tripx-graphql.dev.aks.manulife.ca
- Manulife Financial -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 34:16:20:26:71:b3:82:a0:1e:af:0a:d7:0a:4a:ea:c5 was issued on by Sectigo Limited.
With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Manulife Financial
Organization:
Manulife Financial
Organization unit: Canadian Segment
Organization unit: Canadian Segment
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 34:16:20:26:71:b3:82:a0:1e:af:0a:d7:0a:4a:ea:c5Serial Number (int): 69234738394669704687179867016879860421
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 16:fb:b1:42:8d:d6:6f:48:f0:82:c3:ed:bf:27:5a:5b:ab:c0:04:48
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 21:dd:07:45:ca:55:11:84:8c:14:72:c9:79:87:4d:48:5a:07:d1:80
Fingerprint (sha256): 0e:96:61:6e:8b:d0:a7:40:79:ad:c9:d4:0a:a1:7b:1a:b1:e8:b7:11:d8:b5:2a:33:b2:e6:e4:fd:49:ad:fb:7a
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate tripx-graphql.dev.aks.manulife.ca
17
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for tripx-graphql.dev.aks.manulife.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
tripx-graphql.dev.aks.manulife.ca
tripx-admin.dev.aks.manulife.ca
tripx-auth-api.dev.aks.manulife.ca
tripx-compensation-api.dev.aks.manulife.ca
tripx-config.dev.aks.manulife.ca
tripx-group-policy-api.dev.aks.manulife.ca
tripx-license-api.dev.aks.manulife.ca
tripx-notification-api.dev.aks.manulife.ca
tripx-payment-api.dev.aks.manulife.ca
tripx-policy-api.dev.aks.manulife.ca
tripx-product-api.dev.aks.manulife.ca
tripx-quote-api.dev.aks.manulife.ca
tripx-recommendation-api.dev.aks.manulife.ca
tripx-storybook.dev.aks.manulife.ca
tripx-user-api.dev.aks.manulife.ca
tripx-web-en.dev.aks.manulife.ca
tripx-web-fr.dev.aks.manulife.ca
tripx-admin.dev.aks.manulife.ca
tripx-auth-api.dev.aks.manulife.ca
tripx-compensation-api.dev.aks.manulife.ca
tripx-config.dev.aks.manulife.ca
tripx-group-policy-api.dev.aks.manulife.ca
tripx-license-api.dev.aks.manulife.ca
tripx-notification-api.dev.aks.manulife.ca
tripx-payment-api.dev.aks.manulife.ca
tripx-policy-api.dev.aks.manulife.ca
tripx-product-api.dev.aks.manulife.ca
tripx-quote-api.dev.aks.manulife.ca
tripx-recommendation-api.dev.aks.manulife.ca
tripx-storybook.dev.aks.manulife.ca
tripx-user-api.dev.aks.manulife.ca
tripx-web-en.dev.aks.manulife.ca
tripx-web-fr.dev.aks.manulife.ca
Other certificates including the domain name manulife.ca
(limited to 100 certificates)
manulife.com
www-aem-qa2.manulife.ca
client.manulifebank.com
manulife.com
manulife.com
content-txn-uat.manulife.ca
www-aem-dev1.manulife.ca
www-aem-dev2.manulife.ca
www-aem-qa.manulife.ca
www-aem-prod.manulife.ca
manulife.com
manulife.com
uat.manulifesecurities.manulife.ca
manulife.com
manulife.com
origin-api.manulifesecurities.manulife.ca
devintegrator.gbi.manulife.ca
manulife.com
manulife.com
manulife.com
cdn.dev.manulife.ca
www-aem-dev1.manulife.ca
manulife.com
mfti-app.np.aks.manulife.ca
preprod.mtls.api.manulife.com
preview.id.manulife.ca
jira-t1.manulife.ca
manulife.com
manulife.com
dev.portal.manulife.ca
advisor.manulife.ca
qa.manulifesecurities.manulife.ca
edge.prod-ext.api.manulife.com
www-aem-prod.manulife.ca
www-aem-dev2.manulife.ca
manulife.com
uat.statements.manulifebank.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
artifactory-test.manulife.ca
manulife.com
hf.integrator.gbi.manulife.ca
manulife.com
content-txn-dev.manulife.ca
retirement.manulife.ca
saml-advisors.preview.manulife.ca
interac-uat.manulifebank.ca
manulife.com
content-txn-prd.manulife.ca
manulife.com
manulife.com
integrator.gbi.manulife.ca
manulife.com
sf-service-medallia-dev.manulife.ca
manulife.com
manulife.com
www-aem-dev.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
nonprod.vitalityservice.manulife.ca
tripx-graphql.dev.aks.manulife.ca
manulife.com
edge.sandbox-dev.api.manulife.com
snowbound-viewer-prd.manulife.ca
manulife.com
dev.policyservice.manulife.ca
manulife.com
www-aem-qa.manulife.ca
content-txn-dev.manulife.ca
edge.prod-ext.api.manulife.com
hf.gbi.manulife.ca
interac-uat.manulifebank.ca
manulife.com
manulife.com
