cert01.tmp.aviva.com

- Aviva PLC -

Issued by Sectigo RSA Extended Validation Secure Server CA

About this certificate

This digital certificate with serial number cf:dd:d7:eb:83:9e:84:df:81:89:e9:b3:9e:59:bb:41 was issued on by Sectigo Limited.

With 62 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Aviva PLC

Company registration number: 02468686
Organization: Aviva PLC
Organization unit: Digital
Locality: London
Country: GB

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): cf:dd:d7:eb:83:9e:84:df:81:89:e9:b3:9e:59:bb:41
Serial Number (int): 276302072110630932599683015611959065409
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: d8:1f:25:77:30:50:35:00:4c:f2:76:b0:00:fd:7d:ba:f9:f8:17:6f
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2

Fingerprint (sha1): 00:ac:16:3c:fa:cc:bc:66:7d:68:22:e0:17:37:f1:a0:29:a1:db:b5
Fingerprint (sha256): 25:eb:ce:6a:1c:a2:b0:c1:7f:f3:15:ff:42:6d:51:bc:ad:12:d4:59:4e:ae:cb:11:53:84:ce:6b:29:71:95:49

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl

Check the revocation status for certificate cert01.tmp.aviva.com

62

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cert01.tmp.aviva.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cert01.tmp.aviva.com
adviser.avivaservices.co.uk
agsts.globalapps.aviva.com
airef.avivainvestors.com
cas.aviva.pl
cas.uff.net
confluence.aviva.co.uk
cosmic.aviva.co.uk
dokumenty-dev.aviva.pl
dokumenty-uat.aviva.pl
dokumenty.aviva.pl
esb.aviva.pl
eserve.avivaservices.co.uk
formularze.aviva.pl
healthpoint.aviva.co.uk
heritage.aviva.com
insuranceb2b.av.qs.online-insure.com
jira.aviva.co.uk
kalkulator-emerytalny.aviva.pl
logowanie.aviva.com.pl
mobiledirect.qs.aviva.co.uk
moja.aviva.pl
online.avivaservices.co.uk
platnosci.aviva.pl
prexcas.uff.net
protection-medical.aviva.co.uk
rectcas.uff.net
regs.avivaservices.co.uk
salescloud-dev.aviva.pl
salescloud-pretest.aviva.pl
salescloud-szkolenia.aviva.pl
salescloud-test.aviva.pl
salescloud-uat2.aviva.pl
samochod.aviva.pl
services.aviva.ie
sti.avivainvestors24.pl
tol.aviva.com.pl
training.online.avivaservices.co.uk
twojedziecko.aviva.pl
www.acs.qs.aviva.co.uk
www.aviva-for-advisers.co.uk
www.aviva.com
www.aviva.com.pl
www.aviva.ie
www.aviva.pl
www.avivahealth.qs.aviva.co.uk
www.eurofil.com
www.expander.pl
www.fpinternational.com
www.life.qs.aviva.co.uk
www.protection.qs.aviva.co.uk
www.santander.aviva.co.uk
www.santander.aviva.pl
www.santandertelephony.aviva.co.uk
www.teraz.pl
www.todlamniewazne.pl
www.wsg.qs.aviva.co.uk
www17.friendsprovident.co.uk
www2.friendslife.co.uk
www2.wsg.qs.aviva.co.uk
www3.wsg.qs.aviva.co.uk
www43.avivaservices.co.uk

