cert01.uk.aviva.com

- Aviva PLC -

Issued by Sectigo RSA Extended Validation Secure Server CA

About this certificate

This digital certificate with serial number 70:d0:b1:2d:ca:81:94:ce:6e:58:9a:09:80:5a:ee:e5 was issued on by Sectigo Limited.

With 43 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Aviva PLC

Company registration number: 02468686
Organization: Aviva PLC
Organization unit: Digital
State / Province: London, City of
Country: GB

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 70:d0:b1:2d:ca:81:94:ce:6e:58:9a:09:80:5a:ee:e5
Serial Number (int): 149957126888925607532382973806155329253
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: b0:89:94:04:56:11:d5:3e:6a:1a:6c:72:12:f2:f0:5b:03:db:88:d4
AuthorityKeyId: 2c:69:ff:80:c9:87:90:ae:34:e1:b4:e7:4c:93:85:99:40:e9:a7:b2

Fingerprint (sha1): 99:1a:30:12:a6:b6:1a:f4:2e:6d:cc:ed:60:28:d2:42:46:3d:90:51
Fingerprint (sha256): f3:19:a5:07:1a:15:42:2a:1a:a3:78:1d:a7:ed:c7:60:f0:59:0b:ea:d4:20:20:a2:97:dc:0a:d8:c9:c0:46:07

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl

Check the revocation status for certificate cert01.uk.aviva.com

43

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cert01.uk.aviva.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cert01.uk.aviva.com
advisers.friendslife.co.uk
agsts.globalapps.aviva.com
aims.avivainvestors.com
aimsti.avivainvestors.com
api.aviva.co.uk
apigateway.aviva.co.uk
avivahealth.aviva.co.uk
brand.avivainvestors.com
cam.globalapps.aviva.com
careers.avivainvestors.com
cofensereporter.globalapps.aviva.com
cosmic.aviva.co.uk
healthpoint.aviva.co.uk
help.quotemehappy.com
library.friendslife.com
media.avivainvestors.com
mfamobile.globalapps.aviva.com
netquotes.aviva.co.uk
protection-medical.aviva.co.uk
protection.aviva.co.uk
resources.aviva.com
santandertelephony.aviva.co.uk
services.aviva.co.uk
services.friendslife.com
standards.aviva.com
travelinsurance.firstdirect.online-insure.com
webapi.aviva.com
workplacebenefits.friendslife.co.uk
www.aviva-health.qs.aviva.co.uk
www.aviva.co.uk
www.avivaforpartners.qs.aviva.co.uk
www.avivainvestors.com
www.cosmic-creditor.qs.aviva.co.uk
www.generalaccident.com
www.healthpoint.qs.aviva.co.uk
www.netquotes.qs.aviva.co.uk
www.partner.qs.online-insure.co.uk
www.quotemehappy.com
www.wsg.qs.aviva.co.uk
www2.wsg.qs.aviva.co.uk
www3.wsg.qs.aviva.co.uk
www43.friendslife.co.uk

Other certificates including the domain name aviva.com

(limited to 100 certificates)
aviva-swi-amp-fs-01.globalapps.aviva.com
incapsula.com
at.aviva.com
community-fund-italia.aviva.com
avivaprivacy.uk
cert02.uk.aviva.com
cert03.uk.aviva.com
cert06.uk.aviva.com
cert01.as.aviva.com
avivaprivacy.uk
np-cert02.uk.aviva.com
in.aviva.com
avivaprivacy.uk
cert11.uk.aviva.com
cert03.uk.aviva.com
avivaprivacy.uk
cert06.uk.aviva.com
idmadmin.globalapps.aviva.com
mpower.non.prod.ana.corp.aviva.com
cert01.ca.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
digital.aviva.com
cert01.ca.aviva.com
redirects.aviva.com
agility-europe.globalapps.aviva.com
icare-uat.globalapps.aviva.com
cert06.uk.aviva.com
incapsula.com
cert04.uk.aviva.com
cms.aviva.com
sv.nonprod.ana.corp.aviva.com
avivaprivacy.uk
cert10.uk.aviva.com
cert06.uk.aviva.com
intquote.aviva.co.uk
cert10.uk.aviva.com
boson-services-gateway.globalapps.aviva.com
cert01.tmp.aviva.com
lafabrique-france.aviva.com
cert08.uk.aviva.com
cert01.uk.aviva.com
np-cert02.uk.aviva.com
incapsula.com
cert10.uk.aviva.com
camppe.external.globalapps.aviva.com
proinvest.com.sg
cert01.uk.aviva.com
avivaprivacy.uk
suretyngweb.qa.ana.corp.aviva.com
avivaprivacy.uk
cert01.uk.aviva.com
mpower.non.prod.ana.corp.aviva.com
vaultqa.ana.corp.aviva.com
bigd-kafkadev2.globalapps.aviva.com
cert08.uk.aviva.com
yyzbac1sis1.ana.corp.aviva.com
cyberark-uat.globalapps.aviva.com
www.aviva.co.uk
uat.aviva.co.uk
www.avivatransfer.co.uk
rewards.aviva.com
workbench.prod-globalapps.aviva.com
cx2.globalapps.aviva.com
redirects.aviva.com
yyzsql3047.ana.corp.aviva.com
cert01.ca.aviva.com
mail.aviva.com
cert03.uk.aviva.com
empower.preprod.ana.corp.aviva.com
cert01.as.aviva.com
uat.aviva.co.uk
e-learningportal.at.aviva.com
cert07.uk.aviva.com
cert01.tmp.aviva.com
cert05.uk.aviva.com
yyzbsm1011.ana.corp.aviva.com
iaccess.ana.corp.aviva.com
www.aviva.co.uk
cert03.uk.aviva.com
cert01.as.aviva.com
yyzcpm1201.ana.corp.aviva.com
shareplans.aviva.com
incapsula.com
ci-master.ana.corp.aviva.com
cert04.uk.aviva.com
community-fund-italia.aviva.com
incapsula.com
cert05.uk.aviva.com

