nonprodprod.apim.manulife.io
- Manulife Financial Corporation -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number cc:4d:1f:5b:64:4b:bb:26:8b:55:98:c5:8f:70:74:29 was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Manulife Financial Corporation
Organization:
Manulife Financial Corporation
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): cc:4d:1f:5b:64:4b:bb:26:8b:55:98:c5:8f:70:74:29Serial Number (int): 271562953993730576011765626295603459113
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 7c:15:09:4c:09:94:d9:2f:58:33:94:0b:b9:13:bf:7d:f3:b2:2f:de
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 3e:56:b8:cf:04:5e:a6:c3:bf:d8:e7:59:ea:53:20:a4:fd:4b:f3:7c
Fingerprint (sha256): 0e:93:d8:80:f1:d4:97:a3:6d:de:7c:a6:2b:65:b9:1d:5f:b9:21:d0:33:0b:71:6a:75:dc:24:99:1b:d1:ac:a5
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate nonprodprod.apim.manulife.io
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for nonprodprod.apim.manulife.io
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
nonprodprod.apim.manulife.io
*.nonprodprod.apim.manulife.io
*.nonprodprod.apim.manulife.io
Other certificates including the domain name manulife.io
(limited to 100 certificates)
manulife.com
manulife.com
5659569942429696-fe3.pantheonsite.io
node3.c360-prod-dr-nifi.cde.manulife.io
manulife.com
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
noc.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
www.jhinvestments.com
5662800294707200-fe2.pantheonsite.io
bs03.mms.use.sandbox.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
credhub.ops.concourse.platform.manulife.io
sbx.github.platform.manulife.io
manulife.com
chefserversandbox.platform.manulife.io
manulife.com
ldap.test.eas.identity.platform.manulife.io
www.jhinvestments.com
consul.nonprod.cac.platform.manulife.io
api.gb.apim.manulife.io
appdb23.cae.platform.manulife.io
vault.prod.cae.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
manulife.io
5659569942429696-fe3.pantheonsite.io
bs02.mms.use.sandbox.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5662800294707200-fe2.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5662800294707200-fe2.pantheonsite.io
vault.sandbox.cae.platform.manulife.io
node1.c360-prod-nifi.cde.manulife.io
uaa.cae.ops.concourse.platform.manulife.io
appdb31.cac.preview.platform.manulife.io
sbx.github.platform.manulife.io
www.jhinvestments.com
5659569942429696-fe3.pantheonsite.io
ldap.ca.identity.platform.manulife.io
manulife.com
manulife.com
uls.preview.manulife.com
appdb21.cae.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
vault.sandbox.usc.platform.manulife.io
appdb12.eas.platform.manulife.io
sfplatform.dev.nifi.manulife.io
manulife.com
5659569942429696-fe3.pantheonsite.io
node2.c360-uat-nifi.cde.manulife.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
manulife.com
nonprodprod.apim.manulife.io
manulife.com
5659569942429696-fe3.pantheonsite.io
manulife.com
5659569942429696-fe3.pantheonsite.io
node1.c360-qat-nifi.cde.manulife.io
dashboard.platform.manulife.io
uls.manulife.com
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
terraform.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
manulife.com
5662800294707200-fe2.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
manulife.com
manulife.com
manulife.com
stoplight.gwam.manulife.io
uls.eas.preview.manulife.io
bs01.mms.use.sandbox.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
vault.sandbox.cac.platform.manulife.io
www.jhinvestments.com
node1.c360-prod-dr-nifi.cde.manulife.io
bs32.cac.preview.platform.manulife.io
nonprod.appgw.manulife.io
5659569942429696-fe3.pantheonsite.io
vault.nonprod.sea.platform.manulife.io
manulife.com
cdncetdvcacicfrtr.manulife.io
vault.sandbox.cac.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5662800294707200-fe2.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
consul.nonprod.sea.platform.manulife.io
api.gb.appgw.manulife.io
5659569942429696-fe3.pantheonsite.io
manulife.com
5659569942429696-fe3.pantheonsite.io
