np-cert02.uk.aviva.com

- Aviva PLC -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 16:49:5e:d2:f0:44:8a:5c:49:b9:1b:75:e2:eb:b7:5f was issued on by Sectigo Limited.

With 61 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Aviva PLC

Organization: Aviva PLC
Organization unit: Digital
Organization unit: Hosted by AVIVA CENTRAL SERVICES UK LIMITED
Organization unit: Multi-Domain SSL
Address: 1 Undershaft
Address: St Helens
Postal code: EC3P 3DQ
State / Province: London
Locality: London
Country: GB

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 16:49:5e:d2:f0:44:8a:5c:49:b9:1b:75:e2:eb:b7:5f
Serial Number (int): 29623976836717325575141236742789248863
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: c7:45:80:5d:39:99:d9:af:8c:b9:66:69:ef:fe:40:6d:b2:87:c0:61
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 38:cd:c5:4e:ff:2d:eb:ee:1e:09:2a:7f:56:98:85:ac:df:e9:9e:c5
Fingerprint (sha256): 1a:37:85:c5:a9:80:f7:a9:0a:80:e4:8a:88:7b:88:11:38:a5:d9:a9:58:71:a8:2e:f8:3e:fc:d4:bd:8d:55:da

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate np-cert02.uk.aviva.com

61

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for np-cert02.uk.aviva.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

np-cert02.uk.aviva.com
*.accounts.aviva.fr
*.afer-prevoyance.aviva.fr
*.amis.fr
*.api.aviva.fr
*.auto-enrolmentmanagerpp.co.uk
*.av.qs.dev-online-insure.com
*.av.qs.pre-online-insure.com
*.av.qs.rwy-online-insure.com
*.av.qs.stg-online-insure.com
*.av.qs.sys-online-insure.com
*.aviva-assurances-clients.com
*.aviva-box-courtage.com
*.aviva-life.fr
*.aviva-partenaires.com
*.aviva.fr
*.aviva.ie
*.aviva.pl
*.avivabroker.ie
*.avivadirect.fr
*.avivainvestors.com
*.avivaitalia.it
*.avivaplus.it
*.avivasa.com.tr
*.cgpe-apporteur.aviva.fr
*.demo.auto-enrolmentmanager.co.uk
*.dev-avivab2b.co.uk
*.dev-avivainvestors.com
*.dev-friendslife.co.uk
*.eurofil.com
*.iquo.co.uk
*.italia.aviva.com
*.practice-autoenrolmentmanager.co.uk
*.pre-avivab2b.co.uk
*.pre-avivainvestors.com
*.pre-commissioning-aviva.co.uk
*.pre-friendslife.co.uk
*.protection-training-preview.qs.aviva.co.uk
*.protectionjuridique.aviva.fr
*.rect.aviva.fr
*.rectweur.com
*.rwy-avivab2b.co.uk
*.rwy-avivainvestors.com
*.rwy-friendslife.co.uk
*.santander-preview.qs.aviva.co.uk
*.santanderadvised-preview.qs.aviva.co.uk
*.santandertelephony-preview.qs.aviva.co.uk
*.sc-lifecustomer.dev-aviva.co.uk
*.sc-lifecustomer.pre-aviva.co.uk
*.sc-lifecustomer.rwy-aviva.co.uk
*.sc-lifecustomer.stg-aviva.co.uk
*.sc-lifecustomer.sys-aviva.co.uk
*.services.aviva.fr
*.stg-avivab2b.co.uk
*.stg-avivainvestors.com
*.stg-friendslife.co.uk
*.sys-avivab2b.co.uk
*.sys-avivainvestors.com
*.sys-friendslife.co.uk
*.uff.net
*.wsg-preview.qs.aviva.co.uk

