cert01.uk.aviva.com

- Aviva PLC -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 7e:f5:35:15:ab:d1:11:42:01:7e:27:54:95:1f:99:86 was issued on by Sectigo Limited.

With 41 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Aviva PLC

Organization: Aviva PLC
State / Province: London, City of
Country: GB

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 7e:f5:35:15:ab:d1:11:42:01:7e:27:54:95:1f:99:86
Serial Number (int): 168755916883915522766525568448309729670
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: f5:4f:31:a7:8f:1d:cb:03:5c:5f:79:73:3b:b8:1c:c5:93:54:66:61
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 2c:c6:e9:64:66:e5:35:2e:6b:05:fb:1b:20:d3:93:30:0d:bf:a1:b3
Fingerprint (sha256): b7:b0:26:81:12:e9:d3:98:65:80:a6:92:76:04:e1:9c:90:39:1f:51:ec:b2:de:14:c6:c4:b6:8f:7e:22:65:55

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate cert01.uk.aviva.com

41

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cert01.uk.aviva.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cert01.uk.aviva.com
advisers.friendslife.co.uk
agsts.globalapps.aviva.com
aims.avivainvestors.com
aimsti.avivainvestors.com
api.aviva.co.uk
apigateway.aviva.co.uk
avivahealth.aviva.co.uk
brand.avivainvestors.com
cam.globalapps.aviva.com
careers.avivainvestors.com
cofensereporter.globalapps.aviva.com
healthpoint.aviva.co.uk
help.quotemehappy.com
library.friendslife.com
media.avivainvestors.com
mfamobile.globalapps.aviva.com
netquotes.aviva.co.uk
protection-medical.aviva.co.uk
protection.aviva.co.uk
resources.aviva.com
santandertelephony.aviva.co.uk
services.aviva.co.uk
services.friendslife.com
standards.aviva.com
travelinsurance.firstdirect.online-insure.com
webapi.aviva.com
workplacebenefits.friendslife.co.uk
www.aviva-health.qs.aviva.co.uk
www.aviva.co.uk
www.avivaforpartners.qs.aviva.co.uk
www.avivainvestors.com
www.cosmic-creditor.qs.aviva.co.uk
www.generalaccident.com
www.healthpoint.qs.aviva.co.uk
www.netquotes.qs.aviva.co.uk
www.partner.qs.online-insure.co.uk
www.quotemehappy.com
www.wsg.qs.aviva.co.uk
www2.wsg.qs.aviva.co.uk
www3.wsg.qs.aviva.co.uk

Other certificates including the domain name aviva.com

(limited to 100 certificates)
aviva-swi-amp-fs-01.globalapps.aviva.com
incapsula.com
at.aviva.com
community-fund-italia.aviva.com
avivaprivacy.uk
cert02.uk.aviva.com
cert03.uk.aviva.com
cert06.uk.aviva.com
cert01.as.aviva.com
avivaprivacy.uk
np-cert02.uk.aviva.com
in.aviva.com
avivaprivacy.uk
cert11.uk.aviva.com
cert03.uk.aviva.com
avivaprivacy.uk
cert06.uk.aviva.com
idmadmin.globalapps.aviva.com
mpower.non.prod.ana.corp.aviva.com
cert01.ca.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
digital.aviva.com
cert01.ca.aviva.com
redirects.aviva.com
agility-europe.globalapps.aviva.com
icare-uat.globalapps.aviva.com
cert06.uk.aviva.com
incapsula.com
cert04.uk.aviva.com
cms.aviva.com
sv.nonprod.ana.corp.aviva.com
avivaprivacy.uk
cert10.uk.aviva.com
cert06.uk.aviva.com
intquote.aviva.co.uk
cert10.uk.aviva.com
boson-services-gateway.globalapps.aviva.com
cert01.tmp.aviva.com
lafabrique-france.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
np-cert02.uk.aviva.com
incapsula.com
cert10.uk.aviva.com
camppe.external.globalapps.aviva.com
proinvest.com.sg
cert01.uk.aviva.com
avivaprivacy.uk
suretyngweb.qa.ana.corp.aviva.com
avivaprivacy.uk
cert01.uk.aviva.com
mpower.non.prod.ana.corp.aviva.com
vaultqa.ana.corp.aviva.com
bigd-kafkadev2.globalapps.aviva.com
cert08.uk.aviva.com
yyzbac1sis1.ana.corp.aviva.com
cyberark-uat.globalapps.aviva.com
www.aviva.co.uk
uat.aviva.co.uk
www.avivatransfer.co.uk
rewards.aviva.com
workbench.prod-globalapps.aviva.com
cx2.globalapps.aviva.com
redirects.aviva.com
yyzsql3047.ana.corp.aviva.com
cert01.ca.aviva.com
mail.aviva.com
cert03.uk.aviva.com
empower.preprod.ana.corp.aviva.com
cert01.as.aviva.com
uat.aviva.co.uk
e-learningportal.at.aviva.com
cert07.uk.aviva.com
cert01.tmp.aviva.com
cert05.uk.aviva.com
yyzbsm1011.ana.corp.aviva.com
iaccess.ana.corp.aviva.com
www.aviva.co.uk
cert03.uk.aviva.com
cert01.as.aviva.com
yyzcpm1201.ana.corp.aviva.com
shareplans.aviva.com
incapsula.com
ci-master.ana.corp.aviva.com
cert04.uk.aviva.com
community-fund-italia.aviva.com
incapsula.com
cert05.uk.aviva.com

