sit.digitalengagement.citi.eu

- Citigroup Inc. -

Issued by DigiCert EV RSA CA G2

About this certificate

This digital certificate with serial number 0b:62:c4:8b:0e:1c:4a:15:09:66:b4:26:d3:fa:d3:9f was issued on by DigiCert Inc.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Citigroup Inc.

Company registration number: 2154254
Organization: Citigroup Inc.
State / Province: New York
Locality: New York
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:62:c4:8b:0e:1c:4a:15:09:66:b4:26:d3:fa:d3:9f
Serial Number (int): 15134339415134382823310710820717646751
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 79:5f:e9:a9:48:01:b8:82:ee:01:32:de:d7:09:9b:a6:80:09:03:63
AuthorityKeyId: 6a:4e:50:bf:98:68:9d:5b:7b:20:75:d4:59:01:79:48:66:92:32:06

Fingerprint (sha1): 5c:e5:a8:e8:51:b0:cd:4a:d0:ab:be:7f:e5:2e:51:d7:48:89:a1:07
Fingerprint (sha256): 12:92:0b:84:85:af:7c:84:3e:0b:83:83:39:30:1f:d9:49:0f:31:9f:68:0c:dc:96:ba:68:c7:fa:6c:d6:5b:be

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertEVRSACAG2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertEVRSACAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertEVRSACAG2.crl

Check the revocation status for certificate sit.digitalengagement.citi.eu

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sit.digitalengagement.citi.eu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sit.digitalengagement.citi.eu
sit.digitalengagement.citibank.co.uk
sit.digitalengagement.citibank.ae

Other certificates including the domain name citi.eu

(limited to 100 certificates)
content22.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citibank.pl
mobile.citi.eu
globalmobilesit2.citi.eu
mobile.citi.eu
globalmobile.uat.citi.eu
uat2.citi.eu
sit.digitalengagement.citi.eu
uat2.citibank.pl
uatuk.ipb.citimobile.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
uat2.citibank.pl
uat.digitalengagement.citi.eu
bottleuat.citi.eu
online.citi.eu
sit.digitalengagement.citi.eu
bottle.citi.eu
mobile.citi.eu
citibankonline.ipb.citi.eu
globalmobile.sit.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
mobile.citi.eu
online.citi.eu
rail.citi.eu
rail.citi.eu
sit.digitalengagement.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
bottle.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
globalmobilesit2.citi.eu
uat1.citi.eu
mobile.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
online.citi.eu
mobile.uat2.citi.eu
bottleuat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
test.citibankonline.ipb.citi.eu
uat1.citi.eu
uat2.citi.eu
content22.citi.eu
globalmobile.uat.cbol.citi.eu
mobile.citi.eu
uat2.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat1.citi.eu
online.citi.eu
mobile.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit2.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
mobile.uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1b.citi.eu
uat2.citi.eu
globalmobilesit1.citi.eu
mobile.pat1.citi.eu
bottle.citi.eu
citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
uat2.citibank.pl
globalmobile.uat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat2.citibank.pl
uat.digitalengagement.citi.eu
leaf.citi.eu
uat.project.citibank.ru
mobile.citi.eu
citibankonline.ipb.citi.eu
content22.citi.eu
mobile.citi.eu
uat1.citi.eu
uat.digitalengagement.citi.eu
online.citi.eu
uatuk.ipb.citimobile.citi.eu
uat1.citi.eu
digitalengagement.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit1.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
uat1.citi.eu
uatuk.ipb.citimobile.citi.eu

