*.avivaservices.co.uk

- Aviva PLC -

Issued by COMODO RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number d5:7e:95:34:5c:10:53:18:23:21:0d:b8:92:0c:0e:a3 was issued on by COMODO CA Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Aviva PLC

Organization: Aviva PLC
Organization unit: Friends Life
Organization unit: Hosted by AVIVA CENTRAL SERVICES UK LIMITED
Organization unit: Enterprise SSL Pro Wildcard
Address: 1 Undershaft
Address: St Helens
Postal code: EC3P 3DQ
State / Province: London
Locality: London
Country: GB

COMODO CA Limited

Organization: COMODO CA Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): d5:7e:95:34:5c:10:53:18:23:21:0d:b8:92:0c:0e:a3
Serial Number (int): 283782818733750220168693305272913628835
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: e2:ea:fb:38:94:2b:6a:b0:4a:54:72:ec:8e:e1:5e:ca:76:eb:89:e0
AuthorityKeyId: 9a:f3:2b:da:cf:ad:4f:b6:2f:bb:2a:48:48:2a:12:b7:1b:42:c1:24

Fingerprint (sha1): f2:d5:2f:76:ea:ca:e6:bb:af:ef:fd:6e:0a:6e:0f:a9:f1:ee:b1:c0
Fingerprint (sha256): 2d:c0:ab:4f:c2:00:8d:be:6d:3d:06:16:f8:ae:98:28:44:59:5c:d0:af:7b:76:22:3d:c1:4a:8c:ac:cb:dd:d5

Issuing Certificate URL: http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.comodoca.com
CRL Distribution Point: http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate *.avivaservices.co.uk

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.avivaservices.co.uk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.avivaservices.co.uk
avivaservices.co.uk

Other certificates including the domain name avivaservices.co.uk

(limited to 100 certificates)
www.eserve.avivaservices.co.uk
cert02.uk.aviva.com
cert10.uk.aviva.com
cert10.uk.aviva.com
cert01.tmp.aviva.com
cert10.uk.aviva.com
cert01.tmp.aviva.com
cert10.uk.aviva.com

cert02.uk.aviva.com
avivaservices.co.uk
cert10.uk.aviva.com
cert01.tmp.aviva.com
cert01.tmp.aviva.com
np-cert01.uk.aviva.com
cert01.tmp.aviva.com
regs.avivaservices.co.uk
cert01.tmp.aviva.com
cert01.tmp.aviva.com
cert02.uk.aviva.com
cert01.tmp.aviva.com
*.avivaservices.co.uk
cert02.uk.aviva.com
cert01.tmp.aviva.com
adviser.avivaservices.co.uk
cert02.uk.aviva.com
cert01.tmp.aviva.com
np-cert01.uk.aviva.com
np-cert02.uk.aviva.com
clientauth.aviva.co.uk
cert01.tmp.aviva.com
cert01.tmp.aviva.com
np-cert01.uk.aviva.com
cert02.uk.aviva.com
cert01.tmp.aviva.com
cert02.uk.aviva.com
cert01.tmp.aviva.com
cert02.uk.aviva.com
np-cert01.uk.aviva.com
cert02.uk.aviva.com
cert05.uk.aviva.com
np-cert01.uk.aviva.com
cert02.uk.aviva.com
cert01.tmp.aviva.com
clientauth.aviva.co.uk
cert01.tmp.aviva.com
cert02.uk.aviva.com
clientauth.aviva.co.uk
cert05.uk.aviva.com
cert01.tmp.aviva.com
www43.avivaservices.co.uk
cert02.uk.aviva.com
insights.avivainvestors.com
clientauth.aviva.co.uk
cert01.tmp.aviva.com
cert02.uk.aviva.com
cert05.uk.aviva.com
cert02.uk.aviva.com
clientauth.aviva.co.uk
cert01.tmp.aviva.com
cert01.tmp.aviva.com
eserve.avivaservices.co.uk
np-cert01.uk.aviva.com
cert02.uk.aviva.com
cert01.tmp.aviva.com
member.avivaservices.co.uk
cert01.tmp.aviva.com
cert01.tmp.aviva.com
cert10.uk.aviva.com
np-cert01.uk.aviva.com
clientauth.aviva.co.uk
clientauth.aviva.co.uk
clientauth.aviva.co.uk
cert01.tmp.aviva.com
cert10.uk.aviva.com
cert02.uk.aviva.com
cert02.uk.aviva.com
login.avivainvestors.com
cert05.uk.aviva.com
cert02.uk.aviva.com
np-cert02.uk.aviva.com
cert02.uk.aviva.com
np-cert01.uk.aviva.com
np-cert01.uk.aviva.com
cert01.tmp.aviva.com
np-cert01.uk.aviva.com
cert10.uk.aviva.com
cert01.tmp.aviva.com
cert10.uk.aviva.com
cert01.tmp.aviva.com
cert02.uk.aviva.com
cert01.tmp.aviva.com
cert02.uk.aviva.com
www.friendslife.com
online.avivaservices.co.uk
cert02.uk.aviva.com
www.avivainvestors.be
cert02.uk.aviva.com
clientauth.aviva.co.uk
*.avivaservices.co.uk

