TUI AG

- TUI AG -

Issued by Entrust Verified Mark CA - VMC2

About this certificate

This digital certificate with serial number 65:14:59:1e:fe:79:7a:a6:24:48:70:82:8e:b2:40:c2 was issued on by Entrust, Inc..

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.

TUI AG

Company registration number: HRB 321
Organization: TUI AG
Address: Karl-Wiechert-Allee 4
Postal code: 30625
Locality: Hannover
Country: DE

Entrust, Inc.

Organization: Entrust, Inc.
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 65:14:59:1e:fe:79:7a:a6:24:48:70:82:8e:b2:40:c2
Serial Number (int): 134357681101502851854732889335048323266
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: a4:10:f4:48:cf:76:13:e6:09:35:9e:66:b7:20:cb:87:9e:38:b0:58
AuthorityKeyId: ef:bc:3c:b4:af:3a:d0:45:5e:76:54:df:c7:64:78:e9:2d:1d:74:3f

Fingerprint (sha1): e1:c4:08:fe:23:f7:1e:eb:f8:27:6e:1e:91:98:f5:30:a2:6c:c9:c0
Fingerprint (sha256): 00:5b:13:0c:16:32:02:83:e4:ea:b9:33:16:11:a4:3a:e2:11:2f:5a:2b:0c:2a:ce:a3:cc:9c:a2:d9:de:fb:8d

Issuing Certificate URL: http://aia.entrust.net/vmc2-chain.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/vmc2.crl

Check the revocation status for certificate TUI AG

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for TUI AG

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA512 with RSA

Key Usage

Digital Signature

Extended Key Usages

Extensions

11 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

firstchoice.co.uk

Other certificates including the domain name

(limited to 100 certificates)

