www.sit-store.aldi.co.uk

- ALDI International Services GmbH & Co. oHG -

Issued by Trusted Secure Certificate Authority 5

About this certificate

This digital certificate with serial number a6:52:31:21:1b:12:4e:5a:e5:89:37:14:44:07:f0:a0 was issued on by Corporation Service Company.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

ALDI International Services GmbH & Co. oHG

Organization: ALDI International Services GmbH & Co. oHG
Organization unit: International Information Technology
Organization unit: Unified Communications
Address: Mintarder Str. 36-40
Postal code: 45481
State / Province: Nordrhein-Westfalen
Locality: Mülheim an der Ruhr
Country: DE

Corporation Service Company

Organization: Corporation Service Company
State / Province: DE
Locality: Wilmington
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): a6:52:31:21:1b:12:4e:5a:e5:89:37:14:44:07:f0:a0
Serial Number (int): 221078612103674058621407209021371838624
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 4b:91:ca:6c:eb:ba:db:df:60:40:fc:07:cf:98:6e:99:d1:a2:28:08
AuthorityKeyId: f2:bb:55:ee:fc:8f:cf:d0:3f:14:68:1a:95:7e:79:0e:ab:17:30:f4

Fingerprint (sha1): fa:76:83:96:1d:af:ba:2b:56:05:f2:27:14:68:3f:9d:b7:65:3b:27
Fingerprint (sha256): e6:d8:d1:71:f0:9d:51:19:4e:8b:e8:19:fc:9b:86:ba:3e:66:a4:a2:a9:28:37:f1:fa:6c:7f:38:1d:84:74:70

Issuing Certificate URL: http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt

Revocation information

OCSP Server: http://ocsp.usertrust.com
CRL Distribution Point: http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl

Check the revocation status for certificate www.sit-store.aldi.co.uk

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.sit-store.aldi.co.uk

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.sit-store.aldi.co.uk
sit-assets.aldi-digital.co.uk
sit-assets.aldi-digital.ie
sit-assets.aldi.co.uk
sit-assets.aldi.ie
sit-store.aldi.co.uk
sit-store.aldi.ie
sit-ws.aldi.co.uk
sit-ws.aldi.ie
www.sit-store.aldi.ie

Other certificates including the domain name aldi.co.uk

(limited to 100 certificates)
sslcertificate3.queue-it.net
www.dr-admin.aldi.co.uk
stage-ptp.aldi.co.uk
www.aldi-sued.com
ameportal.aldi.co.uk
customerservice.aldi.co.uk
ppe-store.aldi.co.uk
queue.disneymovieclub.go.com
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
staging.store.dev.shopandgo.aldi.co.uk
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
www.ppe-store.aldi.co.uk
ame.aldi.co.uk
www.aldi.co.uk
sslcertificate3.queue-it.net
ppe-admin.aldi.co.uk
the-aldi-testers-club.aldi.co.uk
www.aldi.co.uk
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
fit-admin.aldi.co.uk
www.aldi.co.uk
www.aldi-sued.com
www.ppe-store.aldi.co.uk
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
customerservice.aldi.co.uk
www.def-store.aldi.co.uk
ameportal.aldi.co.uk
live-admin.aldi.co.uk
product.prd.shopandgo.aldi.co.uk
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
www.fit-store.aldi.co.uk
clocks.wfm.aldi.co.uk
test-ptp.aldi-international.com
www.aldi.co.uk
www.aldi-sued.com
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
mia.aldi.co.uk
stage-ptp.aldi.co.uk
sit-store.aldi.co.uk
live-admin.aldi.co.uk
masterdata.prd.shopandgo.aldi.co.uk
sslcertificate3.queue-it.net
www.aldi.co.uk
imperva.com
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
def-admin.aldi.co.uk
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
dev-block.ukcsd-order.aldi.co.uk
sslcertificate3.queue-it.net
queue.disneymovieclub.go.com
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
www.aldi.co.uk
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
staging.checkout.dev.shopandgo.aldi.co.uk
staff.dev.shopandgo.aldi.co.uk
sslcertificate3.queue-it.net
backoffice.dev.shopandgo.aldi.co.uk
groceries.aldi.co.uk
queue.disneymovieclub.go.com
sslcertificate3.queue-it.net
leaflets.aldi.co.uk
shopandgo.aldi.co.uk
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
leaflets.aldi.co.uk
sslcertificate3.queue-it.net
imperva.com
www.aldi-sued.com
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
gateway-test.aldi.co.uk
sslcertificate3.queue-it.net
sslcertificate3.queue-it.net
mia.aldi.co.uk
masterdata.dev.shopandgo.aldi.co.uk
sslcertificate3.queue-it.net

