cert01.uk.aviva.com

- Aviva PLC -

Issued by Sectigo RSA Extended Validation Secure Server CA

About this certificate

This digital certificate with serial number f4:33:d9:81:b7:19:fd:92:56:85:4f:6f:5f:95:ea:a5 was issued on by Sectigo Limited.

With 50 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Aviva PLC

Company registration number: 02468686
Organization: Aviva PLC
State / Province: London, City of
Country: GB

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): f4:33:d9:81:b7:19:fd:92:56:85:4f:6f:5f:95:ea:a5
Serial Number (int): 324600849671288883351141314828657093285
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: b9:b1:02:8c:54:f7:6a:94:96:7f:21:eb:91:26:84:80:8c:cc:6e:fa
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2

Fingerprint (sha1): 9e:08:54:c4:e9:4e:4a:78:b1:ef:d9:c0:93:75:31:8c:4b:ff:01:f9
Fingerprint (sha256): d2:5a:39:c4:4a:00:5e:2d:02:e3:5a:36:1e:f3:93:24:93:da:3e:2b:30:7d:76:42:26:55:4c:cb:82:da:91:63

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl

Check the revocation status for certificate cert01.uk.aviva.com

50

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cert01.uk.aviva.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cert01.uk.aviva.com
advisers.friendslife.co.uk
aims.avivainvestors.com
aimsti.avivainvestors.com
annuity-messaging.aviva.co.uk
api.aviva.co.uk
apigateway.aviva.co.uk
avivahealth.aviva.co.uk
barclays.online.aviva.co.uk
brand.avivainvestors.com
cam.globalapps.aviva.com
careers.avivainvestors.com
claims-insurance-tsb.online-insure.com
cofensereporter.globalapps.aviva.com
developer.aviva.co.uk
gcc.aviva.ie
healthpoint.aviva.co.uk
help.barclays.online.aviva.co.uk
help.quotemehappy.com
insurance.aviva.ie
library.friendslife.com
media.avivainvestors.com
mfamobile.globalapps.aviva.com
mtls.apigateway.aviva.co.uk
netquotes.aviva.co.uk
nuance.barclays.online.aviva.co.uk
protection-medical.aviva.co.uk
protection.aviva.co.uk
resources.aviva.com
santandertelephony.aviva.co.uk
services.aviva.co.uk
services.friendslife.com
standards.aviva.com
sustainablebusinesscoach.aviva.co.uk
webapi.aviva.com
workplacebenefits.friendslife.co.uk
www.apc-online.aviva.com
www.aviva-health.qs.aviva.co.uk
www.aviva.co.uk
www.avivaforpartners.qs.aviva.co.uk
www.avivainvestors.com
www.barclays.online.aviva.co.uk
www.generalaccident.com
www.healthpoint.qs.aviva.co.uk
www.netquotes.qs.aviva.co.uk
www.quotemehappy.com
www.retirementannuity.aviva.co.uk
www.wsg.qs.aviva.co.uk
www2.wsg.qs.aviva.co.uk
www3.wsg.qs.aviva.co.uk

