OV SSL/TLS Certificate for np-cert01.uk.aviva.com Issued to Aviva PLC

Certificate is witin its validity period

Issued by Sectigo Limited (Sectigo RSA Organization Validation Secure Server CA)

About the np-cert01.uk.aviva.com OV SSL/TLS Certificate

This certificate with serial number 6b:4d:cd:7f:e9:6f:10:c3:f3:1d:5b:df:21:fb:cb:48 for np-cert01.uk.aviva.com was issued on by Sectigo Limited.

With 70 subject alternative names, this certificate can be used to secure multiple FQDNs. This OV SSL/TLS Certificate is currently within its validity period but we haven't checked the revocation status of this certificate, you can do this simply on revocationcheck.com. We have found some issues with the compliance of this certificate, they are be shown below. We hope this OV SSL/TLS Certificate review for np-cert01.uk.aviva.com provides you with the detailed information you were looking for.


We have identified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This X.509 certificate will expire on

Certificate Details

Serial Number (hex): 6b:4d:cd:7f:e9:6f:10:c3:f3:1d:5b:df:21:fb:cb:48
Serial Number (int): 142631370435282845258959691512341580616
Serial Number Length: 127 bits, 16 octets

Subject Key Identifier: aa:a5:c4:02:af:43:27:74:c1:ee:8e:c7:c4:36:90:d5:42:73:9a:8d
Authority Key Identifier: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (SHA-1): e2:24:f3:c2:07:3d:a4:32:a9:17:54:d9:8f:2e:a0:df:1f:7e:74:e4
Fingerprint (SHA-256): e3:eb:5c:2b:de:09:94:f4:de:94:ed:4a:3c:fc:66:10:45:db:fa:cf:5a:aa:6e:c8:7f:05:76:09:c8:cd:d8:e0

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation Information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate np-cert01.uk.aviva.com
70
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details of the X.509 certificate for np-cert01.uk.aviva.com

Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10
CA Certificate
This is not a CA certificate

Subject Alternative Names

np-cert01.uk.aviva.com
*.acs.qs.pre-aviva.co.uk
*.aviva.co.uk
*.aviva.com
*.avivaeserve.co.uk
*.avivahealth.qs.pre-aviva.co.uk
*.avivamicrosite.co.uk
*.avivaservices.co.uk
*.broker.aviva.co.uk
*.dev-aviva-for-advisers.co.uk
*.dev-aviva.co.uk
*.dev-aviva.com
*.dev-avivacustomer.co.uk
*.dev-insuranceclaimsonline.co.uk
*.dev-online-insure.co.uk
*.dev-online-insure.com
*.firstdirect.dev-online-insure.com
*.firstdirect.pre-online-insure.com
*.firstdirect.rwy-online-insure.com
*.firstdirect.stg-online-insure.com
*.firstdirect.sys-online-insure.com
*.globalapps.dev-aviva.com
*.globalapps.pre-aviva.com
*.hsbc.dev-aviva.co.uk
*.hsbc.dev-online-insure.com
*.hsbc.pre-aviva.co.uk
*.hsbc.pre-online-insure.com
*.hsbc.rwy-aviva.co.uk
*.hsbc.rwy-online-insure.com
*.hsbc.stg-aviva.co.uk
*.hsbc.stg-online-insure.com
*.hsbc.sys-aviva.co.uk
*.hsbc.sys-online-insure.com
*.pre-aviva.co.uk
*.pre-aviva.com
*.pre-avivacustomer.co.uk
*.pre-avivaworld.com
*.pre-insuranceclaimsonline.co.uk
*.pre-online-insure.co.uk
*.pre-online-insure.com
*.qs.dev-aviva.co.uk
*.qs.pre-aviva.co.uk
*.qs.rwy-aviva.co.uk
*.qs.stg-aviva.co.uk
*.qs.sys-aviva.co.uk
*.rwy-aviva.co.uk
*.rwy-aviva.com
*.rwy-avivacustomer.co.uk
*.rwy-insuranceclaimsonline.co.uk
*.rwy-online-insure.co.uk
*.rwy-online-insure.com
*.stg-aviva.co.uk
*.stg-aviva.com
*.stg-avivacustomer.co.uk
*.stg-insuranceclaimsonline.co.uk
*.stg-online-insure.co.uk
*.stg-online-insure.com
*.sys-aviva.co.uk
*.sys-aviva.com
*.sys-avivacustomer.co.uk
*.sys-insuranceclaimsonline.co.uk
*.sys-online-insure.co.uk
*.sys-online-insure.com
*.wsg-preview.qs.aviva.co.uk
stage.sustainablebusinesscoach.aviva.co.uk
www.cofensevision.dev-aviva.co.uk
www.cofensevision.pre-aviva.co.uk
www.cofensevision.rwy-aviva.co.uk
www.cofensevision.stg-aviva.co.uk
www.cofensevision.sys-aviva.co.uk

