www.citi.com
- Citigroup Inc. -
Issued by DigiCert EV RSA CA G2
About this certificate
This digital certificate with serial number 0d:31:57:8a:cf:84:f7:b3:81:99:70:1d:20:b8:8f:6f was issued on by DigiCert Inc.
With 72 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Citigroup Inc.
Company registration number:
2154254
Organization: Citigroup Inc.
Organization: Citigroup Inc.
State / Province:
New York
Locality: New York
Country: US
Locality: New York
Country: US
DigiCert Inc
Organization:
DigiCert Inc
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0d:31:57:8a:cf:84:f7:b3:81:99:70:1d:20:b8:8f:6fSerial Number (int): 17536162058618202542387594269906472815
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 5f:0d:07:3c:98:88:d9:ed:8d:79:a5:a7:79:db:0c:b4:a5:aa:d1:72
AuthorityKeyId: 6a:4e:50:bf:98:68:9d:5b:7b:20:75:d4:59:01:79:48:66:92:32:06
Fingerprint (sha1): 6a:bc:b4:20:38:21:5b:6b:a5:37:17:06:3a:c7:45:10:92:7d:2b:16
Fingerprint (sha256): 49:09:ad:cd:26:1a:45:ac:e3:06:bf:7d:16:9a:5f:30:03:2d:fc:7b:81:32:fd:5f:bb:1e:89:b2:c7:a7:e6:4b
Issuing Certificate URL: http://cacerts.digicert.com/DigiCertEVRSACAG2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCRL Distribution Point: http://crl3.digicert.com/DigiCertEVRSACAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertEVRSACAG2.crl
Check the revocation status for certificate www.citi.com
72
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.citi.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.citi.com
accitrade.com
accitrade.com.mx
blog.citigroup.com
bridgebuiltbyciti.com
bridgebyciti.com
canvas.citi.com
cardservicesdirect.com.au
careers.citigroup.com
citi.com
citibank.co.id
citibank.co.kr
citibank.co.th
citibank.co.uk
citibank.com
citibank.com.au
citibank.com.cn
citibank.com.hk
citibank.com.sg
citibank.com.vn
citibank.cz
citibank.hu
citibank.pl
citibankonline.pl
citidirect.com
citifx.com
citigold.citibank.com
citigold.co.kr
citigold.pl
citigroup.com
citigroup.jp
citimanager.com
citipay.citi.com
citivelocity.com
dinersclub.com.au
europe.citigold.citibank.com
homeownersupport.com
ipb.citi.com
ipb.citibank.co.uk
ipb.citibank.com
ipb.citibank.eu
ipbus.citi.com
ipbusclientappreciation.citi.com
recognitionprogram.citi.com
universalcard.com
workday.citi.com
www.blog.citigroup.com
www.cardbenefits.citi.com
www.careers.citigroup.com
www.citibank.ae
www.citibank.bh
www.citibank.cz
www.citibank.hu
www.citibank.sk
www.citigold.citibank.com
www.citigroup.jp
www.citimanager.com
www.citipay.citi.com
www.citipricerewind.com
www.emergingmarkets.transactionservices.citi.com
www.esources.transactionservices.citi.com
www.europe.citigold.citibank.com
www.ipb.citi.com
www.ipb.citibank.co.uk
www.ipb.citibank.com
www.ipb.citibank.eu
www.ipbus.citi.com
www.ipbusclientappreciation.citi.com
www.mortgage.com
www.searscard.com
www.universalcard.com
www4.citi.com
accitrade.com
accitrade.com.mx
blog.citigroup.com
bridgebuiltbyciti.com
bridgebyciti.com
canvas.citi.com
cardservicesdirect.com.au
careers.citigroup.com
citi.com
citibank.co.id
citibank.co.kr
citibank.co.th
citibank.co.uk
citibank.com
citibank.com.au
citibank.com.cn
citibank.com.hk
citibank.com.sg
citibank.com.vn
citibank.cz
citibank.hu
citibank.pl
citibankonline.pl
citidirect.com
citifx.com
citigold.citibank.com
citigold.co.kr
citigold.pl
citigroup.com
citigroup.jp
citimanager.com
citipay.citi.com
citivelocity.com
dinersclub.com.au
europe.citigold.citibank.com
homeownersupport.com
ipb.citi.com
ipb.citibank.co.uk
ipb.citibank.com
ipb.citibank.eu
ipbus.citi.com
ipbusclientappreciation.citi.com
recognitionprogram.citi.com