Certificate

The complete raw certificate details for sit.digitalengagement.citi.eu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHVTCCBj2gAwIBAgIQC2LEiw4cShUJZrQm0/rTnzANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE
aWdpQ2VydCBFViBSU0EgQ0EgRzIwHhcNMjMxMTEzMDAwMDAwWhcNMjQxMTEzMjM1
OTU5WjCB1TETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhE
ZWxhd2FyZTEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUT
BzIxNTQyNTQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UE
BxMITmV3IFlvcmsxFzAVBgNVBAoTDkNpdGlncm91cCBJbmMuMSYwJAYDVQQDEx1z
aXQuZGlnaXRhbGVuZ2FnZW1lbnQuY2l0aS5ldTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8xemLyFPZmrZxz2jqcCAmZ00fx+L6Ac1zPzOZe/oRa83ox
2EhKRktRdyxUGhqQQ+0pBH+8Wn3uRm1wiqUzv3882YW5Y1KgSvtZPi7k7LTRlgDU
AdlabiGJJJIq55apq+NtOGfSFNFrOIrjRdPFwF9vG1TDGSnXS14SBcwa7Bmxch84
pn+MAJtOxpnVaMfXwkHTkmvvqNRZpiFS4lOi0xivCOpjSSPnml/Al7fTNX2EXQ1q
+g613Wio9csMPrTffZWhtTAdaXz91yVE6XpMkZCEtmly6lHThyOoiqkMMPUtZF1v
ZZDjODCYfUZhZWncL4m64bhcgmXOmp/JJ06YZ98CAwEAAaOCA68wggOrMB8GA1Ud
IwQYMBaAFGpOUL+YaJ1beyB11FkBeUhmkjIGMB0GA1UdDgQWBBR5X+mpSAG4gu4B
Mt7XCZumgAkDYzBxBgNVHREEajBogh1zaXQuZGlnaXRhbGVuZ2FnZW1lbnQuY2l0
aS5ldYIkc2l0LmRpZ2l0YWxlbmdhZ2VtZW50LmNpdGliYW5rLmNvLnVrgiFzaXQu
ZGlnaXRhbGVuZ2FnZW1lbnQuY2l0aWJhbmsuYWUwSgYDVR0gBEMwQTALBglghkgB
hv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2Vy
dC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0RVZSU0FDQUcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGln
aWNlcnQuY29tL0RpZ2lDZXJ0RVZSU0FDQUcyLmNybDBzBggrBgEFBQcBAQRnMGUw
JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA9BggrBgEFBQcw
AoYxaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RVZSU0FDQUcy
LmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgB2
/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYvGaGz7AAAEAwBHMEUC
IAsyDN0s+gSYDCt1KJFQeX63YuWvU0ZPZU8OjFkf2BzlAiEA1jlfUjHsiAGVf23X
yRbVr7p1VPD0XdSSCzTuXGdxlSYAdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZ
u7+rOdiEcwAAAYvGaGy1AAAEAwBIMEYCIQCyC93Q8s78K6SpNzgysS9fd7JuGDnv
SIdBVKdU4h5l7gIhAL5m796zYmStxsp7laF5/dmazhr/Uooc0Of8c1hflctdAHYA
PxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGLxmhtCQAABAMARzBF
AiBTBt4ulhoDqs9v+tFL7jQhCSJatpH+L/PaSTfk+7lDtAIhAIzsQ79RTpQ4QY4f
RGjLXB8IZXF+AzmrQxK4geif1bPPMA0GCSqGSIb3DQEBCwUAA4IBAQBStMVOzKTP
H+lQhQVUQTQFoPhDLe5W+VZYlpbBzUSF7mcplQ1aUnCBDB0Ni0vDtNN30/uowOyh
Qq5ZfprEX1eGw/xlpXkaO3GqFeHqMphL1coAoqUh0Tuw45sEqz5BrsjT4ajQ3hoN
07ZpA8OEHJ51U5NFB48/g/DWCQChv5Jw7KDECrBmyCwzDk8FaH1x2yJmNUMuLh7O
Pm6el8/yS8n9dUTb9tb9VGbi5kvJmO55m1sfWjOfUNY45BHmaS53rIlcHpw0IfNn
FlnyT/zQB6KRGP2lhM12LccxVrD9lpW8IuYvS5n16GdHtYUALtnni7I7FPCnw8sy
WkUo1I5g2hDZ
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzF6YvIU9matnHPaOpwI
CZnTR/H4voBzXM/M5l7+hFrzejHYSEpGS1F3LFQaGpBD7SkEf7xafe5GbXCKpTO/
fzzZhbljUqBK+1k+LuTstNGWANQB2VpuIYkkkirnlqmr4204Z9IU0Ws4iuNF08XA
X28bVMMZKddLXhIFzBrsGbFyHzimf4wAm07GmdVox9fCQdOSa++o1FmmIVLiU6LT
GK8I6mNJI+eaX8CXt9M1fYRdDWr6DrXdaKj1yww+tN99laG1MB1pfP3XJUTpekyR
kIS2aXLqUdOHI6iKqQww9S1kXW9lkOM4MJh9RmFladwvibrhuFyCZc6an8knTphn
3wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15134339415134382823310710820717646751
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert EV RSA CA G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sit.digitalengagement.citi.eu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22116101915853012739236899471561740964462290382248912978004935824388775419783890992816836129104275874034454488233940769753478151552162617289321676926317553054111475704008139429415046899677658725432445452856889406896322090080792629978440499613388629675658079340373368771071869883022803937370527121213987398176690936274519956354912831262079407980416465742507433813134249809121036493842412362497239982974930020258081953608174975268123860116267851014534236230414335301115056313805394881416840473883807815494682742671912645539787915801475547076565256427231602860809669908710211087074623185281513087869401615503278596450271
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6a4e50bf98689d5b7b2075d45901794866923206
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							795fe9a94801b882ee0132ded7099ba680090363
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citi.eu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citibank.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citibank.ae'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertEVRSACAG2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertEVRSACAG2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertEVRSACAG2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							016900760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bc6686cfb000004030047304502200b320cdd2cfa04980c2b75289150797eb762e5af53464f654f0e8c591fd81ce5022100d6395f5231ec8801957f6dd7c916d5afba7554f0f45dd4920b34ee5c6771952600770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bc6686cb50000040300483046022100b20bddd0f2cefc2ba4a9373832b12f5f77b26e1839ef48874154a754e21e65ee022100be66efdeb36264adc6ca7b95a179fdd99ace1aff528a1cd0e7fc73585f95cb5d0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bc6686d09000004030047304502205306de2e961a03aacf6ffad14bee342109225ab691fe2ff3da4937e4fbb943b40221008cec43bf514e9438418e1f4468cb5c1f0865717e0339ab4312b881e89fd5b3cf
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0052b4c54ecca4cf1fe950850554413405a0f8432dee56f956589696c1cd4485ee6729950d5a5270810c1d0d8b4bc3b4d377d3fba8c0eca142ae597e9ac45f5786c3fc65a5791a3b71aa15e1ea32984bd5ca00a2a521d13bb0e39b04ab3e41aec8d3e1a8d0de1a0dd3b66903c3841c9e75539345078f3f83f0d60900a1bf9270eca0c40ab066c82c330e4f05687d71db226635432e2e1ece3e6e9e97cff24bc9fd7544dbf6d6fd5466e2e64bc998ee799b5b1f5a339f50d638e411e6692e77ac895c1e9c3421f3671659f24ffcd007a29118fda584cd762dc73156b0fd9695bc22e62f4b99f5e86747b585002ed9e78bb23b14f0a7c3cb325a4528d48e60da10d9