www-aem-stage.manulife.ca
manulife.com
manulife.com
manulife.com
mail-ds.manulife.ca
manulife.com
dev.jmeter.aks.manulife.ca
www.insurance.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
stage.manulifesecurities.manulife.ca
www-aem-dev.manulife.ca
manulife.com
portal.manulife.ca
manulife.com
www-aem-qa2.manulife.ca
client.manulifebank.com
manulife.com
manulife.com
content-txn-uat.manulife.ca
www-aem-dev1.manulife.ca
www-aem-dev2.manulife.ca
www-aem-qa.manulife.ca
www-aem-prod.manulife.ca
manulife.com
manulife.com
uat.manulifesecurities.manulife.ca
manulife.com
manulife.com
origin-api.manulifesecurities.manulife.ca
devintegrator.gbi.manulife.ca
manulife.com
manulife.com
manulife.com
cdn.dev.manulife.ca
www-aem-dev1.manulife.ca
manulife.com
mfti-app.np.aks.manulife.ca
preprod.mtls.api.manulife.com
preview.id.manulife.ca
jira-t1.manulife.ca
manulife.com
manulife.com
dev.portal.manulife.ca
advisor.manulife.ca
qa.manulifesecurities.manulife.ca
edge.prod-ext.api.manulife.com
www-aem-prod.manulife.ca
www-aem-dev2.manulife.ca
manulife.com
uat.statements.manulifebank.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
artifactory-test.manulife.ca
manulife.com
hf.integrator.gbi.manulife.ca
manulife.com
content-txn-dev.manulife.ca
retirement.manulife.ca
saml-advisors.preview.manulife.ca
interac-uat.manulifebank.ca
manulife.com
content-txn-prd.manulife.ca
manulife.com
manulife.com
integrator.gbi.manulife.ca
manulife.com
sf-service-medallia-dev.manulife.ca
manulife.com
manulife.com
www-aem-dev.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
nonprod.vitalityservice.manulife.ca
tripx-graphql.dev.aks.manulife.ca
manulife.com
edge.sandbox-dev.api.manulife.com
snowbound-viewer-prd.manulife.ca
manulife.com
dev.policyservice.manulife.ca
manulife.com
www-aem-qa.manulife.ca
content-txn-dev.manulife.ca
edge.prod-ext.api.manulife.com
hf.gbi.manulife.ca
interac-uat.manulifebank.ca
manulife.com
manulife.com
www-aem-stage.manulife.ca
manulife.com
manulife.com
manulife.com
mail-ds.manulife.ca
manulife.com
dev.jmeter.aks.manulife.ca
www.insurance.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
stage.manulifesecurities.manulife.ca
www-aem-dev.manulife.ca
manulife.com
portal.manulife.ca
manulife.com
Certificate
The complete raw certificate details for tripx-graphql.dev.aks.manulife.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIICzCCBvOgAwIBAgIQNBYgJnGzgqAerwrXCkrqxTANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIxMTEzMDAwMDAwMFoXDTIyMTEzMDIzNTk1OVowgYMxCzAJBgNV BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRswGQYDVQQKExJNYW51bGlmZSBGaW5h bmNpYWwxGTAXBgNVBAsTEENhbmFkaWFuIFNlZ21lbnQxKjAoBgNVBAMTIXRyaXB4 LWdyYXBocWwuZGV2LmFrcy5tYW51bGlmZS5jYTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAMD4BSMSxbAN0RAdUrGq+UvU5zsoy4UCtMITEOtuj3KAoC0A MvFpSiYNcLlvHyA/ZlvDz6Iu1kRiMDjPy9sodxv1kHqJyxQDqYhHbdyXaFQSEb0E qWvWfMEgKu7xejniPwuMQIl+l/fuVAipnLJiic2Y2QuJ/2bhsYiNb7MfeXSDtSYa rLJMVn+QO3YUUjOluCUOsxbUWEER6t8GaWsdTRG7MkZdZQ96Uj3rHlvlqKlA+aTf vItlibBaarFqMBH1fFBo0JIs4RULCW2t2xPT8OJaRJ6hbrxIkaPvkrivUbakO1im laBNDxAXxrLHChxXjq90NHj8HI06v9a164BXVhcCAwEAAaOCBGUwggRhMB8GA1Ud IwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1UdDgQWBBQW+7FCjdZvSPCC w+2/J1pbq8AESDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMwQTA1BgwrBgEEAbIxAQIB AwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYGZ4EM AQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20vU2Vj dGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmww gYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdv LmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZl ckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wEwYK KwYBBAHWeQIEAwEB/wQCBQAwggKWBgNVHREEggKNMIICiYIhdHJpcHgtZ3JhcGhx bC5kZXYuYWtzLm1hbnVsaWZlLmNhgh90cmlweC1hZG1pbi5kZXYuYWtzLm1hbnVs aWZlLmNhgiJ0cmlweC1hdXRoLWFwaS5kZXYuYWtzLm1hbnVsaWZlLmNhgip0cmlw eC1jb21wZW5zYXRpb24tYXBpLmRldi5ha3MubWFudWxpZmUuY2GCIHRyaXB4LWNv bmZpZy5kZXYuYWtzLm1hbnVsaWZlLmNhgip0cmlweC1ncm91cC1wb2xpY3ktYXBp LmRldi5ha3MubWFudWxpZmUuY2GCJXRyaXB4LWxpY2Vuc2UtYXBpLmRldi5ha3Mu