cert10.uk.aviva.com

- Aviva PLC -

Issued by Sectigo RSA Extended Validation Secure Server CA

About this certificate

This digital certificate with serial number 16:fa:ea:9e:25:d0:0b:67:57:0b:b9:9f:cb:26:d9:90 was issued on by Sectigo Limited.

With 44 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Aviva PLC

Company registration number: 02468686
Organization: Aviva PLC
Organization unit: Digital
State / Province: London, City of
Country: GB

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 16:fa:ea:9e:25:d0:0b:67:57:0b:b9:9f:cb:26:d9:90
Serial Number (int): 30545848735501243641848795416557443472
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: 3a:68:d9:ee:63:d2:b6:53:8f:82:fc:8d:81:7e:d0:f6:23:6f:76:e2
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2

Fingerprint (sha1): 1a:db:30:75:95:6e:2a:ff:15:e0:bc:99:4b:fb:bd:a2:96:da:f5:ef
Fingerprint (sha256): 07:7f:f4:1e:be:77:34:39:35:d3:fc:9f:ca:17:4e:dd:45:e0:64:03:50:76:3f:aa:54:7a:a0:f3:7e:0d:ab:e8

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl

Check the revocation status for certificate cert10.uk.aviva.com

44

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cert10.uk.aviva.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cert10.uk.aviva.com
adviser.avivaservices.co.uk
assets.at.aviva.com
broker.aviva.co.uk
cdn.myit.aviva.com
commissioning.connect.avivab2b.co.uk
confluence.aviva.co.uk
eserve.avivaservices.co.uk
healthpoint.aviva.co.uk
help.online.aviva.co.uk
heritage.aviva.com
insuranceb2b.av.qs.online-insure.com
jira.aviva.co.uk
lookup.at.aviva.com
mobiledirect.qs.aviva.co.uk
mybusiness-commissioning.aviva.co.uk
nuance.generalaccident.com
nuance.online.aviva.co.uk
nuance.quotemehappy.com
online.avivaservices.co.uk
payments.aviva.co.uk
privacy.aviva.co.uk
privacy.aviva.com
protection-medical.aviva.co.uk
regs.avivaservices.co.uk
runtime.online.aviva.co.uk
santander.online-quote-and-buy.co.uk
santander.training.online-quote-and-buy.co.uk
servlets.online.aviva.co.uk
static.avivaworld.com
training.online.avivaservices.co.uk
www.aviva-for-advisers.co.uk
www.aviva.com
www.avivahealth.qs.aviva.co.uk
www.avivamicrosite.co.uk
www.avivaprivacy.uk
www.direct.aviva.co.uk
www.online.aviva.co.uk
www.protection.qs.aviva.co.uk
www.santander.aviva.co.uk
www.santandertelephony.aviva.co.uk
www.travelinsurance.firstdirect.qs.online-insure.com
www2.wsg.qs.aviva.co.uk
www43.avivaservices.co.uk

Other certificates including the domain name aviva.com

(limited to 100 certificates)
aviva-swi-amp-fs-01.globalapps.aviva.com
incapsula.com
at.aviva.com
community-fund-italia.aviva.com
avivaprivacy.uk
cert02.uk.aviva.com
cert03.uk.aviva.com
cert06.uk.aviva.com
cert01.as.aviva.com
avivaprivacy.uk
np-cert02.uk.aviva.com
in.aviva.com
avivaprivacy.uk
cert11.uk.aviva.com
cert03.uk.aviva.com
avivaprivacy.uk
cert06.uk.aviva.com
idmadmin.globalapps.aviva.com
mpower.non.prod.ana.corp.aviva.com
cert01.ca.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
digital.aviva.com
cert01.ca.aviva.com
redirects.aviva.com
agility-europe.globalapps.aviva.com
icare-uat.globalapps.aviva.com
cert06.uk.aviva.com
incapsula.com
cert04.uk.aviva.com
cms.aviva.com
sv.nonprod.ana.corp.aviva.com
avivaprivacy.uk
cert10.uk.aviva.com
cert06.uk.aviva.com
intquote.aviva.co.uk
cert10.uk.aviva.com
boson-services-gateway.globalapps.aviva.com
cert01.tmp.aviva.com
lafabrique-france.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
np-cert02.uk.aviva.com
incapsula.com
cert10.uk.aviva.com
camppe.external.globalapps.aviva.com
proinvest.com.sg
cert01.uk.aviva.com
avivaprivacy.uk
suretyngweb.qa.ana.corp.aviva.com
avivaprivacy.uk
cert01.uk.aviva.com
mpower.non.prod.ana.corp.aviva.com
vaultqa.ana.corp.aviva.com
bigd-kafkadev2.globalapps.aviva.com
cert08.uk.aviva.com
yyzbac1sis1.ana.corp.aviva.com
cyberark-uat.globalapps.aviva.com
www.aviva.co.uk
uat.aviva.co.uk
www.avivatransfer.co.uk
rewards.aviva.com
workbench.prod-globalapps.aviva.com
cx2.globalapps.aviva.com
redirects.aviva.com
yyzsql3047.ana.corp.aviva.com
cert01.ca.aviva.com
mail.aviva.com
cert03.uk.aviva.com
empower.preprod.ana.corp.aviva.com
cert01.as.aviva.com
uat.aviva.co.uk
e-learningportal.at.aviva.com
cert07.uk.aviva.com
cert01.tmp.aviva.com
cert05.uk.aviva.com
yyzbsm1011.ana.corp.aviva.com
iaccess.ana.corp.aviva.com
www.aviva.co.uk
cert03.uk.aviva.com
cert01.as.aviva.com
yyzcpm1201.ana.corp.aviva.com
shareplans.aviva.com
incapsula.com
ci-master.ana.corp.aviva.com
cert04.uk.aviva.com
community-fund-italia.aviva.com
incapsula.com
cert05.uk.aviva.com

