diff --git a/src/auto_archiver/modules/timestamping_enricher/timestamping_enricher.py b/src/auto_archiver/modules/timestamping_enricher/timestamping_enricher.py
index 0031210..c138cee 100644
--- a/src/auto_archiver/modules/timestamping_enricher/timestamping_enricher.py
+++ b/src/auto_archiver/modules/timestamping_enricher/timestamping_enricher.py
@@ -14,6 +14,7 @@ from rfc3161_client import VerificationError as Rfc3161VerificationError
 from rfc3161_client.base import HashAlgorithm
 from rfc3161_client.tsp import SignedData
 from cryptography import x509
+from cryptography.hazmat.primitives import serialization
 import certifi
 from auto_archiver.core import Enricher
 from auto_archiver.core import Metadata, Media
@@ -106,7 +107,6 @@ class TimestampingEnricher(Enricher):
             raise ValueError(f"No trusted roots found in {trusted_root_path}.")
         
 
-        valid = False
         for certificate in cert_authorities:
             builder = VerifierBuilder()
             builder.add_root_certificate(certificate)
@@ -144,7 +144,7 @@ class TimestampingEnricher(Enricher):
     
     def load_tst_certs(self, tsp_response: TimeStampResponse):
         signed_data: SignedData = tsp_response.signed_data
-        certs = signed_data.certificates
+        return [x509.load_der_x509_certificate(c) for c in signed_data.certificates]
 
     
     def download_certificate(self, tsp_response: TimeStampResponse) -> list[Media]:
@@ -154,10 +154,11 @@ class TimestampingEnricher(Enricher):
 
 
         cert_chain = []
-        for cert in path:
+        for cert in certificates:
             cert_fn = os.path.join(self.tmp_dir, f"{str(cert.serial_number)[:20]}.crt")
+            print(cert_fn)
             with open(cert_fn, "wb") as f:
-                f.write(cert.dump())
-            cert_chain.append(Media(filename=cert_fn).set("subject", cert.subject.native["common_name"]))
+                f.write(cert.public_bytes(encoding=serialization.Encoding.PEM))
+            cert_chain.append(Media(filename=cert_fn).set("subject", cert.subject.get_attributes_for_oid(x509.NameOID.COMMON_NAME)[0].value))
 
         return cert_chain
diff --git a/tests/enrichers/test_timestamping_enricher.py b/tests/enrichers/test_timestamping_enricher.py
index 7d30e2f..9b96051 100644
--- a/tests/enrichers/test_timestamping_enricher.py
+++ b/tests/enrichers/test_timestamping_enricher.py
@@ -20,7 +20,10 @@ def test_sign_data(setup_module):
     result: TimeStampResponse = tsp.sign_data(tsa_url, data)
     assert isinstance(result, TimeStampResponse)
 
-    
+    cert_chain = tsp.download_certificate(result)
+
+    assert len(cert_chain) == 2
+
     try:
         valid_root = tsp.verify_signed(result, data)
         assert valid_root.subject == "CN=Entrust Root Certification Authority - G2, OU=(c) 2009 Entrust, Inc. - for authorized use only, OU=See www.entrust.net/legal-terms, O=Entrust, Inc., C="
@@ -28,7 +31,6 @@ def test_sign_data(setup_module):
         pytest.fail(f"Verification failed: {e}")
 
     # test downloading the cert
-    cert_chain = tsp.download_and_verify_certificate(result)
 
 def test_tsp_enricher_download_syndication(setup_module, digicert):
     tsp: TimestampingEnricher = setup_module("timestamping_enricher")