sit.digitalengagement.citi.eu
- Citigroup Inc. -
Issued by DigiCert EV RSA CA G2
About this certificate
This digital certificate with serial number 0b:62:c4:8b:0e:1c:4a:15:09:66:b4:26:d3:fa:d3:9f was issued on by DigiCert Inc.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization: Citigroup Inc.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0b:62:c4:8b:0e:1c:4a:15:09:66:b4:26:d3:fa:d3:9fSerial Number (int): 15134339415134382823310710820717646751
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 79:5f:e9:a9:48:01:b8:82:ee:01:32:de:d7:09:9b:a6:80:09:03:63
AuthorityKeyId: 6a:4e:50:bf:98:68:9d:5b:7b:20:75:d4:59:01:79:48:66:92:32:06
Fingerprint (sha1): 5c:e5:a8:e8:51:b0:cd:4a:d0:ab:be:7f:e5:2e:51:d7:48:89:a1:07
Fingerprint (sha256): 12:92:0b:84:85:af:7c:84:3e:0b:83:83:39:30:1f:d9:49:0f:31:9f:68:0c:dc:96:ba:68:c7:fa:6c:d6:5b:be
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertEVRSACAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertEVRSACAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertEVRSACAG2.crl
Check the revocation status for certificate sit.digitalengagement.citi.eu
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sit.digitalengagement.citi.eu
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sit.digitalengagement.citi.eu
sit.digitalengagement.citibank.co.uk
sit.digitalengagement.citibank.ae
sit.digitalengagement.citibank.co.uk
sit.digitalengagement.citibank.ae
Other certificates including the domain name citi.eu
(limited to 100 certificates)
content22.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citibank.pl
mobile.citi.eu
globalmobilesit2.citi.eu
mobile.citi.eu
globalmobile.uat.citi.eu
uat2.citi.eu
sit.digitalengagement.citi.eu
uat2.citibank.pl
uatuk.ipb.citimobile.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
uat2.citibank.pl
uat.digitalengagement.citi.eu
bottleuat.citi.eu
online.citi.eu
sit.digitalengagement.citi.eu
bottle.citi.eu
mobile.citi.eu
citibankonline.ipb.citi.eu
globalmobile.sit.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
mobile.citi.eu
online.citi.eu
rail.citi.eu
rail.citi.eu
sit.digitalengagement.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
bottle.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
globalmobilesit2.citi.eu
uat1.citi.eu
mobile.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
online.citi.eu
mobile.uat2.citi.eu
bottleuat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
test.citibankonline.ipb.citi.eu
uat1.citi.eu
uat2.citi.eu
content22.citi.eu
globalmobile.uat.cbol.citi.eu
mobile.citi.eu
uat2.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat1.citi.eu
online.citi.eu
mobile.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit2.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
mobile.uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1b.citi.eu
uat2.citi.eu
globalmobilesit1.citi.eu
mobile.pat1.citi.eu
bottle.citi.eu
citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
uat2.citibank.pl
globalmobile.uat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat2.citibank.pl
uat.digitalengagement.citi.eu
leaf.citi.eu
uat.project.citibank.ru
mobile.citi.eu
citibankonline.ipb.citi.eu
content22.citi.eu
mobile.citi.eu
uat1.citi.eu
uat.digitalengagement.citi.eu
online.citi.eu
uatuk.ipb.citimobile.citi.eu
uat1.citi.eu
digitalengagement.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit1.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citibank.pl
mobile.citi.eu
globalmobilesit2.citi.eu
mobile.citi.eu
globalmobile.uat.citi.eu
uat2.citi.eu
sit.digitalengagement.citi.eu
uat2.citibank.pl
uatuk.ipb.citimobile.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
uat2.citibank.pl
uat.digitalengagement.citi.eu
bottleuat.citi.eu
online.citi.eu