Other certificates including the domain name aviva.com

(limited to 100 certificates)
aviva-swi-amp-fs-01.globalapps.aviva.com
incapsula.com
at.aviva.com
community-fund-italia.aviva.com
avivaprivacy.uk
cert02.uk.aviva.com
cert03.uk.aviva.com
cert06.uk.aviva.com
cert01.as.aviva.com
avivaprivacy.uk
np-cert02.uk.aviva.com
in.aviva.com
avivaprivacy.uk
cert11.uk.aviva.com
cert03.uk.aviva.com
avivaprivacy.uk
cert06.uk.aviva.com
idmadmin.globalapps.aviva.com
mpower.non.prod.ana.corp.aviva.com
cert01.ca.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
digital.aviva.com
cert01.ca.aviva.com
redirects.aviva.com
agility-europe.globalapps.aviva.com
icare-uat.globalapps.aviva.com
cert06.uk.aviva.com
incapsula.com
cert04.uk.aviva.com
cms.aviva.com
sv.nonprod.ana.corp.aviva.com
avivaprivacy.uk
cert10.uk.aviva.com
cert06.uk.aviva.com
intquote.aviva.co.uk
cert10.uk.aviva.com
boson-services-gateway.globalapps.aviva.com
cert01.tmp.aviva.com
lafabrique-france.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
np-cert02.uk.aviva.com
incapsula.com
cert10.uk.aviva.com
camppe.external.globalapps.aviva.com
proinvest.com.sg
cert01.uk.aviva.com
avivaprivacy.uk
suretyngweb.qa.ana.corp.aviva.com
avivaprivacy.uk
cert01.uk.aviva.com
mpower.non.prod.ana.corp.aviva.com
vaultqa.ana.corp.aviva.com
bigd-kafkadev2.globalapps.aviva.com
cert08.uk.aviva.com
yyzbac1sis1.ana.corp.aviva.com
cyberark-uat.globalapps.aviva.com
www.aviva.co.uk
uat.aviva.co.uk
www.avivatransfer.co.uk
rewards.aviva.com
workbench.prod-globalapps.aviva.com
cx2.globalapps.aviva.com
redirects.aviva.com
yyzsql3047.ana.corp.aviva.com
cert01.ca.aviva.com
mail.aviva.com
cert03.uk.aviva.com
empower.preprod.ana.corp.aviva.com
cert01.as.aviva.com
uat.aviva.co.uk
e-learningportal.at.aviva.com
cert07.uk.aviva.com
cert01.tmp.aviva.com
cert05.uk.aviva.com
yyzbsm1011.ana.corp.aviva.com
iaccess.ana.corp.aviva.com
www.aviva.co.uk
cert03.uk.aviva.com
cert01.as.aviva.com
yyzcpm1201.ana.corp.aviva.com
shareplans.aviva.com
incapsula.com
ci-master.ana.corp.aviva.com
cert04.uk.aviva.com
community-fund-italia.aviva.com
incapsula.com
cert05.uk.aviva.com

arc.globalapps.aviva.com
cert10.uk.aviva.com
avivaprivacy.uk
incapsula.com
nonprod.ratabasecat.ana.corp.aviva.com
redirects.aviva.com
yyzetl1003.ana.corp.aviva.com
cert04.uk.aviva.com
cert08.uk.aviva.com
nationalhomewarranty.com

