www.citi.com
- Citigroup Inc. -
Issued by DigiCert EV RSA CA G2
About this certificate
This digital certificate with serial number 01:10:2e:3a:2d:fc:40:75:f8:81:f1:89:7d:4c:4d:c5 was issued on by DigiCert Inc.
With 73 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization: Citigroup Inc.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 01:10:2e:3a:2d:fc:40:75:f8:81:f1:89:7d:4c:4d:c5Serial Number (int): 1413242345828446075265611092825230789
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: ff:45:d4:21:cf:cf:62:60:9d:c1:d8:b0:90:fe:8a:a1:89:41:90:3e
AuthorityKeyId: 6a:4e:50:bf:98:68:9d:5b:7b:20:75:d4:59:01:79:48:66:92:32:06
Fingerprint (sha1): ce:e5:0d:b4:36:63:fb:dc:4e:2c:ae:8f:86:ce:a5:53:bb:a3:09:35
Fingerprint (sha256): 21:c4:44:8e:09:88:4f:d7:d1:ed:88:4c:82:d4:74:55:9a:97:20:9f:ef:5f:ce:f2:e7:8b:ca:36:84:97:c6:2c
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertEVRSACAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertEVRSACAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertEVRSACAG2.crl
Check the revocation status for certificate www.citi.com
73
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.citi.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.citi.com
accitrade.com
accitrade.com.mx
blog.citigroup.com
bridgebuiltbyciti.com
bridgebyciti.com
canvas.citi.com
cardservicesdirect.com.au
careers.citigroup.com
citi.com
citibank.co.id
citibank.co.kr
citibank.co.th
citibank.co.uk
citibank.com
citibank.com.au
citibank.com.cn
citibank.com.hk
citibank.com.sg
citibank.com.vn
citibank.cz
citibank.hu
citibank.pl
citibankonline.pl
citidirect.com
citifx.com
citifxpulse.com
citigold.citibank.com
citigold.co.kr
citigold.pl
citigroup.com
citigroup.jp
citimanager.com
citipay.citi.com
citivelocity.com
dinersclub.com.au
europe.citigold.citibank.com
homeownersupport.com
ipb.citi.com
ipb.citibank.co.uk
ipb.citibank.com
ipb.citibank.eu
ipbus.citi.com
ipbusclientappreciation.citi.com
recognitionprogram.citi.com
universalcard.com
workday.citi.com
www.blog.citigroup.com
www.cardbenefits.citi.com
www.careers.citigroup.com
www.citibank.ae
www.citibank.bh
www.citibank.cz
www.citibank.hu
www.citibank.sk
www.citigold.citibank.com
www.citigroup.jp
www.citimanager.com
www.citipay.citi.com
www.citipricerewind.com
www.emergingmarkets.transactionservices.citi.com
www.esources.transactionservices.citi.com
www.europe.citigold.citibank.com
www.ipb.citi.com
www.ipb.citibank.co.uk
www.ipb.citibank.com
www.ipb.citibank.eu
www.ipbus.citi.com
www.ipbusclientappreciation.citi.com
www.mortgage.com
www.searscard.com
www.universalcard.com
www4.citi.com
accitrade.com
accitrade.com.mx
blog.citigroup.com
bridgebuiltbyciti.com
bridgebyciti.com
canvas.citi.com
cardservicesdirect.com.au
careers.citigroup.com
citi.com
citibank.co.id
citibank.co.kr
citibank.co.th
citibank.co.uk
citibank.com
citibank.com.au
citibank.com.cn
citibank.com.hk
citibank.com.sg
citibank.com.vn
citibank.cz
citibank.hu
citibank.pl
citibankonline.pl
citidirect.com
citifx.com
citifxpulse.com
citigold.citibank.com
citigold.co.kr
citigold.pl
citigroup.com
citigroup.jp
citimanager.com
citipay.citi.com
citivelocity.com
dinersclub.com.au
europe.citigold.citibank.com
homeownersupport.com
ipb.citi.com
ipb.citibank.co.uk
ipb.citibank.com
ipb.citibank.eu
ipbus.citi.com
ipbusclientappreciation.citi.com
recognitionprogram.citi.com
universalcard.com
workday.citi.com
www.blog.citigroup.com
www.cardbenefits.citi.com
www.careers.citigroup.com
www.citibank.ae