X.509 Certificate

The complete raw X.509 certificate details for np-cert01.uk.aviva.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIOGzCCDQOgAwIBAgIQa03Nf+lvEMPzHVvfIfvLSDANBgkqhkiG9w0BAQsFADCB
lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
dmVyIENBMB4XDTI1MDIwMzAwMDAwMFoXDTI2MDIwMzIzNTk1OVowXDELMAkGA1UE
BhMCR0IxGDAWBgNVBAgTD0xvbmRvbiwgQ2l0eSBvZjESMBAGA1UEChMJQXZpdmEg
UExDMR8wHQYDVQQDExZucC1jZXJ0MDEudWsuYXZpdmEuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyaRH6xqpvvyl11bVXBCKeDDAuQTtbO0bKSP
vm/+Gcfoqwjk+dI6UcI2daYgwIovF5hHTx85I8TMxpZgZjmKc+eRhPS+IjpD9K5A
GSIg8H1HnoHPp4280t/JD8/GtA/1d4s2ZHStWcOXkQTPue+FWNqgHJF7koXAWJ4X
eS4SB2hp/ZM75uNgOdCBhqKbIhc7n4uQ9/fvO+fxS5T3F3CmiEpbntSq/3V3o69+
nJSHH7s88zGY95e6cgm2DKzinU/hBkZJcmqqQpaVHPBd6CbqvuoQG2rjPlbX7vfH
Zv96NH9On5m9Es1NiCIBb39qAVqjWBRZFex7Q7lEMnQFIvBAhwIDAQABo4IKnTCC
CpkwHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFKql
xAKvQyd0we6Ox8Q2kNVCc5qNMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsG
AQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQ
UzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdv
LmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZl
ckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0
LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2Vj
dXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdv
LmNvbTCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHUAlpdkv1VYl633Q4doNwhC
d+nwOtX2pPM2bkakPw/KqcYAAAGUy+whmgAABAMARjBEAiA9x+C4iIRElbzMajiG
MGfHtT8UCSrG7YcApuGao691rQIgFSiP2r0SFWDHOPSxROMJ8zIaVgIEHp6nBdkJ
xrT5lvsAdwAZhtTHKKpv/roDb3gqTQGRqs4tcjEPrs5dcEEtJUzH1AAAAZTL7CF0
AAAEAwBIMEYCIQDi2FPEuxuYZyNAxhVNX4Q6CZUNdwQL9bTaoSxf5O5CmgIhAKwU
1hxuTKAermMsbisqBUW5dM0IHekalIdfVeHg6g+HAHYAyzj3FYl8hKFEX1vB3fvJ
