www-aem-stage.manulife.ca
- Manulife Financial -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 59:30:d9:b9:81:0d:b3:9d:f4:4d:03:a8:7f:cf:7d:62 was issued on by Sectigo Limited.
With 35 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Manulife Financial
Organization:
Manulife Financial
Organization unit: Canadian Division
Organization unit: Canadian Division
Address:
500 King Street North
Postal code: N2J 4C6
State / Province: Ontario
Locality: Waterloo
Country: CA
Postal code: N2J 4C6
State / Province: Ontario
Locality: Waterloo
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 59:30:d9:b9:81:0d:b3:9d:f4:4d:03:a8:7f:cf:7d:62Serial Number (int): 118554937854101372485944231372268731746
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: b3:9b:20:34:11:3d:5e:0d:b5:9a:02:db:2c:c1:c1:8b:13:7f:7a:6b
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 78:b3:44:72:11:7f:8e:eb:59:f4:27:40:46:e7:6e:12:7a:32:0f:a8
Fingerprint (sha256): 12:dc:02:f1:93:fc:29:86:a3:4d:38:d8:92:d2:8f:d6:3e:33:fd:89:ba:9d:9a:53:8d:09:19:26:14:2d:b6:20
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate www-aem-stage.manulife.ca
35
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www-aem-stage.manulife.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www-aem-stage.manulife.ca
author-aem-stage.manulife.ca
www-aem-stage.assurance-manuvie.ca
www-aem-stage.bank.manulife.ca
www-aem-stage.bank.manuvie.ca
www-aem-stage.cmtcp.manulife.ca
www-aem-stage.cmtcp.manuvie.ca
www-aem-stage.coverme.manulife.ca
www-aem-stage.coverme.manuvie.ca
www-aem-stage.cpao.manulife.ca
www-aem-stage.cpao.manuvie.ca
www-aem-stage.developer.manulife.ca
www-aem-stage.developer.manuvie.ca
www-aem-stage.groupbenefits.manulife.ca
www-aem-stage.headless.manulife.ca
www-aem-stage.info.manulife.ca
www-aem-stage.info.manuvie.ca
www-aem-stage.legacy.manulife.ca
www-aem-stage.legacy.manuvie.ca
www-aem-stage.manulife-group-plans.ca
www-aem-stage.manulife-insurance.ca
www-aem-stage.manulife-securities.manulife.ca
www-aem-stage.manulife-securities.manuvie.ca
www-aem-stage.manuvie.ca
www-aem-stage.mpw.manulife.ca
www-aem-stage.mpw.manuvie.ca
www-aem-stage.offers.bank.manulife.ca
www-aem-stage.offres.bank.manuvie.ca
www-aem-stage.regimes-collectifs-manuvie.ca
www-aem-stage.rr.manulife.ca
www-aem-stage.rr.manuvie.ca
www-aem-stage.travel.manulife.ca
www-aem-stage.travel.manuvie.ca
www-aem-stage.travelb2b.manulife.ca
www-aem-stage.travelb2b.manuvie.ca
author-aem-stage.manulife.ca
www-aem-stage.assurance-manuvie.ca
www-aem-stage.bank.manulife.ca
www-aem-stage.bank.manuvie.ca
www-aem-stage.cmtcp.manulife.ca
www-aem-stage.cmtcp.manuvie.ca
www-aem-stage.coverme.manulife.ca
www-aem-stage.coverme.manuvie.ca
www-aem-stage.cpao.manulife.ca
www-aem-stage.cpao.manuvie.ca
www-aem-stage.developer.manulife.ca
www-aem-stage.developer.manuvie.ca
www-aem-stage.groupbenefits.manulife.ca
www-aem-stage.headless.manulife.ca
www-aem-stage.info.manulife.ca
www-aem-stage.info.manuvie.ca
www-aem-stage.legacy.manulife.ca
www-aem-stage.legacy.manuvie.ca
www-aem-stage.manulife-group-plans.ca
www-aem-stage.manulife-insurance.ca
