sit.digitalengagement.citi.eu
- Citigroup Inc. -
Issued by DigiCert SHA2 Extended Validation Server CA
About this certificate
This digital certificate with serial number 07:1e:24:7a:2e:d2:f5:d7:98:1c:1a:92:b2:81:ea:e8 was issued on by DigiCert Inc.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization: Citigroup Inc.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 07:1e:24:7a:2e:d2:f5:d7:98:1c:1a:92:b2:81:ea:e8Serial Number (int): 9461104723323359970266901834381781736
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: db:83:d7:d7:c7:a4:34:85:49:d8:8e:6c:90:f6:ed:48:ad:d5:3b:9a
AuthorityKeyId: 3d:d3:50:a5:d6:a0:ad:ee:f3:4a:60:0a:65:d3:21:d4:f8:f8:d6:0f
Fingerprint (sha1): ac:92:e0:a6:47:0d:26:04:7a:34:82:8c:d5:1d:ff:9a:f1:87:d4:56
Fingerprint (sha256): 24:34:86:1f:78:21:e5:25:20:dc:f6:52:61:a2:da:9a:a5:77:ca:ff:bd:c3:e2:90:6f:be:04:60:01:ad:35:1b
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/sha2-ev-server-g3.crl
CRL Distribution Point: http://crl4.digicert.com/sha2-ev-server-g3.crl
Check the revocation status for certificate sit.digitalengagement.citi.eu
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sit.digitalengagement.citi.eu
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA512 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sit.digitalengagement.citi.eu
sit.digitalengagement.citibank.co.uk
sit.digitalengagement.citibank.ae
GTEGC-VREWW02S.nsplex.dyn.dmzroot.net
sit.digitalengagement.citibank.co.uk
sit.digitalengagement.citibank.ae
GTEGC-VREWW02S.nsplex.dyn.dmzroot.net
Other certificates including the domain name citi.eu
(limited to 100 certificates)
content22.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citibank.pl
mobile.citi.eu
globalmobilesit2.citi.eu
mobile.citi.eu
globalmobile.uat.citi.eu
uat2.citi.eu
sit.digitalengagement.citi.eu
uat2.citibank.pl
uatuk.ipb.citimobile.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
uat2.citibank.pl
uat.digitalengagement.citi.eu
bottleuat.citi.eu
online.citi.eu
sit.digitalengagement.citi.eu
bottle.citi.eu
mobile.citi.eu
citibankonline.ipb.citi.eu
globalmobile.sit.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
mobile.citi.eu
online.citi.eu
rail.citi.eu
rail.citi.eu
sit.digitalengagement.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
bottle.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
globalmobilesit2.citi.eu
uat1.citi.eu
mobile.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
online.citi.eu
mobile.uat2.citi.eu
bottleuat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
test.citibankonline.ipb.citi.eu
uat1.citi.eu
uat2.citi.eu
content22.citi.eu
globalmobile.uat.cbol.citi.eu
mobile.citi.eu
uat2.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat1.citi.eu
online.citi.eu
mobile.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit2.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
mobile.uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1b.citi.eu
uat2.citi.eu
globalmobilesit1.citi.eu
mobile.pat1.citi.eu
bottle.citi.eu
citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
uat2.citibank.pl
globalmobile.uat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat2.citibank.pl
uat.digitalengagement.citi.eu
leaf.citi.eu
uat.project.citibank.ru
mobile.citi.eu
citibankonline.ipb.citi.eu
content22.citi.eu
mobile.citi.eu
uat1.citi.eu
uat.digitalengagement.citi.eu
online.citi.eu
uatuk.ipb.citimobile.citi.eu
uat1.citi.eu
digitalengagement.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit1.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citibank.pl
mobile.citi.eu
globalmobilesit2.citi.eu
mobile.citi.eu
globalmobile.uat.citi.eu
uat2.citi.eu
sit.digitalengagement.citi.eu
uat2.citibank.pl
uatuk.ipb.citimobile.citi.eu
citibankonline.ipb.citi.eu
test.citibankonline.ipb.citi.eu
uat2.citibank.pl
uat.digitalengagement.citi.eu
bottleuat.citi.eu
online.citi.eu
sit.digitalengagement.citi.eu
bottle.citi.eu
mobile.citi.eu
citibankonline.ipb.citi.eu
