new.manulife.com.kh
- Manulife Financial -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 7a:ba:e2:1c:3b:60:06:1d:dd:8d:de:f6:d5:06:38:df was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Manulife Financial
Organization:
Manulife Financial
Organization unit: Asia Division
Organization unit: Enterprise SSL Pro
Organization unit: Asia Division
Organization unit: Enterprise SSL Pro
Address:
200 Bloor Street East
Postal code: M4W 1E5
State / Province: Ontario
Locality: Toronto
Country: CA
Postal code: M4W 1E5
State / Province: Ontario
Locality: Toronto
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 7a:ba:e2:1c:3b:60:06:1d:dd:8d:de:f6:d5:06:38:dfSerial Number (int): 163136168762781891453349898586255931615
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 19:2b:3f:0e:b1:ff:a8:00:54:cc:7e:f6:40:1d:50:f4:7c:5f:40:8b
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 4d:25:dc:45:29:ab:13:e6:62:07:62:0f:56:fc:6d:95:4b:ed:d1:32
Fingerprint (sha256): 11:5d:42:a0:91:cb:f1:42:eb:a8:a4:3b:d1:98:08:03:8e:d1:5a:77:50:1e:5e:51:68:4d:27:79:77:a0:48:a4
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate new.manulife.com.kh
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for new.manulife.com.kh
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
new.manulife.com.kh
www.new.manulife.com.kh
www.new.manulife.com.kh
Other certificates including the domain name manulife.com.kh
(limited to 100 certificates)
cws.manulife.com.kh
manulife.com
ptkuat.manulife.com.kh
manulife.com
manulife.com
ptk.manulife.com.kh
manulife.com
manulife.com
awsuat.manulife.com.kh
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
new.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
www.manulife.com.kh
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
mail.manulife.com.kh
manulife.com
cws.manulife.com.kh
awsuat.manulife.com.kh
manulife.com
manulife.com
cws.manulife.com.kh
cws.manulife.com.kh
manulife.com
eclaim.manulife.com.kh
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
ptkuat.manulife.com.kh
manulife.com
manulife.com
ptk.manulife.com.kh
manulife.com
manulife.com
awsuat.manulife.com.kh
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
new.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
www.manulife.com.kh
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
mail.manulife.com.kh
manulife.com
cws.manulife.com.kh
awsuat.manulife.com.kh
manulife.com
manulife.com
cws.manulife.com.kh
cws.manulife.com.kh
manulife.com
eclaim.manulife.com.kh
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
Certificate
The complete raw certificate details for new.manulife.com.kh in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIQerriHDtgBh3djd721QY43zANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTE5MDMxOTAwMDAwMFoXDTIxMDMxODIzNTk1OVowgdMxCzAJBgNV BAYTAkNBMRAwDgYDVQQREwdNNFcgMUU1MRAwDgYDVQQIEwdPbnRhcmlvMRAwDgYD VQQHEwdUb3JvbnRvMR4wHAYDVQQJExUyMDAgQmxvb3IgU3RyZWV0IEVhc3QxGzAZ BgNVBAoTEk1hbnVsaWZlIEZpbmFuY2lhbDEWMBQGA1UECxMNQXNpYSBEaXZpc2lv bjEbMBkGA1UECxMSRW50ZXJwcmlzZSBTU0wgUHJvMRwwGgYDVQQDExNuZXcubWFu dWxpZmUuY29tLmtoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QWz MtJ2/7cRMjWXcu/hDZT9G6JAfbTeIU3V9NiY/5ljGqOZBR+HIP+dzFf0Z27vULjr A63XVot9Gd7y8UtfU8PccjyJoZhd+UK3bDmrdgtShC+aP9396hXhahyPF9J0aD0c ewEmp2Lftan8mGhntSOgnLzy50yS8rVyF4uDgB5sYaWkKeHwZRvQdFrfPDDFyJBN BfBHJri7mdq++agQTN7HdEKWi6ATHrzotuAjk9zGoJXBeBOSA+oFWjrAPdTGwTFG kpNa6Yk/h84Jr066ztVgHBEvhjftdxxhEeAndvKuS7vlYnYcVcRmwzeS0tjV7Ayy