arc.globalapps.aviva.com
cert10.uk.aviva.com
avivaprivacy.uk
incapsula.com
nonprod.ratabasecat.ana.corp.aviva.com
redirects.aviva.com
yyzetl1003.ana.corp.aviva.com
cert04.uk.aviva.com
cert08.uk.aviva.com
nationalhomewarranty.com

Certificate

The complete raw certificate details for cert01.uk.aviva.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILljCCCn6gAwIBAgIQcNCxLcqBlM5uWJoJgFru5TANBgkqhkiG9w0BAQsFADCB
kTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTkwNwYDVQQD
EzBTZWN0aWdvIFJTQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMjExMTMwMDAwMDAwWhcNMjIxMTA0MjM1OTU5WjCBsjERMA8GA1UEBRMI
MDI0Njg2ODYxEzARBgsrBgEEAYI3PAIBAxMCR0IxHTAbBgNVBA8TFFByaXZhdGUg
T3JnYW5pemF0aW9uMQswCQYDVQQGEwJHQjEYMBYGA1UECBMPTG9uZG9uLCBDaXR5
IG9mMRIwEAYDVQQKEwlBdml2YSBQTEMxEDAOBgNVBAsTB0RpZ2l0YWwxHDAaBgNV
BAMTE2NlcnQwMS51ay5hdml2YS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDdorJQ+WAPLT9xpAN1DdFtKOfFGEedoiZvySzBx9osZvz+KLyjOXBe
VSu9TmkAVr3eUK9aP6pUicUP2PKeS+2BVFz7yD966HqoR+w+6pjri/z7LJXvA+Wx
2OVUGmYXyO1q8ptLkobiD9yZegAH7JdKtEzPY1jAx4qWzrL2fz5zssZBnrmotCXG
kmzOJG0S2tci5PeZn/HS0QP9YAtgpUu8YagzEb+eHAEB3rVBq41sl4Wnn04V+Yj0
ETRGcu2/A0rGckLem4CSyuO7MwxcPIAjNSZ0Z0kWvYMlvDhnFNCqBLos262Y+JlG
ZpN7CdcifSn1D4A1toKzKEYpLBw95rs7AgMBAAGjggfFMIIHwTAfBgNVHSMEGDAW
gBQsaf+AyYeQrjThtOdMk4WZQOmnsjAdBgNVHQ4EFgQUsImUBFYR1T5qGmxyEvLw
WwPbiNQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARCMEAwNQYMKwYBBAGyMQECAQUBMCUw
IwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAcGBWeBDAEBMFYG
A1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2VjdGlnb1JT
QUV4dGVuZGVkVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBhgYIKwYBBQUH
AQEEejB4MFEGCCsGAQUFBzAChkVodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3Rp
Z29SU0FFeHRlbmRlZFZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYB
BQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBfQYKKwYBBAHWeQIEAgSC
AW0EggFpAWcAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAX1w
t1yTAAAEAwBHMEUCIGx6tyHLMexJt2D8gDJtWfsq8f7FzybfBeLEV/CGe+MpAiEA
5b/p80mDugAacqZaPgl5O1yEuH8Er1Fu5Qhpx25pAJ8AdQBVgdTCFpA2AUrqC5tX
PFPwwOQ4eHAlCBcvo6odBxPTDAAAAX1wt1wtAAAEAwBGMEQCICoRH4XYy+YAkEBy
KHojjOdj81XwlQ5tNBwxNnviEEw4AiAQHed3z2pziw1p1r/eOW8Yjnbws21xbsgl
uU90OaW35gB2AEHIyrHfIkZKEMahOglCh15OMYsbA+vrS8do8JBilgb2AAABfXC3
XFUAAAQDAEcwRQIhAP0tSzSLnyIoRnkoCHfKT9JT7Xo9ARViBUvRVnq5cSIyAiBL
zOKtFYxNNrMNzbFKINwsSr8ZQfsSSpROExBOH2eJKjCCBJMGA1UdEQSCBIowggSG
ghNjZXJ0MDEudWsuYXZpdmEuY29tghphZHZpc2Vycy5mcmllbmRzbGlmZS5jby51
a4IaYWdzdHMuZ2xvYmFsYXBwcy5hdml2YS5jb22CF2FpbXMuYXZpdmFpbnZlc3Rv
cnMuY29tghlhaW1zdGkuYXZpdmFpbnZlc3RvcnMuY29tgg9hcGkuYXZpdmEuY28u
dWuCFmFwaWdhdGV3YXkuYXZpdmEuY28udWuCF2F2aXZhaGVhbHRoLmF2aXZhLmNv
LnVrghhicmFuZC5hdml2YWludmVzdG9ycy5jb22CGGNhbS5nbG9iYWxhcHBzLmF2
aXZhLmNvbYIaY2FyZWVycy5hdml2YWludmVzdG9ycy5jb22CJGNvZmVuc2VyZXBv
cnRlci5nbG9iYWxhcHBzLmF2aXZhLmNvbYISY29zbWljLmF2aXZhLmNvLnVrghdo
ZWFsdGhwb2ludC5hdml2YS5jby51a4IVaGVscC5xdW90ZW1laGFwcHkuY29tghds
aWJyYXJ5LmZyaWVuZHNsaWZlLmNvbYIYbWVkaWEuYXZpdmFpbnZlc3RvcnMuY29t
gh5tZmFtb2JpbGUuZ2xvYmFsYXBwcy5hdml2YS5jb22CFW5ldHF1b3Rlcy5hdml2
YS5jby51a4IecHJvdGVjdGlvbi1tZWRpY2FsLmF2aXZhLmNvLnVrghZwcm90ZWN0
aW9uLmF2aXZhLmNvLnVrghNyZXNvdXJjZXMuYXZpdmEuY29tgh5zYW50YW5kZXJ0
ZWxlcGhvbnkuYXZpdmEuY28udWuCFHNlcnZpY2VzLmF2aXZhLmNvLnVrghhzZXJ2
aWNlcy5mcmllbmRzbGlmZS5jb22CE3N0YW5kYXJkcy5hdml2YS5jb22CLXRyYXZl
bGluc3VyYW5jZS5maXJzdGRpcmVjdC5vbmxpbmUtaW5zdXJlLmNvbYIQd2ViYXBp