Certificate

The complete raw certificate details for www.sit-store.aldi.co.uk in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIH1zCCBr+gAwIBAgIRAKZSMSEbEk5a5Yk3FEQH8KAwDQYJKoZIhvcNAQELBQAw
gYYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJERTETMBEGA1UEBxMKV2lsbWluZ3Rv
bjEkMCIGA1UEChMbQ29ycG9yYXRpb24gU2VydmljZSBDb21wYW55MS8wLQYDVQQD
EyZUcnVzdGVkIFNlY3VyZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgNTAeFw0xODEw
MjIwMDAwMDBaFw0xOTEwMjIyMzU5NTlaMIIBIjELMAkGA1UEBhMCREUxDjAMBgNV
BBETBTQ1NDgxMRwwGgYDVQQIExNOb3JkcmhlaW4tV2VzdGZhbGVuMR0wGwYDVQQH
DBRNw7xsaGVpbSBhbiBkZXIgUnVocjEdMBsGA1UECRMUTWludGFyZGVyIFN0ci4g
MzYtNDAxNDAyBgNVBAoMK0FMREkgIEludGVybmF0aW9uYWwgU2VydmljZXMgR21i
SCAmIENvLiBvSEcxLTArBgNVBAsTJEludGVybmF0aW9uYWwgSW5mb3JtYXRpb24g
VGVjaG5vbG9neTEfMB0GA1UECxMWVW5pZmllZCBDb21tdW5pY2F0aW9uczEhMB8G
A1UEAxMYd3d3LnNpdC1zdG9yZS5hbGRpLmNvLnVrMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAy+6GvJrHyQWbD7Nqwg9+azb9rJEks+3mmY4+iJQlGs3B
CfZhDgkhAmWBLCXw8blb54t2/WFGp8CCdK+eWDnDUdTGCNiXUbllxG8G6dTxdJFd
dn1PsxkVuZSZMx+Bn916FFCsHFfXzFHQJl7liL+UuAnZAK4QAfO08NXGi7SSleN2
VtNJzTF5UtydZVzpjrDvpWSl0GbU9LbN3ESNVK1I3stVqDYF7p821pO/EUoWz52t
AIeiY3FT8moJpF8+mXjVJS8xQJPlDnVH9HO5dsVk93oAlr+eSML28I3FZRbse2n0
qNfE/+JKWebuT10zh9OvQBD7+ZcNNthHqwAuhhDKpQIDAQABo4IDnzCCA5swHwYD
VR0jBBgwFoAU8rtV7vyPz9A/FGgalX55DqsXMPQwHQYDVR0OBBYEFEuRymzrutvf
YED8B8+YbpnRoigIMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBLBgNVHSAERDBCMDYGCysGAQQBsjEB
AgIIMCcwJQYIKwYBBQUHAgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYG
Z4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNv
bS9UcnVzdGVkU2VjdXJlQ2VydGlmaWNhdGVBdXRob3JpdHk1LmNybDCBggYIKwYB
BQUHAQEEdjB0MEsGCCsGAQUFBzAChj9odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20v
VHJ1c3RlZFNlY3VyZUNlcnRpZmljYXRlQXV0aG9yaXR5NS5jcnQwJQYIKwYBBQUH
MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wge4GA1UdEQSB5jCB44IYd3d3
LnNpdC1zdG9yZS5hbGRpLmNvLnVrgh1zaXQtYXNzZXRzLmFsZGktZGlnaXRhbC5j
by51a4Iac2l0LWFzc2V0cy5hbGRpLWRpZ2l0YWwuaWWCFXNpdC1hc3NldHMuYWxk
aS5jby51a4ISc2l0LWFzc2V0cy5hbGRpLmllghRzaXQtc3RvcmUuYWxkaS5jby51
a4IRc2l0LXN0b3JlLmFsZGkuaWWCEXNpdC13cy5hbGRpLmNvLnVrgg5zaXQtd3Mu
YWxkaS5pZYIVd3d3LnNpdC1zdG9yZS5hbGRpLmllMIIBBQYKKwYBBAHWeQIEAgSB
9gSB8wDxAHYA7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFmm5wF
zAAABAMARzBFAiARansrVcJ0uLvYeOSWMlQMk9XHEgYhWMUNe8R9xrlpZAIhANDf
uWYjF3T2T0WpomXI9IsxmIAYEHaDt0SclhkSNoK4AHcAdH7agzGtMxCRIZzOJU9C
cMK//V5CIAjGNzV55hB7zFYAAAFmm5wFFwAABAMASDBGAiEA6wZHw65SSwhmH2+E
omkJOY+csT60hFHzcQa76VEQWQsCIQCmo+iPVnhQqPq7eMDHKdj3a42XMSUOzrLJ
Tlitvl4lVDANBgkqhkiG9w0BAQsFAAOCAQEAgcxPKymn7Nkm8/Tvmmpc5sm0Hm1C
Z915Tc6I7yUK2PjixiiiPbXv5Aed5cX2lUbbh9dVTTM+IARdcMaYBWjgM4vf6B2b
dh51mOja+TFQmW09aQMtePcFkFXoe64P2Tg3LFDeGgqrLcKdUB182clDtrHnyW7H
b+ineY+ItIHg77hNT8j1Ga6RuKbTQ3rg+3OjE32ldYKXrFHAlPfLLF2jgEAljYNm
CjJZ2WLn3RDvsk/XshYheqouEReQWvS+Z7bmC6YaId6O/Kueb94NoEEcRpv3Y1ju
G+voQra5K37UbcK8ObZxhZa8MUg0znq/7WND4tEEiVOj68rZUxy1RRapkw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+6GvJrHyQWbD7Nqwg9+
azb9rJEks+3mmY4+iJQlGs3BCfZhDgkhAmWBLCXw8blb54t2/WFGp8CCdK+eWDnD
UdTGCNiXUbllxG8G6dTxdJFddn1PsxkVuZSZMx+Bn916FFCsHFfXzFHQJl7liL+U
uAnZAK4QAfO08NXGi7SSleN2VtNJzTF5UtydZVzpjrDvpWSl0GbU9LbN3ESNVK1I
3stVqDYF7p821pO/EUoWz52tAIeiY3FT8moJpF8+mXjVJS8xQJPlDnVH9HO5dsVk
93oAlr+eSML28I3FZRbse2n0qNfE/+JKWebuT10zh9OvQBD7+ZcNNthHqwAuhhDK
pQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 221078612103674058621407209021371838624
