www.gov.uk
- Government Digital Service -
Issued by GlobalSign Organization Validation CA - SHA256 - G2
About this certificate
This digital certificate with serial number 33:87:bf:28:9f:ee:cb:54:b0:8a:75:60 was issued on by GlobalSign nv-sa.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- 1 DNS name(s) are bare public suffixes: gov.uk The domain SHOULD NOT have a bare public suffix (awslabs certlint)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Government Digital Service
Organization:
Government Digital Service
Organization unit: Government Digital Service
Organization unit: Government Digital Service
State / Province:
Greater London
Locality: London
Country: GB
Locality: London
Country: GB
GlobalSign nv-sa
Organization:
GlobalSign nv-sa
Country:
BE
This certificate has expire since
Certificate Details
Serial Number (hex): 33:87:bf:28:9f:ee:cb:54:b0:8a:75:60Serial Number (int): 15947843207928936555254281568
Serial Number lenght: 94 bits, 12 octets
SubjectKeyId: ae:10:4a:51:c8:ad:fa:a8:8d:f0:28:ce:1f:fd:ac:20:2f:b2:75:64
AuthorityKeyId: 96:de:61:f1:bd:1c:16:29:53:1c:c0:cc:7d:3b:83:00:40:e6:1a:7c
Fingerprint (sha1): 5d:00:18:3f:93:3b:0c:ad:a4:97:ec:22:3c:11:18:ba:c8:1c:42:a5
Fingerprint (sha256): 86:df:c8:2b:3a:cd:d2:e0:aa:2a:c6:6a:72:bc:da:e1:e8:8c:e8:cc:ec:a1:31:22:bf:bb:41:e5:21:a3:d4:ec
Issuing Certificate URL: http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
Revocation information
OCSP Server: http://ocsp2.globalsign.com/gsorganizationvalsha2g2CRL Distribution Point: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
Check the revocation status for certificate www.gov.uk
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.gov.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.gov.uk
*.businesslink.gov.uk
*.direct.gov.uk
*.preview.alphagov.co.uk
*.production.alphagov.co.uk
*.publishing.service.gov.uk
*.cabinet-office.gov.uk
assets.digital.cabinet-office.gov.uk
service.gov.uk
data.gov.uk
dfid.gov.uk
www.data.gov.uk
gov.uk
*.businesslink.gov.uk
*.direct.gov.uk
*.preview.alphagov.co.uk
*.production.alphagov.co.uk
*.publishing.service.gov.uk
*.cabinet-office.gov.uk
assets.digital.cabinet-office.gov.uk
service.gov.uk
data.gov.uk
dfid.gov.uk
www.data.gov.uk
gov.uk
Other certificates including the domain name www.gov.uk
(limited to 100 certificates)
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
www.gov.uk
gov.uk
www.gov.uk
Certificate
The complete raw certificate details for www.gov.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIH5jCCBs6gAwIBAgIMM4e/KJ/uy1SwinVgMA0GCSqGSIb3DQEBCwUAMGYxCzAJ BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g RzIwHhcNMTkwNDA0MTc0NDA1WhcNMjAxMTE0MTkwMTA0WjCBljELMAkGA1UEBhMC R0IxFzAVBgNVBAgTDkdyZWF0ZXIgTG9uZG9uMQ8wDQYDVQQHEwZMb25kb24xIzAh BgNVBAsTGkdvdmVybm1lbnQgRGlnaXRhbCBTZXJ2aWNlMSMwIQYDVQQKExpHb3Zl cm5tZW50IERpZ2l0YWwgU2VydmljZTETMBEGA1UEAxMKd3d3Lmdvdi51azCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKii2iR6rMRSVERB2gsUwU2DlZuJ vtPwOmfFewPJQk/+KmTYaQBVdbX02HEZ1yfTirY0W47JvF4nxOdVnNB0/uJwJpEm 2uqAliiVhqqC35UCDfEp4yLCSa9Od+TqYS1txdXnoe+TKHQI/aHy2/Bf+BMPMUSq 7QI88WlC4MGFO68xNufoBZ8fNyVSjYTQ0BArcaoAFfYnTuddyDEHirGJYhx0oHjb Mz7RJUKKtXU0Yjhnfnk16Mvf3Ksl5vYbbx0T4RLyTS9QFBL+nJgUEcTfN1iCgnFV uG2uoFzBAi6rOlR/vv8G2ymvL+h/FutZlO3LA29QmwzwHL2zLsyfOlk7cbECAwEA AaOCBGEwggRdMA4GA1UdDwEB/wQEAwIFoDCBoAYIKwYBBQUHAQEEgZMwgZAwTQYI KwYBBQUHMAKGQWh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dz b3JnYW5pemF0aW9udmFsc2hhMmcycjEuY3J0MD8GCCsGAQUFBzABhjNodHRwOi8v b2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIwVgYD VR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQICMAkGA1UdEwQCMAAw SQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9n c29yZ2FuaXphdGlvbnZhbHNoYTJnMi5jcmwwggEXBgNVHREEggEOMIIBCoIKd3d3 Lmdvdi51a4IVKi5idXNpbmVzc2xpbmsuZ292LnVrgg8qLmRpcmVjdC5nb3YudWuC GCoucHJldmlldy5hbHBoYWdvdi5jby51a4IbKi5wcm9kdWN0aW9uLmFscGhhZ292 LmNvLnVrghsqLnB1Ymxpc2hpbmcuc2VydmljZS5nb3YudWuCFyouY2FiaW5ldC1v ZmZpY2UuZ292LnVrgiRhc3NldHMuZGlnaXRhbC5jYWJpbmV0LW9mZmljZS5nb3Yu dWuCDnNlcnZpY2UuZ292LnVrggtkYXRhLmdvdi51a4ILZGZpZC5nb3YudWuCD3d3 dy5kYXRhLmdvdi51a4IGZ292LnVrMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjAdBgNVHQ4EFgQUrhBKUcit+qiN8CjOH/2sIC+ydWQwHwYDVR0jBBgwFoAU lt5h8b0cFilTHMDMfTuDAEDmGnwwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2 AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABaelzYngAAAQDAEcw RQIgI5Mjx+v+D6+R1XbhitqJiwStVJr6mzsYg7sT3/+wFcsCIQCjxAhD8sv3cRIn 0mvhCuY3JSj9ZzdPGQtWnCUrU2skoAB2AKS5CZC0GFgUh7sTosxncAo8NZgE+Rvf uON3zQ7IDdwQAAABaelzYl4AAAQDAEcwRQIgPzD/fBJLGGdbG5TDQB808SY8CiOP Fv7C9MRrHWekkLMCIQCdN5cU65MYFs/NlGnKHQ4kemNG2J40p2EsQBq4Nls8agB2 AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABaelzYqEAAAQDAEcw RQIhAK+LzhIohBZNR1nlqFFvNieLxH92MH1LVhYWIHNm4q4oAiBEnEABIk77puQN SmZcl08nM4Qvb1v4KEG5CIkt7X5kSjANBgkqhkiG9w0BAQsFAAOCAQEAY7MuBo1z E1ZUsT3JMFclL8i2XPHlbZ9da3TxURDwHJop2ryw5BHgrG5AMV2gypsNYta0KH/d ATLlvjNXij6BdH8XZ/0TnsxwOFp9m7WCjO37u4eXa9aLuXxCsd1b4sm853wnIAPT zid0r2Wwmdytkj+nHa6ph31gqWPeFm2yeBqiN/VuaTnB3FJ1dzSMA/99NnBsKaip W7++6r8N6QFbbSvrod9hD5hKNFqBI1Y6pJi56wTyIkMubFP091Uaa1lBpQtekbmf ACvuGIVpynHxbXxKAGvbjBhijA78nW77VWTodowFYySeWfPJG6qqA6HCjoJOOniv kccbhc5sre094A== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKLaJHqsxFJUREHaCxTB TYOVm4m+0/A6Z8V7A8lCT/4qZNhpAFV1tfTYcRnXJ9OKtjRbjsm8XifE51Wc0HT+ 4nAmkSba6oCWKJWGqoLflQIN8SnjIsJJr0535OphLW3F1eeh75ModAj9ofLb8F/4 Ew8xRKrtAjzxaULgwYU7rzE25+gFnx83JVKNhNDQECtxqgAV9idO513IMQeKsYli HHSgeNszPtElQoq1dTRiOGd+eTXoy9/cqyXm9htvHRPhEvJNL1AUEv6cmBQRxN83 WIKCcVW4ba6gXMECLqs6VH++/wbbKa8v6H8W61mU7csDb1CbDPAcvbMuzJ86WTtx sQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 15947843207928936555254281568 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'BE' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign nv-sa' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GlobalSign Organization Validation CA - SHA256 - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-04 17:44:05 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-14 19:01:04 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Digital Service' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Government Digital Service' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.gov.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21288340607262300330577062278970460071554155603674163199959900792717057473657893081543841939063450471154888850686845610331121265699685071410097471719947070778219362925955107391680564159160036706416748912680564258846946042834281586948456081281075656394072316833344126499720765490341396019677046697207113442751244480463142589742783349553968910540839917742590534960750984191170028437997880681558182991332869349158709496029812052875497528122690939579484928050336595208853569076290529149869111472699450391278356348309305204456747621199268288878243447694781709168205987088288924635034240906099897023495892991471315316339121 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp2.globalsign.com/gsorganizationvalsha2g2' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.4146.1.20 (globalsignOVPolicy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.globalsign.com/repository/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (270 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.businesslink.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.direct.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.preview.alphagov.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.production.alphagov.co.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.publishing.service.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cabinet-office.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.digital.cabinet-office.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'service.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dfid.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.data.gov.uk' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gov.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ae104a51c8adfaa88df028ce1ffdac202fb27564 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 96de61f1bd1c1629531cc0cc7d3b830040e61a7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 01680076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c00000169e973627800000403004730450220239323c7ebfe0faf91d576e18ada898b04ad549afa9b3b1883bb13dfffb015cb022100a3c40843f2cbf7711227d26be10ae6372528fd67374f190b569c252b536b24a0007600a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000169e973625e000004030047304502203f30ff7c124b18675b1b94c3401f34f1263c0a238f16fec2f4c46b1d67a490b30221009d379714eb931816cfcd9469ca1d0e247a6346d89e34a7612c401ab8365b3c6a0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000169e97362a10000040300473045022100af8bce122884164d4759e5a8516f36278bc47f76307d4b561616207366e2ae280220449c4001224efba6e40d4a665c974f2733842f6f5bf82841b908892ded7e644a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0063b32e068d73135654b13dc93057252fc8b65cf1e56d9f5d6b74f15110f01c9a29dabcb0e411e0ac6e40315da0ca9b0d62d6b4287fdd0132e5be33578a3e81747f1767fd139ecc70385a7d9bb5828cedfbbb87976bd68bb97c42b1dd5be2c9bce77c272003d3ce2774af65b099dcad923fa71daea9877d60a963de166db2781aa237f56e6939c1dc527577348c03ff7d36706c29a8a95bbfbeeabf0de9015b6d2beba1df610f984a345a8123563aa498b9eb04f222432e6c53f4f7551a6b5941a50b5e91b99f002bee188569ca71f16d7c4a006bdb8c18628c0efc9d6efb5564e8768c0563249e59f3c91baaaa03a1c28e824e3a78af91c71b85ce6caded3de0