sit.digitalengagement.citi.eu
bottle.citi.eu
mobile.citi.eu
citibankonline.ipb.citi.eu
globalmobile.sit.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
mobile.citi.eu
online.citi.eu
rail.citi.eu
rail.citi.eu
sit.digitalengagement.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
bottle.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
globalmobilesit2.citi.eu
uat1.citi.eu
mobile.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
online.citi.eu
mobile.uat2.citi.eu
bottleuat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
test.citibankonline.ipb.citi.eu
uat1.citi.eu
uat2.citi.eu
content22.citi.eu
globalmobile.uat.cbol.citi.eu
mobile.citi.eu
uat2.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat1.citi.eu
online.citi.eu
mobile.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit2.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
mobile.uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1b.citi.eu
uat2.citi.eu
globalmobilesit1.citi.eu
mobile.pat1.citi.eu
bottle.citi.eu
citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
uat2.citibank.pl
globalmobile.uat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat2.citibank.pl
uat.digitalengagement.citi.eu
leaf.citi.eu
uat.project.citibank.ru
mobile.citi.eu
citibankonline.ipb.citi.eu
content22.citi.eu
mobile.citi.eu
uat1.citi.eu
uat.digitalengagement.citi.eu
online.citi.eu
uatuk.ipb.citimobile.citi.eu
uat1.citi.eu
digitalengagement.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit1.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
Certificate
The complete raw certificate details for sit.digitalengagement.citi.eu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHVTCCBj2gAwIBAgIQC2LEiw4cShUJZrQm0/rTnzANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBFViBSU0EgQ0EgRzIwHhcNMjMxMTEzMDAwMDAwWhcNMjQxMTEzMjM1 OTU5WjCB1TETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhE ZWxhd2FyZTEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUT BzIxNTQyNTQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UE BxMITmV3IFlvcmsxFzAVBgNVBAoTDkNpdGlncm91cCBJbmMuMSYwJAYDVQQDEx1z aXQuZGlnaXRhbGVuZ2FnZW1lbnQuY2l0aS5ldTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAK8xemLyFPZmrZxz2jqcCAmZ00fx+L6Ac1zPzOZe/oRa83ox 2EhKRktRdyxUGhqQQ+0pBH+8Wn3uRm1wiqUzv3882YW5Y1KgSvtZPi7k7LTRlgDU AdlabiGJJJIq55apq+NtOGfSFNFrOIrjRdPFwF9vG1TDGSnXS14SBcwa7Bmxch84 pn+MAJtOxpnVaMfXwkHTkmvvqNRZpiFS4lOi0xivCOpjSSPnml/Al7fTNX2EXQ1q +g613Wio9csMPrTffZWhtTAdaXz91yVE6XpMkZCEtmly6lHThyOoiqkMMPUtZF1v ZZDjODCYfUZhZWncL4m64bhcgmXOmp/JJ06YZ98CAwEAAaOCA68wggOrMB8GA1Ud IwQYMBaAFGpOUL+YaJ1beyB11FkBeUhmkjIGMB0GA1UdDgQWBBR5X+mpSAG4gu4B Mt7XCZumgAkDYzBxBgNVHREEajBogh1zaXQuZGlnaXRhbGVuZ2FnZW1lbnQuY2l0 aS5ldYIkc2l0LmRpZ2l0YWxlbmdhZ2VtZW50LmNpdGliYW5rLmNvLnVrgiFzaXQu ZGlnaXRhbGVuZ2FnZW1lbnQuY2l0aWJhbmsuYWUwSgYDVR0gBEMwQTALBglghkgB hv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2Vy dC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNlcnQu Y29tL0RpZ2lDZXJ0RVZSU0FDQUcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQuZGln aWNlcnQuY29tL0RpZ2lDZXJ0RVZSU0FDQUcyLmNybDBzBggrBgEFBQcBAQRnMGUw JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA9BggrBgEFBQcw AoYxaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RVZSU0FDQUcy LmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgB2 /4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYvGaGz7AAAEAwBHMEUC IAsyDN0s+gSYDCt1KJFQeX63YuWvU0ZPZU8OjFkf2BzlAiEA1jlfUjHsiAGVf23X yRbVr7p1VPD0XdSSCzTuXGdxlSYAdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZ u7+rOdiEcwAAAYvGaGy1AAAEAwBIMEYCIQCyC93Q8s78K6SpNzgysS9fd7JuGDnv SIdBVKdU4h5l7gIhAL5m796zYmStxsp7laF5/dmazhr/Uooc0Of8c1hflctdAHYA PxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGLxmhtCQAABAMARzBF AiBTBt4ulhoDqs9v+tFL7jQhCSJatpH+L/PaSTfk+7lDtAIhAIzsQ79RTpQ4QY4f RGjLXB8IZXF+AzmrQxK4geif1bPPMA0GCSqGSIb3DQEBCwUAA4IBAQBStMVOzKTP H+lQhQVUQTQFoPhDLe5W+VZYlpbBzUSF7mcplQ1aUnCBDB0Ni0vDtNN30/uowOyh Qq5ZfprEX1eGw/xlpXkaO3GqFeHqMphL1coAoqUh0Tuw45sEqz5BrsjT4ajQ3hoN 07ZpA8OEHJ51U5NFB48/g/DWCQChv5Jw7KDECrBmyCwzDk8FaH1x2yJmNUMuLh7O Pm6el8/yS8n9dUTb9tb9VGbi5kvJmO55m1sfWjOfUNY45BHmaS53rIlcHpw0IfNn FlnyT/zQB6KRGP2lhM12LccxVrD9lpW8IuYvS5n16GdHtYUALtnni7I7FPCnw8sy WkUo1I5g2hDZ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzF6YvIU9matnHPaOpwI CZnTR/H4voBzXM/M5l7+hFrzejHYSEpGS1F3LFQaGpBD7SkEf7xafe5GbXCKpTO/ fzzZhbljUqBK+1k+LuTstNGWANQB2VpuIYkkkirnlqmr4204Z9IU0Ws4iuNF08XA X28bVMMZKddLXhIFzBrsGbFyHzimf4wAm07GmdVox9fCQdOSa++o1FmmIVLiU6LT GK8I6mNJI+eaX8CXt9M1fYRdDWr6DrXdaKj1yww+tN99laG1MB1pfP3XJUTpekyR kIS2aXLqUdOHI6iKqQww9S1kXW9lkOM4MJh9RmFladwvibrhuFyCZc6an8knTphn 3wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15134339415134382823310710820717646751 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert EV RSA CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-13 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-13 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sit.digitalengagement.citi.eu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22116101915853012739236899471561740964462290382248912978004935824388775419783890992816836129104275874034454488233940769753478151552162617289321676926317553054111475704008139429415046899677658725432445452856889406896322090080792629978440499613388629675658079340373368771071869883022803937370527121213987398176690936274519956354912831262079407980416465742507433813134249809121036493842412362497239982974930020258081953608174975268123860116267851014534236230414335301115056313805394881416840473883807815494682742671912645539787915801475547076565256427231602860809669908710211087074623185281513087869401615503278596450271 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6a4e50bf98689d5b7b2075d45901794866923206 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 795fe9a94801b882ee0132ded7099ba680090363 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citi.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citibank.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citibank.ae' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertEVRSACAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertEVRSACAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertEVRSACAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 016900760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bc6686cfb000004030047304502200b320cdd2cfa04980c2b75289150797eb762e5af53464f654f0e8c591fd81ce5022100d6395f5231ec8801957f6dd7c916d5afba7554f0f45dd4920b34ee5c6771952600770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bc6686cb50000040300483046022100b20bddd0f2cefc2ba4a9373832b12f5f77b26e1839ef48874154a754e21e65ee022100be66efdeb36264adc6ca7b95a179fdd99ace1aff528a1cd0e7fc73585f95cb5d0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bc6686d09000004030047304502205306de2e961a03aacf6ffad14bee342109225ab691fe2ff3da4937e4fbb943b40221008cec43bf514e9438418e1f4468cb5c1f0865717e0339ab4312b881e89fd5b3cf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0052b4c54ecca4cf1fe950850554413405a0f8432dee56f956589696c1cd4485ee6729950d5a5270810c1d0d8b4bc3b4d377d3fba8c0eca142ae597e9ac45f5786c3fc65a5791a3b71aa15e1ea32984bd5ca00a2a521d13bb0e39b04ab3e41aec8d3e1a8d0de1a0dd3b66903c3841c9e75539345078f3f83f0d60900a1bf9270eca0c40ab066c82c330e4f05687d71db226635432e2e1ece3e6e9e97cff24bc9fd7544dbf6d6fd5466e2e64bc998ee799b5b1f5a339f50d638e411e6692e77ac895c1e9c3421f3671659f24ffcd007a29118fda584cd762dc73156b0fd9695bc22e62f4b99f5e86747b585002ed9e78bb23b14f0a7c3cb325a4528d48e60da10d9