arc.globalapps.aviva.com
cert10.uk.aviva.com
avivaprivacy.uk
incapsula.com
nonprod.ratabasecat.ana.corp.aviva.com
redirects.aviva.com
yyzetl1003.ana.corp.aviva.com
cert04.uk.aviva.com
cert08.uk.aviva.com
nationalhomewarranty.com

Certificate

The complete raw certificate details for cert10.uk.aviva.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIL1DCCCrygAwIBAgIQFvrqniXQC2dXC7mfyybZkDANBgkqhkiG9w0BAQsFADCB
kTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTkwNwYDVQQD
EzBTZWN0aWdvIFJTQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMjExMDA3MDAwMDAwWhcNMjIwODEzMjM1OTU5WjCBsjERMA8GA1UEBRMI
MDI0Njg2ODYxEzARBgsrBgEEAYI3PAIBAxMCR0IxHTAbBgNVBA8TFFByaXZhdGUg
T3JnYW5pemF0aW9uMQswCQYDVQQGEwJHQjEYMBYGA1UECBMPTG9uZG9uLCBDaXR5
IG9mMRIwEAYDVQQKEwlBdml2YSBQTEMxEDAOBgNVBAsTB0RpZ2l0YWwxHDAaBgNV
BAMTE2NlcnQxMC51ay5hdml2YS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDj4eb/ck8BGXRpdCnk9Hltt5qcsVwMtil27tNGh5nY4gGr1DtxAOuy
RTLyst89eiNH2KxNXegN7ee5qLJRtxvqarLwwgtvoqWk32oPko6BcFrPOO6mfBhd
mM0/SGIjjpf3f2xARfdbYyX0mGzTHYbc52MQ9Qn8RaIOyFQZSh/FTVLSwuxi7S+T
rObDakyxQlsVcxQqHjef0OTjTIA69eV1mL+xO0HOoDUqfqpzLuwthcyU4aAkd06Y
2w3chdwzB3pUb64VpZpEs3FehGMA44P80ir+s8imNHyth9MV7Ovx883jIajy+p+p
qqMs4UUuFhOdQ61QvrVHToRbOfqfixvxAgMBAAGjgggDMIIH/zAfBgNVHSMEGDAW
gBQsaf+AyYeQrjThtOdMk4WZQOmnsjAdBgNVHQ4EFgQUOmjZ7mPStlOPgvyNgX7Q
9iNvduIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNQYMKwYBBAGyMQECAQUBMCUw
IwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAcGBWeBDAEBMFYG
A1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2VjdGlnb1JT
QUV4dGVuZGVkVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhgYIKwYBBQUH
AQEEejB4MFEGCCsGAQUFBzAChkVodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3Rp
Z29SU0FFeHRlbmRlZFZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYB
BQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBgAYKKwYBBAHWeQIEAgSC
AXAEggFsAWoAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXxc
Ojf8AAAEAwBHMEUCIEb2gbwWzF9sVFRRTK/i7GmblSB2d3dr3FOcpfqEpFcoAiEA
omPDYA4yjVNmEu7uEopEHH2v4tXO2JzBQdgrWJG9a84AdwBVgdTCFpA2AUrqC5tX
PFPwwOQ4eHAlCBcvo6odBxPTDAAAAXxcOjgWAAAEAwBIMEYCIQDB2eHTDRkr7xXJ
4KnhdoOeznp95uNG1ipH7yA6C/XUGQIhAPXXmvE5swP9KYsKCVfAGv7gc1BLwzqX
3XOqBVfUiJgSAHcAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF8
XDo3twAABAMASDBGAiEAwQiHYCiZuxWdhrCRcdDWqeVaOzAcj13PFd13gFXUv4QC
IQD+Mo2+rgBILgw6oTgqdpu5zDesEe6aE0LPBuNs2dUTfzCCBM4GA1UdEQSCBMUw
ggTBghNjZXJ0MTAudWsuYXZpdmEuY29tghthZHZpc2VyLmF2aXZhc2VydmljZXMu
Y28udWuCE2Fzc2V0cy5hdC5hdml2YS5jb22CEmJyb2tlci5hdml2YS5jby51a4IS
Y2RuLm15aXQuYXZpdmEuY29tgiRjb21taXNzaW9uaW5nLmNvbm5lY3QuYXZpdmFi
MmIuY28udWuCFmNvbmZsdWVuY2UuYXZpdmEuY28udWuCGmVzZXJ2ZS5hdml2YXNl
cnZpY2VzLmNvLnVrghdoZWFsdGhwb2ludC5hdml2YS5jby51a4IXaGVscC5vbmxp
bmUuYXZpdmEuY28udWuCEmhlcml0YWdlLmF2aXZhLmNvbYIkaW5zdXJhbmNlYjJi
LmF2LnFzLm9ubGluZS1pbnN1cmUuY29tghBqaXJhLmF2aXZhLmNvLnVrghNsb29r
dXAuYXQuYXZpdmEuY29tghttb2JpbGVkaXJlY3QucXMuYXZpdmEuY28udWuCJG15
YnVzaW5lc3MtY29tbWlzc2lvbmluZy5hdml2YS5jby51a4IabnVhbmNlLmdlbmVy
YWxhY2NpZGVudC5jb22CGW51YW5jZS5vbmxpbmUuYXZpdmEuY28udWuCF251YW5j
ZS5xdW90ZW1laGFwcHkuY29tghpvbmxpbmUuYXZpdmFzZXJ2aWNlcy5jby51a4IU
cGF5bWVudHMuYXZpdmEuY28udWuCE3ByaXZhY3kuYXZpdmEuY28udWuCEXByaXZh
Y3kuYXZpdmEuY29tgh5wcm90ZWN0aW9uLW1lZGljYWwuYXZpdmEuY28udWuCGHJl
Z3MuYXZpdmFzZXJ2aWNlcy5jby51a4IacnVudGltZS5vbmxpbmUuYXZpdmEuY28u
dWuCJHNhbnRhbmRlci5vbmxpbmUtcXVvdGUtYW5kLWJ1eS5jby51a4Itc2FudGFu