Other certificates including the domain name aviva.com

(limited to 100 certificates)
aviva-swi-amp-fs-01.globalapps.aviva.com
incapsula.com
at.aviva.com
community-fund-italia.aviva.com
avivaprivacy.uk
cert02.uk.aviva.com
cert03.uk.aviva.com
cert06.uk.aviva.com
cert01.as.aviva.com
avivaprivacy.uk
np-cert02.uk.aviva.com
in.aviva.com
avivaprivacy.uk
cert11.uk.aviva.com
cert03.uk.aviva.com
avivaprivacy.uk
cert06.uk.aviva.com
idmadmin.globalapps.aviva.com
mpower.non.prod.ana.corp.aviva.com
cert01.ca.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
digital.aviva.com
cert01.ca.aviva.com
redirects.aviva.com
agility-europe.globalapps.aviva.com
icare-uat.globalapps.aviva.com
cert06.uk.aviva.com
incapsula.com
cert04.uk.aviva.com
cms.aviva.com
sv.nonprod.ana.corp.aviva.com
avivaprivacy.uk
cert10.uk.aviva.com
cert06.uk.aviva.com
intquote.aviva.co.uk
cert10.uk.aviva.com
boson-services-gateway.globalapps.aviva.com
cert01.tmp.aviva.com
lafabrique-france.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
np-cert02.uk.aviva.com
incapsula.com
cert10.uk.aviva.com
camppe.external.globalapps.aviva.com
proinvest.com.sg
cert01.uk.aviva.com
avivaprivacy.uk
suretyngweb.qa.ana.corp.aviva.com
avivaprivacy.uk
cert01.uk.aviva.com
mpower.non.prod.ana.corp.aviva.com
vaultqa.ana.corp.aviva.com
bigd-kafkadev2.globalapps.aviva.com
cert08.uk.aviva.com
yyzbac1sis1.ana.corp.aviva.com
cyberark-uat.globalapps.aviva.com
www.aviva.co.uk
uat.aviva.co.uk
www.avivatransfer.co.uk
rewards.aviva.com
workbench.prod-globalapps.aviva.com
cx2.globalapps.aviva.com
redirects.aviva.com
yyzsql3047.ana.corp.aviva.com
cert01.ca.aviva.com
mail.aviva.com
cert03.uk.aviva.com
empower.preprod.ana.corp.aviva.com
cert01.as.aviva.com
uat.aviva.co.uk
e-learningportal.at.aviva.com
cert07.uk.aviva.com
cert01.tmp.aviva.com
cert05.uk.aviva.com
yyzbsm1011.ana.corp.aviva.com
iaccess.ana.corp.aviva.com
www.aviva.co.uk
cert03.uk.aviva.com
cert01.as.aviva.com
yyzcpm1201.ana.corp.aviva.com
shareplans.aviva.com
incapsula.com
ci-master.ana.corp.aviva.com
cert04.uk.aviva.com
community-fund-italia.aviva.com
incapsula.com
cert05.uk.aviva.com

arc.globalapps.aviva.com
cert10.uk.aviva.com
avivaprivacy.uk
incapsula.com
nonprod.ratabasecat.ana.corp.aviva.com
redirects.aviva.com
yyzetl1003.ana.corp.aviva.com
cert04.uk.aviva.com
cert08.uk.aviva.com
nationalhomewarranty.com

