b04faxp05.prd.manulifeusa.com

- Manulife Financial -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number e9:58:61:ff:46:ed:9c:8c:b8:58:b4:3f:27:f8:09:40 was issued on by Sectigo Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Manulife Financial

Organization: Manulife Financial
Organization unit: Enterprise Tech and Services
State / Province: Ontario
Country: CA

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): e9:58:61:ff:46:ed:9c:8c:b8:58:b4:3f:27:f8:09:40
Serial Number (int): 310169032760300663959076823152780118336
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: b4:5a:0e:a6:17:2a:5b:1a:6e:d9:81:e8:ad:c9:43:b4:d3:50:fb:16
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): f3:f5:f5:d9:04:48:03:f9:d3:9f:ff:3b:11:2e:a5:a1:53:81:84:a5
Fingerprint (sha256): 19:92:e8:1d:d1:98:34:d3:28:c5:ac:e0:5d:eb:37:45:61:f6:b6:c4:03:bf:0d:af:2f:c2:6a:df:59:60:ed:be

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate b04faxp05.prd.manulifeusa.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for b04faxp05.prd.manulifeusa.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

b04faxp05.prd.manulifeusa.com
www.b04faxp05.prd.manulifeusa.com

Other certificates including the domain name manulifeusa.com

(limited to 100 certificates)
stage.jherpmx2.jhancock.com
b04orad10.dev.manulifeusa.com
b04llsp01.prd.manulifeusa.com
qa.johnhancock.com
johnhancock.com
b04wvgisvisd01.dev.manulifeusa.com
andmirp01.prd.manulifeusa.com
andappm01.mod.manulifeusa.com
andfaxp01.prd.manulifeusa.com
cconprem.manulife.com
b04xprm02.mod.manulifeusa.com
johnhancock.com
cl4orad10.dev.manulifeusa.com
johnhancock.com
nasbaccess01.manulife.com
jhcontractstest.mod.manulifeusa.com
test.jherpdx3.jhancock.com
azwapnwasm01.mfcgd.com
b04fimd02.dev.manulifeusa.com
johnhancock.com
beacon.prd.manulifeusa.com
a7220-b04-lc-a.prd.manulifeusa.com
brave.prd.manulifeusa.com
azaphnerpt01a1.mfcgd.com
barcpsp04.manulife.com
www.igpinfo.com
andwvgisvrcp04.prd.manulifeusa.com
b04sdsd01.dev.manulifeusa.com
b04bkpd01.dev.manulifeusa.com
b04faxp05.prd.manulifeusa.com
jherpmx8.mod.manulifeusa.com
johnhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
clbs37617.dev.manulifeusa.com
whbp30730.prd.manulifeusa.com
johnhancock.com
b04appd12.dev.manulifeusa.com
azwapnwasm01.mfcgd.com
johnhancock.com
johnhancock.com
usvmreset.prd.manulifeusa.com
azwapnwasm01.mfcgd.com
cl4oram10.mod.manulifeusa.com
johnhancock.com
azulvsasdb2m04.mod.manulifeusa.com
andmirp01.prd.manulifeusa.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
test.jherpdx3.jhancock.com
b04pwdd01.dev.manulifeusa.com
test.jherpdx3.jhancock.com
andllsp01.prd.manulifeusa.com
jherpx8.prd.manulifeusa.com
andwvetsrigp01.prd.manulifeusa.com
test.jherpdx3.jhancock.com
azaphnerpt01a1.mfcgd.com
azuwvjhibeas01.mfcgd.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
andrsap01.prd.manulifeusa.com
b04appd11.dev.manulifeusa.com
johnhancock.com
a7210-and-mclic-a.prd.manulifeusa.com
andwvgisvstp01.prd.manulifeusa.com
b04faxp05.prd.manulifeusa.com
jherpmx8.mod.manulifeusa.com
andsbc.manulife.com
stage.partnerlink.jhancock.com
stage.jherpmx2.jhancock.com
jherpx8.prd.manulifeusa.com
jhesb-stage2.mod.manulifeusa.com
jherpmx8.mod.manulifeusa.com
jhinsuranceanalytics.com
b04pwdd01.dev.manulifeusa.com
b04pwdd01.dev.manulifeusa.com
b04bkpd01.dev.manulifeusa.com
usvmreset.prd.manulifeusa.com
azwphnwast01.mfcgd.com
johnhancock.com
bravestage.mod.manulifeusa.com
andorap10.prd.manulifeusa.com
qa-siebel.mod.manulifeusa.com
dis.dev.manulifeusa.com
andorap04.prd.manulifeusa.com
johnhancock.com
a7220-and-lc-a.prd.manulifeusa.com
azaphnerpt01a1.mfcgd.com
b04pwdd01.dev.manulifeusa.com
stage.jherpmx1.jhancock.com
andsdsm01.mod.manulifeusa.com
prod-siebel.manulifeusa.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
cl4oram10.mod.manulifeusa.com
a7220-and-lc-dmz.prd.manulifeusa.com
stage.inforceillustrationportal.com
b04pwdd01.dev.manulifeusa.com
b04amxd02.dev.manulifeusa.com
johnhancock.com