www.citibank.bh
www.citibank.cz
www.citibank.hu
www.citibank.sk
www.citigold.citibank.com
www.citigroup.jp
www.citimanager.com
www.citipay.citi.com
www.citipricerewind.com
www.emergingmarkets.transactionservices.citi.com
www.esources.transactionservices.citi.com
www.europe.citigold.citibank.com
www.ipb.citi.com
www.ipb.citibank.co.uk
www.ipb.citibank.com
www.ipb.citibank.eu
www.ipbus.citi.com
www.ipbusclientappreciation.citi.com
www.mortgage.com
www.searscard.com
www.universalcard.com
www4.citi.com
Other certificates including the domain name citi.com
(limited to 100 certificates)
tv.citi.com
ibmwebspheremqaltophubqmsit.citi.com
ibmwebspheremqgtsitorg01.citi.com
consumersoa.citi.com
ibmwebspheremqmrntbc12.citi.com
www.citibank.com
ibmWebSphereMQCSGPP.citi.com
uat.citi.com
ibmwebspheremqswprdcol01.citi.com
uat.accountonline.com
mx-test.mail.citi.com
desktop.citi.com
ibmwebspheremqgtsgatewayqm2.citi.com
cardactivation.citi.com
Preview.online.citi.com
Financialtools.citi.com
mobilesoasit2.citi.com
friendlyusertest.creditcards.citi.com
soawebsocketuat.citi.com
www.privatebank.citibank.com
ibmwebspheremqgtprdfus17.citi.com
efdissecuresignuat.citi.com
LyncProdDR.EUR.NSROOT.NET
ibmwebspheremqmrnpbc45.citi.com
citicards.citi.com
expresswaye02.emealabs.citi.com
www.uat.payment.citi.com
security1.citi.com
ibmwebspheremqmdltbc04.citi.com.citi.com
supplierportal.uattec.citi.com
extracash.citi.com
ibmwebspheremqgtprdca04.citi.com
chat.online.citi.com
mailir.citi.com
ibmwebspheremqswprdmob02.citi.com
ibmwebspheremqswprdbby05.citi.com
concierge.citi.com
paymentexchange.cte.transactionservices.citi.com
businesspopmoney.citi.com
citiconnectbeneficiaryadvising.citi.com
approvepay.citi.com
ibmWebSphereMQSP02P.citi.com
www.citibank.co.uk
sit7.online.citi.com
citiconnectbeneficiaryadvising.citi.com
locationtracker.citi.com
ibmwebspheremqmdlpbc03.citi.com
ibmwebspheremqmrnpbc30.citi.com
uat.approvepay.citi.com
vmr.emealabs.citi.com
supplierportal.uat.citi.com
ibmwebspheremqmdlpbc31.citi.com
survey.emailapps.emea.citi.com
ibmWebSphereMQCSGDU.citi.com
wiresuat2.citi.com
www.privatebank.citibank.com
pzvideo.citi.com
citifundremoteaccess.transactionservices.citi.com
www.retailservicescommercial.citi.com
uat.citi.com
icg.citi.com
paymentexchange.cte.transactionservices.citi.com
ibmwebspheremqfpsnam_prod.citi.com
mypcauth.citi.com
uat.remoteoffice.citigroup.com
ibmwebspheremqrd03u.citi.com
sip.citi.com
creditscore.citi.com
ibmwebspheremqmdlpbc43.citi.com
wiresuat1.citi.com
uat.citi.com
ibmwebspheremqgtaemf4qm.sit.citi.com
presentandpay.citi.com
cardupgrade.citi.com
www.identityprotection.citi.com
mobilesoaaspac.citi.com
mobileservices.nam.citiprivatebank.citi.com
aspac.api2s.citi.com
eur.vmr.citi.com
www.paymentaidplus.citi.com
m.partner.citi.com
mobilesoaaspac2.citi.com
dit01.creditcards.citi.com
businessaccess.citibank.citigroup.com
ir.citi.com
aspac.api.citi.com
mobilesoaaspac2.citi.com
soawebsocketsit.citi.com
ibmwebspheremqnaissc2p.citi.com
reset.uat.citi.com
ibmwebspheremqswlodcol01.citi.com
ibmwebspheremqgtprdorg02.citi.com
uat.citigoldlounges.citi.com
ibmwebspheremqicgqm1.qc1.citi.com
ibmwebspheremqmdlpbc48.citi.com
uat.citigoldlounges.citi.com
lync13poolnamdev1.namdev.nsrootdev.net
uat.ir.citi.com
sit15.accountonline.citi.com
metrics1.citi.com
ibmwebspheremqaltophubqmsit.citi.com
ibmwebspheremqgtsitorg01.citi.com
consumersoa.citi.com
ibmwebspheremqmrntbc12.citi.com
www.citibank.com
ibmWebSphereMQCSGPP.citi.com
uat.citi.com