bvKaWc1HCmkFhbDLFMMUWOcAAAGUy+whoAAABAMARzBFAiAONQnem5Nj6H8/+rPg
A6VX3ods2cIZLRbg6r7ewTkVhgIhAKmKLJ61c/30ZLaHeA5K/dROJ3OLKkIAOn7g
SZ6VoyNCMIIHYQYDVR0RBIIHWDCCB1SCFm5wLWNlcnQwMS51ay5hdml2YS5jb22C
GCouYWNzLnFzLnByZS1hdml2YS5jby51a4INKi5hdml2YS5jby51a4ILKi5hdml2
YS5jb22CEyouYXZpdmFlc2VydmUuY28udWuCICouYXZpdmFoZWFsdGgucXMucHJl
LWF2aXZhLmNvLnVrghYqLmF2aXZhbWljcm9zaXRlLmNvLnVrghUqLmF2aXZhc2Vy
dmljZXMuY28udWuCFCouYnJva2VyLmF2aXZhLmNvLnVrgh4qLmRldi1hdml2YS1m
b3ItYWR2aXNlcnMuY28udWuCESouZGV2LWF2aXZhLmNvLnVrgg8qLmRldi1hdml2
YS5jb22CGSouZGV2LWF2aXZhY3VzdG9tZXIuY28udWuCISouZGV2LWluc3VyYW5j
ZWNsYWltc29ubGluZS5jby51a4IZKi5kZXYtb25saW5lLWluc3VyZS5jby51a4IX
Ki5kZXYtb25saW5lLWluc3VyZS5jb22CIyouZmlyc3RkaXJlY3QuZGV2LW9ubGlu
ZS1pbnN1cmUuY29tgiMqLmZpcnN0ZGlyZWN0LnByZS1vbmxpbmUtaW5zdXJlLmNv
bYIjKi5maXJzdGRpcmVjdC5yd3ktb25saW5lLWluc3VyZS5jb22CIyouZmlyc3Rk
aXJlY3Quc3RnLW9ubGluZS1pbnN1cmUuY29tgiMqLmZpcnN0ZGlyZWN0LnN5cy1v
bmxpbmUtaW5zdXJlLmNvbYIaKi5nbG9iYWxhcHBzLmRldi1hdml2YS5jb22CGiou
Z2xvYmFsYXBwcy5wcmUtYXZpdmEuY29tghYqLmhzYmMuZGV2LWF2aXZhLmNvLnVr
ghwqLmhzYmMuZGV2LW9ubGluZS1pbnN1cmUuY29tghYqLmhzYmMucHJlLWF2aXZh
LmNvLnVrghwqLmhzYmMucHJlLW9ubGluZS1pbnN1cmUuY29tghYqLmhzYmMucnd5
LWF2aXZhLmNvLnVrghwqLmhzYmMucnd5LW9ubGluZS1pbnN1cmUuY29tghYqLmhz
YmMuc3RnLWF2aXZhLmNvLnVrghwqLmhzYmMuc3RnLW9ubGluZS1pbnN1cmUuY29t
ghYqLmhzYmMuc3lzLWF2aXZhLmNvLnVrghwqLmhzYmMuc3lzLW9ubGluZS1pbnN1
cmUuY29tghEqLnByZS1hdml2YS5jby51a4IPKi5wcmUtYXZpdmEuY29tghkqLnBy
ZS1hdml2YWN1c3RvbWVyLmNvLnVrghQqLnByZS1hdml2YXdvcmxkLmNvbYIhKi5w
cmUtaW5zdXJhbmNlY2xhaW1zb25saW5lLmNvLnVrghkqLnByZS1vbmxpbmUtaW5z
dXJlLmNvLnVrghcqLnByZS1vbmxpbmUtaW5zdXJlLmNvbYIUKi5xcy5kZXYtYXZp
dmEuY28udWuCFCoucXMucHJlLWF2aXZhLmNvLnVrghQqLnFzLnJ3eS1hdml2YS5j
by51a4IUKi5xcy5zdGctYXZpdmEuY28udWuCFCoucXMuc3lzLWF2aXZhLmNvLnVr
