Digital certificates

What CN to indicate for Cyrillic domains for SSL?

Good afternoon,
Actually the problem is that there are 2 certificates. In the old one, the CN field specifies the domain in Unicode, while the alternative ones specify dns in punycode. In the new one, both places are indicated in punycode. The browser doesn't care, because it always converts everything to punycode, but my Curl doesn't like the new domain:

Server certificate:
*  subject: C=RU; L=Moscow; O=Компания ОАО; OU=job; CN=*.xn--d1acufc.xn--p1ai
*  start date: Oct 15 00:00:00 2018 GMT
*  expire date: Nov 14 12:00:00 2019 GMT
*  subjectAltName does not match домен.рф
* SSL: no alternative certificate subject name matches target host name 'домен.рф'
* stopped the pause stream!
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
curl: (51) SSL: no alternative certificate subject name matches target host name 'домен.рф'

Should I reissue the certificate by adding CN=%u0434%u043E%u043C%u0435%u043D.%u0440%u0444%0A or leave xn--d1acufc.xn--p1ai and not worry?
Interested in how to do it right, I already know that it will work anyway.