Certificate

The complete raw certificate details for TUI AG in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIQfjCCDmagAwIBAgIQZRRZHv55eqYkSHCCjrJAwjANBgkqhkiG9w0BAQ0FADBP
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UEAxMf
RW50cnVzdCBWZXJpZmllZCBNYXJrIENBIC0gVk1DMjAeFw0yMTA3MTUxNTIxMzla
Fw0yMjA3MTUxNTIxMzhaMIIBEzEOMAwGA1UEERMFMzA2MjUxCzAJBgNVBAYTAkRF
MREwDwYDVQQHEwhIYW5ub3ZlcjEeMBwGA1UECRMVS2FybC1XaWVjaGVydC1BbGxl
ZSA0MRMwEQYLKwYBBAGCNzwCAQMTAkRFMQ8wDQYDVQQKEwZUVUkgQUcxHTAbBgNV
BA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQFEwdIUkIgMzIxMR0wGwYK
KwYBBAGDnl8BBBMNVUswMDgwMTM1MTUyODESMBAGCisGAQQBg55fAQMTAkdCMSYw
JAYKKwYBBAGDnl8BAhMWaHR0cHM6Ly93d3cuaXBvLmdvdi51azEPMA0GA1UEAxMG
VFVJIEFHMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcPSWiRVkLRW
uRtq4xPc2bhfIswnja9KeH2CpjcHHnYjb2VsIFU5Kop+Z9Sm+RAk2XvVsZtVsh2w
xMmrjPi1kbwVXocn6ToxpzPAfxkSf8aH4yXQ/HaGrUPXlsmC2yFfdur5l4W/QCdB
vxzh3fJ+cirb4lxwzPW6zUhz85hN4YqzTjO/NrjnNvF7e31bi2efUTcaiq8l1TLW
yH8FNDWnj/nyL5+fh6MrdUSddeToNRlumdcezg83k8LDh2KZYbqO/jzPPY6gusLT
p84658VNpeAmLL5UznPNwit2cdxXJGY8r6QSy2Rx5b2eqrzqIJXhP/SuC9G/9UWV
Tj4EGZjtRQIDAQABo4ILjjCCC4owDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUpBD0
SM92E+YJNZ5mtyDLh544sFgwHwYDVR0jBBgwFoAU77w8tK860EVedlTfx2R46S0d
dD8wZgYIKwYBBQUHAQEEWjBYMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRy
dXN0Lm5ldDAxBggrBgEFBQcwAoYlaHR0cDovL2FpYS5lbnRydXN0Lm5ldC92bWMy
LWNoYWluLmNlcjAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vY3JsLmVudHJ1c3Qu
bmV0L3ZtYzIuY3JsMIIJ9AYIKwYBBQUHAQwEggnmMIIJ4qKCCd6gggnaMIIJ1jCC
CdIwggnOFg1pbWFnZS9zdmcreG1sMDMwMTANBglghkgBZQMEAgEFAAQg/f9GEZRd
etkwdJEIDlm77KkYd5iP95BtOC1jeVxjomEwggmGFoIJgmRhdGE6aW1hZ2Uvc3Zn
K3htbDtiYXNlNjQsSDRzSUFBQUFBQUFBQUcxWFhZL2JOaEI4VG9IK0IxVjlLa0RL
SkVWSzR1R2NJRG0wUWRBRUNOQWtyOEZGNS9pTStPeURwZnRJZm4xM1ppVTdoL2FD
V0RJbExuZG5aMmZYNXk4ZWI3YkYvZW93YlBhN1pla3JWeGFyWGIrLzJ1eld5L0p1
L0dxNzhzWHpYMzg1LzgzYTR2VnF0enBjanZ2RFdmSHlhdjlsVmJ6WmJ1K0drVXRG
U0ZXb2FsUDg4K2wxOGVmajdmNHdGdSszZDJ2N1psZFVYUHlraDV3VlRlVmM4ZXB1
czcwcTNCOUZZUzNzRC9mcm45MElaZkhsY2xpOVAreS9icmFyWlRsdWR0L3Q3VkFX
NHU1dU9IdmNibmJmbHVYMU9ONmVMUllQRHcvVlExM3REK3VGenprditMUXM3amVy
aDFmN3gyWHBDbGVFcnF1eWZrNUcvbTk3Y000dHhKVlNYQ3FLODNFemJsZlBQM3g4
VTN6OHUzaTd1ZG1NcTZ2emhhNkt6K3RpYzdVc1ArRHI4UG5sWWZ5eXZ6eGNZZXY1
WW4xNnZ0bEpYS1B0Yjc1Lys4K3oyNXZoN3ZqazJmbGgxWStGQkx4ZGxyLy9LYTUw
cVN3ZU5sZmo5YktjUEw5ZWJkYlg0L0hyZ3R0ZzhObXo4OXZMOFpwV3Y5NXR0Mi8z
Ni8zbjVuTTVtL3VMZjJVaGo5K0Z1cTJpOFcyc210NktIZHRVd1FaZmRkWUw4clp1
cXRyNnVzcTlqZkxWNlhxMFh0NzBXWjZGUXY1Nkc2ckdKbG1YSjA1VzVTS3ZiNTF4