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Wilmington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Corporation Service Company'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trusted Secure Certificate Authority 5'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-22 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DE'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '45481'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Nordrhein-Westfalen'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Mülheim an der Ruhr'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Mintarder Str. 36-40'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'ALDI  International Services GmbH & Co. oHG'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'International Information Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Unified Communications'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sit-store.aldi.co.uk'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25743997618043943712117596482433282039856157841127478104930191323527217664773509713894124772718694826421980070453767913187036285484741160019592397159891526121681922259558073734640406574967250997218633037175257451808036597139588470830846283584172216342127692136412466125774882290367267006944690808956397025822655565129002638237064519355416880948718332882859599514602577305571559839955594552796738340490094843732868413190796143839101287762353764093442742188091510727962398017132733132220513233409374274238625368178713010569054763928897301389921169486012673263459741084821306016917302547384990012304444637501055594187429
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f2bb55eefc8fcfd03f14681a957e790eab1730f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4b91ca6cebbadbdf6040fc07cf986e99d1a22808
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.8
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://cps.usertrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.usertrust.com/TrustedSecureCertificateAuthority5.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.usertrust.com/TrustedSecureCertificateAuthority5.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.usertrust.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (230 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sit-store.aldi.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit-assets.aldi-digital.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit-assets.aldi-digital.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit-assets.aldi.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit-assets.aldi.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit-store.aldi.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit-store.aldi.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit-ws.aldi.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit-ws.aldi.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sit-store.aldi.ie'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb000001669b9c05cc00000403004730450220116a7b2b55c274b8bbd878e49632540c93d5c712062158c50d7bc47dc6b96964022100d0dfb966231774f64f45a9a265c8f48b31988018107683b7449c9619123682b8007700747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc56000001669b9c05170000040300483046022100eb0647c3ae524b08661f6f84a26909398f9cb13eb48451f37106bbe95110590b022100a6a3e88f567850a8fabb78c0c729d8f76b8d9731250eceb2c94e58adbe5e2554
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0081cc4f2b29a7ecd926f3f4ef9a6a5ce6c9b41e6d4267dd794dce88ef250ad8f8e2c628a23db5efe4079de5c5f69546db87d7554d333e20045d70c6980568e0338bdfe81d9b761e7598e8daf93150996d3d69032d78f7059055e87bae0fd938372c50de1a0aab2dc29d501d7cd9c943b6b1e7c96ec76fe8a7798f88b481e0efb84d4fc8f519ae91b8a6d3437ae0fb73a3137da5758297ac51c094f7cb2c5da38040258d83660a3259d962e7dd10efb24fd7b216217aaa2e1117905af4be67b6e60ba61a21de8efcab9e6fde0da0411c469bf76358ee1bebe842b6b92b7ed46dc2bc39b6718596bc314834ce7abfed6343e2d1048953a3ebcad9531cb54516a993