arc.globalapps.aviva.com
cert10.uk.aviva.com
avivaprivacy.uk
incapsula.com
nonprod.ratabasecat.ana.corp.aviva.com
redirects.aviva.com
yyzetl1003.ana.corp.aviva.com
cert04.uk.aviva.com
cert08.uk.aviva.com
nationalhomewarranty.com

Certificate

The complete raw certificate details for cert01.uk.aviva.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKozCCCYugAwIBAgIQfvU1FavREUIBfidUlR+ZhjANBgkqhkiG9w0BAQsFADCB
lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
dmVyIENBMB4XDTIyMTAxOTAwMDAwMFoXDTIzMDMyNDIzNTk1OVowWTELMAkGA1UE
BhMCR0IxGDAWBgNVBAgTD0xvbmRvbiwgQ2l0eSBvZjESMBAGA1UEChMJQXZpdmEg
UExDMRwwGgYDVQQDExNjZXJ0MDEudWsuYXZpdmEuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAsIh2j1s5azWKpC8SQn3LZdCoHybEkisBgiZUTxWa
x3KpXRKxfBmT2GNiAP174k1yqqHNQaxMDjRpGrOU1m3eHyBMFPhqsXxgyVwzJxF0
cnD4nDM5/4V1KPGV0ekPA6ZcHWcSzV0Qcu+IvFfV3J4RyLZhd2WDVDMr8oLAazTX
Sy9f5vTAEG4BXYHqSHhuc+FaQPMRdd78RNUa+J7Lv3OLgV9N032YR3sMlzNiGg4Y
pe9a9O8YgAHg8WOYAjWt7yfXf3ar36Vc9HVFXLEologS5xRIusjk8x4GGbm3uYyQ
knMZicR/sd8W4RRIY7lMY3n9p+PIJ3Qpfd5bjjkcCKskwwIDAQABo4IHKDCCByQw
HwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFPVPMaeP
HcsDXF95czu4HMWTVGZhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQB
sjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAI
BgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNv
bS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNB
LmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNl
Y3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJl
U2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNv
bTCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AK33vvp8/xDIi509nB4+GGq0Zyld
z7EMJMqFhjTr3IKKAAABg/Bx0WsAAAQDAEcwRQIhAK0wTiKggDL01R7PDa/pjzSr
2xU6oH/eUBNMqP4uiUtTAiBaa+mSbTXPdTzKF5JMEr3t5L1Ir1c2908SQkIIBwSG
OwB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABg/Bx0S4AAAQD
AEcwRQIgbcOm/cBd3Im027n7/PbXJJT2dI56zZ4HuEQOIW7omr4CIQCBsoWExG7W
rnv2Qp4sWoyPRA6+oUci+vG2rYX5wltphzCCBGYGA1UdEQSCBF0wggRZghNjZXJ0
MDEudWsuYXZpdmEuY29tghphZHZpc2Vycy5mcmllbmRzbGlmZS5jby51a4IaYWdz
dHMuZ2xvYmFsYXBwcy5hdml2YS5jb22CF2FpbXMuYXZpdmFpbnZlc3RvcnMuY29t
ghlhaW1zdGkuYXZpdmFpbnZlc3RvcnMuY29tgg9hcGkuYXZpdmEuY28udWuCFmFw
aWdhdGV3YXkuYXZpdmEuY28udWuCF2F2aXZhaGVhbHRoLmF2aXZhLmNvLnVrghhi
cmFuZC5hdml2YWludmVzdG9ycy5jb22CGGNhbS5nbG9iYWxhcHBzLmF2aXZhLmNv
bYIaY2FyZWVycy5hdml2YWludmVzdG9ycy5jb22CJGNvZmVuc2VyZXBvcnRlci5n
bG9iYWxhcHBzLmF2aXZhLmNvbYIXaGVhbHRocG9pbnQuYXZpdmEuY28udWuCFWhl
bHAucXVvdGVtZWhhcHB5LmNvbYIXbGlicmFyeS5mcmllbmRzbGlmZS5jb22CGG1l
ZGlhLmF2aXZhaW52ZXN0b3JzLmNvbYIebWZhbW9iaWxlLmdsb2JhbGFwcHMuYXZp
dmEuY29tghVuZXRxdW90ZXMuYXZpdmEuY28udWuCHnByb3RlY3Rpb24tbWVkaWNh
bC5hdml2YS5jby51a4IWcHJvdGVjdGlvbi5hdml2YS5jby51a4ITcmVzb3VyY2Vz
LmF2aXZhLmNvbYIec2FudGFuZGVydGVsZXBob255LmF2aXZhLmNvLnVrghRzZXJ2
aWNlcy5hdml2YS5jby51a4IYc2VydmljZXMuZnJpZW5kc2xpZmUuY29tghNzdGFu
ZGFyZHMuYXZpdmEuY29tgi10cmF2ZWxpbnN1cmFuY2UuZmlyc3RkaXJlY3Qub25s