www-aem-stage.manulife-securities.manulife.ca
www-aem-stage.manulife-securities.manuvie.ca
www-aem-stage.manuvie.ca
www-aem-stage.mpw.manulife.ca
www-aem-stage.mpw.manuvie.ca
www-aem-stage.offers.bank.manulife.ca
www-aem-stage.offres.bank.manuvie.ca
www-aem-stage.regimes-collectifs-manuvie.ca
www-aem-stage.rr.manulife.ca
www-aem-stage.rr.manuvie.ca
www-aem-stage.travel.manulife.ca
www-aem-stage.travel.manuvie.ca
www-aem-stage.travelb2b.manulife.ca
www-aem-stage.travelb2b.manuvie.ca
Other certificates including the domain name manulife.ca
(limited to 100 certificates)
manulife.com
www-aem-qa2.manulife.ca
client.manulifebank.com
manulife.com
manulife.com
content-txn-uat.manulife.ca
www-aem-dev1.manulife.ca
www-aem-dev2.manulife.ca
www-aem-qa.manulife.ca
www-aem-prod.manulife.ca
manulife.com
manulife.com
uat.manulifesecurities.manulife.ca
manulife.com
manulife.com
origin-api.manulifesecurities.manulife.ca
devintegrator.gbi.manulife.ca
manulife.com
manulife.com
manulife.com
cdn.dev.manulife.ca
www-aem-dev1.manulife.ca
manulife.com
mfti-app.np.aks.manulife.ca
preprod.mtls.api.manulife.com
preview.id.manulife.ca
jira-t1.manulife.ca
manulife.com
manulife.com
dev.portal.manulife.ca
advisor.manulife.ca
qa.manulifesecurities.manulife.ca
edge.prod-ext.api.manulife.com
www-aem-prod.manulife.ca
www-aem-dev2.manulife.ca
manulife.com
uat.statements.manulifebank.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
artifactory-test.manulife.ca
manulife.com
hf.integrator.gbi.manulife.ca
manulife.com
content-txn-dev.manulife.ca
retirement.manulife.ca
saml-advisors.preview.manulife.ca
interac-uat.manulifebank.ca
manulife.com
content-txn-prd.manulife.ca
manulife.com
manulife.com
integrator.gbi.manulife.ca
manulife.com
sf-service-medallia-dev.manulife.ca
manulife.com
manulife.com
www-aem-dev.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
nonprod.vitalityservice.manulife.ca
tripx-graphql.dev.aks.manulife.ca
manulife.com
snowbound-viewer-prd.manulife.ca
manulife.com
dev.policyservice.manulife.ca
manulife.com
www-aem-qa.manulife.ca
content-txn-dev.manulife.ca
edge.prod-ext.api.manulife.com
hf.gbi.manulife.ca
interac-uat.manulifebank.ca
manulife.com
manulife.com
www-aem-stage.manulife.ca
manulife.com
manulife.com
manulife.com
mail-ds.manulife.ca
manulife.com
dev.jmeter.aks.manulife.ca
www.insurance.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
stage.manulifesecurities.manulife.ca
www-aem-dev.manulife.ca
manulife.com
portal.manulife.ca
manulife.com
manulife.com
uat.advisor.manulife.ca
www-aem-qa2.manulife.ca
client.manulifebank.com
manulife.com
manulife.com
content-txn-uat.manulife.ca
www-aem-dev1.manulife.ca
www-aem-dev2.manulife.ca
www-aem-qa.manulife.ca
www-aem-prod.manulife.ca
manulife.com
manulife.com
uat.manulifesecurities.manulife.ca
manulife.com
manulife.com
origin-api.manulifesecurities.manulife.ca
devintegrator.gbi.manulife.ca
manulife.com
manulife.com
manulife.com
cdn.dev.manulife.ca
www-aem-dev1.manulife.ca
manulife.com
mfti-app.np.aks.manulife.ca
preprod.mtls.api.manulife.com
preview.id.manulife.ca
jira-t1.manulife.ca
manulife.com
manulife.com
