manulife.com

- Manulife Financial -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 41:77:e4:24:9a:60:79:5a:a9:f2:a6:14:97:14:79:11 was issued on by Sectigo Limited.

With 65 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Manulife Financial

Organization: Manulife Financial
State / Province: Ontario
Country: CA

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): 41:77:e4:24:9a:60:79:5a:a9:f2:a6:14:97:14:79:11
Serial Number (int): 87022330341565980790882973111731648785
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 09:b7:48:1c:b1:96:1a:f3:d9:13:9e:1a:a4:79:d3:d1:03:6d:80:bf
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): d2:84:12:99:50:ef:02:47:9d:ed:5b:b1:b9:b0:19:e9:bb:f6:24:62
Fingerprint (sha256): 0d:b3:2e:72:e1:9b:1e:52:85:08:cc:a5:96:7a:0e:d9:f9:58:c3:9a:20:bd:89:71:07:1f:d5:a0:f6:87:80:f1

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate manulife.com

65

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for manulife.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

manulife.com
10014.manulife.com
agrssponsors.manulife.com
aidp.manulife.com
api.manulifesecurities.manulife.ca
api.placementsmanuvie.manuvie.ca
api.portal.manulife.ca
attestuat.manulife.com
aviproom.manulife.com
banquescotia.monprochainchapitre.ca
canadiancommercialmortgages.manulife.com
cdd-dev.manulife.com
cdd-prod.manulife.com
cdd-uat.manulife.com
cdncetdvcacicfrtr.manulife.io
cdncetprcacicfrtr.manulife.io
cloud.mesh.preprod.api.manulife.com
dr.api.manulifesecurities.manulife.ca
dr.api.portal.manulife.ca
edocs-bff.manulifeim.ca
edocs-uat-bff.manulifeim.ca
edocs-uat.manulifeim.ca
edocs.manulifeim.ca
enter.manulife.com
enterdev.manulife.com
enteruat.manulife.com
grssofmo.manulife.com
grssponsors.manulife.com
idp.manulife.com
m.manulife.com
m.manuvie.com
manulife.ca
manulifesecurities.manulife.ca
manuvie.ca
mfc.com
monprochainchapitre.ca
mynextchapter.ca
nav.manulifeim.com
placementsmanuvie.manuvie.ca
repsource.manulife.com
repsourcepublic.manulife.com
retirementredefined.ca
retirementredefined.manulife.ca
retraiteredefinie.ca
retraiteredefinie.manuvie.ca
scotiabank.mynextchapter.ca
secureigaz.manulife.ca
secureigazuat.manulife.ca
stage.api.portal.manulife.ca
stg-nav.manulifeim.com
techconnect.manulife.com
uat.banquescotia.monprochainchapitre.ca
uat.monprochainchapitre.ca
uat.mynextchapter.ca
uat.pot.manulife.ca
uat.scotiabank.mynextchapter.ca
uls-meud.manulife.com
viproom.manulife.com
web.manulife.com
www.canadiancommercialmortgages.manulife.com
www.mfc.com
www.monprochainchapitre.ca
www.mynextchapter.ca
www.retirementredefined.ca
www.retraiteredefinie.ca