ibmwebspheremqswprdcol01.citi.com
uat.accountonline.com
mx-test.mail.citi.com
desktop.citi.com
ibmwebspheremqgtsgatewayqm2.citi.com
cardactivation.citi.com
Preview.online.citi.com
Financialtools.citi.com
mobilesoasit2.citi.com
friendlyusertest.creditcards.citi.com
soawebsocketuat.citi.com
www.privatebank.citibank.com
ibmwebspheremqgtprdfus17.citi.com
efdissecuresignuat.citi.com
LyncProdDR.EUR.NSROOT.NET
ibmwebspheremqmrnpbc45.citi.com
citicards.citi.com
expresswaye02.emealabs.citi.com
www.uat.payment.citi.com
security1.citi.com
ibmwebspheremqmdltbc04.citi.com.citi.com
supplierportal.uattec.citi.com
extracash.citi.com
ibmwebspheremqgtprdca04.citi.com
chat.online.citi.com
mailir.citi.com
ibmwebspheremqswprdmob02.citi.com
ibmwebspheremqswprdbby05.citi.com
concierge.citi.com
paymentexchange.cte.transactionservices.citi.com
businesspopmoney.citi.com
citiconnectbeneficiaryadvising.citi.com
approvepay.citi.com
ibmWebSphereMQSP02P.citi.com
www.citibank.co.uk
sit7.online.citi.com
citiconnectbeneficiaryadvising.citi.com
locationtracker.citi.com
ibmwebspheremqmdlpbc03.citi.com
ibmwebspheremqmrnpbc30.citi.com
uat.approvepay.citi.com
vmr.emealabs.citi.com
supplierportal.uat.citi.com
ibmwebspheremqmdlpbc31.citi.com
survey.emailapps.emea.citi.com
ibmWebSphereMQCSGDU.citi.com
wiresuat2.citi.com
www.privatebank.citibank.com
pzvideo.citi.com
citifundremoteaccess.transactionservices.citi.com
www.retailservicescommercial.citi.com
uat.citi.com
icg.citi.com
paymentexchange.cte.transactionservices.citi.com
ibmwebspheremqfpsnam_prod.citi.com
mypcauth.citi.com
uat.remoteoffice.citigroup.com
ibmwebspheremqrd03u.citi.com
sip.citi.com
creditscore.citi.com
ibmwebspheremqmdlpbc43.citi.com
wiresuat1.citi.com
uat.citi.com
ibmwebspheremqgtaemf4qm.sit.citi.com
presentandpay.citi.com
cardupgrade.citi.com
www.identityprotection.citi.com
mobilesoaaspac.citi.com
mobileservices.nam.citiprivatebank.citi.com
aspac.api2s.citi.com
eur.vmr.citi.com
www.paymentaidplus.citi.com
m.partner.citi.com
mobilesoaaspac2.citi.com
dit01.creditcards.citi.com
businessaccess.citibank.citigroup.com
ir.citi.com
aspac.api.citi.com
mobilesoaaspac2.citi.com
soawebsocketsit.citi.com
ibmwebspheremqnaissc2p.citi.com
reset.uat.citi.com
ibmwebspheremqswlodcol01.citi.com
ibmwebspheremqgtprdorg02.citi.com
uat.citigoldlounges.citi.com
ibmwebspheremqicgqm1.qc1.citi.com
ibmwebspheremqmdlpbc48.citi.com
uat.citigoldlounges.citi.com
lync13poolnamdev1.namdev.nsrootdev.net
uat.ir.citi.com
sit15.accountonline.citi.com
metrics1.citi.com
Certificate
The complete raw certificate details for www.citi.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIMmDCCC4CgAwIBAgIQARAuOi38QHX4gfGJfUxNxTANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBFViBSU0EgQ0EgRzIwHhcNMjQwNDEwMDAwMDAwWhcNMjUwMzI4MjM1 OTU5WjCBxDETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhE ZWxhd2FyZTEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUT BzIxNTQyNTQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UE BxMITmV3IFlvcmsxFzAVBgNVBAoTDkNpdGlncm91cCBJbmMuMRUwEwYDVQQDEwx3 d3cuY2l0aS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnBK9x M9lp9udaVs21vDRsy41EbjEDOQsPfAo3vu+u781X6Y4PeotokOuigXgYWc3oLmAB fRAxHqpLRh8HD0Ib/z/Nir9XkYxmJbQExm05P5AFkGEfVl2YmSlMnJzSHLhVDMEa IVLDYYhvQerQ/H0DNqkNyo+8sg5h/0/xaxnmoLPo/0TKh0Efv6ANORqRxm28wpWY bHwjLQiLnJ0l2pwIxkAX2puENTTDygtyILnplYXLoYNqdXXpbBXPbtTgVoXApb+w PIWTQ4FQTJIxys+X61zNtSkjH4IW12BPsIwsyRhU6DddGX60act/Vpxxmmqoosxp cd8izU2/CKrBFB35AgMBAAGjggkDMIII/zAfBgNVHSMEGDAWgBRqTlC/mGidW3sg