dev.portal.manulife.ca
advisor.manulife.ca
qa.manulifesecurities.manulife.ca
edge.prod-ext.api.manulife.com
www-aem-prod.manulife.ca
www-aem-dev2.manulife.ca
manulife.com
uat.statements.manulifebank.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
artifactory-test.manulife.ca
manulife.com
hf.integrator.gbi.manulife.ca
manulife.com
content-txn-dev.manulife.ca
retirement.manulife.ca
saml-advisors.preview.manulife.ca
interac-uat.manulifebank.ca
manulife.com
content-txn-prd.manulife.ca
manulife.com
manulife.com
integrator.gbi.manulife.ca
manulife.com
sf-service-medallia-dev.manulife.ca
manulife.com
manulife.com
www-aem-dev.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
nonprod.vitalityservice.manulife.ca
tripx-graphql.dev.aks.manulife.ca
manulife.com
snowbound-viewer-prd.manulife.ca
manulife.com
dev.policyservice.manulife.ca
manulife.com
www-aem-qa.manulife.ca
content-txn-dev.manulife.ca
edge.prod-ext.api.manulife.com
hf.gbi.manulife.ca
interac-uat.manulifebank.ca
manulife.com
manulife.com
www-aem-stage.manulife.ca
manulife.com
manulife.com
manulife.com
mail-ds.manulife.ca
manulife.com
dev.jmeter.aks.manulife.ca
www.insurance.manulife.ca
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
stage.manulifesecurities.manulife.ca
www-aem-dev.manulife.ca
manulife.com
portal.manulife.ca
manulife.com
manulife.com
uat.advisor.manulife.ca
Certificate
The complete raw certificate details for www-aem-stage.manulife.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIKejCCCWKgAwIBAgIQWTDZuYENs530TQOof899YjANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIwMDYwNTAwMDAwMFoXDTIyMDYwNTIzNTk1OVowgcExCzAJBgNV BAYTAkNBMRAwDgYDVQQREwdOMkogNEM2MRAwDgYDVQQIEwdPbnRhcmlvMREwDwYD VQQHEwhXYXRlcmxvbzEeMBwGA1UECRMVNTAwIEtpbmcgU3RyZWV0IE5vcnRoMRsw GQYDVQQKExJNYW51bGlmZSBGaW5hbmNpYWwxGjAYBgNVBAsTEUNhbmFkaWFuIERp dmlzaW9uMSIwIAYDVQQDExl3d3ctYWVtLXN0YWdlLm1hbnVsaWZlLmNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nvG10sOqB4E6UF7RJZa0nIoKFiz nLjRGEQualJugMX90w1J98uyqhvcsnuzsV5d12y2iD4YK6aVUxl/Gm0wi8UgnXhh UVdce6qaJx4r33JuRy1gA5FWsFFdogHiKXqxGUv8BPfqDRRkLuq9B9ZNhaZqTYrw Zvfblb5ziO3LzypHR9OXeJ7L/6GWeoHSxlOvjAcSdwYcdqeUYpzIpNDPc1Fpu1vb DzXS/8c6Dmqy9QZ43x6goO9Uc9crAfqmCsLVXBOCNLyXXr3eZ5Usr4P7Xr2Ua1l/ j/QK52UhencLtmbcLjR/eQXxyb49CU4Vw65h89HHUndmg+PIjLNGdDw66wIDAQAB o4IGljCCBpIwHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGypT+swHQYDVR0O BBYEFLObIDQRPV4NtZoC2yzBwYsTf3prMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBKBgNVHSAEQzBB MDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28u Y29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5z ZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3Vy ZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUFBzAChklodHRw Oi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0 aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5z ZWN0aWdvLmNvbTATBgorBgEEAdZ5AgQDAQH/BAIFADCCBMcGA1UdEQSCBL4wggS6 ghl3d3ctYWVtLXN0YWdlLm1hbnVsaWZlLmNhghxhdXRob3ItYWVtLXN0YWdlLm1h bnVsaWZlLmNhgiJ3d3ctYWVtLXN0YWdlLmFzc3VyYW5jZS1tYW51dmllLmNhgh53 d3ctYWVtLXN0YWdlLmJhbmsubWFudWxpZmUuY2GCHXd3dy1hZW0tc3RhZ2UuYmFu