Other certificates including the domain name manulife.com

(limited to 100 certificates)
mlisxivg01.manulife.com
manulife.com
nasbfepool02.mfcgd.com
mfcentral.manulife.com
api1.np.ca.manulife.com
idwicrmapd01.mlijkt01.manulife.com
manulife.com
manulife.com
aidp.manulife.com
azalvedlwrkdp10.p01eaedl.manulife.com
manulife.com
client.manulifebank.com
rps.jhancock.com
manulife.com
sharepoint-externalpartner.uat.ap.manulife.com
hermes.manulife.com
manulife.com
clbs37841.manulife.com
internal.mesh.test.api.manulife.com
azcedlwrks003.s01caedl.manulife.com
manulife.com
cdcwvjhpwast21.americas.manulife.net
daily.manulife.com.vn
click.e.manulife.com
sft.institutional.manulife.com
johnhancock.com
manulife.com
sts.manulife.com
manulife.com
azslvedlmgtdd01.d01saedl.manulife.com
idwicrmapt21.mlijkt01.manulife.com
idwcasp.ap.manulife.com
mfcentral.manulife.com
manulife.com
view-e-ds.manulife.com
idwelems01.mlijkt01.manulife.com
druglookup-client.manulife.com
mfcentral.manulife.com
sharepoint-externalpartner.uat.ap.manulife.com
www-aem-prod.manulife.ca
insttrip.manulife.com
manulife.com
dbpartners.manulife.com
idwinetapt01.mlijkt01.manulife.com
asiacitrix.manulife.com
arrowonramp.manulife.com
manulife.com
qitsso-uat.manulife.com
manulife.com
sf.cac.internal.mesh.dev.api.manulife.com
manulife.com
giam-qa.manulife.com
manulife.com
cconprem.manulife.com
manulife.com
manulife.com
manulife.com
idp.grsportal.ca.manulife.com
manulife.com
insanalyticsdev01.manulife.com
awsuat.manulife.com.kh
idwiqmtapp01.mlijkt01.manulife.com
johnhancock.com
manulife.com
manulife.com
myasoaibp2.ap.manulife.com
remotejp2.manulife.com
johnhancock.com
sharepoint-int.ap.manulife.com
mlifs900g01.manulife.com
nasbaccess01.manulife.com
jhappsstaging-tst.aks.manulife.com
manulife.com
manulife.com
crverifyidentity-dev.johnhancock.com
manulife.com
jpnhoapt09.japan.corp.manulife.com
client.manulifebank.com
preprod.mtls.api.manulife.com
manulife.com
idwietsisft05.mlijkt01.manulife.com
remotehk.manulife.com
azcedledges001.s01caedl.manulife.com
idwcas4tap.ap.manulife.com
manulife.com
mlixnbarplzvnaca.manulife.com
manulife.com
manulife.com
druglookup-client.manulife.com
pcf.manulife.com
proxy.auw.my.underwriting.manulife.com
manulife.com
johnhancock.com
manulife.com
financeit.devsit202201.manulife.com
tw-ssg-fw1.manulife.com
advisor.manulife.ca
azwapnwasm01.mfcgd.com
azuedldbo01.p01usedl.manulife.com
edge.prod-ext.api.manulife.com