Other certificates including the domain name aviva.com

(limited to 100 certificates)
aviva-swi-amp-fs-01.globalapps.aviva.com
incapsula.com
at.aviva.com
community-fund-italia.aviva.com
avivaprivacy.uk
cert02.uk.aviva.com
cert03.uk.aviva.com
cert06.uk.aviva.com
cert01.as.aviva.com
avivaprivacy.uk
np-cert02.uk.aviva.com
in.aviva.com
avivaprivacy.uk
cert11.uk.aviva.com
cert03.uk.aviva.com
avivaprivacy.uk
cert06.uk.aviva.com
idmadmin.globalapps.aviva.com
mpower.non.prod.ana.corp.aviva.com
cert01.ca.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
digital.aviva.com
cert01.ca.aviva.com
redirects.aviva.com
agility-europe.globalapps.aviva.com
icare-uat.globalapps.aviva.com
cert06.uk.aviva.com
incapsula.com
cert04.uk.aviva.com
cms.aviva.com
sv.nonprod.ana.corp.aviva.com
avivaprivacy.uk
cert10.uk.aviva.com
cert06.uk.aviva.com
intquote.aviva.co.uk
cert10.uk.aviva.com
boson-services-gateway.globalapps.aviva.com
cert01.tmp.aviva.com
lafabrique-france.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
np-cert02.uk.aviva.com
incapsula.com
cert10.uk.aviva.com
camppe.external.globalapps.aviva.com
proinvest.com.sg
cert01.uk.aviva.com
avivaprivacy.uk
suretyngweb.qa.ana.corp.aviva.com
avivaprivacy.uk
cert01.uk.aviva.com
mpower.non.prod.ana.corp.aviva.com
vaultqa.ana.corp.aviva.com
bigd-kafkadev2.globalapps.aviva.com
cert08.uk.aviva.com
yyzbac1sis1.ana.corp.aviva.com
cyberark-uat.globalapps.aviva.com
www.aviva.co.uk
uat.aviva.co.uk
www.avivatransfer.co.uk
rewards.aviva.com
workbench.prod-globalapps.aviva.com
cx2.globalapps.aviva.com
redirects.aviva.com
yyzsql3047.ana.corp.aviva.com
cert01.ca.aviva.com
mail.aviva.com
cert03.uk.aviva.com
empower.preprod.ana.corp.aviva.com
cert01.as.aviva.com
uat.aviva.co.uk
e-learningportal.at.aviva.com
cert07.uk.aviva.com
cert01.tmp.aviva.com
cert05.uk.aviva.com
yyzbsm1011.ana.corp.aviva.com
iaccess.ana.corp.aviva.com
www.aviva.co.uk
cert03.uk.aviva.com
cert01.as.aviva.com
yyzcpm1201.ana.corp.aviva.com
shareplans.aviva.com
incapsula.com
ci-master.ana.corp.aviva.com
cert04.uk.aviva.com
community-fund-italia.aviva.com
incapsula.com
cert05.uk.aviva.com

arc.globalapps.aviva.com
cert10.uk.aviva.com
avivaprivacy.uk
incapsula.com
nonprod.ratabasecat.ana.corp.aviva.com
redirects.aviva.com
yyzetl1003.ana.corp.aviva.com
cert04.uk.aviva.com
cert08.uk.aviva.com
nationalhomewarranty.com