ay5tYW51dmllLmNhgh93d3ctYWVtLXN0YWdlLmNtdGNwLm1hbnVsaWZlLmNhgh53 d3ctYWVtLXN0YWdlLmNtdGNwLm1hbnV2aWUuY2GCIXd3dy1hZW0tc3RhZ2UuY292 ZXJtZS5tYW51bGlmZS5jYYIgd3d3LWFlbS1zdGFnZS5jb3Zlcm1lLm1hbnV2aWUu Y2GCHnd3dy1hZW0tc3RhZ2UuY3Bhby5tYW51bGlmZS5jYYIdd3d3LWFlbS1zdGFn ZS5jcGFvLm1hbnV2aWUuY2GCI3d3dy1hZW0tc3RhZ2UuZGV2ZWxvcGVyLm1hbnVs aWZlLmNhgiJ3d3ctYWVtLXN0YWdlLmRldmVsb3Blci5tYW51dmllLmNhgid3d3ct YWVtLXN0YWdlLmdyb3VwYmVuZWZpdHMubWFudWxpZmUuY2GCInd3dy1hZW0tc3Rh Z2UuaGVhZGxlc3MubWFudWxpZmUuY2GCHnd3dy1hZW0tc3RhZ2UuaW5mby5tYW51 bGlmZS5jYYIdd3d3LWFlbS1zdGFnZS5pbmZvLm1hbnV2aWUuY2GCIHd3dy1hZW0t c3RhZ2UubGVnYWN5Lm1hbnVsaWZlLmNhgh93d3ctYWVtLXN0YWdlLmxlZ2FjeS5t YW51dmllLmNhgiV3d3ctYWVtLXN0YWdlLm1hbnVsaWZlLWdyb3VwLXBsYW5zLmNh giN3d3ctYWVtLXN0YWdlLm1hbnVsaWZlLWluc3VyYW5jZS5jYYItd3d3LWFlbS1z dGFnZS5tYW51bGlmZS1zZWN1cml0aWVzLm1hbnVsaWZlLmNhgix3d3ctYWVtLXN0 YWdlLm1hbnVsaWZlLXNlY3VyaXRpZXMubWFudXZpZS5jYYIYd3d3LWFlbS1zdGFn ZS5tYW51dmllLmNhgh13d3ctYWVtLXN0YWdlLm1wdy5tYW51bGlmZS5jYYIcd3d3 LWFlbS1zdGFnZS5tcHcubWFudXZpZS5jYYIld3d3LWFlbS1zdGFnZS5vZmZlcnMu YmFuay5tYW51bGlmZS5jYYIkd3d3LWFlbS1zdGFnZS5vZmZyZXMuYmFuay5tYW51 dmllLmNhgit3d3ctYWVtLXN0YWdlLnJlZ2ltZXMtY29sbGVjdGlmcy1tYW51dmll LmNhghx3d3ctYWVtLXN0YWdlLnJyLm1hbnVsaWZlLmNhght3d3ctYWVtLXN0YWdl LnJyLm1hbnV2aWUuY2GCIHd3dy1hZW0tc3RhZ2UudHJhdmVsLm1hbnVsaWZlLmNh gh93d3ctYWVtLXN0YWdlLnRyYXZlbC5tYW51dmllLmNhgiN3d3ctYWVtLXN0YWdl LnRyYXZlbGIyYi5tYW51bGlmZS5jYYIid3d3LWFlbS1zdGFnZS50cmF2ZWxiMmIu bWFudXZpZS5jYTANBgkqhkiG9w0BAQsFAAOCAQEAQIi/+e6UPbfERXdURhZHZuTN 3j8/KqrIpT+d8KWURxefHe1rS/DeNuHztgfRIB2nWJnITADFpun7h/ClUji0JpUk xQabnScDNYfzwz1LxYy9pncbMUhmbZL17vy0Hsw/QBoEO/zeoytye+bFQTRaB1+g 9q6TFhteLtK33zmpHB0akGCVwIdpZC0aI+9/o4HhICDVtBFDGTuFNkGQO3Efc/C/ RJoQ+UiapFAjW0zFfqM+fTtT+zZHzLDTyqld14z6GblM98fGMLXy92FyojhvNHaC 8wvmsJP8M0FMUIq3Bwb/54xU6Z9/TqZg4fqkdYLuewWxCCseojU0VxGNamAWOg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nvG10sOqB4E6UF7RJZa 0nIoKFiznLjRGEQualJugMX90w1J98uyqhvcsnuzsV5d12y2iD4YK6aVUxl/Gm0w i8UgnXhhUVdce6qaJx4r33JuRy1gA5FWsFFdogHiKXqxGUv8BPfqDRRkLuq9B9ZN haZqTYrwZvfblb5ziO3LzypHR9OXeJ7L/6GWeoHSxlOvjAcSdwYcdqeUYpzIpNDP c1Fpu1vbDzXS/8c6Dmqy9QZ43x6goO9Uc9crAfqmCsLVXBOCNLyXXr3eZ5Usr4P7 Xr2Ua1l/j/QK52UhencLtmbcLjR/eQXxyb49CU4Vw65h89HHUndmg+PIjLNGdDw6 6wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 118554937854101372485944231372268731746 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-06-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'N2J 4C6' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Waterloo' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '500 King Street North' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Canadian Division' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www-aem-stage.manulife.