dmJOaXZrcXdiWFM1YjJXenE3enhxZkppS1JpMTFNdkRKSlphRTFxNWFhdk9uSTRQ
dUtrYUUrV1FXcmpWeU5iRXMvWGR4bVFZUzdJcHlrMlE5d2JyQTl6ME1GNkw5eDFp
REJLdUUyK2orT081TlJvNXM3ZVpXeHNiNUttUk0ydGJPL0ZOTEtVNVJuRkl6TFJ5
ZktlR0kyS1F2WWtSTVhoWnIxckVLZnVyaGhESVRiUkJrTTN5WXFzSXlVZlQxOFE3
U3pBSlVUWUd5UGkyYW5sZ3hCZDV4YlJXQUdrWmN0MVZzWmVqQXJ5UmEwdlVFYUhB
QlJlem1wL0JRSkwwVHRDUTFKcUVvN0tDMzhHU29FMEwzaVRZRVJjNkRkY0JJRW00
OFJNS2NNRFFBUVFlZ2JPKzBPTE5GamdnTTNFS1N0Q21MM2puaElOQkdpSnhCRVp5
MCtoeFVUWjFscHNDZkNUTGtpWW1UVWwwL0VCZW1PRkdlUWVlZ2pjZXViVE1wWGQ2
WjMwbnpqdW1IdzROOUZDQUlFc1FWZVRwa2pLRC96VlRIQmxwNmp1bVJvTDNRQUV3
Z0krR2ZJeXdxOHZnZHlhSFRSQ2VOb0l4NEdIc2Nqa1dBdWd2S0lJNnVxeUJBejJu
U2ZMQTJrNldnRThDTlpIOWhMelkwL0VXK3VwSlk0QlpXL1hZNnB1Tm5UTnNuNFNK
dzRYYkFlNGkxek1zUFNqZ1dGMlpQczVBWmxwb0RHb0NYSlI4a1h2aVdROENZcitV
QTR2N21ERTlpbEVSaFV4bzUyd1RDeExCZ0NVSmoyYVdnQ0dBSEFSS0NMU3hKMjZ4
WUZFeDFJZld6bXprY2F4VVNRZjRuSmdSTXJrUFN1TGF6SUNZSS9rSDFJT1VUekxI
R3VsUlVJSGJSVjNNWEZaT3E2b2oweEM3blV0Uk0rZ3BmSkFkdmpVWGNZKzh4Q2tn
QWo4WC9veUJCZnFSS002QzBZTjgzWnluWkk0aXc2TXlsbG1QVHYzTzVpaFNwQjZl
Z1RUZXpMcUdVc0NOMFZJd3N4SU84QTZWWUdlOXhBa1hJWkxzTFhBUGRlWTlhK0RV
SjM0VTczeUdaOGhZUnRLOVlXbUtQM0pVdGtFeTBRTkNQZHBUWldyQUkySU54ZThN
QW5GS0dzbWlLdXlBQU5oK3ByaFZucEFUY05Lek9jQmc2S25CRU4zZzVFMWJSNjBM
S2xEREhTMHdSVEZSemZXQUM1OUpTUXFoejhUTGc0ckhjQ1MwampGTC9ocFdZTEJh
Z1piMUY3VWR0VlJIcTU2MXpIL2cvNEJXSU5TUmJWRkE3dXdzWll3dldsSVR5RWpJ
dlRjZ0ptU2tBVHJHaStDby9QZ3B6NTJnYVlpbUJzNEd4WkpwNU5wVjZTSzMyT2l4
TWRlRXJVTjNPc2J3QXdjWDczTE5NcEpua0ZQNFFESEZRZUwyZEFhYmdBcW5KNGJx
bE9VUkVvczR4YkRuQUFhcUw4bnhVNVNzSVVjOVRjemJqQXgwQXFvZ0FpNkVPVUZa
MDJ3cmhBMDZERkJyRUZ1SGdGcHdOMVA0V2hUcktSVHdzQmFvVFd3bkxYVTBNUWNS
cGlCRWxDMVVRY1drMCt2UWtGcGFhZks5Snh3R1pjVjk2RkE5M01kb3d0WEE5czBl
a09hNkQrQ3VWZDUyVUhXSDFRVGsyS0RSMkRFVlhNQlJPVWZZV3RlUXFBWkpPRHFQ
U0JMV1VYMGtWekNuK2dsVC9jeWpsa0hUMTFsaGNuNlFnMW9PWjFOME1DSHd3bkhM
N1lTQnJxRzVjRGxRZlRuaUNSZHh3MlFob3gxYWxaczZZeUk1UVQ2SU1tSzhnTFBD
WE5MT3AwUjVvR3llZ2tCSURRVGVSMmdUeGoyZHVLS2hhZ0h0Q05LbEtVOWVKZHhy
MjV1SExoRksvT080aUJZNjNlbG41VG1Wa242dDltcVNrMElMS1FqVU5zaHZxNE1y
RmJwK2F2VWFsMmtHd1h3aDNNblU0bzZ1V0VvcmRiem1ZSVVyQjludUhqdjVBYnk5
MWU2SjdkbFNYUkZnbXZMbmRXano1bWgwOHNMUWkxTzArTWFCQUhiakpJZXRUdWJt
RkFPYUJwbzdNRzUxRUprQ2YyTDNxVTB6aHdyQkRNeEZ6YUZuQmgzMGl1cSswVEE0
cW5TZm1NYTNQNlZVRWh6cWprTEt1ZHBQN0ltR0UrbWs2ejFKV0pPRURjdGlncnJq
OUJEUk14cThMVkk1Tlk1SlNqbDRjRjRXclpQWEU0Y0dWS25XN1N6cytOVVFqUDVx
SUJDblp1QTRnK2hrNTFsS0xLZXB6N0g5Wks1cG44c3k1NXdpK2pIL290TGZhTk9u
L0I1OC9pK20zenIvS0E4QUFBPT0wHAYDVR0RBBUwE4IRZmlyc3RjaG9pY2UuY28u
dWswDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMfMFAGA1UdIARJ