Certificate

The complete raw certificate details for np-cert02.uk.aviva.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIINCzCCC/OgAwIBAgIQFkle0vBEilxJuRt14uu3XzANBgkqhkiG9w0BAQsFADCB
lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
dmVyIENBMB4XDTE5MDUyOTAwMDAwMFoXDTIwMDUwMjIzNTk1OVowggEFMQswCQYD
VQQGEwJHQjERMA8GA1UEERMIRUMzUCAzRFExDzANBgNVBAgTBkxvbmRvbjEPMA0G
A1UEBxMGTG9uZG9uMRUwEwYDVQQJEwwxIFVuZGVyc2hhZnQxEjAQBgNVBAkTCVN0
IEhlbGVuczESMBAGA1UEChMJQXZpdmEgUExDMRAwDgYDVQQLEwdEaWdpdGFsMTQw
MgYDVQQLEytIb3N0ZWQgYnkgQVZJVkEgQ0VOVFJBTCBTRVJWSUNFUyBVSyBMSU1J
VEVEMRkwFwYDVQQLExBNdWx0aS1Eb21haW4gU1NMMR8wHQYDVQQDExZucC1jZXJ0
MDIudWsuYXZpdmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
yz87RkmcjQOFmIQcxS3IJy6WZ7BSyODft8MqDLVvd738IkJTDSx/8LfUimHy/rea
ltC53jT54jTRrGjkW4cr0NmAOpNLO3OsFI4cRjKVynBz6QunbqZTVTLGjayJ3HF6
bhKfF5BKSac6R6Y+0rQlNQ8H2/NzB5ZaYookE3bW00VkU1WTsQzTJixXiERJ+EUZ
H/W00M2FQcGQE57zYJXYa9hSrrMNodJzGIXDRaXeoVyIxtcY0SpqIGe2NAynn7Cw
1b/7MF8h3YjWJplysIVyyN7o8N0go1OzgWXursyGMuJZLCRd0LZ7lpwdN93DWb3n
x87pdQTS6ZnamJAWQ6KU0QIDAQABo4II4jCCCN4wHwYDVR0jBBgwFoAUF9nWJSdn
+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFMdFgF05mdmvjLlmae/+QG2yh8BhMA4G
A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUF
BwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMw
UTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5p
emF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEE
fjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29S
U0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsG
AQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTCCBiAGA1UdEQSCBhcwggYT
ghZucC1jZXJ0MDIudWsuYXZpdmEuY29tghMqLmFjY291bnRzLmF2aXZhLmZyghoq
LmFmZXItcHJldm95YW5jZS5hdml2YS5mcoIJKi5hbWlzLmZygg4qLmFwaS5hdml2
YS5mcoIfKi5hdXRvLWVucm9sbWVudG1hbmFnZXJwcC5jby51a4IdKi5hdi5xcy5k
ZXYtb25saW5lLWluc3VyZS5jb22CHSouYXYucXMucHJlLW9ubGluZS1pbnN1cmUu
Y29tgh0qLmF2LnFzLnJ3eS1vbmxpbmUtaW5zdXJlLmNvbYIdKi5hdi5xcy5zdGct
b25saW5lLWluc3VyZS5jb22CHSouYXYucXMuc3lzLW9ubGluZS1pbnN1cmUuY29t
gh4qLmF2aXZhLWFzc3VyYW5jZXMtY2xpZW50cy5jb22CGCouYXZpdmEtYm94LWNv
dXJ0YWdlLmNvbYIPKi5hdml2YS1saWZlLmZyghcqLmF2aXZhLXBhcnRlbmFpcmVz
LmNvbYIKKi5hdml2YS5mcoIKKi5hdml2YS5pZYIKKi5hdml2YS5wbIIQKi5hdml2
YWJyb2tlci5pZYIQKi5hdml2YWRpcmVjdC5mcoIUKi5hdml2YWludmVzdG9ycy5j
b22CECouYXZpdmFpdGFsaWEuaXSCDiouYXZpdmFwbHVzLml0ghAqLmF2aXZhc2Eu
Y29tLnRyghkqLmNncGUtYXBwb3J0ZXVyLmF2aXZhLmZygiIqLmRlbW8uYXV0by1l
bnJvbG1lbnRtYW5hZ2VyLmNvLnVrghQqLmRldi1hdml2YWIyYi5jby51a4IYKi5k
ZXYtYXZpdmFpbnZlc3RvcnMuY29tghcqLmRldi1mcmllbmRzbGlmZS5jby51a4IN
Ki5ldXJvZmlsLmNvbYIMKi5pcXVvLmNvLnVrghIqLml0YWxpYS5hdml2YS5jb22C
JSoucHJhY3RpY2UtYXV0b2Vucm9sbWVudG1hbmFnZXIuY28udWuCFCoucHJlLWF2
aXZhYjJiLmNvLnVrghgqLnByZS1hdml2YWludmVzdG9ycy5jb22CHyoucHJlLWNv
bW1pc3Npb25pbmctYXZpdmEuY28udWuCFyoucHJlLWZyaWVuZHNsaWZlLmNvLnVr
giwqLnByb3RlY3Rpb24tdHJhaW5pbmctcHJldmlldy5xcy5hdml2YS5jby51a4Ie
Ki5wcm90ZWN0aW9uanVyaWRpcXVlLmF2aXZhLmZygg8qLnJlY3QuYXZpdmEuZnKC
DioucmVjdHdldXIuY29tghQqLnJ3eS1hdml2YWIyYi5jby51a4IYKi5yd3ktYXZp
dmFpbnZlc3RvcnMuY29tghcqLnJ3eS1mcmllbmRzbGlmZS5jby51a4IiKi5zYW50
YW5kZXItcHJldmlldy5xcy5hdml2YS5jby51a4IpKi5zYW50YW5kZXJhZHZpc2Vk
LXByZXZpZXcucXMuYXZpdmEuY28udWuCKyouc2FudGFuZGVydGVsZXBob255LXBy
ZXZpZXcucXMuYXZpdmEuY28udWuCISouc2MtbGlmZWN1c3RvbWVyLmRldi1hdml2
YS5jby51a4IhKi5zYy1saWZlY3VzdG9tZXIucHJlLWF2aXZhLmNvLnVrgiEqLnNj
LWxpZmVjdXN0b21lci5yd3ktYXZpdmEuY28udWuCISouc2MtbGlmZWN1c3RvbWVy
LnN0Zy1hdml2YS5jby51a4IhKi5zYy1saWZlY3VzdG9tZXIuc3lzLWF2aXZhLmNv
LnVrghMqLnNlcnZpY2VzLmF2aXZhLmZyghQqLnN0Zy1hdml2YWIyYi5jby51a4IY
Ki5zdGctYXZpdmFpbnZlc3RvcnMuY29tghcqLnN0Zy1mcmllbmRzbGlmZS5jby51