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27580987059385821885540301135304648274747907571648106651222713637941439859780009522483068953071812680569445708213443937439679720949575189481682411387850906508101148857419324091555466389265770092914738200801204355520718638091990828632298532598568534019854634103219003606927067425359615958568984490078664595329737336362252007483609215412712524737221850407725538484511031932056471901752700089037788133426464470393269792395318289211184954687030911221673038772591901990687854147974797678150881547161126332534990598777378329240694728634803651293826092824329653970147459925457312793098119564063460151020248760092449750924011 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b39b2034113d5e0db59a02db2cc1c18b137f7a6b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1214 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'author-aem-stage.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.assurance-manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.bank.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.bank.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.cmtcp.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.cmtcp.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.coverme.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.coverme.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.cpao.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.cpao.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.developer.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.developer.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.groupbenefits.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.headless.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.info.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.info.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.legacy.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.legacy.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.manulife-group-plans.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.manulife-insurance.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.manulife-securities.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.manulife-securities.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.mpw.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.mpw.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.offers.bank.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.offres.bank.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.regimes-collectifs-manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.rr.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.rr.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.travel.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.travel.manuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.travelb2b.manulife.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.travelb2b.manuvie.ca' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004088bff9ee943db7c445775446164766e4cdde3f3f2aaac8a53f9df0a59447179f1ded6b4bf0de36e1f3b607d1201da75899c84c00c5a6e9fb87f0a55238b4269524c5069b9d27033587f3c33d4bc58cbda6771b3148666d92f5eefcb41ecc3f401a043bfcdea32b727be6c541345a075fa0f6ae93161b5e2ed2b7df39a91c1d1a906095c08769642d1a23ef7fa381e12020d5b41143193b853641903b711f73f0bf449a10f9489aa450235b4cc57ea33e7d3b53fb3647ccb0d3caa95dd78cfa19b94cf7c7c630b5f2f76172a2386f347682f30be6b093fc33414c508ab70706ffe78c54e99f7f4ea660e1faa47582ee7b05b1082b1ea2353457118d6a60163a