bWFudWxpZmUuY2GCKnRyaXB4LW5vdGlmaWNhdGlvbi1hcGkuZGV2LmFrcy5tYW51 bGlmZS5jYYIldHJpcHgtcGF5bWVudC1hcGkuZGV2LmFrcy5tYW51bGlmZS5jYYIk dHJpcHgtcG9saWN5LWFwaS5kZXYuYWtzLm1hbnVsaWZlLmNhgiV0cmlweC1wcm9k dWN0LWFwaS5kZXYuYWtzLm1hbnVsaWZlLmNhgiN0cmlweC1xdW90ZS1hcGkuZGV2 LmFrcy5tYW51bGlmZS5jYYIsdHJpcHgtcmVjb21tZW5kYXRpb24tYXBpLmRldi5h a3MubWFudWxpZmUuY2GCI3RyaXB4LXN0b3J5Ym9vay5kZXYuYWtzLm1hbnVsaWZl LmNhgiJ0cmlweC11c2VyLWFwaS5kZXYuYWtzLm1hbnVsaWZlLmNhgiB0cmlweC13 ZWItZW4uZGV2LmFrcy5tYW51bGlmZS5jYYIgdHJpcHgtd2ViLWZyLmRldi5ha3Mu bWFudWxpZmUuY2EwDQYJKoZIhvcNAQELBQADggEBAIApwraEvyGtHmAPrYbQHPze ggLLGzfGnl3DWreU8MWXm6KsMquIfaPHppHQgFvwnn1oM/euqBLKp8B4Sg4Kilro 1vr4dwRYHoGa8F4GJgXJKClDZWxclItl1ro12MtqulVuyRaUZ+ASJ2jvharbDWme YGhDFRq8XFytLVLZ8snJzf4+hEysW3uPLnuwxRcUpte/jUpzEvRtDP27IVvdv2o5 h2NHmDJz4rCqZxJ/iI8RA501WFPof97QI6GRGg6clRFLDBEKLIwY3dOUNoDET6ne 98hvL585D6QV9ood5csrK7GnYagpfXzTdEXACBEwmfvI0+6cRjKUx+FjJfOif5g= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPgFIxLFsA3REB1Ssar5 S9TnOyjLhQK0whMQ626PcoCgLQAy8WlKJg1wuW8fID9mW8PPoi7WRGIwOM/L2yh3 G/WQeonLFAOpiEdt3JdoVBIRvQSpa9Z8wSAq7vF6OeI/C4xAiX6X9+5UCKmcsmKJ zZjZC4n/ZuGxiI1vsx95dIO1JhqsskxWf5A7dhRSM6W4JQ6zFtRYQRHq3wZpax1N EbsyRl1lD3pSPeseW+WoqUD5pN+8i2WJsFpqsWowEfV8UGjQkizhFQsJba3bE9Pw 4lpEnqFuvEiRo++SuK9RtqQ7WKaVoE0PEBfGsscKHFeOr3Q0ePwcjTq/1rXrgFdW FwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 69234738394669704687179867016879860421 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-11-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Canadian Segment' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'tripx-graphql.dev.aks.manulife.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24360057806542842305529877200093641507659202134218696407974976327210641189908059531427188798130029873011598042746887448247284561564769597994157992153844262548767018838084376510522990298410659762153035994274756985902220011584303916776956472688756392461889267933543187072352593375666396153871802006052908247485928432304505865217970961930824253620534579971280023018332787133887410677214126676224785783751587098737702543317110436249493028897007775700262986066618510374291148947697237800284693427380169284848213021470446839903426985648816215558154765752599421592339177061706834866173569074511626443351640741615980642784791 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 16fbb1428dd66f48f082c3edbf275a5babc00448 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (653 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-graphql.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-admin.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-auth-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-compensation-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-config.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-group-policy-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-license-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-notification-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-payment-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-policy-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-product-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-quote-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-recommendation-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-storybook.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-user-api.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-web-en.dev.aks.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tripx-web-fr.dev.aks.manulife.ca' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008029c2b684bf21ad1e600fad86d01cfcde8202cb1b37c69e5dc35ab794f0c5979ba2ac32ab887da3c7a691d0805bf09e7d6833f7aea812caa7c0784a0e0a8a5ae8d6faf87704581e819af05e062605c9282943656c5c948b65d6ba35d8cb6aba556ec9169467e0122768ef85aadb0d699e606843151abc5c5cad2d52d9f2c9c9cdfe3e844cac5b7b8f2e7bb0c51714a6d7bf8d4a7312f46d0cfdbb215bddbf6a39876347983273e2b0aa67127f888f11039d355853e87fded023a1911a0e9c95114b0c110a2c8c18ddd3943680c44fa9def7c86f2f9f390fa415f68a1de5cb2b2bb1a761a8297d7cd37445c008113099fbc8d3ee9c463294c7e16325f3a27f98