ZGVyLnRyYWluaW5nLm9ubGluZS1xdW90ZS1hbmQtYnV5LmNvLnVrghtzZXJ2bGV0
cy5vbmxpbmUuYXZpdmEuY28udWuCFXN0YXRpYy5hdml2YXdvcmxkLmNvbYIjdHJh
aW5pbmcub25saW5lLmF2aXZhc2VydmljZXMuY28udWuCHHd3dy5hdml2YS1mb3It
YWR2aXNlcnMuY28udWuCDXd3dy5hdml2YS5jb22CHnd3dy5hdml2YWhlYWx0aC5x
cy5hdml2YS5jby51a4IYd3d3LmF2aXZhbWljcm9zaXRlLmNvLnVrghN3d3cuYXZp
dmFwcml2YWN5LnVrghZ3d3cuZGlyZWN0LmF2aXZhLmNvLnVrghZ3d3cub25saW5l
LmF2aXZhLmNvLnVrgh13d3cucHJvdGVjdGlvbi5xcy5hdml2YS5jby51a4IZd3d3
LnNhbnRhbmRlci5hdml2YS5jby51a4Iid3d3LnNhbnRhbmRlcnRlbGVwaG9ueS5h
dml2YS5jby51a4I0d3d3LnRyYXZlbGluc3VyYW5jZS5maXJzdGRpcmVjdC5xcy5v
bmxpbmUtaW5zdXJlLmNvbYIXd3d3Mi53c2cucXMuYXZpdmEuY28udWuCGXd3dzQz
LmF2aXZhc2VydmljZXMuY28udWswDQYJKoZIhvcNAQELBQADggEBAHiWlRKBQ8ug
QoTYeSsfXYxLfBv8W90fD1s3qRIbwyv/lj7g33vXjiQEN0GJo4KlL/g48TsfU7Ik
H6zvhk8b0LGAqZpmQsD71dj8aoeLQjUWQn/fNHFrhZjZFprgaBqGli4ZqVxtCwHI
3d1FTFDc7tmmMtOexRWIAglTnIGZSvVjvl9evRAfi5FnLBDnuJ54xZzsyxouse2p
V/Zq4hQmInkF4TZ35ct6F9p5Z3gzorv9Oa5KiLoBPNOQgfeGptrGsItt+glCDWi5
jBpDty8Itcw1FCvgxmp9fHVh566Hbp+Izu0CJAkFpBsCDyuvZI0XSkhbjTL8JI5a
bS6PIqLlbqA=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+Hm/3JPARl0aXQp5PR5
bbeanLFcDLYpdu7TRoeZ2OIBq9Q7cQDrskUy8rLfPXojR9isTV3oDe3nuaiyUbcb
6mqy8MILb6KlpN9qD5KOgXBazzjupnwYXZjNP0hiI46X939sQEX3W2Ml9Jhs0x2G
3OdjEPUJ/EWiDshUGUofxU1S0sLsYu0vk6zmw2pMsUJbFXMUKh43n9Dk40yAOvXl
dZi/sTtBzqA1Kn6qcy7sLYXMlOGgJHdOmNsN3IXcMwd6VG+uFaWaRLNxXoRjAOOD
/NIq/rPIpjR8rYfTFezr8fPN4yGo8vqfqaqjLOFFLhYTnUOtUL61R06EWzn6n4sb
8QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 30545848735501243641848795416557443472
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-10-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02468686'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London, City of'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Aviva PLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Digital'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cert10.uk.aviva.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28767491820641864788648238930263385514232546909889302893541781123544082414145030246150705348157337708676570491501062977056744194905990599013598006734869884461765818531385577479325882043655893544442928225442063314653253196757684246148416178060466034493884447718676325680237613329151112071513094414104722353503878134305349871843294963261155022815612145908953049942685506387821386478060213576551951923429842887756753347949667284533914739435389639896864501447726343340378463748703501056853122635528231218750208054431380010137565643601455119866179348464575078802663908935523648778113702471947772266897346070901954330696689
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3a68d9ee63d2b6538f82fc8d817ed0f6236f76e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a00760046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d470000017c5c3a37fc0000040300473045022046f681bc16cc5f6c5454514cafe2ec699b95207677776bdc539ca5fa84a45728022100a263c3600e328d536612eeee128a441c7dafe2d5ced89cc141d82b5891bd6bce0077005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000017c5c3a38160000040300483046022100c1d9e1d30d192bef15c9e0a9e176839ece7a7de6e346d62a47ef203a0bf5d419022100f5d79af139b303fd298b0a0957c01afee073504bc33a97dd73aa0557d488981200770041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017c5c3a37b70000040300483046022100c10887602899bb159d86b09171d0d6a9e55a3b301c8f5dcf15dd778055d4bf84022100fe328dbeae00482e0c3aa1382a769bb9cc37ac11ee9a1342cf06e36cd9d5137f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1221 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert10.uk.