MEcwNwYKYIZIAYb6bAoBCzApMCcGCCsGAQUFBwIBFhtodHRwczovL3d3dy5lbnRy
dXN0Lm5ldC9ycGEwDAYKKwYBBAGDnl8BATATBgorBgEEAdZ5AgQDAQH/BAIFADAN
BgkqhkiG9w0BAQ0FAAOCAgEANQtXA24NzfrmdeUrlToGHywgpjPCUmC9uvefRK9/
k5hmVpWjrF+2tQQYzP/ce1YjupnPNGl9fKm2Ns44fqaosFP/Rp2+FjBj1Mpr192x
TjbxDj6+NJye1EyDq23Sied5s/zCEpM91PJ9/db/r8mCDQPgPg4J+YOF3a/neero
kndLy5A58WXeRdVKr5SYO2lv0vo6Sw+sLKB18Fo+9U2fpSnW4XIVKuChX1LP3uxn
XML9lNGJCaXEi1hvX2ueLZ4D8Va+UcOZH54USOMYDHiRmbI8dcY3CGuysRxUiVbz
Q5S/3s3fgSkd6/siiF4jrjIlxvAqnp68HuhgQnN4+TzPTM2pa0Ktv4T7ycHqhj/0
U4KG7yFAmsqSxueMgd1W3W/pE4d7upgR8QS0858gO3mVq89kI4bVP9oP3pPEEA8A
zeB3S+XplRlpOs2Lova+HqdkXfgofUhMgyNejXNhgjzXByTwHdqBV0VuZCSHnOtw
Kk6JXROKdQ86jbyk0LldskZp2ME3s5KaFx/yXsEYKGdC7UmTux4DOc0Zibkg8tzU
DQUtqyhemLN8X7oO5Ffd2kjur3uSmW1SILW7LSeQReAubbdCeXIv4SeMISId2cBr
gid7TrW9elt6gpvWvggGU5OzH+Qyh04ksFT2C+WH2XoJhuMMhNnEMaoqHWuRZfli
8TI=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcPSWiRVkLRWuRtq4xPc
2bhfIswnja9KeH2CpjcHHnYjb2VsIFU5Kop+Z9Sm+RAk2XvVsZtVsh2wxMmrjPi1
kbwVXocn6ToxpzPAfxkSf8aH4yXQ/HaGrUPXlsmC2yFfdur5l4W/QCdBvxzh3fJ+
cirb4lxwzPW6zUhz85hN4YqzTjO/NrjnNvF7e31bi2efUTcaiq8l1TLWyH8FNDWn
j/nyL5+fh6MrdUSddeToNRlumdcezg83k8LDh2KZYbqO/jzPPY6gusLTp84658VN
peAmLL5UznPNwit2cdxXJGY8r6QSy2Rx5b2eqrzqIJXhP/SuC9G/9UWVTj4EGZjt
RQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 134357681101502851854732889335048323266
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Verified Mark CA - VMC2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-15 15:21:39 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-15 15:21:38 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '30625'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hannover'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Karl-Wiechert-Allee 4'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TUI AG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HRB 321'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.4
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'UK00801351528'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'https://www.ipo.gov.uk'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TUI AG'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23955602911879012815612246391124815129724274736310174855933201492464078682553295747636833610006444982926386104663155316018025557769468537806520121642203264434810307921933211985563276978833765137475660698215149387168205922290876233611252116005927187742778935421968583891080353470339506904263462336767702294138469374947388709487121444722959012276988854676189215162100773143472063687009252333120957195181594748622952907830075167790229398884476761326300045463167809016688684371131224491632534282628298007913646005574685692640782163689176060961128681797661981205444606851974454081368755159977239597412525400652941411020101