Certificate

The complete raw certificate details for b04faxp05.prd.manulifeusa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGxzCCBa+gAwIBAgIRAOlYYf9G7ZyMuFi0Pyf4CUAwDQYJKoZIhvcNAQELBQAw
gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE
AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0yMjA2MjAwMDAwMDBaFw0yMzA2MjAyMzU5NTlaMIGLMQswCQYD
VQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEbMBkGA1UEChMSTWFudWxpZmUgRmlu
YW5jaWFsMSUwIwYDVQQLExxFbnRlcnByaXNlIFRlY2ggYW5kIFNlcnZpY2VzMSYw
JAYDVQQDEx1iMDRmYXhwMDUucHJkLm1hbnVsaWZldXNhLmNvbTCCAiIwDQYJKoZI
hvcNAQEBBQADggIPADCCAgoCggIBAKSqPvIpMEQY0bV6Cfghi7BSrZBDHB6FpqZL
JWBycs4sknqZZ2FM2N2pRSknyVtTOoh/8TzGf9cSxDOFsCFkm1faLtj7mXJxdub5
ewyod7w0EQoNDqOC2U0EzsYwS5q0RUjYFywo0vf3pwYOk7B7CRSYVsPYVMUWl2GJ
iKcbYldwXBAYUIlzw8Ke2KQw74u2w9wXbneJMPetezTdR6uk8YmcWXYNk7xrUYxv
zBucdKCqm2wv1UK6WCF26MtaT0+9tYZRitPrsRyD+LD0614SNiNAav01sRQ1Mpci
ENQteUXWuy97IFdla/j2kPtWlTlcAv3f0ab+bNaZZjWu6u8TnKUDlA1eotXJgkFk
L+keDUVxMmQcVv6Awioz+t1Zi258JLr0nm47z1kS15IMDjFSE9JqDdtz+V8aTgTk
hR84bkGUYLEckcEyNsyLQK9O9mhIL96/VuJEz9E2w1wl1Ilur895nCaVQDGqtsjP
EdQunyvXaoyxRJP2EPUD4Y3tPLkOihObbeV58dluHOv19RLortE8GtOo+AdwJFZG
eDL0Sn1SgeVxUEJfDR00PTLpthptaQOr80O3zQCdtCB5YJmqk9LyHR5vZT6pU80u
o3CcnQE3G6pZBvgWy43GPNzC9m2nl0M9mSuYyb1oC19TBR4gv01FiD1ALvKYaBR0
Mm2AsJYHAgMBAAGjggIYMIICFDAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJQ9kwNkSM
bKlP6zAdBgNVHQ4EFgQUtFoOphcqWxpu2YHorclDtNNQ+xYwDgYDVR0PAQH/BAQD
AgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MEoGA1UdIARDMEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYBBQUHAgEWF2h0dHBz
Oi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklo
dHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxp
ZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcBAQR+MHwwVQYIKwYB
BQUHMAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXph
dGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0
dHA6Ly9vY3NwLnNlY3RpZ28uY29tMEsGA1UdEQREMEKCHWIwNGZheHAwNS5wcmQu
bWFudWxpZmV1c2EuY29tgiF3d3cuYjA0ZmF4cDA1LnByZC5tYW51bGlmZXVzYS5j
b20wEwYKKwYBBAHWeQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBADRR71gx
jezVR68CPVxHoggrkfqnyELCTZuXNGgUdJJ0TDJzGyI5aX28TfL7A5Yelr4WGask
R21fir1ZZkRDFDr2bLdgX7v4mi36RFeoqJJZewpdR+UExHs7LU8j/Kczu7Q/j+nJ
3KRaYqa7mxfgMwYS9fuy/agjkYnNyrQ5zG0RXndN4+Wg8iEpjXnLhYEdl0ebkOj3
PE/JwNzZAZKZQjbVFSpeZPuT8kIEcsc0mlILJcRg5vUe05Eh0YqT43Qpl6oWCeo4
uWhAPCQtGz0m7g6HB7A27h7b/dEXisrIdwGyj2nMUWAZJ1w4zKpBq36ALANljGHO
ZH2rcb1QE8i8y/k=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApKo+8ikwRBjRtXoJ+CGL
sFKtkEMcHoWmpkslYHJyziySeplnYUzY3alFKSfJW1M6iH/xPMZ/1xLEM4WwIWSb
V9ou2PuZcnF25vl7DKh3vDQRCg0Oo4LZTQTOxjBLmrRFSNgXLCjS9/enBg6TsHsJ
FJhWw9hUxRaXYYmIpxtiV3BcEBhQiXPDwp7YpDDvi7bD3Bdud4kw9617NN1Hq6Tx
iZxZdg2TvGtRjG/MG5x0oKqbbC/VQrpYIXboy1pPT721hlGK0+uxHIP4sPTrXhI2
I0Bq/TWxFDUylyIQ1C15Rda7L3sgV2Vr+PaQ+1aVOVwC/d/Rpv5s1plmNa7q7xOc