Certificate

The complete raw certificate details for manulife.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILwTCCCqmgAwIBAgIQQXfkJJpgeVqp8qYUlxR5ETANBgkqhkiG9w0BAQsFADCB
lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD
EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy
dmVyIENBMB4XDTIyMDcxODAwMDAwMFoXDTIzMDcxODIzNTk1OVowUzELMAkGA1UE
BhMCQ0ExEDAOBgNVBAgTB09udGFyaW8xGzAZBgNVBAoTEk1hbnVsaWZlIEZpbmFu
Y2lhbDEVMBMGA1UEAxMMbWFudWxpZmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxvrapImtCYUFcVv/wjbVnQGT7cxxfhjSanudyivhAsqf7dVf
3yXUrmHt7TsK70S4C6OBdlNkBvK6AlNixToqpSxQnM2ZyHvp5OluHXxkCIaNphEn
+ZEd7HiWkbkaZ7ALuRjs9/l1Bo+vUAT/pJuHGuOtSqDAtAEsIKrC3mTK4pG5N+BG
aRLEB+X6268pCVw4nM+ukg+gBhDkZ5OEMudvRiX2rl7q3w2hGS0GdxluzfQmGAfv
7yiUxPtwhtdlIhyBnE7UGthGoMKr5Lz2OY0BcjkNWCWIV2cBg7+SIr3McTRlRHsA
c2TEp5dzKS+t/e5eeb+MNnX5nIjRYbbCgmZFlQIDAQABo4IITDCCCEgwHwYDVR0j
BBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0OBBYEFAm3SByxlhrz2ROe
GqR509EDbYC/MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgED
BDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwB
AgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0
aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCB
igYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28u
Y29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVy
Q0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTATBgor
BgEEAdZ5AgQDAQH/BAIFADCCBn0GA1UdEQSCBnQwggZwggxtYW51bGlmZS5jb22C
EjEwMDE0Lm1hbnVsaWZlLmNvbYIZYWdyc3Nwb25zb3JzLm1hbnVsaWZlLmNvbYIR
YWlkcC5tYW51bGlmZS5jb22CImFwaS5tYW51bGlmZXNlY3VyaXRpZXMubWFudWxp
ZmUuY2GCIGFwaS5wbGFjZW1lbnRzbWFudXZpZS5tYW51dmllLmNhghZhcGkucG9y
dGFsLm1hbnVsaWZlLmNhghZhdHRlc3R1YXQubWFudWxpZmUuY29tghVhdmlwcm9v
bS5tYW51bGlmZS5jb22CI2JhbnF1ZXNjb3RpYS5tb25wcm9jaGFpbmNoYXBpdHJl
LmNhgihjYW5hZGlhbmNvbW1lcmNpYWxtb3J0Z2FnZXMubWFudWxpZmUuY29tghRj
ZGQtZGV2Lm1hbnVsaWZlLmNvbYIVY2RkLXByb2QubWFudWxpZmUuY29tghRjZGQt
dWF0Lm1hbnVsaWZlLmNvbYIdY2RuY2V0ZHZjYWNpY2ZydHIubWFudWxpZmUuaW+C
HWNkbmNldHByY2FjaWNmcnRyLm1hbnVsaWZlLmlvgiNjbG91ZC5tZXNoLnByZXBy
b2QuYXBpLm1hbnVsaWZlLmNvbYIlZHIuYXBpLm1hbnVsaWZlc2VjdXJpdGllcy5t
YW51bGlmZS5jYYIZZHIuYXBpLnBvcnRhbC5tYW51bGlmZS5jYYIXZWRvY3MtYmZm
Lm1hbnVsaWZlaW0uY2GCG2Vkb2NzLXVhdC1iZmYubWFudWxpZmVpbS5jYYIXZWRv
Y3MtdWF0Lm1hbnVsaWZlaW0uY2GCE2Vkb2NzLm1hbnVsaWZlaW0uY2GCEmVudGVy
Lm1hbnVsaWZlLmNvbYIVZW50ZXJkZXYubWFudWxpZmUuY29tghVlbnRlcnVhdC5t
YW51bGlmZS5jb22CFWdyc3NvZm1vLm1hbnVsaWZlLmNvbYIYZ3Jzc3BvbnNvcnMu
bWFudWxpZmUuY29tghBpZHAubWFudWxpZmUuY29tgg5tLm1hbnVsaWZlLmNvbYIN
bS5tYW51dmllLmNvbYILbWFudWxpZmUuY2GCHm1hbnVsaWZlc2VjdXJpdGllcy5t
YW51bGlmZS5jYYIKbWFudXZpZS5jYYIHbWZjLmNvbYIWbW9ucHJvY2hhaW5jaGFw
aXRyZS5jYYIQbXluZXh0Y2hhcHRlci5jYYISbmF2Lm1hbnVsaWZlaW0uY29tghxw
bGFjZW1lbnRzbWFudXZpZS5tYW51dmllLmNhghZyZXBzb3VyY2UubWFudWxpZmUu
Y29tghxyZXBzb3VyY2VwdWJsaWMubWFudWxpZmUuY29tghZyZXRpcmVtZW50cmVk
ZWZpbmVkLmNhgh9yZXRpcmVtZW50cmVkZWZpbmVkLm1hbnVsaWZlLmNhghRyZXRy
YWl0ZXJlZGVmaW5pZS5jYYIccmV0cmFpdGVyZWRlZmluaWUubWFudXZpZS5jYYIb
c2NvdGlhYmFuay5teW5leHRjaGFwdGVyLmNhghZzZWN1cmVpZ2F6Lm1hbnVsaWZl
LmNhghlzZWN1cmVpZ2F6dWF0Lm1hbnVsaWZlLmNhghxzdGFnZS5hcGkucG9ydGFs
Lm1hbnVsaWZlLmNhghZzdGctbmF2Lm1hbnVsaWZlaW0uY29tghh0ZWNoY29ubmVj
dC5tYW51bGlmZS5jb22CJ3VhdC5iYW5xdWVzY290aWEubW9ucHJvY2hhaW5jaGFw
aXRyZS5jYYIadWF0Lm1vbnByb2NoYWluY2hhcGl0cmUuY2GCFHVhdC5teW5leHRj
aGFwdGVyLmNhghN1YXQucG90Lm1hbnVsaWZlLmNhgh91YXQuc2NvdGlhYmFuay5t
eW5leHRjaGFwdGVyLmNhghV1bHMtbWV1ZC5tYW51bGlmZS5jb22CFHZpcHJvb20u
bWFudWxpZmUuY29tghB3ZWIubWFudWxpZmUuY29tgix3d3cuY2FuYWRpYW5jb21t
ZXJjaWFsbW9ydGdhZ2VzLm1hbnVsaWZlLmNvbYILd3d3Lm1mYy5jb22CGnd3dy5t
b25wcm9jaGFpbmNoYXBpdHJlLmNhghR3d3cubXluZXh0Y2hhcHRlci5jYYIad3d3
LnJldGlyZW1lbnRyZWRlZmluZWQuY2GCGHd3dy5yZXRyYWl0ZXJlZGVmaW5pZS5j
YTANBgkqhkiG9w0BAQsFAAOCAQEAjoVuMSa7AyB/+lEdXjcY+1fGXFPUoJrjYHjx
ZtzpAgbTv7P407zcNdvGhBJ5kiYa6pIo2rRWSd2yfvOYUdld3kIVws/YkTR7OMrf
J6uuwKrDes3dF9WLFv0Hp3wx5Goyl1CpKQzyMXkWXdS55QMfNeMSePPidPl2v8Do
Qk+aUWSikd6uCtTv/teLN2L4AC1491J2ZScI5gFf8agga29OJjFQlUPtI105FmGY
762wDkIlnx1dCF8jG2g9UBxtXuHB2RrGwZFI1jADcbA2DtQG54rC58bDA+s5iFeM
PbOlqG1D/jaH4OnIqptGtrJCymxR2JostJbTGyVsPgeutPXMZA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvrapImtCYUFcVv/wjbV
nQGT7cxxfhjSanudyivhAsqf7dVf3yXUrmHt7TsK70S4C6OBdlNkBvK6AlNixToq
pSxQnM2ZyHvp5OluHXxkCIaNphEn+ZEd7HiWkbkaZ7ALuRjs9/l1Bo+vUAT/pJuH
GuOtSqDAtAEsIKrC3mTK4pG5N+BGaRLEB+X6268pCVw4nM+ukg+gBhDkZ5OEMudv
RiX2rl7q3w2hGS0GdxluzfQmGAfv7yiUxPtwhtdlIhyBnE7UGthGoMKr5Lz2OY0B
cjkNWCWIV2cBg7+SIr3McTRlRHsAc2TEp5dzKS+t/e5eeb+MNnX5nIjRYbbCgmZF
lQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 87022330341565980790882973111731648785
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-18 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'manulife.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25118885137138888413855091375903806883503919884117841980141273211943203243725204568372643272319645261501923488499776298792566661454862636084957931727881396059968511633103761143616926772901473785689477898587622267745836066435054761177953299430547876453029744302949044148883374435595173519864549250950161874205639800590078649558935930182828090027040308117327605548085535578249244645991636104920898258404133598344039316386797309439374221280504279523222736319530503961680292877841643761011415774038548032963066701641147975827101512796120054625341068824483358092949533697774392187347794088208773790900728474815439772730773