Certificate

The complete raw certificate details for cert01.uk.aviva.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMSDCCCzCgAwIBAgIRAPQz2YG3Gf2SVoVPb1+V6qUwDQYJKoZIhvcNAQELBQAw
gZExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE5MDcGA1UE
AxMwU2VjdGlnbyBSU0EgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVy
IENBMB4XDTIzMTEyODAwMDAwMFoXDTI0MTEyNzIzNTk1OVowgaAxETAPBgNVBAUT
CDAyNDY4Njg2MRMwEQYLKwYBBAGCNzwCAQMTAkdCMR0wGwYDVQQPExRQcml2YXRl
IE9yZ2FuaXphdGlvbjELMAkGA1UEBhMCR0IxGDAWBgNVBAgTD0xvbmRvbiwgQ2l0
eSBvZjESMBAGA1UEChMJQXZpdmEgUExDMRwwGgYDVQQDExNjZXJ0MDEudWsuYXZp
dmEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcnPWliyT4If
ObsyjK5pzsuIvSmFPOisUiSNmQyBhJJrerB3DPTwpBMP0xa7G7NcZiWkxKtU4OiG
xfZu7NOJjPDOp4TYczpfGdSkJq5XNGPrleV6VQ80IGGnw2DmWlBsUhHD8kYo8mmD
f7Cl6aoYJynHuJPa6heoXiNV24esnmLufiyVOShHGDssrMN+nBioneRkGf8R+SZh
QkfI46eJBOeJLUEF3p2CqDqt07jDq+7vKoaUJv+IBSIWB8pcWnjV/Oh6XA1XBEkG
0paS0a25v40dgPztgYnK+UlDjXHawTTjp86nKlmgGNHsO5ZxzzkLdo/obYhp/JZI
hfODqYl2dwIDAQABo4IIiDCCCIQwHwYDVR0jBBgwFoAULGn/gMmHkK404bTnTJOF
mUDpp7IwHQYDVR0OBBYEFLmxAoxU92qUln8h65EmhICMzG76MA4GA1UdDwEB/wQE
AwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
AjBJBgNVHSAEQjBAMDUGDCsGAQQBsjEBAgEFATAlMCMGCCsGAQUFBwIBFhdodHRw
czovL3NlY3RpZ28uY29tL0NQUzAHBgVngQwBATBWBgNVHR8ETzBNMEugSaBHhkVo
dHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FFeHRlbmRlZFZhbGlkYXRp
b25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYYGCCsGAQUFBwEBBHoweDBRBggrBgEFBQcw
AoZFaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRXh0ZW5kZWRWYWxp
ZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz
cC5zZWN0aWdvLmNvbTCCAXwGCisGAQQB1nkCBAIEggFsBIIBaAFmAHUAdv+IPwq2
+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGMFs53xwAABAMARjBEAiA0Z4nk
J12nrD62jotnhPbjCHO9LT6IN/0IXrTZp5+NFwIgd/NTWZkudUBOZfRkHR0W7cO8
ESe2e2kYWlCwgxsJofsAdgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7Phk
bgAAAYwWznihAAAEAwBHMEUCIAMwQgkjyET/LmPdU1VZhrzN/f62rh3LPsR1M5r1
wa1wAiEA4beJ8cBW8HBrT07E6rSNF1yaLqHmbTKfqBNiZPfAeHkAdQDuzdBk1dsa
zsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYwWznf3AAAEAwBGMEQCICW8Jx+3
sxDg/J/kE2jke1Ps+jmKq2usoDDNS6PvjK3XAiBQEjS5inB1/3wqxzhQObta36Yy
gcDV4Uo93FYK71ypKTCCBVcGA1UdEQSCBU4wggVKghNjZXJ0MDEudWsuYXZpdmEu
Y29tghphZHZpc2Vycy5mcmllbmRzbGlmZS5jby51a4IXYWltcy5hdml2YWludmVz
dG9ycy5jb22CGWFpbXN0aS5hdml2YWludmVzdG9ycy5jb22CHWFubnVpdHktbWVz
c2FnaW5nLmF2aXZhLmNvLnVrgg9hcGkuYXZpdmEuY28udWuCFmFwaWdhdGV3YXku
YXZpdmEuY28udWuCF2F2aXZhaGVhbHRoLmF2aXZhLmNvLnVrghtiYXJjbGF5cy5v
bmxpbmUuYXZpdmEuY28udWuCGGJyYW5kLmF2aXZhaW52ZXN0b3JzLmNvbYIYY2Ft
Lmdsb2JhbGFwcHMuYXZpdmEuY29tghpjYXJlZXJzLmF2aXZhaW52ZXN0b3JzLmNv
bYImY2xhaW1zLWluc3VyYW5jZS10c2Iub25saW5lLWluc3VyZS5jb22CJGNvZmVu
c2VyZXBvcnRlci5nbG9iYWxhcHBzLmF2aXZhLmNvbYIVZGV2ZWxvcGVyLmF2aXZh
LmNvLnVrggxnY2MuYXZpdmEuaWWCF2hlYWx0aHBvaW50LmF2aXZhLmNvLnVrgiBo
ZWxwLmJhcmNsYXlzLm9ubGluZS5hdml2YS5jby51a4IVaGVscC5xdW90ZW1laGFw
cHkuY29tghJpbnN1cmFuY2UuYXZpdmEuaWWCF2xpYnJhcnkuZnJpZW5kc2xpZmUu
Y29tghhtZWRpYS5hdml2YWludmVzdG9ycy5jb22CHm1mYW1vYmlsZS5nbG9iYWxh
cHBzLmF2aXZhLmNvbYIbbXRscy5hcGlnYXRld2F5LmF2aXZhLmNvLnVrghVuZXRx
dW90ZXMuYXZpdmEuY28udWuCIm51YW5jZS5iYXJjbGF5cy5vbmxpbmUuYXZpdmEu
Y28udWuCHnByb3RlY3Rpb24tbWVkaWNhbC5hdml2YS5jby51a4IWcHJvdGVjdGlv
bi5hdml2YS5jby51a4ITcmVzb3VyY2VzLmF2aXZhLmNvbYIec2FudGFuZGVydGVs
ZXBob255LmF2aXZhLmNvLnVrghRzZXJ2aWNlcy5hdml2YS5jby51a4IYc2Vydmlj
ZXMuZnJpZW5kc2xpZmUuY29tghNzdGFuZGFyZHMuYXZpdmEuY29tgiRzdXN0YWlu