a4IUKi5zeXMtYXZpdmFiMmIuY28udWuCGCouc3lzLWF2aXZhaW52ZXN0b3JzLmNv
bYIXKi5zeXMtZnJpZW5kc2xpZmUuY28udWuCCSoudWZmLm5ldIIcKi53c2ctcHJl
dmlldy5xcy5hdml2YS5jby51azCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1ALvZ
37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGFAAABawLvf0AAAAQDAEYwRAIg
bj6VPVLDa36qqjfXWtyeUQXgZ5mQbcPvb5WX559/osECIGxMRR7MSppAez4JHGsw
f1untdrS0c75fg7fKHbv6acQAHcAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1
loFxRVgAAAFrAu9/aAAABAMASDBGAiEA1DS2YohZehUoYpyRc2m72Wh3HfhS8TTs
qXzGiDuTXmcCIQCevaJfTxLkE0kYyZyNbTUDrHlnw4CvroPUlwMlZB/LxjANBgkq
hkiG9w0BAQsFAAOCAQEAZOIDSPEo0TKmSk27QsGaYE/m7L5/8oIJvgGP1Qk8YWFR
IJ+pNFaRTMJ1qeBAjeLPiMzWy2sjutjaxc7Z4DFaiYWySlHXc7DIceCoKRl80oXO
yirwAu9HzBoW4Pe6KQVZ9VeFOFNC4XYfNEMGMinj+mBS75SRMRAfjiyg+uHdBws+
dxRmrQrWs5aNnEnmgnoNrbUI0i304cTGYjoTNLXB5/9qmtlQJU9Omz+sdU2uzQod
Hps+onCa6Utdwp2FiuBRq3HP6pNuraX+W7hKFmi/Xx3ZEAKIgWx5pAhCBhmNVDXU
CaxSw/N4jlUwjErsfq0J4WxWdV4jHBOCPliBXWTtNw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz87RkmcjQOFmIQcxS3I
Jy6WZ7BSyODft8MqDLVvd738IkJTDSx/8LfUimHy/realtC53jT54jTRrGjkW4cr
0NmAOpNLO3OsFI4cRjKVynBz6QunbqZTVTLGjayJ3HF6bhKfF5BKSac6R6Y+0rQl
NQ8H2/NzB5ZaYookE3bW00VkU1WTsQzTJixXiERJ+EUZH/W00M2FQcGQE57zYJXY
a9hSrrMNodJzGIXDRaXeoVyIxtcY0SpqIGe2NAynn7Cw1b/7MF8h3YjWJplysIVy
yN7o8N0go1OzgWXursyGMuJZLCRd0LZ7lpwdN93DWb3nx87pdQTS6ZnamJAWQ6KU
0QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 29623976836717325575141236742789248863
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-29 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-02 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EC3P 3DQ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1 Undershaft'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'St Helens'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Aviva PLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Digital'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hosted by AVIVA CENTRAL SERVICES UK LIMITED'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Multi-Domain SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'np-cert02.uk.aviva.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25657556543219852746697772058575406410137602166639304468188963737598329180883536460968183804745276448576212497010723694819839373616101432228461477810016300336655210350998533981968437390978054452084178467814461278652685671754143230425443797335050629461035384311343997825950580693755357488540346351368342609350039612926197017912947474801096917134256853230507964359881159436429509810660999863032217931198728863946423042695777860703409597818732748878751393058030356886447748927492611991266730947526898534400347180824993255466393641949681565966154894715901344694501896001577621011706827809515306552973682827132575571678417
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c745805d3999d9af8cb96669effe406db287c061
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1559 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'np-cert02.uk.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accounts.aviva.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.afer-prevoyance.aviva.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.amis.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.api.aviva.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.auto-enrolmentmanagerpp.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.av.qs.dev-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.av.qs.pre-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.av.qs.rwy-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.av.qs.stg-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.av.qs.sys-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva-assurances-clients.