LmF2aXZhLmNvbYIjd29ya3BsYWNlYmVuZWZpdHMuZnJpZW5kc2xpZmUuY28udWuC
H3d3dy5hdml2YS1oZWFsdGgucXMuYXZpdmEuY28udWuCD3d3dy5hdml2YS5jby51
a4Ijd3d3LmF2aXZhZm9ycGFydG5lcnMucXMuYXZpdmEuY28udWuCFnd3dy5hdml2
YWludmVzdG9ycy5jb22CInd3dy5jb3NtaWMtY3JlZGl0b3IucXMuYXZpdmEuY28u
dWuCF3d3dy5nZW5lcmFsYWNjaWRlbnQuY29tgh53d3cuaGVhbHRocG9pbnQucXMu
YXZpdmEuY28udWuCHHd3dy5uZXRxdW90ZXMucXMuYXZpdmEuY28udWuCInd3dy5w
YXJ0bmVyLnFzLm9ubGluZS1pbnN1cmUuY28udWuCFHd3dy5xdW90ZW1laGFwcHku
Y29tghZ3d3cud3NnLnFzLmF2aXZhLmNvLnVrghd3d3cyLndzZy5xcy5hdml2YS5j
by51a4IXd3d3My53c2cucXMuYXZpdmEuY28udWuCF3d3dzQzLmZyaWVuZHNsaWZl
LmNvLnVrMA0GCSqGSIb3DQEBCwUAA4IBAQBdWvwZfrSEP0DsE41tAWlaObK6yF3i
zqZErqVUZb1j0zF6VEIm35Sl1TNtmvBQAkgOFXMzzU7SWyxKk1/UdwyhFDKOSHvV
UVEIPnNqw3JBr46aRiVDCyvCnVJLLpJ17s4LqIrZ890DAFK19Q3HEv48Us+PVynW
SfklSKnMYCZ+lGxr6y6NywlXBiBSbTHAKClWtetEV8boP3lcuvVqckVqBHt9Aur6
owX0tqkxhYRaNAx/YJ0j1v6WEvNWdinHtm/jKpfkERSwgfjdn67luJ9YORMPlonR
nQIdEzwlTZD0sYHb/zzWuJyPKBmLCRZouTwEET38LvD2JVNhul1eXoAo
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aKyUPlgDy0/caQDdQ3R
bSjnxRhHnaImb8kswcfaLGb8/ii8ozlwXlUrvU5pAFa93lCvWj+qVInFD9jynkvt
gVRc+8g/euh6qEfsPuqY64v8+yyV7wPlsdjlVBpmF8jtavKbS5KG4g/cmXoAB+yX
SrRMz2NYwMeKls6y9n8+c7LGQZ65qLQlxpJsziRtEtrXIuT3mZ/x0tED/WALYKVL
vGGoMxG/nhwBAd61QauNbJeFp59OFfmI9BE0RnLtvwNKxnJC3puAksrjuzMMXDyA
IzUmdGdJFr2DJbw4ZxTQqgS6LNutmPiZRmaTewnXIn0p9Q+ANbaCsyhGKSwcPea7
OwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 149957126888925607532382973806155329253
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Extended Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-04 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02468686'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'London, City of'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Aviva PLC'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Digital'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cert01.uk.aviva.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27978894055513849687385615231012299570514552829227230770645059258070476033029476940311246153364023129638537020155980060353313909129327167471982424101626251148650424959067003206400217550306739911474983190680636847224540492888416934373423544091006200741911513385327379686452920643822006570804764063536219735105948365440129399142861024886636582171124172072060515954419468544293717975729765746337403667391876059307339017842061368489105807691691675382357247997580439466134210971038581431689127022955399292654813576531254939006322503521772320479507396740321712647747148550375736848295282897345865567578162933161797406341947
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 2c69ff80c98790ae34e1b4e74c93859940e9a7b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b08994045611d53e6a1a6c7212f2f05b03db88d4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.5.1 (Comodo EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (122 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAExtendedValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760046a555eb75fa912030b5a28969f4f37d112c4174befd49b885abf2fc70fe6d470000017d70b75c93000004030047304502206c7ab721cb31ec49b760fc80326d59fb2af1fec5cf26df05e2c457f0867be329022100e5bfe9f34983ba001a72a65a3e09793b5c84b87f04af516ee50869c76e69009f0075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000017d70b75c2d000004030046304402202a111f85d8cbe600904072287a238ce763f355f0950e6d341c31367be2104c380220101de777cf6a738b0d69d6bfde396f188e76f0b36d716ec825b94f7439a5b7e600760041c8cab1df22464a10c6a13a0942875e4e318b1b03ebeb4bc768f090629606f60000017d70b75c550000040300473045022100fd2d4b348b9f22284679280877ca4fd253ed7a3d011562054bd1567ab971223202204bcce2ad158c4d36b30dcdb14a20dc2c4abf1941fb124a944e13104e1f67892a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1162 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cert01.uk.