aW5lLWluc3VyZS5jb22CEHdlYmFwaS5hdml2YS5jb22CI3dvcmtwbGFjZWJlbmVm
aXRzLmZyaWVuZHNsaWZlLmNvLnVrgh93d3cuYXZpdmEtaGVhbHRoLnFzLmF2aXZh
LmNvLnVrgg93d3cuYXZpdmEuY28udWuCI3d3dy5hdml2YWZvcnBhcnRuZXJzLnFz
LmF2aXZhLmNvLnVrghZ3d3cuYXZpdmFpbnZlc3RvcnMuY29tgiJ3d3cuY29zbWlj
LWNyZWRpdG9yLnFzLmF2aXZhLmNvLnVrghd3d3cuZ2VuZXJhbGFjY2lkZW50LmNv
bYIed3d3LmhlYWx0aHBvaW50LnFzLmF2aXZhLmNvLnVrghx3d3cubmV0cXVvdGVz
LnFzLmF2aXZhLmNvLnVrgiJ3d3cucGFydG5lci5xcy5vbmxpbmUtaW5zdXJlLmNv
LnVrghR3d3cucXVvdGVtZWhhcHB5LmNvbYIWd3d3LndzZy5xcy5hdml2YS5jby51
a4IXd3d3Mi53c2cucXMuYXZpdmEuY28udWuCF3d3dzMud3NnLnFzLmF2aXZhLmNv
LnVrMA0GCSqGSIb3DQEBCwUAA4IBAQBpAh06C6F9SzkcHMT3/xF+inse3m4qkaLy
xSYYJXh6WKjgmySD4nATofld/FLViLh0rNOAJNk3B5iKZb2Ub45/hvkyf+FxMcmG
m+iYaPU8pPpk7KIZ1P4UNjMVa5idYdfLzp+oJuiWypxmO2xnmFwbHrYJIBdLGzhy
zOmNxslVVlrkz5r4mnc3o1tLe1WPEIoXVB21DH+4Zld9oSHRleTdvPmTfk0yRDWH
asIhAelV24xqe2Azf0SZwqm7lq6o/UBvA6IBzw5bkGh9qct+nMY0kT5NhdbzUi+r
e/JlJdKoI2wSVfLGoYihiJ5j8z5CeOPyPJ71++1C+0vc54mPe3Up
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIh2j1s5azWKpC8SQn3L
ZdCoHybEkisBgiZUTxWax3KpXRKxfBmT2GNiAP174k1yqqHNQaxMDjRpGrOU1m3e
HyBMFPhqsXxgyVwzJxF0cnD4nDM5/4V1KPGV0ekPA6ZcHWcSzV0Qcu+IvFfV3J4R
yLZhd2WDVDMr8oLAazTXSy9f5vTAEG4BXYHqSHhuc+FaQPMRdd78RNUa+J7Lv3OL
gV9N032YR3sMlzNiGg4Ype9a9O8YgAHg8WOYAjWt7yfXf3ar36Vc9HVFXLEologS
5xRIusjk8x4GGbm3uYyQknMZicR/sd8W4RRIY7lMY3n9p+PIJ3Qpfd5bjjkcCKsk
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 168755916883915522766525568448309729670
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London, City of'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Aviva PLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cert01.uk.aviva.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22285234148961203254527530264102193037350928647525647887376009407430383311881588605490153436035882014011329709484007503910788449429657062449360490540290527196886995247794925903492061522080273820191346218738416913771093134195460434965958244809096598228767015626271028332764319732418748542626310079213712753128064045755880509578571080393303260533605024205569774483485733228309815846831118311066190255443679750067679548799097484120562396558646005300247543806401361780724672362743873340265226280548894857921008022820588551516889664200217850706743428663074877164362259287936547442602293158866512572213665109965592773469379
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f54f31a78f1dcb035c5f79733bb81cc593546661
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000183f071d16b0000040300473045022100ad304e22a08032f4d51ecf0dafe98f34abdb153aa07fde50134ca8fe2e894b5302205a6be9926d35cf753cca17924c12bdede4bd48af5736f74f124242080704863b0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000183f071d12e000004030047304502206dc3a6fdc05ddc89b4dbb9fbfcf6d72494f6748e7acd9e07b8440e216ee89abe02210081b28584c46ed6ae7bf6429e2c5a8c8f440ebea14722faf1b6ad85f9c25b6987