ghEqLnJ3eS1hdml2YS5jby51a4IPKi5yd3ktYXZpdmEuY29tghkqLnJ3eS1hdml2
YWN1c3RvbWVyLmNvLnVrgiEqLnJ3eS1pbnN1cmFuY2VjbGFpbXNvbmxpbmUuY28u
dWuCGSoucnd5LW9ubGluZS1pbnN1cmUuY28udWuCFyoucnd5LW9ubGluZS1pbnN1
cmUuY29tghEqLnN0Zy1hdml2YS5jby51a4IPKi5zdGctYXZpdmEuY29tghkqLnN0
Zy1hdml2YWN1c3RvbWVyLmNvLnVrgiEqLnN0Zy1pbnN1cmFuY2VjbGFpbXNvbmxp
bmUuY28udWuCGSouc3RnLW9ubGluZS1pbnN1cmUuY28udWuCFyouc3RnLW9ubGlu
ZS1pbnN1cmUuY29tghEqLnN5cy1hdml2YS5jby51a4IPKi5zeXMtYXZpdmEuY29t
ghkqLnN5cy1hdml2YWN1c3RvbWVyLmNvLnVrgiEqLnN5cy1pbnN1cmFuY2VjbGFp
bXNvbmxpbmUuY28udWuCGSouc3lzLW9ubGluZS1pbnN1cmUuY28udWuCFyouc3lz
LW9ubGluZS1pbnN1cmUuY29tghwqLndzZy1wcmV2aWV3LnFzLmF2aXZhLmNvLnVr
gipzdGFnZS5zdXN0YWluYWJsZWJ1c2luZXNzY29hY2guYXZpdmEuY28udWuCIXd3
dy5jb2ZlbnNldmlzaW9uLmRldi1hdml2YS5jby51a4Ihd3d3LmNvZmVuc2V2aXNp
b24ucHJlLWF2aXZhLmNvLnVrgiF3d3cuY29mZW5zZXZpc2lvbi5yd3ktYXZpdmEu
Y28udWuCIXd3dy5jb2ZlbnNldmlzaW9uLnN0Zy1hdml2YS5jby51a4Ihd3d3LmNv
ZmVuc2V2aXNpb24uc3lzLWF2aXZhLmNvLnVrMA0GCSqGSIb3DQEBCwUAA4IBAQB3
60v/ytaAOcXid9AtTJjksA6mtAUwIahvMz95m4U7F0NVQ5x/oQx6zWFAnuPP/C/Q
JQXlvdR1j1oVFNx9Fq3UG2uprSQK86N3nASengJFdgHA+ri3sflNwiChlI7d835r
YgNfYIm/CRFitVd884MwdfvRAbuE/VuWQuaaAlZSabZ1yFV5UbKNYmUeDro0qszo
AITA+hUMJep2ZeKdo3P2ZgwL7CHdSuujjg+2pqsk7QkTevevpjJf6uhmg9lM+Cby
fiSd01HOG3aeE1yVC1CqZIcX4o8kZDeBJIj5HnUK8cPK5l3hcUQSoLZqUz7hth+8
uO13+kR3spmLmVpghdDg
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyaRH6xqpvvyl11bVXBC
KeDDAuQTtbO0bKSPvm/+Gcfoqwjk+dI6UcI2daYgwIovF5hHTx85I8TMxpZgZjmK
c+eRhPS+IjpD9K5AGSIg8H1HnoHPp4280t/JD8/GtA/1d4s2ZHStWcOXkQTPue+F
WNqgHJF7koXAWJ4XeS4SB2hp/ZM75uNgOdCBhqKbIhc7n4uQ9/fvO+fxS5T3F3Cm
iEpbntSq/3V3o69+nJSHH7s88zGY95e6cgm2DKzinU/hBkZJcmqqQpaVHPBd6Cbq
vuoQG2rjPlbX7vfHZv96NH9On5m9Es1NiCIBb39qAVqjWBRZFex7Q7lEMnQFIvBA
hwIDAQAB
-----END PUBLIC KEY-----