Certificate

The complete raw certificate details for *.avivaservices.co.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIRANV+lTRcEFMYIyENuJIMDqMwDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTcwOTIxMDAwMDAwWhcNMTgwOTIxMjM1OTU5WjCCARQxCzAJ
BgNVBAYTAkdCMREwDwYDVQQREwhFQzNQIDNEUTEPMA0GA1UECBMGTG9uZG9uMQ8w
DQYDVQQHEwZMb25kb24xFTATBgNVBAkTDDEgVW5kZXJzaGFmdDESMBAGA1UECRMJ
U3QgSGVsZW5zMRIwEAYDVQQKEwlBdml2YSBQTEMxFTATBgNVBAsTDEZyaWVuZHMg
TGlmZTE0MDIGA1UECxMrSG9zdGVkIGJ5IEFWSVZBIENFTlRSQUwgU0VSVklDRVMg
VUsgTElNSVRFRDEkMCIGA1UECxMbRW50ZXJwcmlzZSBTU0wgUHJvIFdpbGRjYXJk
MR4wHAYDVQQDDBUqLmF2aXZhc2VydmljZXMuY28udWswggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCew+N8d5grQVHUFP70UNlAS0JjJroOjtRjlKxFZYXL
tmegzDeCMJ9m8QRxOYwQoXVQeSiszOvFLmDDvuusm79QcXvWnBsHKACZJYio+nGU
bbUl6TTz3l31F/wq6xLo5RCBPrwXjnnHhoBkhbdgUFtuXU69FUo/KofaLZujetSa
u6p0GjX4tKQQjfFLC7h0j+l8Ltzj7Zx2EPgGcmMTxnJ3WQPB4yWm4YNfjMc4yOWn
aKCrgv3ly6wH7ODM4ON2FkaPkS95rQIz6hhWw3X8nABUQTScJ0+YrqUoPMbhSaYz
Qy9vYUpXdz2aA9u1ivZNzBf0igCeBZMA12UQGCjdNUJdAgMBAAGjggH0MIIB8DAf
BgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQU4ur7OJQr
arBKVHLsjuFeynbrieAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGy
MQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20v
Q1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9k
b2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2Vy
dmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9j
cnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25T
ZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9k
b2NhLmNvbTA1BgNVHREELjAsghUqLmF2aXZhc2VydmljZXMuY28udWuCE2F2aXZh
c2VydmljZXMuY28udWswDQYJKoZIhvcNAQELBQADggEBAKaSBOUMmEtgZonlq9lb
UsLIKo4L32+lygvFrpLOFS0LgXBpj7WVkuRSTq1P6PAVtiUPkYgDErAb743Bumd1
8IzgUQ9sAgIv4sFd4lcHd5dPAewg/dKpNfQ+xdHIPQZQKeKCUBuGXF7SFmeK4hup
OVsKpWgbj67f2ErtKNe/MiX4jlGna7yCUCzau/6V0kxkh4JDydzSBVX7Sz5oHYff
EU25sB1EzX/yB1HTltKLFR/Jb6sp1Bm22kzdOLWzw57Jo0G6YPbpzKcTQqbVT+P3
+5mGHnf+2n65caTLYfkRMBiRvDxAxtvs/AJS4hFyss62L5gQQbtHJc1B4lLxEGkC
1/4=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsPjfHeYK0FR1BT+9FDZ
QEtCYya6Do7UY5SsRWWFy7ZnoMw3gjCfZvEEcTmMEKF1UHkorMzrxS5gw77rrJu/
UHF71pwbBygAmSWIqPpxlG21Jek0895d9Rf8KusS6OUQgT68F455x4aAZIW3YFBb
bl1OvRVKPyqH2i2bo3rUmruqdBo1+LSkEI3xSwu4dI/pfC7c4+2cdhD4BnJjE8Zy
d1kDweMlpuGDX4zHOMjlp2igq4L95cusB+zgzODjdhZGj5Evea0CM+oYVsN1/JwA
VEE0nCdPmK6lKDzG4UmmM0Mvb2FKV3c9mgPbtYr2TcwX9IoAngWTANdlEBgo3TVC
XQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 283782818733750220168693305272913628835
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO CA Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'COMODO RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-09-21 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-09-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'EC3P 3DQ'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '1 Undershaft'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'St Helens'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Aviva PLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Friends Life'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Hosted by AVIVA CENTRAL SERVICES UK LIMITED'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise SSL Pro Wildcard'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.avivaservices.co.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20042248462349968076890195607937263935509575178289780624122877978219167974907826691204055008266967881303750332899905730057278966539796759797032714932443174423769994717264762349834816407459153928276686733620532137179766220690492713884658084595996237090906199089528682997536192948553574487063902031573865306338264561743127464829379332997566425396154303508301284859440153661811486108267034149305230001401785968805178005929565666013121808258793160058940947083423076716730062022750665580425470383434237853881545968480205566672054349433152685825039846289496713650443459680126890219660919955469037342478797321646987720082013
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9af32bdacfad4fb62fbb2a48482a12b71b42c124
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e2eafb38942b6ab04a5472ec8ee15eca76eb89e0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://secure.comodo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (127 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.comodoca.com/COMODORSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.comodoca.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avivaservices.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avivaservices.co.uk'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a69204e50c984b606689e5abd95b52c2c82a8e0bdf6fa5ca0bc5ae92ce152d0b8170698fb59592e4524ead4fe8f015b6250f91880312b01bef8dc1ba6775f08ce0510f6c02022fe2c15de2570777974f01ec20fdd2a935f43ec5d1c83d065029e282501b865c5ed216678ae21ba9395b0aa5681b8faedfd84aed28d7bf3225f88e51a76bbc82502cdabbfe95d24c64878243c9dcd20555fb4b3e681d87df114db9b01d44cd7ff20751d396d28b151fc96fab29d419b6da4cdd38b5b3c39ec9a341ba60f6e9cca71342a6d54fe3f7fb99861e77feda7eb971a4cb61f911301891bc3c40c6dbecfc0252e21172b2ceb62f981041bb4725cd41e252f1106902d7fe