universalcard.com
workday.citi.com
www.blog.citigroup.com
www.cardbenefits.citi.com
www.careers.citigroup.com
www.citibank.ae
www.citibank.bh
www.citibank.cz
www.citibank.hu
www.citibank.sk
www.citigold.citibank.com
www.citigroup.jp
www.citimanager.com
www.citipay.citi.com
www.citipricerewind.com
www.emergingmarkets.transactionservices.citi.com
www.esources.transactionservices.citi.com
www.europe.citigold.citibank.com
www.ipb.citi.com
www.ipb.citibank.co.uk
www.ipb.citibank.com
www.ipb.citibank.eu
www.ipbus.citi.com
www.ipbusclientappreciation.citi.com
www.mortgage.com
www.searscard.com
www.universalcard.com
www4.citi.com
Other certificates including the domain name citi.com
(limited to 100 certificates)
tv.citi.com
ibmwebspheremqaltophubqmsit.citi.com
ibmwebspheremqgtsitorg01.citi.com
consumersoa.citi.com
ibmwebspheremqmrntbc12.citi.com
www.citibank.com
ibmWebSphereMQCSGPP.citi.com
uat.citi.com
ibmwebspheremqswprdcol01.citi.com
uat.accountonline.com
mx-test.mail.citi.com
desktop.citi.com
ibmwebspheremqgtsgatewayqm2.citi.com
cardactivation.citi.com
Preview.online.citi.com
Financialtools.citi.com
mobilesoasit2.citi.com
friendlyusertest.creditcards.citi.com
soawebsocketuat.citi.com
www.privatebank.citibank.com
ibmwebspheremqgtprdfus17.citi.com
efdissecuresignuat.citi.com
LyncProdDR.EUR.NSROOT.NET
ibmwebspheremqmrnpbc45.citi.com
citicards.citi.com
expresswaye02.emealabs.citi.com
www.uat.payment.citi.com
security1.citi.com
ibmwebspheremqmdltbc04.citi.com.citi.com
supplierportal.uattec.citi.com
extracash.citi.com
ibmwebspheremqgtprdca04.citi.com
chat.online.citi.com
mailir.citi.com
ibmwebspheremqswprdmob02.citi.com
ibmwebspheremqswprdbby05.citi.com
concierge.citi.com
paymentexchange.cte.transactionservices.citi.com
businesspopmoney.citi.com
citiconnectbeneficiaryadvising.citi.com
approvepay.citi.com
ibmWebSphereMQSP02P.citi.com
www.citibank.co.uk
sit7.online.citi.com
citiconnectbeneficiaryadvising.citi.com
locationtracker.citi.com
ibmwebspheremqmdlpbc03.citi.com
ibmwebspheremqmrnpbc30.citi.com
uat.approvepay.citi.com
vmr.emealabs.citi.com
supplierportal.uat.citi.com
ibmwebspheremqmdlpbc31.citi.com
survey.emailapps.emea.citi.com
ibmWebSphereMQCSGDU.citi.com
wiresuat2.citi.com
www.privatebank.citibank.com
citifundremoteaccess.transactionservices.citi.com
www.retailservicescommercial.citi.com
uat.citi.com
icg.citi.com
paymentexchange.cte.transactionservices.citi.com
ibmwebspheremqfpsnam_prod.citi.com
uat.remoteoffice.citigroup.com
ibmwebspheremqrd03u.citi.com
sip.citi.com
creditscore.citi.com
ibmwebspheremqmdlpbc43.citi.com
wiresuat1.citi.com
uat.citi.com
ibmwebspheremqgtaemf4qm.sit.citi.com
presentandpay.citi.com
www.identityprotection.citi.com
mobilesoaaspac.citi.com
mobileservices.nam.citiprivatebank.citi.com
aspac.api2s.citi.com
eur.vmr.citi.com
www.paymentaidplus.citi.com
m.partner.citi.com
mobilesoaaspac2.citi.com
dit01.creditcards.citi.com
businessaccess.citibank.citigroup.com
ir.citi.com
aspac.api.citi.com
mobilesoaaspac2.citi.com
soawebsocketsit.citi.com
ibmwebspheremqnaissc2p.citi.com
reset.uat.citi.com
ibmwebspheremqswlodcol01.citi.com
ibmwebspheremqgtprdorg02.citi.com
uat.citigoldlounges.citi.com
ibmwebspheremqicgqm1.qc1.citi.com
ibmwebspheremqmdlpbc48.citi.com
uat.citigoldlounges.citi.com
lync13poolnamdev1.namdev.nsrootdev.net
uat.ir.citi.com
sit15.accountonline.citi.com
metrics1.citi.com
citipaymentexchange.citi.com
ibmwebspheremqgtlodrpl01.citi.com
myassetbasedlending.citi.com
ibmwebspheremqaltophubqmsit.citi.com
ibmwebspheremqgtsitorg01.citi.com
consumersoa.citi.com
ibmwebspheremqmrntbc12.citi.com