ddRZAXlIZpIyBjAdBgNVHQ4EFgQU/0XUIc/PYmCdwdiwkP6KoYlBkD4wggXDBgNV HREEggW6MIIFtoIMd3d3LmNpdGkuY29tgg1hY2NpdHJhZGUuY29tghBhY2NpdHJh ZGUuY29tLm14ghJibG9nLmNpdGlncm91cC5jb22CFWJyaWRnZWJ1aWx0YnljaXRp LmNvbYIQYnJpZGdlYnljaXRpLmNvbYIPY2FudmFzLmNpdGkuY29tghljYXJkc2Vy dmljZXNkaXJlY3QuY29tLmF1ghVjYXJlZXJzLmNpdGlncm91cC5jb22CCGNpdGku Y29tgg5jaXRpYmFuay5jby5pZIIOY2l0aWJhbmsuY28ua3KCDmNpdGliYW5rLmNv LnRogg5jaXRpYmFuay5jby51a4IMY2l0aWJhbmsuY29tgg9jaXRpYmFuay5jb20u YXWCD2NpdGliYW5rLmNvbS5jboIPY2l0aWJhbmsuY29tLmhrgg9jaXRpYmFuay5j b20uc2eCD2NpdGliYW5rLmNvbS52boILY2l0aWJhbmsuY3qCC2NpdGliYW5rLmh1 ggtjaXRpYmFuay5wbIIRY2l0aWJhbmtvbmxpbmUucGyCDmNpdGlkaXJlY3QuY29t ggpjaXRpZnguY29tgg9jaXRpZnhwdWxzZS5jb22CFWNpdGlnb2xkLmNpdGliYW5r LmNvbYIOY2l0aWdvbGQuY28ua3KCC2NpdGlnb2xkLnBsgg1jaXRpZ3JvdXAuY29t ggxjaXRpZ3JvdXAuanCCD2NpdGltYW5hZ2VyLmNvbYIQY2l0aXBheS5jaXRpLmNv bYIQY2l0aXZlbG9jaXR5LmNvbYIRZGluZXJzY2x1Yi5jb20uYXWCHGV1cm9wZS5j aXRpZ29sZC5jaXRpYmFuay5jb22CFGhvbWVvd25lcnN1cHBvcnQuY29tggxpcGIu Y2l0aS5jb22CEmlwYi5jaXRpYmFuay5jby51a4IQaXBiLmNpdGliYW5rLmNvbYIP aXBiLmNpdGliYW5rLmV1gg5pcGJ1cy5jaXRpLmNvbYIgaXBidXNjbGllbnRhcHBy ZWNpYXRpb24uY2l0aS5jb22CG3JlY29nbml0aW9ucHJvZ3JhbS5jaXRpLmNvbYIR dW5pdmVyc2FsY2FyZC5jb22CEHdvcmtkYXkuY2l0aS5jb22CFnd3dy5ibG9nLmNp dGlncm91cC5jb22CGXd3dy5jYXJkYmVuZWZpdHMuY2l0aS5jb22CGXd3dy5jYXJl ZXJzLmNpdGlncm91cC5jb22CD3d3dy5jaXRpYmFuay5hZYIPd3d3LmNpdGliYW5r LmJogg93d3cuY2l0aWJhbmsuY3qCD3d3dy5jaXRpYmFuay5odYIPd3d3LmNpdGli YW5rLnNrghl3d3cuY2l0aWdvbGQuY2l0aWJhbmsuY29tghB3d3cuY2l0aWdyb3Vw LmpwghN3d3cuY2l0aW1hbmFnZXIuY29tghR3d3cuY2l0aXBheS5jaXRpLmNvbYIX d3d3LmNpdGlwcmljZXJld2luZC5jb22CMHd3dy5lbWVyZ2luZ21hcmtldHMudHJh bnNhY3Rpb25zZXJ2aWNlcy5jaXRpLmNvbYIpd3d3LmVzb3VyY2VzLnRyYW5zYWN0 aW9uc2VydmljZXMuY2l0aS5jb22CIHd3dy5ldXJvcGUuY2l0aWdvbGQuY2l0aWJh bmsuY29tghB3d3cuaXBiLmNpdGkuY29tghZ3d3cuaXBiLmNpdGliYW5rLmNvLnVr ghR3d3cuaXBiLmNpdGliYW5rLmNvbYITd3d3LmlwYi5jaXRpYmFuay5ldYISd3d3 LmlwYnVzLmNpdGkuY29tgiR3d3cuaXBidXNjbGllbnRhcHByZWNpYXRpb24uY2l0 aS5jb22CEHd3dy5tb3J0Z2FnZS5jb22CEXd3dy5zZWFyc2NhcmQuY29tghV3d3cu dW5pdmVyc2FsY2FyZC5jb22CDXd3dzQuY2l0aS5jb20wSgYDVR0gBEMwQTALBglg hkgBhv1sAgEwMgYFZ4EMAQEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp Y2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDovL2NybDMuZGlnaWNl cnQuY29tL0RpZ2lDZXJ0RVZSU0FDQUcyLmNybDA0oDKgMIYuaHR0cDovL2NybDQu ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RVZSU0FDQUcyLmNybDBzBggrBgEFBQcBAQRn MGUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA9BggrBgEF BQcwAoYxaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RVZSU0FD QUcyLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkA dgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY7F156qAAAEAwBH MEUCIG46ep1YW/tOIAnOBEWxXV81yHsqyW/tfuIskwdKlIU0AiEA/3kkHiadXPwr fMaPi4fapVEgW9xo4dgwBJWsYzFthc8AdwB9WR4S4XgqexxhZ3xe/fjQh1wUoE6V nrkDL9kOjC55uAAAAY7F157kAAAEAwBIMEYCIQC7jVuDjzbSiv8ylPfskCmw8xtN du/r2SnSMaADUCreSgIhAI1usLMyaullff50j+6irHnbBABdyorZPLi8acv91R1o AHYA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGOxdefCwAABAMA RzBFAiEAvS+sxU4Ch/pYJrfvOP6n+8a/Xz/q+TjX7t3Bh4TApJUCIE6gvFoIOhai L5mgLvcsIJuc2zwm2fdwbSx87PbhEBwqMA0GCSqGSIb3DQEBCwUAA4IBAQCLAF3G H50RHVJrpT4sEJekCURYUnfqAESXgaStZWCCNQ5LkcOJ6SbqWvR7gLj5KOabUgbw gpcwdLPSa28DbL7gVG999zQSGxn9TW2IW82cctFngsLkMGEV7duI72YnyogTMIef HA8KOy20c8DQBvt73SEe+PBrW3Acf7gICEcFeNrZbsO4u971FpmdMSRThlRso47i /3Tfcy3fc4wmDPAsvGsYRNNslaXxHrh+02+j7aqcfptFxbUis0uGD4K9DnfyvyA5 CRGm4P3Iw2jOrp3Qb6ec3uoC19wTDyITQUuvoNk14xvNSPYPAkrSckhhuc6NNzij qwUDWohvlOxWdYR1 