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							09b7481cb1961af3d9139e1aa479d3d1036d80bf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1652 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '10014.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agrssponsors.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aidp.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.manulifesecurities.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.placementsmanuvie.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.portal.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'attestuat.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aviproom.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'banquescotia.monprochainchapitre.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canadiancommercialmortgages.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdd-dev.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdd-prod.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdd-uat.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdncetdvcacicfrtr.manulife.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdncetprcacicfrtr.manulife.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cloud.mesh.preprod.api.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dr.api.manulifesecurities.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dr.api.portal.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edocs-bff.manulifeim.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edocs-uat-bff.manulifeim.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edocs-uat.manulifeim.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edocs.manulifeim.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'enter.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'enterdev.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'enteruat.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'grssofmo.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'grssponsors.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idp.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.manuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifesecurities.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mfc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'monprochainchapitre.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mynextchapter.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nav.manulifeim.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'placementsmanuvie.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'repsource.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'repsourcepublic.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retirementredefined.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retirementredefined.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retraiteredefinie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'retraiteredefinie.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scotiabank.mynextchapter.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secureigaz.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secureigazuat.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.api.portal.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-nav.manulifeim.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'techconnect.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.banquescotia.monprochainchapitre.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.monprochainchapitre.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.mynextchapter.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.pot.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.scotiabank.mynextchapter.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uls-meud.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'viproom.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canadiancommercialmortgages.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mfc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.monprochainchapitre.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mynextchapter.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.retirementredefined.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.retraiteredefinie.ca'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008e856e3126bb03207ffa511d5e3718fb57c65c53d4a09ae36078f166dce90206d3bfb3f8d3bcdc35dbc684127992261aea9228dab45649ddb27ef39851d95dde4215c2cfd891347b38cadf27abaec0aac37acddd17d58b16fd07a77c31e46a329750a9290cf23179165dd4b9e5031f35e31278f3e274f976bfc0e8424f9a5164a291deae0ad4effed78b3762f8002d78f75276652708e6015ff1a8206b6f4e2631509543ed235d39166198efadb00e42259f1d5d085f231b683d501c6d5ee1c1d91ac6c19148d6300371b0360ed406e78ac2e7c6c303eb3988578c3db3a5a86d43fe3687e0e9c8aa9b46b6b242ca6c51d89a2cb496d31b256c3e07aeb4f5cc64