pQOUDV6i1cmCQWQv6R4NRXEyZBxW/oDCKjP63VmLbnwkuvSebjvPWRLXkgwOMVIT
0moN23P5XxpOBOSFHzhuQZRgsRyRwTI2zItAr072aEgv3r9W4kTP0TbDXCXUiW6v
z3mcJpVAMaq2yM8R1C6fK9dqjLFEk/YQ9QPhje08uQ6KE5tt5Xnx2W4c6/X1Euiu
0Twa06j4B3AkVkZ4MvRKfVKB5XFQQl8NHTQ9Mum2Gm1pA6vzQ7fNAJ20IHlgmaqT
0vIdHm9lPqlTzS6jcJydATcbqlkG+BbLjcY83ML2baeXQz2ZK5jJvWgLX1MFHiC/
TUWIPUAu8phoFHQybYCwlgcCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 310169032760300663959076823152780118336
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-06-20 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-20 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise Tech and Services'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'b04faxp05.prd.manulifeusa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 671774684206005634508792916413969607963398254241456493372222929234393786885885929710907884732750504516897940751821624706711225197513624548098907909427620396863901130061669804896259625187732322325817870581167806412070814148778693214994450289869333539841817701115072120818577618576588678729002025137115368961027481870864239997432851552123307361762837407636072568250135215305647356510769212701007461633580878390055749186863125457724463549410909735997546034403524286727654342567707286568943100474308801802866759295513724111440630449070553157711089851022899645758875298740956005231410173534996173075310508997551788030776027571478415680843124791755211422193266019875226673784971195291042825831433117673038477673102377730122738964938917610924085057098898945350932908083646653623149634113805944667805683124203717116146611638414942092293706537312764750744939743868398840363158465894186052531791450542446471746307687704877382530995426499144549017778323563161450230324740144526222111571768692027903476716566610649223582779565646708792511322651026858143196942681246725341245915075091266319257006066506045701915578602262295322320303160396809483685213193100461601474324564214972382060565581583658520933303380006707610819285602503533882787857733127
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b45a0ea6172a5b1a6ed981e8adc943b4d350fb16
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (68 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b04faxp05.prd.manulifeusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.b04faxp05.prd.manulifeusa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003451ef58318decd547af023d5c47a2082b91faa7c842c24d9b973468147492744c32731b2239697dbc4df2fb03961e96be1619ab24476d5f8abd59664443143af66cb7605fbbf89a2dfa4457a8a892597b0a5d47e504c47b3b2d4f23fca733bbb43f8fe9c9dca45a62a6bb9b17e0330612f5fbb2fda8239189cdcab439cc6d115e774de3e5a0f221298d79cb85811d97479b90e8f73c4fc9c0dcd90192994236d5152a5e64fb93f2420472c7349a520b25c460e6f51ed39121d18a93e3742997aa1609ea38b968403c242d1b3d26ee0e8707b036ee1edbfdd1178acac87701b28f69cc516019275c38ccaa41ab7e802c03658c61ce647dab71bd5013c8bccbf9