Certificate

The complete raw certificate details for cert01.tmp.aviva.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMSzCCCzOgAwIBAgIRAM/d1+uDnoTfgYnps55Zu0EwDQYJKoZIhvcNAQELBQAw
gZExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE5MDcGA1UE
AxMwU2VjdGlnbyBSU0EgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVy
IENBMB4XDTIxMDQxMzAwMDAwMFoXDTIyMDEyNjIzNTk1OVowgaoxETAPBgNVBAUT
CDAyNDY4Njg2MRMwEQYLKwYBBAGCNzwCAQMTAkdCMR0wGwYDVQQPExRQcml2YXRl
IE9yZ2FuaXphdGlvbjELMAkGA1UEBhMCR0IxDzANBgNVBAcTBkxvbmRvbjESMBAG
A1UEChMJQXZpdmEgUExDMRAwDgYDVQQLEwdEaWdpdGFsMR0wGwYDVQQDExRjZXJ0
MDEudG1wLmF2aXZhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANmj2hN2Tjp/Mwn2JQK9MD9U+6Xrx2jIzbgkL9VdrodLePERWA56xKc/xZkbZwE7
EZOvdHMvdGc6rMrVqoH82awU8iYqMpEm1eDfvCFpF6vxLjJZqlee3QkYjC4fvdhy
MfZtrahsxVYSiDm3f+b7vdHH7tpryXgMX1DXjxuTaYktalKo79BRO2fiQ2CnXCLd
pKD3ZfCRDFqCDUd9rTyfUdDjxI0bVeUoDBtUvJ1+B/TCtlhVL57alC0912ooNHQD
Fl/nc+XP7FxOqtPqKcslY6fEp8sjzMFqgN1hyTK65N7uSIyqqNHqTJP9vS3DDRXt
iiQ0GT+upddNeQekRiDH47sCAwEAAaOCCIEwggh9MB8GA1UdIwQYMBaAFCxp/4DJ
h5CuNOG050yThZlA6aeyMB0GA1UdDgQWBBTYHyV3MFA1AEzydrAA/X26+fgXbzAO
BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA1BgwrBgEEAbIxAQIBBQEwJTAjBggrBgEF
BQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwBwYFZ4EMAQEwVgYDVR0fBE8w
TTBLoEmgR4ZFaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRXh0ZW5k
ZWRWYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGGBggrBgEFBQcBAQR6MHgw
UQYIKwYBBQUHMAKGRWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQUV4
dGVuZGVkVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYX
aHR0cDovL29jc3Auc2VjdGlnby5jb20wggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA
dgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXjLchSlAAAEAwBH
MEUCIQC+Df46itoHG4PBM/K6BjR8FPtxMgAq4s4bwmTiqyN25wIgYnH54xh6Y9tw
nHqeYf5zjL2nMHeuR8cgVkS0RGg90wcAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAl
CBcvo6odBxPTDAAAAXjLchSHAAAEAwBHMEUCIFDWcXQ6mbSOUjm5J9DoEb0B9NZu
uTb3t6Ms4S2qjepxAiEA7IzqBZOJAjlGI7mY9Pq9x1VC/fQ510uvwm3z4KSPnUQw
ggXIBgNVHREEggW/MIIFu4IUY2VydDAxLnRtcC5hdml2YS5jb22CG2FkdmlzZXIu
YXZpdmFzZXJ2aWNlcy5jby51a4IaYWdzdHMuZ2xvYmFsYXBwcy5hdml2YS5jb22C
GGFpcmVmLmF2aXZhaW52ZXN0b3JzLmNvbYIMY2FzLmF2aXZhLnBsggtjYXMudWZm
Lm5ldIIWY29uZmx1ZW5jZS5hdml2YS5jby51a4ISY29zbWljLmF2aXZhLmNvLnVr
ghZkb2t1bWVudHktZGV2LmF2aXZhLnBsghZkb2t1bWVudHktdWF0LmF2aXZhLnBs
ghJkb2t1bWVudHkuYXZpdmEucGyCDGVzYi5hdml2YS5wbIIaZXNlcnZlLmF2aXZh
c2VydmljZXMuY28udWuCE2Zvcm11bGFyemUuYXZpdmEucGyCF2hlYWx0aHBvaW50
LmF2aXZhLmNvLnVrghJoZXJpdGFnZS5hdml2YS5jb22CJGluc3VyYW5jZWIyYi5h
di5xcy5vbmxpbmUtaW5zdXJlLmNvbYIQamlyYS5hdml2YS5jby51a4Iea2Fsa3Vs
YXRvci1lbWVyeXRhbG55LmF2aXZhLnBsghZsb2dvd2FuaWUuYXZpdmEuY29tLnBs
ghttb2JpbGVkaXJlY3QucXMuYXZpdmEuY28udWuCDW1vamEuYXZpdmEucGyCGm9u
bGluZS5hdml2YXNlcnZpY2VzLmNvLnVrghJwbGF0bm9zY2kuYXZpdmEucGyCD3By
ZXhjYXMudWZmLm5ldIIecHJvdGVjdGlvbi1tZWRpY2FsLmF2aXZhLmNvLnVrgg9y
ZWN0Y2FzLnVmZi5uZXSCGHJlZ3MuYXZpdmFzZXJ2aWNlcy5jby51a4IXc2FsZXNj
bG91ZC1kZXYuYXZpdmEucGyCG3NhbGVzY2xvdWQtcHJldGVzdC5hdml2YS5wbIId
c2FsZXNjbG91ZC1zemtvbGVuaWEuYXZpdmEucGyCGHNhbGVzY2xvdWQtdGVzdC5h
dml2YS5wbIIYc2FsZXNjbG91ZC11YXQyLmF2aXZhLnBsghFzYW1vY2hvZC5hdml2
YS5wbIIRc2VydmljZXMuYXZpdmEuaWWCF3N0aS5hdml2YWludmVzdG9yczI0LnBs
ghB0b2wuYXZpdmEuY29tLnBsgiN0cmFpbmluZy5vbmxpbmUuYXZpdmFzZXJ2aWNl
cy5jby51a4IVdHdvamVkemllY2tvLmF2aXZhLnBsghZ3d3cuYWNzLnFzLmF2aXZh
LmNvLnVrghx3d3cuYXZpdmEtZm9yLWFkdmlzZXJzLmNvLnVrgg13d3cuYXZpdmEu
Y29tghB3d3cuYXZpdmEuY29tLnBsggx3d3cuYXZpdmEuaWWCDHd3dy5hdml2YS5w
bIIed3d3LmF2aXZhaGVhbHRoLnFzLmF2aXZhLmNvLnVrgg93d3cuZXVyb2ZpbC5j