YWJsZWJ1c2luZXNzY29hY2guYXZpdmEuY28udWuCEHdlYmFwaS5hdml2YS5jb22C
I3dvcmtwbGFjZWJlbmVmaXRzLmZyaWVuZHNsaWZlLmNvLnVrghh3d3cuYXBjLW9u
bGluZS5hdml2YS5jb22CH3d3dy5hdml2YS1oZWFsdGgucXMuYXZpdmEuY28udWuC
D3d3dy5hdml2YS5jby51a4Ijd3d3LmF2aXZhZm9ycGFydG5lcnMucXMuYXZpdmEu
Y28udWuCFnd3dy5hdml2YWludmVzdG9ycy5jb22CH3d3dy5iYXJjbGF5cy5vbmxp
bmUuYXZpdmEuY28udWuCF3d3dy5nZW5lcmFsYWNjaWRlbnQuY29tgh53d3cuaGVh
bHRocG9pbnQucXMuYXZpdmEuY28udWuCHHd3dy5uZXRxdW90ZXMucXMuYXZpdmEu
Y28udWuCFHd3dy5xdW90ZW1laGFwcHkuY29tgiF3d3cucmV0aXJlbWVudGFubnVp
dHkuYXZpdmEuY28udWuCFnd3dy53c2cucXMuYXZpdmEuY28udWuCF3d3dzIud3Nn
LnFzLmF2aXZhLmNvLnVrghd3d3czLndzZy5xcy5hdml2YS5jby51azANBgkqhkiG
9w0BAQsFAAOCAQEAcASjo+4BZcm3sTjcSL0C1/abr/z4aJNLFf7loa8xADdcOgZr
yx1/d2HvdcoueuZLv2nOimAHweruSEXqXlhaEIVSJ1aVgt0mm1kVpqXoLqvJAjWP
BsXHiqzky6RvC0FaxXfna5P+sGPbk9Wlez6g4rbDI89bNMjsDKNXW4yBg2MiniWI
6LCkOwrizhZLCHfOWiV+8Uqj1PZhsmILJnW3mPTcoK6E3iyh7AQ9twiaUujFpsud
yEUXFRx9IQEYA6UV+INlewbrCWc3Uv4opfL+Rxn6GjmQYw4XioeNT9FltCzkg37s
rG7JbZM6a6TH988npx9Pg2/+k4p9ntzR/g0eew==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcnPWliyT4IfObsyjK5p
zsuIvSmFPOisUiSNmQyBhJJrerB3DPTwpBMP0xa7G7NcZiWkxKtU4OiGxfZu7NOJ
jPDOp4TYczpfGdSkJq5XNGPrleV6VQ80IGGnw2DmWlBsUhHD8kYo8mmDf7Cl6aoY
JynHuJPa6heoXiNV24esnmLufiyVOShHGDssrMN+nBioneRkGf8R+SZhQkfI46eJ
BOeJLUEF3p2CqDqt07jDq+7vKoaUJv+IBSIWB8pcWnjV/Oh6XA1XBEkG0paS0a25
v40dgPztgYnK+UlDjXHawTTjp86nKlmgGNHsO5ZxzzkLdo/obYhp/JZIhfODqYl2
dwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 324600849671288883351141314828657093285
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-27 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02468686'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London, City of'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Aviva PLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cert01.uk.aviva.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18909023646317348627214736764985640923567513806690086351499137506182076497370111183429859683583035974869440185889834673787208650298194224182547142848300376716842311519001234991646880457040276665731766353020310226553700644052322271704621414239014772497122617262503475824317141785775165332052319092965585024105053829312936471787387374437306886593978306948514675179337603755313689937232508691674549006680077892681350766564920230130569510815740147056238996013519995791566255984687463261064762841132766410663195416301278773860645343022955344813232529368241930923636468924208261358404787520354882070030525152184123618063991
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b9b1028c54f76a94967f21eb912684808ccc6efa
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes)
							016600750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c16ce77c700000403004630440220346789e4275da7ac3eb68e8b6784f6e30873bd2d3e8837fd085eb4d9a79f8d17022077f35359992e75404e65f4641d1d16edc3bc1127b67b69185a50b0831b09a1fb0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c16ce78a1000004030047304502200330420923c844ff2e63dd53555986bccdfdfeb6ae1dcb3ec475339af5c1ad70022100e1b789f1c056f0706b4f4ec4eab48d175c9a2ea1e66d329fa8136264f7c07879007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c16ce77f70000040300463044022025bc271fb7b310e0fc9fe41368e47b53ecfa398aab6baca030cd4ba3ef8cadd70220501234b98a7075ff7c2ac7385039bb5adfa63281c0d5e14a3ddc560aef5ca929