www.citibank.com
ibmWebSphereMQCSGPP.citi.com
uat.citi.com
ibmwebspheremqswprdcol01.citi.com
uat.accountonline.com
mx-test.mail.citi.com
desktop.citi.com
ibmwebspheremqgtsgatewayqm2.citi.com
cardactivation.citi.com
Preview.online.citi.com
Financialtools.citi.com
mobilesoasit2.citi.com
friendlyusertest.creditcards.citi.com
soawebsocketuat.citi.com
www.privatebank.citibank.com
ibmwebspheremqgtprdfus17.citi.com
efdissecuresignuat.citi.com
LyncProdDR.EUR.NSROOT.NET
ibmwebspheremqmrnpbc45.citi.com
citicards.citi.com
expresswaye02.emealabs.citi.com
www.uat.payment.citi.com
security1.citi.com
ibmwebspheremqmdltbc04.citi.com.citi.com
supplierportal.uattec.citi.com
extracash.citi.com
ibmwebspheremqgtprdca04.citi.com
chat.online.citi.com
mailir.citi.com
ibmwebspheremqswprdmob02.citi.com
ibmwebspheremqswprdbby05.citi.com
concierge.citi.com
paymentexchange.cte.transactionservices.citi.com
businesspopmoney.citi.com
citiconnectbeneficiaryadvising.citi.com
approvepay.citi.com
ibmWebSphereMQSP02P.citi.com
www.citibank.co.uk
sit7.online.citi.com
citiconnectbeneficiaryadvising.citi.com
locationtracker.citi.com
ibmwebspheremqmdlpbc03.citi.com
ibmwebspheremqmrnpbc30.citi.com
uat.approvepay.citi.com
vmr.emealabs.citi.com
supplierportal.uat.citi.com
ibmwebspheremqmdlpbc31.citi.com
survey.emailapps.emea.citi.com
ibmWebSphereMQCSGDU.citi.com
wiresuat2.citi.com
www.privatebank.citibank.com
citifundremoteaccess.transactionservices.citi.com
www.retailservicescommercial.citi.com
uat.citi.com
icg.citi.com
paymentexchange.cte.transactionservices.citi.com
ibmwebspheremqfpsnam_prod.citi.com
uat.remoteoffice.citigroup.com
ibmwebspheremqrd03u.citi.com
sip.citi.com
creditscore.citi.com
ibmwebspheremqmdlpbc43.citi.com
wiresuat1.citi.com
uat.citi.com
ibmwebspheremqgtaemf4qm.sit.citi.com
presentandpay.citi.com
www.identityprotection.citi.com
mobilesoaaspac.citi.com
mobileservices.nam.citiprivatebank.citi.com
aspac.api2s.citi.com
eur.vmr.citi.com
www.paymentaidplus.citi.com
m.partner.citi.com
mobilesoaaspac2.citi.com
dit01.creditcards.citi.com
businessaccess.citibank.citigroup.com
ir.citi.com
aspac.api.citi.com
mobilesoaaspac2.citi.com
soawebsocketsit.citi.com
ibmwebspheremqnaissc2p.citi.com
reset.uat.citi.com
ibmwebspheremqswlodcol01.citi.com
ibmwebspheremqgtprdorg02.citi.com
uat.citigoldlounges.citi.com
ibmwebspheremqicgqm1.qc1.citi.com
ibmwebspheremqmdlpbc48.citi.com
uat.citigoldlounges.citi.com
lync13poolnamdev1.namdev.nsrootdev.net
uat.ir.citi.com
sit15.accountonline.citi.com
metrics1.citi.com
citipaymentexchange.citi.com
ibmwebspheremqgtlodrpl01.citi.com
myassetbasedlending.citi.com
Certificate
The complete raw certificate details for www.citi.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIMhzCCC2+gAwIBAgIQDTFXis+E97OBmXAdILiPbzANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE aWdpQ2VydCBFViBSU0EgQ0EgRzIwHhcNMjQwMzIyMDAwMDAwWhcNMjUwMzI4MjM1 OTU5WjCBxDETMBEGCysGAQQBgjc8AgEDEwJVUzEZMBcGCysGAQQBgjc8AgECEwhE ZWxhd2FyZTEdMBsGA1UEDwwUUHJpdmF0ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUT BzIxNTQyNTQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UE BxMITmV3IFlvcmsxFzAVBgNVBAoTDkNpdGlncm91cCBJbmMuMRUwEwYDVQQDEwx3 d3cuY2l0aS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg0Ga9 AjY3KVV06nW+p5WcNoRHu5kbsw36ay/PGDFy3xtk/GHu7qGIRfbLkeO/B7Xafiuy hwdPQR4I6tSi6U+xq1pWO5aeBpAO/HUJ0a9LrqXAi1V7oY35PYN8eAuk4Whr1EbG p+vs8IJ1dTZIJzf/tnEosZWew9jDgaHImYxS/29HxVJoDdz/51A1diosAsZHy+96 l4CQFhxLkZ4RpGBuA9ZlVm0oOaoCOycC7NrZ9yMJlI+l4W+bU/wnRtVIHmCr6/4U UIEupQgsObXl6E5P+O2etjsoSpKWnHVAtGOpxTtuFqNAm/rX4rkHKsiT89b9pjSt