b22CD3d3dy5leHBhbmRlci5wbIIXd3d3LmZwaW50ZXJuYXRpb25hbC5jb22CF3d3
dy5saWZlLnFzLmF2aXZhLmNvLnVrgh13d3cucHJvdGVjdGlvbi5xcy5hdml2YS5j
by51a4IZd3d3LnNhbnRhbmRlci5hdml2YS5jby51a4IWd3d3LnNhbnRhbmRlci5h
dml2YS5wbIIid3d3LnNhbnRhbmRlcnRlbGVwaG9ueS5hdml2YS5jby51a4IMd3d3
LnRlcmF6LnBsghV3d3cudG9kbGFtbmlld2F6bmUucGyCFnd3dy53c2cucXMuYXZp
dmEuY28udWuCHHd3dzE3LmZyaWVuZHNwcm92aWRlbnQuY28udWuCFnd3dzIuZnJp
ZW5kc2xpZmUuY28udWuCF3d3dzIud3NnLnFzLmF2aXZhLmNvLnVrghd3d3czLndz
Zy5xcy5hdml2YS5jby51a4IZd3d3NDMuYXZpdmFzZXJ2aWNlcy5jby51azANBgkq
hkiG9w0BAQsFAAOCAQEALP5jKwyA/oCh1YbQsjKSJg+pyVGPD5hNjOMO9Niz3If0
YCOJpKmTa65D1i2VdVoWwpu6CCkfM4oDh1XjsjqWXg5WR/Btz0jVpA7j3/YqVMWZ
p3ZBFhnjVfi13xpbM1/68lza/UvLCj3rlq142jO50FWEj9dTa+Ws/s3oCvkuNoHq
7RAja7/8YrtX2n4U/HNn6QhjQT8Rqnm+7r6SQLIe/NmOxPthgY2drXb79sMIhmmy
F6VW6kNDjot83qp3mySBB75QrSThAXn+g44O8lFEv9b5RSGZoC1CQFDUF8SW2v8U
5TQEehhWJgLIX+1fOMu/AK8MZnIAZDPiPcXq/lICEg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aPaE3ZOOn8zCfYlAr0w
P1T7pevHaMjNuCQv1V2uh0t48RFYDnrEpz/FmRtnATsRk690cy90ZzqsytWqgfzZ
rBTyJioykSbV4N+8IWkXq/EuMlmqV57dCRiMLh+92HIx9m2tqGzFVhKIObd/5vu9
0cfu2mvJeAxfUNePG5NpiS1qUqjv0FE7Z+JDYKdcIt2koPdl8JEMWoINR32tPJ9R
0OPEjRtV5SgMG1S8nX4H9MK2WFUvntqULT3Xaig0dAMWX+dz5c/sXE6q0+opyyVj
p8SnyyPMwWqA3WHJMrrk3u5IjKqo0epMk/29LcMNFe2KJDQZP66l1015B6RGIMfj
uwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 276302072110630932599683015611959065409
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-01-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02468686'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Aviva PLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Digital'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cert01.tmp.aviva.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27474510540934905146340263841388234272673848828433185286782139594754947834705726031198799280014954301720727567902395131460031107989109056401414206070390557890700326473991537553999644127924086407568673678890202518052537949757993313160261175431369492544608275525593650264784263676386906195877819178544831967949333814807294841857080649343568225872220954991618304651984222533487892848060233852148378360958427510631411239906602369392300574428726350855587224097162137462852460124645315028581662152545614425110771987102856688105350364798742529255452181524928305619109850968261059306408653024202749927472303367741066724238267
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d81f2577305035004cf276b000fd7dbaf9f8176f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d4700000178cb7214a50000040300473045022100be0dfe3a8ada071b83c133f2ba06347c14fb7132002ae2ce1bc264e2ab2376e702206271f9e3187a63db709c7a9e61fe738cbda73077ae47c7205644b444683dd3070076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000178cb7214870000040300473045022050d671743a99b48e5239b927d0e811bd01f4d66eb936f7b7a32ce12daa8dea71022100ec8cea05938902394623b998f4fabdc75542fdf439d74bafc26df3e0a48f9d44
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1471 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert01.tmp.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adviser.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agsts.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'airef.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cas.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cas.uff.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'confluence.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cosmic.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dokumenty-dev.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dokumenty-uat.