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advisers.friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agsts.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aims.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aimsti.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apigateway.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avivahealth.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'brand.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cam.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careers.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cofensereporter.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cosmic.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthpoint.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.quotemehappy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'library.friendslife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mfamobile.globalapps.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'netquotes.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protection-medical.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protection.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resources.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'santandertelephony.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.friendslife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'standards.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'travelinsurance.firstdirect.online-insure.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webapi.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'workplacebenefits.friendslife.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva-health.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivaforpartners.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.avivainvestors.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cosmic-creditor.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.generalaccident.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.healthpoint.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.netquotes.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.partner.qs.online-insure.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.quotemehappy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www3.wsg.qs.aviva.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www43.friendslife.co.uk'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005d5afc197eb4843f40ec138d6d01695a39b2bac85de2cea644aea55465bd63d3317a544226df94a5d5336d9af05002480e157333cd4ed25b2c4a935fd4770ca114328e487bd55151083e736ac37241af8e9a4625430b2bc29d524b2e9275eece0ba88ad9f3dd030052b5f50dc712fe3c52cf8f5729d649f92548a9cc60267e946c6beb2e8dcb09570620526d31c0282956b5eb4457c6e83f795cbaf56a72456a047b7d02eafaa305f4b6a93185845a340c7f609d23d6fe9612f3567629c7b66fe32a97e41114b081f8dd9faee5b89f5839130f9689d19d021d133c254d90f4b181dbff3cd6b89c8f28198b091668b93c04113dfc2ef0f6255361ba5d5e5e8028