l0I7ZOsVJnQ0LZSrAgMBAAGjggjyMIII7jAfBgNVHSMEGDAWgBRqTlC/mGidW3sg ddRZAXlIZpIyBjAdBgNVHQ4EFgQUXw0HPJiI2e2NeaWnedsMtKWq0XIwggWyBgNV HREEggWpMIIFpYIMd3d3LmNpdGkuY29tgg1hY2NpdHJhZGUuY29tghBhY2NpdHJh ZGUuY29tLm14ghJibG9nLmNpdGlncm91cC5jb22CFWJyaWRnZWJ1aWx0YnljaXRp LmNvbYIQYnJpZGdlYnljaXRpLmNvbYIPY2FudmFzLmNpdGkuY29tghljYXJkc2Vy dmljZXNkaXJlY3QuY29tLmF1ghVjYXJlZXJzLmNpdGlncm91cC5jb22CCGNpdGku Y29tgg5jaXRpYmFuay5jby5pZIIOY2l0aWJhbmsuY28ua3KCDmNpdGliYW5rLmNv LnRogg5jaXRpYmFuay5jby51a4IMY2l0aWJhbmsuY29tgg9jaXRpYmFuay5jb20u YXWCD2NpdGliYW5rLmNvbS5jboIPY2l0aWJhbmsuY29tLmhrgg9jaXRpYmFuay5j b20uc2eCD2NpdGliYW5rLmNvbS52boILY2l0aWJhbmsuY3qCC2NpdGliYW5rLmh1 ggtjaXRpYmFuay5wbIIRY2l0aWJhbmtvbmxpbmUucGyCDmNpdGlkaXJlY3QuY29t ggpjaXRpZnguY29tghVjaXRpZ29sZC5jaXRpYmFuay5jb22CDmNpdGlnb2xkLmNv LmtyggtjaXRpZ29sZC5wbIINY2l0aWdyb3VwLmNvbYIMY2l0aWdyb3VwLmpwgg9j aXRpbWFuYWdlci5jb22CEGNpdGlwYXkuY2l0aS5jb22CEGNpdGl2ZWxvY2l0eS5j b22CEWRpbmVyc2NsdWIuY29tLmF1ghxldXJvcGUuY2l0aWdvbGQuY2l0aWJhbmsu Y29tghRob21lb3duZXJzdXBwb3J0LmNvbYIMaXBiLmNpdGkuY29tghJpcGIuY2l0 aWJhbmsuY28udWuCEGlwYi5jaXRpYmFuay5jb22CD2lwYi5jaXRpYmFuay5ldYIO aXBidXMuY2l0aS5jb22CIGlwYnVzY2xpZW50YXBwcmVjaWF0aW9uLmNpdGkuY29t ghtyZWNvZ25pdGlvbnByb2dyYW0uY2l0aS5jb22CEXVuaXZlcnNhbGNhcmQuY29t ghB3b3JrZGF5LmNpdGkuY29tghZ3d3cuYmxvZy5jaXRpZ3JvdXAuY29tghl3d3cu Y2FyZGJlbmVmaXRzLmNpdGkuY29tghl3d3cuY2FyZWVycy5jaXRpZ3JvdXAuY29t gg93d3cuY2l0aWJhbmsuYWWCD3d3dy5jaXRpYmFuay5iaIIPd3d3LmNpdGliYW5r LmN6gg93d3cuY2l0aWJhbmsuaHWCD3d3dy5jaXRpYmFuay5za4IZd3d3LmNpdGln b2xkLmNpdGliYW5rLmNvbYIQd3d3LmNpdGlncm91cC5qcIITd3d3LmNpdGltYW5h Z2VyLmNvbYIUd3d3LmNpdGlwYXkuY2l0aS5jb22CF3d3dy5jaXRpcHJpY2VyZXdp bmQuY29tgjB3d3cuZW1lcmdpbmdtYXJrZXRzLnRyYW5zYWN0aW9uc2VydmljZXMu Y2l0aS5jb22CKXd3dy5lc291cmNlcy50cmFuc2FjdGlvbnNlcnZpY2VzLmNpdGku Y29tgiB3d3cuZXVyb3BlLmNpdGlnb2xkLmNpdGliYW5rLmNvbYIQd3d3LmlwYi5j aXRpLmNvbYIWd3d3LmlwYi5jaXRpYmFuay5jby51a4IUd3d3LmlwYi5jaXRpYmFu ay5jb22CE3d3dy5pcGIuY2l0aWJhbmsuZXWCEnd3dy5pcGJ1cy5jaXRpLmNvbYIk d3d3LmlwYnVzY2xpZW50YXBwcmVjaWF0aW9uLmNpdGkuY29tghB3d3cubW9ydGdh Z2UuY29tghF3d3cuc2VhcnNjYXJkLmNvbYIVd3d3LnVuaXZlcnNhbGNhcmQuY29t gg13d3c0LmNpdGkuY29tMEoGA1UdIARDMEEwCwYJYIZIAYb9bAIBMDIGBWeBDAEB MCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNV HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHUGA1Ud HwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEVW UlNBQ0FHMi5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdp Q2VydEVWUlNBQ0FHMi5jcmwwcwYIKwYBBQUHAQEEZzBlMCQGCCsGAQUFBzABhhho dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNl cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEVWUlNBQ0FHMi5jcnQwDAYDVR0TAQH/ BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYAzxFW7tUufK/zh1vZaS6b 6RpxZ0qwF+ysAdJbd87MOwgAAAGOZ61ouwAABAMARzBFAiAhxjGk0uPoDSsN1ELG NF7V54l5uOvHDi8cwa8VTWmdkAIhAOicvNABqCJTtQUOQB7XreQgUJJmzKC3rzKg kQNoihOdAHcAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGOZ61o vQAABAMASDBGAiEAlBUhq4lX3xkfLfUrZ/dLLxDeyB93uMpvO6aYu5Zcr8cCIQC8 m5jAJwr0c7QizCKlS2/HVLUbdVJF81Pew5Y+Ti9h9QB2AObSMWNAd4zBEEEG13G5 zsHSQPaWhIb7uocyHf0eN45QAAABjmetaMwAAAQDAEcwRQIgHOhiK9rE5o4iu1EF 3afFFoKlXBLh9VhMvbnn8tLkeNsCIQC909NYe7sr/0OM+D7WpPNuZarRvo5joMT2 cBqIg0/RYTANBgkqhkiG9w0BAQsFAAOCAQEAHBe38CeDiH0HXNg83bM3QbRee/Ab uZjx/PzmsbWPIyW0tMskp7wz9lQM2283eU9E7s9K545xTFzCWeX8pcZUMQrbQyeH OLXQRO0QEpwmQiaGRHWuwhvfkbhz48lr+/AUM6Zqlo11grWoq/nh6Y6n0B1R3lwm 6AUw+HmXgUnLxVvf0yZ5AsXWYqs8fNbMDU0GqCcrk8Dbgbj31cXkS3LuzSmWfjBU AVkE95Z/vnHEjh5C2XURYkh4draSS1aNrfIHIJ+AoMfCGcs3uaqOx73UEr0TVuwY M3kWSfOnXCcK2NLt11uuCgoX789mUgTYxzXXTT+nTlfJESnqnJMziDgUUg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNBmvQI2NylVdOp1vqeV