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dokumenty.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'esb.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eserve.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'formularze.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthpoint.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'heritage.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'insuranceb2b.av.qs.online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jira.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kalkulator-emerytalny.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'logowanie.aviva.com.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobiledirect.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'moja.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'platnosci.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prexcas.uff.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protection-medical.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rectcas.uff.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'regs.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'salescloud-dev.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'salescloud-pretest.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'salescloud-szkolenia.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'salescloud-test.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'salescloud-uat2.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'samochod.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.aviva.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sti.avivainvestors24.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tol.aviva.com.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'training.online.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'twojedziecko.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.acs.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva-for-advisers.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva.com.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivahealth.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.eurofil.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.expander.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fpinternational.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.life.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.protection.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.santander.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.santander.aviva.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.santandertelephony.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.teraz.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.todlamniewazne.pl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www17.friendsprovident.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www3.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www43.avivaservices.co.uk'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002cfe632b0c80fe80a1d586d0b23292260fa9c9518f0f984d8ce30ef4d8b3dc87f4602389a4a9936bae43d62d95755a16c29bba08291f338a038755e3b23a965e0e5647f06dcf48d5a40ee3dff62a54c599a776411619e355f8b5df1a5b335ffaf25cdafd4bcb0a3deb96ad78da33b9d055848fd7536be5acfecde80af92e3681eaed10236bbffc62bb57da7e14fc7367e90863413f11aa79beeebe9240b21efcd98ec4fb61818d9dad76fbf6c3088669b217a556ea43438e8b7cdeaa779b248107be50ad24e10179fe838e0ef25144bfd6f9452199a02d424050d417c496daff14e534047a18562602c85fed5f38cbbf00af0c6672006433e23dc5eafe520212