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1117 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert01.uk.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advisers.friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agsts.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aims.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aimsti.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apigateway.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avivahealth.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brand.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cam.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careers.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cofensereporter.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthpoint.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.quotemehappy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'library.friendslife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mfamobile.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'netquotes.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protection-medical.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protection.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resources.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'santandertelephony.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.friendslife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'standards.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'travelinsurance.firstdirect.online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webapi.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'workplacebenefits.friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva-health.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivaforpartners.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cosmic-creditor.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.generalaccident.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.healthpoint.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.netquotes.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.partner.qs.online-insure.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.quotemehappy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www3.wsg.qs.aviva.co.uk'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0069021d3a0ba17d4b391c1cc4f7ff117e8a7b1ede6e2a91a2f2c5261825787a58a8e09b2483e27013a1f95dfc52d588b874acd38024d93707988a65bd946f8e7f86f9327fe17131c9869be89868f53ca4fa64eca219d4fe143633156b989d61d7cbce9fa826e896ca9c663b6c67985c1b1eb60920174b1b3872cce98dc6c955565ae4cf9af89a7737a35b4b7b558f108a17541db50c7fb866577da121d195e4ddbcf9937e4d324435876ac22101e955db8c6a7b60337f4499c2a9bb96aea8fd406f03a201cf0e5b90687da9cb7e9cc634913e4d85d6f3522fab7bf26525d2a8236c1255f2c6a188a1889e63f33e4278e3f23c9ef5fbed42fb4bdce7898f7b7529