nDaER7uZG7MN+msvzxgxct8bZPxh7u6hiEX2y5Hjvwe12n4rsocHT0EeCOrUoulP sataVjuWngaQDvx1CdGvS66lwItVe6GN+T2DfHgLpOFoa9RGxqfr7PCCdXU2SCc3 /7ZxKLGVnsPYw4GhyJmMUv9vR8VSaA3c/+dQNXYqLALGR8vvepeAkBYcS5GeEaRg bgPWZVZtKDmqAjsnAuza2fcjCZSPpeFvm1P8J0bVSB5gq+v+FFCBLqUILDm15ehO T/jtnrY7KEqSlpx1QLRjqcU7bhajQJv61+K5ByrIk/PW/aY0rZdCO2TrFSZ0NC2U qwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17536162058618202542387594269906472815 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert EV RSA CA G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-22 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-28 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2154254' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Citigroup Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.citi.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20300895316382936102747264525906848511836172207844178022679198347949378004864052981923295521122422681695531603826054752635991760050958128832772749995762546902737109869707007165494857697581573158735263771024366798829121995780509657423143714879876417494340370840400544370468921208886744396638953022857934083280115197261901812119706345888972430597250995466479901452049439405957159437358712913440149635001122857846876036473762907101971713707052237184957923172948531680117755803368598024289251386489764196058301100622778877956436823944413749357337243205540069088482629736638943390127944566805974938616804648475984862745771 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 6a4e50bf98689d5b7b2075d45901794866923206 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5f0d073c9888d9ed8d79a5a779db0cb4a5aad172 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1449 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'accitrade.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'accitrade.com.mx' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bridgebuiltbyciti.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bridgebyciti.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canvas.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cardservicesdirect.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careers.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.co.id' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.co.kr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.co.th' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.hk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.sg' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.com.vn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.hu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibank.pl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citibankonline.pl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citidirect.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citifx.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigold.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigold.co.kr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigold.pl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citigroup.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citimanager.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citipay.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'citivelocity.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dinersclub.com.au' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'europe.citigold.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homeownersupport.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipb.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipb.citibank.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipb.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipb.citibank.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipbus.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ipbusclientappreciation.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'recognitionprogram.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'universalcard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'workday.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.blog.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cardbenefits.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.careers.citigroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.ae' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.bh' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.hu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citibank.sk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citigold.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citigroup.jp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citimanager.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citipay.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.citipricerewind.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.emergingmarkets.transactionservices.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.esources.transactionservices.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.europe.citigold.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipb.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipb.citibank.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipb.citibank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipb.citibank.eu' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipbus.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ipbusclientappreciation.citi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mortgage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.searscard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.universalcard.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www4.citi.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertEVRSACAG2.crl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertEVRSACAG2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertEVRSACAG2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018e67ad68bb0000040300473045022021c631a4d2e3e80d2b0dd442c6345ed5e78979b8ebc70e2f1cc1af154d699d90022100e89cbcd001a82253b5050e401ed7ade420509266cca0b7af32a09103688a139d0077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018e67ad68bd0000040300483046022100941521ab8957df191f2df52b67f74b2f10dec81f77b8ca6f3ba698bb965cafc7022100bc9b98c0270af473b422cc22a54b6fc754b51b755245f353dec3963e4e2f61f5007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018e67ad68cc000004030047304502201ce8622bdac4e68e22bb5105dda7c51682a55c12e1f5584cbdb9e7f2d2e478db022100bdd3d3587bbb2bff438cf83ed6a4f36e65aad1be8e63a0c4f6701a88834fd161 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001c17b7f02783887d075cd83cddb33741b45e7bf01bb998f1fcfce6b1b58f2325b4b4cb24a7bc33f6540cdb6f37794f44eecf4ae78e714c5cc259e5fca5c654310adb43278738b5d044ed10129c264226864475aec21bdf91b873e3c96bfbf01433a66a968d7582b5a8abf9e1e98ea7d01d51de5c26e80530f879978149cbc55bdfd3267902c5d662ab3c7cd6cc0d4d06a8272b93c0db81b8f7d5c5e44b72eecd29967e3054015904f7967fbe71c48e1e42d9751162487876b6924b568dadf207209f80a0c7c219cb37b9aa8ec7bdd412bd1356ec1833791649f3a75c270ad8d2edd75bae0a0a17efcf665204d8c735d74d3fa74e57c91129ea9c933388381452