tagoBw6RkaJsINud4wIDAQABo4ICBDCCAgAwHwYDVR0jBBgwFoAUF9nWJSdn+THC SUPZMDZEjGypT+swHQYDVR0OBBYEFBkrPw6x/6gAVMx+9kAdUPR8X0CLMA4GA1Ud DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIB FhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBP oE2gS4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0 aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8 MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FP cmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUF BzABhhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTA3BgNVHREEMDAughNuZXcubWFu dWxpZmUuY29tLmtoghd3d3cubmV3Lm1hbnVsaWZlLmNvbS5raDATBgorBgEEAdZ5 AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG8+M1+RzAiibWyp283JZnQdz omEvMbfzqZ9o6wt/F2LbA+0M9SYxX3KVYdBps/AgsGQ2bauIhzfhaw5xEFmuwjmR 8wwf6Ufhati+eickR6sM4yw5z/NZVrlwCqodKuNWd2CaVxTWjetmAFvnQrnKkV3d 2PeQgAzV9X5tsRk8ItXdRfvazJlguU1RmUrEllUMsPoXP+/19OdeBamADDfv04cp ULbWkhdTSJ3Hf8PcUOZuR/ZweJaYE5lBxwtvTJR/1eqPy/0wxcNObAQgI/3ztaK0 n20jiUiOdGMRQ9pUHO25GxWWcJHiN44klvYGi7cVAhwx7HgDe3Slp7LLDYga4A== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QWzMtJ2/7cRMjWXcu/h DZT9G6JAfbTeIU3V9NiY/5ljGqOZBR+HIP+dzFf0Z27vULjrA63XVot9Gd7y8Utf U8PccjyJoZhd+UK3bDmrdgtShC+aP9396hXhahyPF9J0aD0cewEmp2Lftan8mGhn tSOgnLzy50yS8rVyF4uDgB5sYaWkKeHwZRvQdFrfPDDFyJBNBfBHJri7mdq++agQ TN7HdEKWi6ATHrzotuAjk9zGoJXBeBOSA+oFWjrAPdTGwTFGkpNa6Yk/h84Jr066 ztVgHBEvhjftdxxhEeAndvKuS7vlYnYcVcRmwzeS0tjV7AyytagoBw6RkaJsINud 4wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 163136168762781891453349898586255931615 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-03-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-03-18 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'M4W 1E5' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Toronto' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '200 Bloor Street East' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Asia Division' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise SSL Pro' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'new.manulife.com.kh' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27396522949550476987095336505129554881198023122014954410742832439583023812961986928385814678093415766640169864971913796074093902880174620068422734986197686628055453830374620986049202480906371214336031862734485492131128642575694718169403312179956527675259016814745982847998674881751801067394510122084913516315481111600113792170342013698008261006703282791548866288633672246953091741476985852246453276428976697389425174588773478608570510726806333292135268116054192174011493819646954368889034178789092690875766220437467426594546594321180621329900758855075527818550291310367593647683152773904795285428858270011916015082979 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 192b3f0eb1ffa80054cc7ef6401d50f47c5f408b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'new.manulife.com.kh' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.new.manulife.com.kh' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001bcf8cd7e47302289b5b2a76f372599d0773a2612f31b7f3a99f68eb0b7f1762db03ed0cf526315f729561d069b3f020b064366dab888737e16b0e711059aec23991f30c1fe947e16ad8be7a272447ab0ce32c39cff35956b9700aaa1d2ae35677609a5714d68deb66005be742b9ca915dddd8f790800cd5f57e6db1193c22d5dd45fbdacc9960b94d51994ac496550cb0fa173feff5f4e75e05a9800c37efd3872950b6d6921753489dc77fc3dc50e66e47f670789698139941c70b6f4c947fd5ea8fcbfd30c5c34e6c042023fdf3b5a2b49f6d2389488e74631143da541cedb91b15967091e2378e2496f6068bb715021c31ec78037b74a5a7b2cb0d881ae0