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1358 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert01.uk.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advisers.friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aims.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aimsti.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annuity-messaging.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apigateway.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avivahealth.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'barclays.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brand.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cam.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careers.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'claims-insurance-tsb.online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cofensereporter.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'developer.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gcc.aviva.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthpoint.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.barclays.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.quotemehappy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'insurance.aviva.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'library.friendslife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mfamobile.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mtls.apigateway.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'netquotes.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nuance.barclays.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protection-medical.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protection.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resources.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'santandertelephony.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.friendslife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'standards.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sustainablebusinesscoach.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webapi.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'workplacebenefits.friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.apc-online.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva-health.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivaforpartners.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.barclays.online.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.generalaccident.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.healthpoint.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.netquotes.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.quotemehappy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.retirementannuity.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www3.wsg.qs.aviva.co.uk'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007004a3a3ee0165c9b7b138dc48bd02d7f69baffcf868934b15fee5a1af3100375c3a066bcb1d7f7761ef75ca2e7ae64bbf69ce8a6007c1eaee4845ea5e585a10855227569582dd269b5915a6a5e82eabc902358f06c5c78aace4cba46f0b415ac577e76b93feb063db93d5a57b3ea0e2b6c323cf5b34c8ec0ca3575b8c818363229e2588e8b0a43b0ae2ce164b0877ce5a257ef14aa3d4f661b2620b2675b798f4dca0ae84de2ca1ec043db7089a52e8c5a6cb9dc84517151c7d21011803a515f883657b06eb09673752fe28a5f2fe4719fa1a3990630e178a878d4fd165b42ce4837eecac6ec96d933a6ba4c7f7cf27a71f4f836ffe938a7d9edcd1fe0d1e7b