sit.digitalengagement.citi.eu

- Citigroup Inc. -

Issued by DigiCert SHA2 Extended Validation Server CA

About this certificate

This digital certificate with serial number 07:1e:24:7a:2e:d2:f5:d7:98:1c:1a:92:b2:81:ea:e8 was issued on by DigiCert Inc.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Citigroup Inc.

Company registration number: 2154254
Organization: Citigroup Inc.
State / Province: New York
Locality: New York
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 07:1e:24:7a:2e:d2:f5:d7:98:1c:1a:92:b2:81:ea:e8
Serial Number (int): 9461104723323359970266901834381781736
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: db:83:d7:d7:c7:a4:34:85:49:d8:8e:6c:90:f6:ed:48:ad:d5:3b:9a
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f

Fingerprint (sha1): ac:92:e0:a6:47:0d:26:04:7a:34:82:8c:d5:1d:ff:9a:f1:87:d4:56
Fingerprint (sha256): 24:34:86:1f:78:21:e5:25:20:dc:f6:52:61:a2:da:9a:a5:77:ca:ff:bd:c3:e2:90:6f:be:04:60:01:ad:35:1b

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g3.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g3.crl

Check the revocation status for certificate sit.digitalengagement.citi.eu

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sit.digitalengagement.citi.eu

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA512 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sit.digitalengagement.citi.eu
sit.digitalengagement.citibank.co.uk
sit.digitalengagement.citibank.ae
GTEGC-VREWW02S.nsplex.dyn.dmzroot.net

Other certificates including the domain name citi.eu

(limited to 100 certificates)
content22.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citibank.pl
mobile.citi.eu
globalmobilesit2.citi.eu
mobile.citi.eu
globalmobile.uat.citi.eu
uat2.citi.eu
sit.digitalengagement.citi.eu
uat2.citibank.pl
uatuk.ipb.citimobile.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
uat2.citibank.pl
uat.digitalengagement.citi.eu
bottleuat.citi.eu
online.citi.eu
sit.digitalengagement.citi.eu
bottle.citi.eu
mobile.citi.eu
citibankonline.ipb.citi.eu
globalmobile.sit.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
mobile.citi.eu
online.citi.eu
rail.citi.eu
rail.citi.eu
sit.digitalengagement.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
bottle.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
globalmobilesit2.citi.eu
uat1.citi.eu
mobile.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
online.citi.eu
mobile.uat2.citi.eu
bottleuat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
test.citibankonline.ipb.citi.eu
uat1.citi.eu
uat2.citi.eu
content22.citi.eu
globalmobile.uat.cbol.citi.eu
mobile.citi.eu
uat2.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat1.citi.eu
online.citi.eu
mobile.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit2.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
mobile.uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1b.citi.eu
uat2.citi.eu
globalmobilesit1.citi.eu
mobile.pat1.citi.eu
bottle.citi.eu
citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
uat2.citibank.pl
globalmobile.uat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat2.citibank.pl
uat.digitalengagement.citi.eu
leaf.citi.eu
uat.project.citibank.ru
mobile.citi.eu
citibankonline.ipb.citi.eu
content22.citi.eu
mobile.citi.eu
uat1.citi.eu
uat.digitalengagement.citi.eu
online.citi.eu
uatuk.ipb.citimobile.citi.eu
uat1.citi.eu
digitalengagement.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit1.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
uat1.citi.eu
uatuk.ipb.citimobile.citi.eu