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwSvcTPZafbnWlbNtbw0 bMuNRG4xAzkLD3wKN77vru/NV+mOD3qLaJDrooF4GFnN6C5gAX0QMR6qS0YfBw9C G/8/zYq/V5GMZiW0BMZtOT+QBZBhH1ZdmJkpTJyc0hy4VQzBGiFSw2GIb0Hq0Px9 AzapDcqPvLIOYf9P8WsZ5qCz6P9EyodBH7+gDTkakcZtvMKVmGx8Iy0Ii5ydJdqc CMZAF9qbhDU0w8oLciC56ZWFy6GDanV16WwVz27U4FaFwKW/sDyFk0OBUEySMcrP l+tczbUpIx+CFtdgT7CMLMkYVOg3XRl+tGnLf1accZpqqKLMaXHfIs1NvwiqwRQd +QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1413242345828446075265611092825230789 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert EV RSA CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.citi.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21084107347268579465643351447777033772795293337726754228810894300098818330287062188616196436107107199768581624758493883785750613254514147083189871188615381467789381630458553765343638667569061088590424555111722239174664456357507118591529062721414155495420735006460462554219011380547512646868764034945811521404726482229389141979791920401521143981765629077237653935855472458316106447922458206925295237485279045523406723307221114347073387181271327054765172923266579587223478008100370108550225802108716640512419771946274747203966837611476765670820203911475568771004307635075945290615437272677194885694300983215357024280057 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6a4e50bf98689d5b7b2075d45901794866923206 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ff45d421cfcf62609dc1d8b090fe8aa18941903e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1466 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'accitrade.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'accitrade.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bridgebuiltbyciti.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bridgebyciti.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canvas.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cardservicesdirect.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careers.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.co.id' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.co.kr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.co.th' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.hk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.sg' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.vn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.hu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.pl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibankonline.pl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citidirect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citifx.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citifxpulse.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigold.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigold.co.kr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigold.pl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigroup.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citimanager.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citipay.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citivelocity.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dinersclub.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'europe.citigold.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homeownersupport.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipb.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipb.citibank.