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a410f448cf7613e609359e66b720cb879e38b058
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName efbc3cb4af3ad0455e7654dfc76478e92d1d743f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (90 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/vmc2-chain.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/vmc2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.12 (logoType)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2534 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|true] IA5String 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'image/svg+xml'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.1 (sha-256)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
															fdff4611945d7ad9307491080e59bbeca91877988ff7906d382d63795c63a261
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'data:image/svg+xml;base64,H4sIAAAAAAAAAG1XXY/bNhB8ToH+B1V9KkDKJEVK4uGcIDm0QdAECNAkr8FF5/iM+OyDpftIfn13ZiU7h/aCWDIlLndnZ2fX5y8eb7bF/eowbPa7ZekrVxarXb+/2uzWy/Ju/Gq78sXzX385/83a4vVqtzpcjvvDWfHyav9lVbzZbu+GkUtFSFWoalP88+l18efj7f4wFu+3d2v7ZldUXPykh5wVTeVc8epus70q3B9FYS3sD/frn90IZfHlcli9P+y/brarZTludt/t7VAW4u5uOHvcbnbfluX1ON6eLRYPDw/VQ13tD+uFzzkv+LQs7jerh1f7x2XpCleErquyfk5G/m97cM4txJVSXCqK83EzblfPP3x8U3z8u3i7udmMq6vzha6Kz+tic7UsP+Dr8PnlYfyyvzxcYev5Yn16vtlJXKPtb75/+8+z25vh7vjk2flh1Y+FBLxdlr//Ka50qSweNlfj9bKcPL9ebdbX4/Hrgttg8Nmz89vL8ZpWv95tt2/36/3n5nM5m/uLf2Uhj9+Fuq2i8W2smt6KHdtUwQZfddYL8rZuqtr6usq9jfLV6Xq0Xt70WZ6FQv56G6rGJlmXJ05W5SKvb51xvbNivkqwbXS5b2Wzq7zxqfJiKRi11MvDJJZaE1q5aavOnI4PuKkaE+WQWrjVyNbEs/XdxmQYS7Ipyk2Q9wbrA9z0MF6L9x1iDBKuE2+j+OO5NRo5s7eZWxsb5KmRM2tbO/FNLKU5RnFIzLRyfKeGI2KQvYkRMXhZr1rEKfurhhDITbRBkM3yYqsIyUfT18Q7SzAJUTYGyPi2anlgxBd5xbRWAGkZct1VsZejAryRa0vUEaHABRezmp/BQJL0TtCQ1JqEo7KC38GSoE0L3iTYERc6DdcBIEm48RMKcMDQAQQegbO+0OLNFjggM3EKStCmL3jnhINBGiJxBEZy0+hxUTZ1lpsCfCTLkiYmTUl0/EBemOFGeQeegjceubTMpXd6Z30nzjumHw4N9FCAIEsQVeTpkjKD/zVTHBlp6jumRoL3QAEwgI+GfIywq8vgdyaHTRCeNoIx4GHscjkWAugvKII6uqyBAz2nSfLA2k6WgE8CNZH9hLzY0/EW+upJY4BZW/XY6puNnTNsn4SJw4XbAe4i1zMsPSjgWF2ZPs5AZlpoDGoCXJR8kXviWQ8CYr+UA4v7mDE9ilERhUxo52wTCxLBgCUJj2aWgCGAHARKCLSxJ26xYFEx1IfWzmzkcaxUSQf4nJgRMrkPSuLazICYI/kH1IOUTzLHGulRUIHbRV3MXFZOq6oj0xC7nUtRM+gpfJAdvjUXcY+8xCkgAj8X/oyBBfqRKM