ASN.1 Decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 142631370435282845258959691512341580616
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2026-02-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London, City of'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Aviva PLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'np-cert01.uk.aviva.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL []
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19585955311787976264705285424459079346381421673965866049417185004094201079456035896469538224774187175354863167667852818814633945338678573864845172647065304726673445677436172549744134698906216164998615445701394144733761216370451536199789392431440390700543809193894057740677500600224010698055940078245444999836624728874097915999299215623809019133217853698700932871203678211994404129278040303793431774525688747908598711512762496629238923197313172386595294535648111153838197159665606609943810540808866170171120082372964198868631938949822883992848817436621542964601784915981974870243971780694942932037694223132101648072839
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							aaa5c402af432774c1ee8ec7c43690d542739a8d
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007500969764bf555897adf743876837084277e9f03ad5f6a4f3366e46a43f0fcaa9c600000194cbec219a000004030046304402203dc7e0b888844495bccc6a38863067c7b53f14092ac6ed8700a6e19aa3af75ad022015288fdabd121560c738f4b144e309f3321a5602041e9ea705d909c6b4f996fb0077001986d4c728aa6ffeba036f782a4d0191aace2d72310faece5d70412d254cc7d400000194cbec21740000040300483046022100e2d853c4bb1b98672340c6154d5f843a09950d77040bf5b4daa12c5fe4ee429a022100ac14d61c6e4ca01eae632c6e2b2a0545b974cd081de91a94875f55e1e0ea0f87007600cb38f715897c84a1445f5bc1ddfbc96ef29a59cd470a690585b0cb14c31458e700000194cbec21a0000004030047304502200e3509de9b9363e87f3ffab3e003a557de876cd9c2192d16e0eabedec1391586022100a98a2c9eb573fdf464b687780e4afdd44e27738b2a42003a7ee0499e95a32342
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1880 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'np-cert01.uk.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.acs.qs.pre-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivaeserve.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivahealth.qs.pre-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivamicrosite.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.broker.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-aviva-for-advisers.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-avivacustomer.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-insuranceclaimsonline.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-online-insure.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.firstdirect.dev-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.firstdirect.pre-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.firstdirect.rwy-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.firstdirect.stg-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.firstdirect.sys-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.globalapps.dev-aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.globalapps.pre-aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.dev-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.dev-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.pre-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.pre-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.rwy-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.rwy-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.stg-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.stg-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.sys-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hsbc.sys-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-avivacustomer.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-avivaworld.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-insuranceclaimsonline.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-online-insure.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.pre-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qs.dev-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qs.pre-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qs.rwy-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qs.stg-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.qs.sys-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-avivacustomer.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-insuranceclaimsonline.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-online-insure.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.rwy-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-avivacustomer.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-insuranceclaimsonline.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-online-insure.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.stg-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-avivacustomer.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-insuranceclaimsonline.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-online-insure.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sys-online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.wsg-preview.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.sustainablebusinesscoach.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cofensevision.dev-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cofensevision.pre-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cofensevision.rwy-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cofensevision.stg-aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cofensevision.sys-aviva.co.uk'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11
 . . . . . . . . [c:0|t:5|false] NULL []
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0077eb4bffcad68039c5e277d02d4c98e4b00ea6b4053021a86f333f799b853b174355439c7fa10c7acd61409ee3cffc2fd02505e5bdd4758f5a1514dc7d16add41b6ba9ad240af3a3779c049e9e02457601c0fab8b7b1f94dc220a1948eddf37e6b62035f6089bf091162b5577cf3833075fbd101bb84fd5b9642e69a02565269b675c8557951b28d62651e0eba34aacce80084c0fa150c25ea7665e29da373f6660c0bec21dd4aeba38e0fb6a6ab24ed09137af7afa6325feae86683d94cf826f27e249dd351ce1b769e135c950b50aa648717e28f246437812488f91e750af1c3cae65de1714412a0b66a533ee1b61fbcb8ed77fa4477b2998b995a6085d0e0