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipb.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipb.citibank.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipbus.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipbusclientappreciation.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recognitionprogram.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universalcard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'workday.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.blog.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cardbenefits.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.careers.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.ae' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.bh' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.hu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.sk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citigold.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citigroup.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citimanager.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citipay.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citipricerewind.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.emergingmarkets.transactionservices.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.esources.transactionservices.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.europe.citigold.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipb.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipb.citibank.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipb.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipb.citibank.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipbus.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipbusclientappreciation.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mortgage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.searscard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalcard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www4.citi.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertEVRSACAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertEVRSACAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertEVRSACAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ec5d79eaa000004030047304502206e3a7a9d585bfb4e2009ce0445b15d5f35c87b2ac96fed7ee22c93074a948534022100ff79241e269d5cfc2b7cc68f8b87daa551205bdc68e1d8300495ac63316d85cf0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018ec5d79ee40000040300483046022100bb8d5b838f36d28aff3294f7ec9029b0f31b4d76efebd929d231a003502ade4a0221008d6eb0b3326ae9657dfe748feea2ac79db04005dca8ad93cb8bc69cbfdd51d68007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018ec5d79f0b0000040300473045022100bd2facc54e0287fa5826b7ef38fea7fbc6bf5f3feaf938d7eeddc18784c0a49502204ea0bc5a083a16a22f99a02ef72c209b9cdb3c26d9f7706d2c7cecf6e1101c2a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008b005dc61f9d111d526ba53e2c1097a40944585277ea00449781a4ad656082350e4b91c389e926ea5af47b80b8f928e69b5206f082973074b3d26b6f036cbee0546f7df734121b19fd4d6d885bcd9c72d16782c2e4306115eddb88ef6627ca881330879f1c0f0a3b2db473c0d006fb7bdd211ef8f06b5b701c7fb80808470578dad96ec3b8bbdef516999d31245386546ca38ee2ff74df732ddf738c260cf02cbc6b1844d36c95a5f11eb87ed36fa3edaa9c7e9b45c5b522b34b860f82bd0e77f2bf20390911a6e0fdc8c368ceae9dd06fa79cdeea02d7dc130f2213414bafa0d935e31bcd48f60f024ad2724861b9ce8d3738a3ab05035a886f94ec56758475