomedrives.com
*.plaid.com
*.sandbox.ue1.plaid.com
*.testing.ue1.plaid.com
*.prod.ue1.plaid.com
api.my.plaid.com
*.plaid.com
*.prod.ue1.plaid.com
cdn.plaid.com
support.plaid.com
tines.plaid.com
tines.zdrake.com
*.plaid.com
*.prod.ue1.plaid.com
my-testing.plaid.com
*.prod.ue1.plaid.com
euwest1a.tines.com
*.util.ue1.plaid.com
*.prod.ue1.plaid.com
api.dashboard.plaid.com
*.testing.ue1.plaid.com
ac.awesomedrives.com
api.my-sandbox.plaid.com
*.plaid.com
citi-prod.plaid.com
*.testing.ue1.plaid.com
envoy-cxp.tartan.ue1.plaid.com
production.plaid.com
ice.status.symantec.com
api.my-testing.plaid.com
api.dashboard.plaid.com
ice.status.symantec.com
*.plaid.com
production.plaid.com
ac.awesomedrives.com
envoy-cxp.sandbox.ue1.plaid.com
*.plaid.com
fin.plaid.com
fin.plaid.com
go.plaid.com
*.prod.ue1.plaid.com
development-card.plaid.com
*.plaid.com
*.plaid.com
citi-test.plaid.com
cdn.plaid.com
*.plaid.com
plogger6.plaid.com
*.testing.ue1.plaid.com
api.my-commits.plaid.com
*.plaid.com
support.plaid.com
api.my-development.plaid.com
api.dashboard.plaid.com
api.my-sandbox.plaid.com
*.prod.ue1.plaid.com
ja.riws.status.ricoh.com
*.tartan.ue1.plaid.com
k8s.plaid.com
support.plaid.com
ac.awesomedrives.com
metrics.plaid.com
ac.awesomedrives.com
*.testing.ue1.plaid.com
*.testing.ue1.plaid.com
ac.awesomedrives.com
ac.awesomedrives.com
px-integration-validator.testing.ue1.plaid.com
ja.riws.status.ricoh.com
api.plaid.com
pa-vpn2-ext.util.ue1.plaid.com
Certificate
The complete raw certificate details for citi-test.plaid.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGjDCCBXSgAwIBAgIQDlSAy8zkrmMUCCddGn+kNDANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMx MjAyMDAwMDAwWhcNMjUwMTAxMjM1OTU5WjBsMQswCQYDVQQGEwJVUzETMBEGA1UE CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzESMBAGA1UEChMJ UGxhaWQgSW5jMRwwGgYDVQQDExNjaXRpLXRlc3QucGxhaWQuY29tMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwE3oVqwFvyo7dmfNsk6OGt8jOk7/dE2I nPm08d/Z82gVmX2B/S7mzU4IdpgOYmtBv9vTHzMAPSoYqHD9mZU/nIpvf0aXRZcF UC9ows2cZjounnQ8RGiNKGP7aqrGmiizvWg8NKK/Adst+MfgXGmhwxBwV2SlJVMM l8gVfV8V6V8yl3pHs97miDeQLfaxtrxLy3V9SD/7n6n4wA/4kXp6lcBLbaai7Ewd XrDE7h0b5Z5BpNco1OXqBB2cKtAk96KAFetPTmLjwvC9cBfQiHy7XjckTTVjVLEj 13hQ4Tk00RG+j3aWZmw860cMhB83bD7ldWbec/YZnORJhAxfZHfTf/rZN8YSL3ng ptCmOxKsBMoMO4SQ47fRLgCiFkllZ9JvGnNnH1FI0Eq0WiT9JvpNp11rq530OhOc oMD8hkJviclkI/L4Y/Q7rGBJ+m/8vnA117Xnu3Jw9A/4GY3h8kKvjWgD6l9O5FGt s65qZAOV738Lt8j4Xcpg3CCmVp+fLRMPxGHSVXLyQy3Ad+5jb5xbYk4uz+ZvYct2 JzRWV4JPlV7Yb8FcWy+u3gDXbRMJRWdnFQgvzys6bYCtSQtzxNzjd1Eee6skY4MI tD+6WTay0X4BY+udr7OYQf7E0K1se+124fCyiNRUrd9LV7y3w/lL6SE4Y1sglikA NdeHfGnVh1sCAwEAAaOCAjswggI3MB8GA1UdIwQYMBaAFHSFgMBmx9833s+9KTeq Ax2+7c0XMB0GA1UdDgQWBBTKJDAmxHJ4Anc5M9wtS2XTWNxkDTA3BgNVHREEMDAu ghNjaXRpLXRlc3QucGxhaWQuY29tghd3d3cuY2l0aS10ZXN0LnBsYWlkLmNvbTA+ BgNVHSAENzA1MDMGBmeBDAECAjApMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmRp Z2ljZXJ0LmNvbS9DUFMwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjCBnwYDVR0fBIGXMIGUMEigRqBEhkJodHRwOi8vY3JsMy5k aWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEt MS5jcmwwSKBGoESGQmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEds b2JhbEcyVExTUlNBU0hBMjU2MjAyMENBMS0xLmNybDCBhwYIKwYBBQUHAQEEezB5 MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wUQYIKwYBBQUH MAKGRWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbEcy VExTUlNBU0hBMjU2MjAyMENBMS0xLmNydDAMBgNVHRMBAf8EAjAAMBMGCisGAQQB 1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAbHf0pauqkwaXE7BHqxy/q ErS7/Psa3kdSK/7CAAyJ55SQfQmVosahe4bV9WMF9Pm2xX5uyMept578KSRco1ML oX1w5gh5ELV/eSlOuuW9OxcViVuk4BFsiEbj/CilzQ1YAiFVf4d9Mzh2+TkZ9StB 4Ti11LjU/KMffunBjEz8DM3hxa65K3zkU03kssgal+hlgWmur9a9WmV4VKEvLb9v