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva-box-courtage.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva-life.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva-partenaires.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivabroker.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivadirect.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivaitalia.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivaplus.it'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivasa.com.tr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cgpe-apporteur.aviva.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.demo.auto-enrolmentmanager.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-avivab2b.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.eurofil.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.iquo.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.italia.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.practice-autoenrolmentmanager.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-avivab2b.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-commissioning-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.protection-training-preview.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.protectionjuridique.aviva.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rect.aviva.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rectweur.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-avivab2b.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.santander-preview.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.santanderadvised-preview.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.santandertelephony-preview.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sc-lifecustomer.dev-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sc-lifecustomer.pre-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sc-lifecustomer.rwy-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sc-lifecustomer.stg-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sc-lifecustomer.sys-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.services.aviva.fr'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-avivab2b.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-avivab2b.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.uff.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wsg-preview.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016b02ef7f40000004030046304402206e3e953d52c36b7eaaaa37d75adc9e5105e06799906dc3ef6f9597e79f7fa2c102206c4c451ecc4a9a407b3e091c6b307f5ba7b5dad2d1cef97e0edf2876efe9a7100077005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016b02ef7f680000040300483046022100d434b66288597a1528629c917369bbd968771df852f134eca97cc6883b935e670221009ebda25f4f12e4134918c99c8d6d3503ac7967c380afae83d4970325641fcbc6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0064e20348f128d132a64a4dbb42c19a604fe6ecbe7ff28209be018fd5093c616151209fa93456914cc275a9e0408de2cf88ccd6cb6b23bad8dac5ced9e0315a8985b24a51d773b0c871e0a829197cd285ceca2af002ef47cc1a16e0f7ba290559f55785385342e1761f3443063229e3fa6052ef949131101f8e2ca0fae1dd070b3e771466ad0ad6b3968d9c49e6827a0dadb508d22df4e1c4c6623a1334b5c1e7ff6a9ad950254f4e9b3fac754daecd0a1d1e9b3ea2709ae94b5dc29d858ae051ab71cfea936eada5fe5bb84a1668bf5f1dd9100288816c79a4084206198d5435d409ac52c3f3788e55308c4aec7ead09e16c56755e231c13823e58815d64ed37