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adviser.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.at.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'broker.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.myit.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'commissioning.connect.avivab2b.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'confluence.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eserve.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthpoint.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heritage.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'insuranceb2b.av.qs.online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jira.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lookup.at.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobiledirect.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mybusiness-commissioning.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nuance.generalaccident.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nuance.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nuance.quotemehappy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'payments.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privacy.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privacy.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protection-medical.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'regs.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'runtime.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'santander.online-quote-and-buy.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'santander.training.online-quote-and-buy.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'servlets.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.avivaworld.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'training.online.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva-for-advisers.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivahealth.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivamicrosite.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivaprivacy.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.direct.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.protection.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.santander.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.santandertelephony.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.travelinsurance.firstdirect.qs.online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www43.avivaservices.co.uk'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00789695128143cba04284d8792b1f5d8c4b7c1bfc5bdd1f0f5b37a9121bc32bff963ee0df7bd78e2404374189a382a52ff838f13b1f53b2241facef864f1bd0b180a99a6642c0fbd5d8fc6a878b423516427fdf34716b8598d9169ae0681a86962e19a95c6d0b01c8dddd454c50dceed9a632d39ec515880209539c81994af563be5f5ebd101f8b91672c10e7b89e78c59ceccb1a2eb1eda957f66ae21426227905e13677e5cb7a17da79677833a2bbfd39ae4a88ba013cd39081f786a6dac6b08b6dfa09420d68b98c1a43b72f08b5cc35142be0c66a7d7c7561e7ae876e9f88ceed02240905a41b020f2baf648d174a485b8d32fc248e5a6d2e8f22a2e56ea0