HGzUf0zZUpAM5+dG9qYDmqJJfhwT3VqgLp1xahSQG4xyvoh4TvXzhjZiEswC/nfH C1mJgs3SdKzW3s2d/xW2W0vDp36NqzwApOT0+aYN8FQ7z8Lb6TS0DIbdV7DoX5ma -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwE3oVqwFvyo7dmfNsk6O Gt8jOk7/dE2InPm08d/Z82gVmX2B/S7mzU4IdpgOYmtBv9vTHzMAPSoYqHD9mZU/ nIpvf0aXRZcFUC9ows2cZjounnQ8RGiNKGP7aqrGmiizvWg8NKK/Adst+MfgXGmh wxBwV2SlJVMMl8gVfV8V6V8yl3pHs97miDeQLfaxtrxLy3V9SD/7n6n4wA/4kXp6 lcBLbaai7EwdXrDE7h0b5Z5BpNco1OXqBB2cKtAk96KAFetPTmLjwvC9cBfQiHy7 XjckTTVjVLEj13hQ4Tk00RG+j3aWZmw860cMhB83bD7ldWbec/YZnORJhAxfZHfT f/rZN8YSL3ngptCmOxKsBMoMO4SQ47fRLgCiFkllZ9JvGnNnH1FI0Eq0WiT9JvpN p11rq530OhOcoMD8hkJviclkI/L4Y/Q7rGBJ+m/8vnA117Xnu3Jw9A/4GY3h8kKv jWgD6l9O5FGts65qZAOV738Lt8j4Xcpg3CCmVp+fLRMPxGHSVXLyQy3Ad+5jb5xb Yk4uz+ZvYct2JzRWV4JPlV7Yb8FcWy+u3gDXbRMJRWdnFQgvzys6bYCtSQtzxNzj d1Eee6skY4MItD+6WTay0X4BY+udr7OYQf7E0K1se+124fCyiNRUrd9LV7y3w/lL 6SE4Y1sglikANdeHfGnVh1sCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 19047957172263406160790316321769235508 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global G2 TLS RSA SHA256 2020 CA1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-02 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'San Francisco' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Plaid Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'citi-test.plaid.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 784533204677211999459209765686152085058435725903324142469244341140206871727977574427512665689981861956193303961867080631045088761501918603329076255241022300189317109216699187404454880864146730228152984919648275812834707568451779025218110762161040633569779900112629926233824310182759437336540405351701495590332664808840357002685641612646826944636592860531850027533432688155633604600773721431953906239259225269509545746946750879365840490029664154071481026965230462527871924705731133093536036882721512425135510943771950547535269649287427168980654897979290158750476073838926959489991253182274146212538662294746757597417639286050536111161729798063356603726624705550803693364181361318522292565116193708323851261909476624861269713127041415442626717309049447634461524217349749511574590921704070394185399558210853347163435620724928406621774564768049037214364215024005557030113812760194312938292668143243311862153873245794982298963562126871562872536155633429131479462951389639956800216301495062507124730379420960942547671284676703478588672475794353739618711429177484135867455035897022208441393321480757488842641742776644083249450244808643556584917212932513417540052331611490221077386406476801963100801457806101861486260285209486707500906809179 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 748580c066c7df37decfbd2937aa031dbeedcd17 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ca243026c4727802773933dc2d4b65d358dc640d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citi-test.plaid.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citi-test.plaid.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (151 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (123 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001b1dfd296aeaa4c1a5c4ec11eac72fea12b4bbfcfb1ade47522bfec2000c89e794907d0995a2c6a17b86d5f56305f4f9b6c57e6ec8c7a9b79efc29245ca3530ba17d70e6087910b57f79294ebae5bd3b1715895ba4e0116c8846e3fc28a5cd0d580221557f877d333876f93919f52b41e138b5d4b8d4fca31f7ee9c18c4cfc0ccde1c5aeb92b7ce4534de4b2c81a97e8658169aeafd6bd5a657854a12f2dbf6f1c6cd47f4cd952900ce7e746f6a6039aa2497e1c13dd5aa02e9d716a14901b8c72be88784ef5f386366212cc02fe77c70b598982cdd274acd6decd9dff15b65b4bc3a77e8dab3c00a4e4f4f9a60df0543bcfc2dbe934b40c86dd57b0e85f999a