globalmobile.sit.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
mobile.citi.eu
online.citi.eu
rail.citi.eu
rail.citi.eu
sit.digitalengagement.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
bottle.citi.eu
test.citibankonline.ipb.citi.eu
online.citi.eu
globalmobilesit2.citi.eu
uat1.citi.eu
mobile.citi.eu
mobile.citi.eu
globalmobilesit1.citi.eu
online.citi.eu
mobile.uat2.citi.eu
bottleuat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
test.citibankonline.ipb.citi.eu
uat1.citi.eu
uat2.citi.eu
content22.citi.eu
globalmobile.uat.cbol.citi.eu
mobile.citi.eu
uat2.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat1.citi.eu
online.citi.eu
mobile.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit2.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
mobile.uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1.citi.eu
globalmobile.pat.citi.eu
mobile.citi.eu
uat1b.citi.eu
uat2.citi.eu
globalmobilesit1.citi.eu
mobile.pat1.citi.eu
bottle.citi.eu
citibankonline.ipb.citi.eu
online.citi.eu
mobile.uat2.citi.eu
mobile.citi.eu
uat2.citibank.pl
globalmobile.uat.citi.eu
mobile.uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
mobile.uat2.citibank.pl
uat.digitalengagement.citi.eu
leaf.citi.eu
uat.project.citibank.ru
mobile.citi.eu
citibankonline.ipb.citi.eu
content22.citi.eu
mobile.citi.eu
uat1.citi.eu
uat.digitalengagement.citi.eu
online.citi.eu
uatuk.ipb.citimobile.citi.eu
uat1.citi.eu
digitalengagement.citi.eu
uatuk.ipb.citimobile.citi.eu
globalmobilesit1.citi.eu
citibankonline.ipb.citi.eu
mobile.citi.eu
uat1.citi.eu
uatuk.ipb.citimobile.citi.eu
Certificate
The complete raw certificate details for sit.digitalengagement.citi.eu in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHwTCCBqmgAwIBAgIQBx4kei7S9deYHBqSsoHq6DANBgkqhkiG9w0BAQ0FADB1 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMTQwMgYDVQQDEytEaWdpQ2VydCBTSEEyIEV4dGVuZGVk IFZhbGlkYXRpb24gU2VydmVyIENBMB4XDTIyMTAyNzAwMDAwMFoXDTIzMTAyNzIz NTk1OVowgdUxEzARBgsrBgEEAYI3PAIBAxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMI RGVsYXdhcmUxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQF EwcyMTU0MjU0MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNV BAcTCE5ldyBZb3JrMRcwFQYDVQQKEw5DaXRpZ3JvdXAgSW5jLjEmMCQGA1UEAxMd c2l0LmRpZ2l0YWxlbmdhZ2VtZW50LmNpdGkuZXUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCwjOp8DWhVAoF691dyuhXAfiWiZdGn6tcTNFbIrnCCfSTv Ck1GiBRArsZ9SAQtcn5GG55WrMJWpi3vpDnssoAG+fQrTBGD0RVoOQ+SuAmqAp1v et+2WgxUfRGKPE6efNfrZEpn/FzNtjTyZRbR+HCGD2pPv/P8EYFjkBj9yUu/E5bb K69zAG7xOJxTHiwB1Weea2C6DTV7idtwibFIes0KwenBfPatc5/jMWTU6XvJDF2E 2pBeXijf2PWdTVAreWrmS6bbzk55BujdPuBCVTNoFJKJlyUVdqnL/bJWhMlToFJv 0H9yEvNidIwZ49j99SSLo/LyZ6Nzqc8j81GxaiYNAgMBAAGjggPqMIID5jAfBgNV HSMEGDAWgBQ901Cl1qCt7vNKYApl0yHU+PjWDzAdBgNVHQ4EFgQU24PX18ekNIVJ 2I5skPbtSK3VO5owgZoGA1UdEQSBkjCBj4Idc2l0LmRpZ2l0YWxlbmdhZ2VtZW50 LmNpdGkuZXWCJHNpdC5kaWdpdGFsZW5nYWdlbWVudC5jaXRpYmFuay5jby51a4Ih c2l0LmRpZ2l0YWxlbmdhZ2VtZW50LmNpdGliYW5rLmFlgiVHVEVHQy1WUkVXVzAy Uy5uc3BsZXguZHluLmRtenJvb3QubmV0MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdQYDVR0fBG4wbDA0oDKgMIYuaHR0cDov L2NybDMuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWczLmNybDA0oDKgMIYu aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL3NoYTItZXYtc2VydmVyLWczLmNybDBK BgNVHSAEQzBBMAsGCWCGSAGG/WwCATAyBgVngQwBATApMCcGCCsGAQUFBwIBFhto dHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYgGCCsGAQUFBwEBBHwwejAkBggr BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMFIGCCsGAQUFBzAChkZo dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRTSEEyRXh0ZW5kZWRW YWxpZGF0aW9uU2VydmVyQ0EuY3J0MAkGA1UdEwQCMAAwggF9BgorBgEEAdZ5AgQC BIIBbQSCAWkBZwB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAAB hBkFmKcAAAQDAEcwRQIgSFSylQKsgO3XzFzujuXFgMST/minM3+cXEaDfQYlP8gC IQDD0RQiB1VA3Vt3lxGL+eO9wjZLqJFPtjz8/OWhHQkU8wB2ALNzdwfhhFD4Y4bW BancEQlKeS2xZwwLh9zwAw55NqWaAAABhBkFmMsAAAQDAEcwRQIhAIMWBbQAcCfe 0MiCbjKBDPx6yxCFYAD8vsRcL1SYaSZWAiAqLyijrhvwplAJViokj3GT02KPXrtK ZU3b8UFIXRlfQgB1ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAAB hBkFmH8AAAQDAEYwRAIgcpEI+VVV0UK1RRQ3g9UmUXhd5P3+zstlRd3e7AmxRdIC IAPFLlPARxDEsKvPkQdzIpvogmmFLUcZ59bECzBPgjlhMA0GCSqGSIb3DQEBDQUA A4IBAQBMMlgYfT7bjMpC3f49iqG1XaHoDIfirsZNMCt1jwsCUYDQNz/eDAT4TaO3 J39pzdYx4wcddHMWJHKlUBM2duH4nqFlerYGigPkw1c5/qS0Q4jX2psXtc5nENy7 br+iWIy3hwNQtjeBNUhWLVpoCwga736ZLrZL5wtf5t18VfLDQmC0ZWluSb8EKSi5 7Wu3lmEnvCDvGCl0c/7l17T6uApWs2AB1783TBMhSdwcnIZqUSUAFtZ2/veCi6XT jl6kd60VY9vMwa+LqrnHRmtA+PPIQOIfBeqUtKwIbKsSiPhvP8p5339qmb78aAmN 51MxUWqq8G1tCebSVwxMLuGpVDbh -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIzqfA1oVQKBevdXcroV wH4lomXRp+rXEzRWyK5wgn0k7wpNRogUQK7GfUgELXJ+RhueVqzCVqYt76Q57LKA Bvn0K0wRg9EVaDkPkrgJqgKdb3rftloMVH0RijxOnnzX62RKZ/xczbY08mUW0fhw hg9qT7/z/BGBY5AY/clLvxOW2yuvcwBu8TicUx4sAdVnnmtgug01e4nbcImxSHrN CsHpwXz2rXOf4zFk1Ol7yQxdhNqQXl4o39j1nU1QK3lq5kum285OeQbo3T7gQlUz aBSSiZclFXapy/2yVoTJU6BSb9B/chLzYnSMGePY/fUki6Py8mejc6nPI/NRsWom DQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 9461104723323359970266901834381781736 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert SHA2 Extended Validation Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-27 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sit.digitalengagement.citi.eu' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22287429921491081457478461103531186951387569232253448798866477360738059289289659575175834932499852725717735308307297729181511091363387091584472085613187585249248186006156582559078566982827456723914256847646077433611843982983788814705803519532867701137761780564338131411941591456681772194732383478777143935022369621317292844146193187373066419406051913870670917434176899677980902825621793935907565959166096481211303445699692636357861592537809637035019292000312356161734454325104701578792064011747573675110025780197565229822887379681638727955774913456629571015172522070029277952799723741150290261851623485079459681936909 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 3dd350a5d6a0adeef34a600a65d321d4f8f8d60f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) db83d7d7c7a4348549d88e6c90f6ed48add53b9a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (146 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citi.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citibank.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.digitalengagement.citibank.ae' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'GTEGC-VREWW02S.nsplex.dyn.dmzroot.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/sha2-ev-server-g3.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/sha2-ev-server-g3.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (124 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertSHA2ExtendedValidationServerCA.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000184190598a7000004030047304502204854b29502ac80edd7cc5cee8ee5c580c493fe68a7337f9c5c46837d06253fc8022100c3d11422075540dd5b7797118bf9e3bdc2364ba8914fb63cfcfce5a11d0914f3007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000184190598cb0000040300473045022100831605b4007027ded0c8826e32810cfc7acb10856000fcbec45c2f549869265602202a2f28a3ae1bf0a65009562a248f7193d3628f5ebb4a654ddbf141485d195f42007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001841905987f00000403004630440220729108f95555d142b545143783d52651785de4fdfececb6545dddeec09b145d2022003c52e53c04710c4b0abcf910773229be88269852d4719e7d6c40b304f823961 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004c3258187d3edb8cca42ddfe3d8aa1b55da1e80c87e2aec64d302b758f0b025180d0373fde0c04f84da3b7277f69cdd631e3071d7473162472a550133676e1f89ea1657ab6068a03e4c35739fea4b44388d7da9b17b5ce6710dcbb6ebfa2588cb7870350b637813548562d5a680b081aef7e992eb64be70b5fe6dd7c55f2c34260b465696e49bf042928b9ed6bb7966127bc20ef18297473fee5d7b4fab80a56b36001d7bf374c132149dc1c9c866a51250016d676fef7828ba5d38e5ea477ad1563dbccc1af8baab9c7466b40f8f3c840e21f05ea94b4ac086cab1288f86f3fca79df7f6a99befc68098de75331516aaaf06d6d09e6d2570c4c2ee1a95436e1