Certificate

The complete raw certificate details for sit.digitalengagement.citi.eu in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHwTCCBqmgAwIBAgIQBx4kei7S9deYHBqSsoHq6DANBgkqhkiG9w0BAQ0FADB1
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk
IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIyMTAyNzAwMDAwMFoXDTIzMTAyNzIz
NTk1OVowgdUxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMI
RGVsYXdhcmUxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQF
EwcyMTU0MjU0MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNV
BAcTCE5ldyBZb3JrMRcwFQYDVQQKEw5DaXRpZ3JvdXAgSW5jLjEmMCQGA1UEAxMd
c2l0LmRpZ2l0YWxlbmdhZ2VtZW50LmNpdGkuZXUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCwjOp8DWhVAoF691dyuhXAfiWiZdGn6tcTNFbIrnCCfSTv
Ck1GiBRArsZ9SAQtcn5GG55WrMJWpi3vpDnssoAG+fQrTBGD0RVoOQ+SuAmqAp1v
et+2WgxUfRGKPE6efNfrZEpn/FzNtjTyZRbR+HCGD2pPv/P8EYFjkBj9yUu/E5bb
K69zAG7xOJxTHiwB1Weea2C6DTV7idtwibFIes0KwenBfPatc5/jMWTU6XvJDF2E
2pBeXijf2PWdTVAreWrmS6bbzk55BujdPuBCVTNoFJKJlyUVdqnL/bJWhMlToFJv
0H9yEvNidIwZ49j99SSLo/LyZ6Nzqc8j81GxaiYNAgMBAAGjggPqMIID5jAfBgNV
HSMEGDAWgBQ901Cl1qCt7vNKYApl0yHU+PjWDzAdBgNVHQ4EFgQU24PX18ekNIVJ
2I5skPbtSK3VO5owgZoGA1UdEQSBkjCBj4Idc2l0LmRpZ2l0YWxlbmdhZ2VtZW50
LmNpdGkuZXWCJHNpdC5kaWdpdGFsZW5nYWdlbWVudC5jaXRpYmFuay5jby51a4Ih
c2l0LmRpZ2l0YWxlbmdhZ2VtZW50LmNpdGliYW5rLmFlgiVHVEVHQy1WUkVXVzAy
Uy5uc3BsZXguZHluLmRtenJvb3QubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDov
L2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWczLmNybDA0oDKgMIYu
aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWczLmNybDBK
BgNVHSAEQzBBMAsGCWCGSAGG/WwCATAyBgVngQwBATApMCcGCCsGAQUFBwIBFhto
dHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYgGCCsGAQUFBwEBBHwwejAkBggr
BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZo
dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRW
YWxpZGF0aW9uU2VydmVyQ0EuY3J0MAkGA1UdEwQCMAAwggF9BgorBgEEAdZ5AgQC
BIIBbQSCAWkBZwB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAAB
hBkFmKcAAAQDAEcwRQIgSFSylQKsgO3XzFzujuXFgMST/minM3+cXEaDfQYlP8gC
IQDD0RQiB1VA3Vt3lxGL+eO9wjZLqJFPtjz8/OWhHQkU8wB2ALNzdwfhhFD4Y4bW
BancEQlKeS2xZwwLh9zwAw55NqWaAAABhBkFmMsAAAQDAEcwRQIhAIMWBbQAcCfe
0MiCbjKBDPx6yxCFYAD8vsRcL1SYaSZWAiAqLyijrhvwplAJViokj3GT02KPXrtK
ZU3b8UFIXRlfQgB1ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAAB
hBkFmH8AAAQDAEYwRAIgcpEI+VVV0UK1RRQ3g9UmUXhd5P3+zstlRd3e7AmxRdIC
IAPFLlPARxDEsKvPkQdzIpvogmmFLUcZ59bECzBPgjlhMA0GCSqGSIb3DQEBDQUA
A4IBAQBMMlgYfT7bjMpC3f49iqG1XaHoDIfirsZNMCt1jwsCUYDQNz/eDAT4TaO3
J39pzdYx4wcddHMWJHKlUBM2duH4nqFlerYGigPkw1c5/qS0Q4jX2psXtc5nENy7
br+iWIy3hwNQtjeBNUhWLVpoCwga736ZLrZL5wtf5t18VfLDQmC0ZWluSb8EKSi5
7Wu3lmEnvCDvGCl0c/7l17T6uApWs2AB1783TBMhSdwcnIZqUSUAFtZ2/veCi6XT
jl6kd60VY9vMwa+LqrnHRmtA+PPIQOIfBeqUtKwIbKsSiPhvP8p5339qmb78aAmN
51MxUWqq8G1tCebSVwxMLuGpVDbh
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIzqfA1oVQKBevdXcroV
wH4lomXRp+rXEzRWyK5wgn0k7wpNRogUQK7GfUgELXJ+RhueVqzCVqYt76Q57LKA
Bvn0K0wRg9EVaDkPkrgJqgKdb3rftloMVH0RijxOnnzX62RKZ/xczbY08mUW0fhw
hg9qT7/z/BGBY5AY/clLvxOW2yuvcwBu8TicUx4sAdVnnmtgug01e4nbcImxSHrN
CsHpwXz2rXOf4zFk1Ol7yQxdhNqQXl4o39j1nU1QK3lq5kum285OeQbo3T7gQlUz
aBSSiZclFXapy/2yVoTJU6BSb9B/chLzYnSMGePY/fUki6Py8mejc6nPI/NRsWom
DQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9461104723323359970266901834381781736
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-27 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sit.digitalengagement.citi.eu'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22287429921491081457478461103531186951387569232253448798866477360738059289289659575175834932499852725717735308307297729181511091363387091584472085613187585249248186006156582559078566982827456723914256847646077433611843982983788814705803519532867701137761780564338131411941591456681772194732383478777143935022369621317292844146193187373066419406051913870670917434176899677980902825621793935907565959166096481211303445699692636357861592537809637035019292000312356161734454325104701578792064011747573675110025780197565229822887379681638727955774913456629571015172522070029277952799723741150290261851623485079459681936909
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							db83d7d7c7a4348549d88e6c90f6ed48add53b9a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (146 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citi.eu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citibank.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citibank.ae'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'GTEGC-VREWW02S.nsplex.dyn.dmzroot.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g3.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g3.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000184190598a7000004030047304502204854b29502ac80edd7cc5cee8ee5c580c493fe68a7337f9c5c46837d06253fc8022100c3d11422075540dd5b7797118bf9e3bdc2364ba8914fb63cfcfce5a11d0914f3007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000184190598cb0000040300473045022100831605b4007027ded0c8826e32810cfc7acb10856000fcbec45c2f549869265602202a2f28a3ae1bf0a65009562a248f7193d3628f5ebb4a654ddbf141485d195f42007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001841905987f00000403004630440220729108f95555d142b545143783d52651785de4fdfececb6545dddeec09b145d2022003c52e53c04710c4b0abcf910773229be88269852d4719e7d6c40b304f823961
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004c3258187d3edb8cca42ddfe3d8aa1b55da1e80c87e2aec64d302b758f0b025180d0373fde0c04f84da3b7277f69cdd631e3071d7473162472a550133676e1f89ea1657ab6068a03e4c35739fea4b44388d7da9b17b5ce6710dcbb6ebfa2588cb7870350b637813548562d5a680b081aef7e992eb64be70b5fe6dd7c55f2c34260b465696e49bf042928b9ed6bb7966127bc20ef18297473fee5d7b4fab80a56b36001d7bf374c132149dc1c9c866a51250016d676fef7828ba5d38e5ea477ad1563dbccc1af8baab9c7466b40f8f3c840e21f05ea94b4ac086cab1288f86f3fca79df7f6a99befc68098de75331516aaaf06d6d09e6d2570c4c2ee1a95436e1