6C0YN83ZynZI4iw6MyllmPTv3O5ihSpB6egTTezLqGUsCN0VIwsxIO8A6VYGe9xAkXIZLsLXAPdeY9a+DUJ34U73yGZ8hYRtK9YWmKP3JUtkEy0QNCPdpTZWrAI2INxe8MAnFKGsmiKuyAANh+prhVnpATcNKzOcBg6KnBEN3g5E1bR60LKlDDHS0wRTFRzfWAC59JSQqhz8TLg4rHcCS0jjFL/hpWYLBagZb1F7UdtVRHq561zH/g/4BWINSRbVFA7uwsZYwvWlITyEjIvTcgJmSkATrGi+Co/Pgpz52gaYimBs4GxZJp5NpV6SK32OixMdeErUN3OsbwAwcX73LNMpJnkFP4QDHFQeL2dAabgAqnJ4bqlOUREos4xbDnAAaqL8nxU5SsIUc9TczbjAx0AqogAi6EOUFZ02wrhA06DFBrEFuHgFpwN1P4WhTrKRTwsBaoTWwnLXU0MQcRpiBElC1UQcWk0+vQkFpaafK9JxwGZcV96FA93MdowtXA9s0ekOa6D+CuVd52UHWH1QTk2KDR2DEVXMBROUfYWteQqAZJODqPSBLWUX0kVzCn+glT/cyjlkHT11lhcn6Qg1oOZ1N0MCHwwnHL7YSBrqG5cDlQfTniCRdxw2Qhox1alZs6YyI5QT6IMmK8gLPCXNLOp0R5oGyegkBIDQTeR2gTxj2duKKhagHtCNKlKU9eJdxr25uHLhFK/OO4iBY63eln5TmVkn6t9mqSk0ILKQjUNshvq4MrFbp+avUal2kGwXwh3MnU4o6uWEordbzmYIUrB9nuHjv5Aby91e6J7dlSXRFgmvLndWjz5mh08sLQi1O0+MaBAHbjJIetTubmFAOaBpo7MG51EJkCf2L3qU0zhwrBDMxFzaFnBh30iuq+0TA4qnSfmMa3P6VUEhzqjkLKudpP7ImGE+mk6z1JWJOEDctigrrj9BDRMxq8LVI5NY5JSjl4cF4WrZPXE4cGVKnW7Szs+NUQjP5qIBCnZuA4g+hk51lKLKepz7H9ZK5pn8sy55wi+jH/otLfaNOn/B58/i+m3zr/KA8AAA=='
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firstchoice.co.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.31
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.11
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.entrust.net/rpa'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.53087.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.13 (sha512WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (4096 bits)
		00350b57036e0dcdfae675e52b953a061f2c20a633c25260bdbaf79f44af7f9398665695a3ac5fb6b50418ccffdc7b5623ba99cf34697d7ca9b636ce387ea6a8b053ff469dbe163063d4ca6bd7ddb14e36f10e3ebe349c9ed44c83ab6dd289e779b3fcc212933dd4f27dfdd6ffafc9820d03e03e0e09f98385ddafe779eae892774bcb9039f165de45d54aaf94983b696fd2fa3a4b0fac2ca075f05a3ef54d9fa529d6e172152ae0a15f52cfdeec675cc2fd94d18909a5c48b586f5f6b9e2d9e03f156be51c3991f9e1448e3180c789199b23c75c637086bb2b11c548956f34394bfdecddf81291debfb22885e23ae3225c6f02a9e9ebc1ee860427378f93ccf4ccda96b42adbf84fbc9c1ea863ff4538286ef21409aca92c6e78c81dd56dd6fe913877bba9811f104b4f39f203b7995abcf642386d53fda0fde93c4100f00cde0774be5e99519693acd8ba2f6be1ea7645df8287d484c83235e8d7361823cd70724f01dda8157456e6424879ceb702a4e895d138a750f3a8dbca4d0b95db24669d8c137b3929a171ff25ec118286742ed4993bb1e0339cd1989b920f2dcd40d052dab285e98b37c5fba0ee457ddda48eeaf7b92996d5220b5bb2d279045e02e6db74279722fe1278c21221dd9c06b82277b4eb5bd7a5b7a829bd6be08065393b31fe432874e24b054f60be587d97a0986e30c84d9c431aa2a1d6b9165f962f132