node3.c360-prod-dr-nifi.cde.manulife.io
manulife.com
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
noc.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
www.jhinvestments.com
5662800294707200-fe2.pantheonsite.io
bs03.mms.use.sandbox.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
credhub.ops.concourse.platform.manulife.io
sbx.github.platform.manulife.io
manulife.com
chefserversandbox.platform.manulife.io
manulife.com
ldap.test.eas.identity.platform.manulife.io
www.jhinvestments.com
consul.nonprod.cac.platform.manulife.io
api.gb.apim.manulife.io
appdb23.cae.platform.manulife.io
vault.prod.cae.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
manulife.io
5659569942429696-fe3.pantheonsite.io
bs02.mms.use.sandbox.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5662800294707200-fe2.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5662800294707200-fe2.pantheonsite.io
vault.sandbox.cae.platform.manulife.io
node1.c360-prod-nifi.cde.manulife.io
uaa.cae.ops.concourse.platform.manulife.io
appdb31.cac.preview.platform.manulife.io
sbx.github.platform.manulife.io
www.jhinvestments.com
5659569942429696-fe3.pantheonsite.io
ldap.ca.identity.platform.manulife.io
manulife.com
manulife.com
uls.preview.manulife.com
appdb21.cae.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
vault.sandbox.usc.platform.manulife.io
appdb12.eas.platform.manulife.io
sfplatform.dev.nifi.manulife.io
manulife.com
5659569942429696-fe3.pantheonsite.io
node2.c360-uat-nifi.cde.manulife.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
manulife.com
nonprodprod.apim.manulife.io
manulife.com
5659569942429696-fe3.pantheonsite.io
manulife.com
5659569942429696-fe3.pantheonsite.io
node1.c360-qat-nifi.cde.manulife.io
dashboard.platform.manulife.io
uls.manulife.com
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
terraform.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
manulife.com
5662800294707200-fe2.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
manulife.com
manulife.com
manulife.com
stoplight.gwam.manulife.io
uls.eas.preview.manulife.io
bs01.mms.use.sandbox.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
vault.sandbox.cac.platform.manulife.io
www.jhinvestments.com
node1.c360-prod-dr-nifi.cde.manulife.io
bs32.cac.preview.platform.manulife.io
nonprod.appgw.manulife.io
5659569942429696-fe3.pantheonsite.io
vault.nonprod.sea.platform.manulife.io
manulife.com
cdncetdvcacicfrtr.manulife.io
vault.sandbox.cac.platform.manulife.io
5659569942429696-fe3.pantheonsite.io
5662800294707200-fe2.pantheonsite.io
5659569942429696-fe3.pantheonsite.io
consul.nonprod.sea.platform.manulife.io
api.gb.appgw.manulife.io
5659569942429696-fe3.pantheonsite.io
Certificate
The complete raw certificate details for nonprodprod.apim.manulife.io in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHFjCCBf6gAwIBAgIRAMxNH1tkS7smi1WYxY9wdCkwDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yMzExMjgwMDAwMDBaFw0yNDExMjcyMzU5NTlaMG8xCzAJBgNV BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMScwJQYDVQQKEx5NYW51bGlmZSBGaW5h bmNpYWwgQ29ycG9yYXRpb24xJTAjBgNVBAMTHG5vbnByb2Rwcm9kLmFwaW0ubWFu dWxpZmUuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCCRKDJIxe MIkmhXr5przNjGrpd0i6q4KoXORsZKCx+32VIK7I5cvCunmNDOI6+4+wuBtRA8fs ytAAkmfWHK0OiYexbGcd1WUjMNZN1luanX4bUYqxF5Bm8Fc9s4hDs6EavNw4Fr0l 1gXJN4HT9o0fzqPosQKRzDNPwHKgOByL9qEwC7Ih6I3eXAAa+4I1iYH1CPEibZhy 6i+Pv+lXgDa9Yln3njfjR80m7TbAzT2+zIyTg3ys/7h0FZkhfrGXAFu4t08JWHt6 rq2x6dF1aAbhQPfrCDy/vyKC98JuyVOL/nBOnFlLV3ssEtOKs+wtO9yRqopMwtM2 7+GWkNLe9hzXAgMBAAGjggOEMIIDgDAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJQ9kw NkSMbKlP6zAdBgNVHQ4EFgQUfBUJTAmU2S9YM5QLuRO/ffOyL94wDgYDVR0PAQH/ BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMEoGA1UdIARDMEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYBBQUHAgEWF2h0 dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBL hklodHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25W YWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcBAQR+MHwwVQYI KwYBBQUHMAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2Fu aXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGG F2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMIIBgQYKKwYBBAHWeQIEAgSCAXEEggFt AWsAdwB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYwXv9EJAAAE AwBIMEYCIQDAYIRJVSGSYkEIL2Gss8sbbmHJH9RH/hLBXdoCQMqyHgIhAP1gJ11y Gl68LNc2zmRuZoZTp++ZP+CnNi2q9HfNdrmpAHcAPxdLT9ciR1iUHWUchL4NEu2Q N38fhWrrwb8ohez4ZG4AAAGMF7/R3AAABAMASDBGAiEA+xEd7BsKEsh1wCZJJaUF kXbCXvwFuqbOi+t+o917uHMCIQDhK3564AFIP+n1D2+ApbSmQ/XMCXarQUZ9iKPP t5o11AB3AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABjBe/0TUA AAQDAEgwRgIhAI36LaMsHgMIdrQ6no7o5FXUvxQniC3+U5LsLTlewCK7AiEAudUR itTJ+CulOMw2l+3QPT8DqPl7QR2NV0xLleLAhOAwRwYDVR0RBEAwPoIcbm9ucHJv ZHByb2QuYXBpbS5tYW51bGlmZS5pb4IeKi5ub25wcm9kcHJvZC5hcGltLm1hbnVs aWZlLmlvMA0GCSqGSIb3DQEBCwUAA4IBAQCcdZePir3uUHI69nqrb665vnbLu6QE wIEGJdSFDXh4q8l2XRg1kLTsbzq0D0QtqJAI5JYHoyINFuOU2CeVoitYifpfZ5Ls R8ucwU1rSYOtZNx+OD78DG7XWVh2zb+0ZA7EHc6bRF51UVffAbXan83mWQAmqERi OU3/WP+aZTMhJJtWeKfsNpr89t18eg+2qRjcjqL0LWNSr67s9+uinhDGRZskhwcG 1pW1Avy2hIziwbEpCMeZNQX9/RX/cN+rhyI5VDyGegfI6ElyIhr7cJvsPnwYLbiH Bxk9FfuMZ92YXG9eVXZl12UT2FK7ejfFAzAe3mfhexalGHwX2MRbbfze -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgkSgySMXjCJJoV6+aa8 zYxq6XdIuquCqFzkbGSgsft9lSCuyOXLwrp5jQziOvuPsLgbUQPH7MrQAJJn1hyt DomHsWxnHdVlIzDWTdZbmp1+G1GKsReQZvBXPbOIQ7OhGrzcOBa9JdYFyTeB0/aN H86j6LECkcwzT8ByoDgci/ahMAuyIeiN3lwAGvuCNYmB9QjxIm2Ycuovj7/pV4A2 vWJZ954340fNJu02wM09vsyMk4N8rP+4dBWZIX6xlwBbuLdPCVh7eq6tsenRdWgG 4UD36wg8v78igvfCbslTi/5wTpxZS1d7LBLTirPsLTvckaqKTMLTNu/hlpDS3vYc 1wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 271562953993730576011765626295603459113 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nonprodprod.apim.manulife.io' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24494704887979578079355592932465244609823929563764080336482454713501302524981088802817294550477582966804805952558604747974134504664427358287589211951402645036521350638922651208137807026963133943764312851038279976116438440852011353157476331176188177424898046437565817821627875107548361190848229145079178756471041152533667683071903398881892276547833703864075606874583580710109319899038024788549483099562980892228817092830535420632148279806484295569286686619863563455085139223049087220797896732966168883216855493437810708428100905210052935295082947007784539645860388541288446503391289614769901489937547462723133668465879 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7c15094c0994d92f5833940bb913bf7df3b22fde . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) 016b00770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c17bfd1090000040300483046022100c06084495521926241082f61acb3cb1b6e61c91fd447fe12c15dda0240cab21e022100fd60275d721a5ebc2cd736ce646e668653a7ef993fe0a7362daaf477cd76b9a90077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c17bfd1dc0000040300483046022100fb111dec1b0a12c875c0264925a5059176c25efc05baa6ce8beb7ea3dd7bb873022100e12b7e7ae001483fe9f50f6f80a5b4a643f5cc0976ab41467d88a3cfb79a35d4007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c17bfd13500000403004830460221008dfa2da32c1e030876b43a9e8ee8e455d4bf1427882dfe5392ec2d395ec022bb022100b9d5118ad4c9f82ba538cc3697edd03d3f03a8f97b411d8d574c4b95e2c084e0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (64 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nonprodprod.apim.manulife.io' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.nonprodprod.apim.manulife.io' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009c75978f8abdee50723af67aab6faeb9be76cbbba404c0810625d4850d7878abc9765d183590b4ec6f3ab40f442da89008e49607a3220d16e394d82795a22b5889fa5f6792ec47cb9cc14d6b4983ad64dc7e383efc0c6ed7595876cdbfb4640ec41dce9b445e755157df01b5da9fcde6590026a84462394dff58ff9a653321249b5678a7ec369afcf6dd7c7a0fb6a918dc8ea2f42d6352afaeecf7eba29e10c6459b24870706d695b502fcb6848ce2c1b12908c7993505fdfd15ff70dfab872239543c867a07c8e84972221afb709bec3e7c182db88707193d15fb8c67dd985c6f5e557665d76513d852bb7a37c503301ede67e17b16a5187c17d8c45b6dfcde