jhinsuranceanalytics.com
- Manulife Financial -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number dc:83:88:4d:5c:b2:60:1f:24:f9:1b:b7:81:c3:9c:43 was issued on by Sectigo Limited.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Manulife Financial
Organization:
Manulife Financial
Organization unit: John Hancock US Division
Organization unit: Multi-Domain SSL
Organization unit: John Hancock US Division
Organization unit: Multi-Domain SSL
Address:
601 Congress Street
Postal code: 02210
State / Province: Massachusetts
Locality: Boston
Country: US
Postal code: 02210
State / Province: Massachusetts
Locality: Boston
Country: US
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): dc:83:88:4d:5c:b2:60:1f:24:f9:1b:b7:81:c3:9c:43Serial Number (int): 293113114498112428304857463026113289283
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 4b:dd:c5:b8:5c:46:14:86:63:75:ab:da:d7:bb:93:61:a3:02:62:f4
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 68:6f:04:88:96:d3:9b:ff:ee:dd:84:68:a6:73:4f:06:ab:66:66:57
Fingerprint (sha256): 1d:54:53:d0:ed:67:8e:8a:6c:e3:9f:d1:18:42:ab:b3:a4:25:08:bd:78:3f:8d:9a:07:b7:1d:8f:aa:79:dd:0d
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate jhinsuranceanalytics.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for jhinsuranceanalytics.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
jhinsuranceanalytics.com
andtabp01.prd.manulifeusa.com
www.jhinsuranceanalytics.com
andtabp01.prd.manulifeusa.com
www.jhinsuranceanalytics.com
Other certificates including the domain name jhinsuranceanalytics.com
(limited to 100 certificates)
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
www.jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
www.jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
www.jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
www.jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
jhinsuranceanalytics.com
Certificate
The complete raw certificate details for jhinsuranceanalytics.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIoDCCB4igAwIBAgIRANyDiE1csmAfJPkbt4HDnEMwDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0xOTA3MzAwMDAwMDBaFw0yMTA3MjkyMzU5NTlaMIHiMQswCQYD VQQGEwJVUzEOMAwGA1UEERMFMDIyMTAxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMx DzANBgNVBAcTBkJvc3RvbjEcMBoGA1UECRMTNjAxIENvbmdyZXNzIFN0cmVldDEb MBkGA1UEChMSTWFudWxpZmUgRmluYW5jaWFsMSEwHwYDVQQLExhKb2huIEhhbmNv Y2sgVVMgRGl2aXNpb24xGTAXBgNVBAsTEE11bHRpLURvbWFpbiBTU0wxITAfBgNV BAMTGGpoaW5zdXJhbmNlYW5hbHl0aWNzLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBAK7VFuzXbuF0+EtQ4COKkvaY64Z/+FnYC/oQ2v8Dn3VipxRh Z8Asn0e/aqG/js6EgToyC0uiZl6GOjVowE5ndAD8eVrGBCiPIgd3hjvD7hvqbLl8 c/yI4SrpJrNRActun/7dbIjxzb+74DnoLWw9ege4AD0gXnLAL9X0mPpNlTiQHjTp zgy8zc9a7q+95gn9CnWlOrZvWgdZcD/h6imrWFWR9ya0uhtG8SV9ShCrfyW+/cVy xI07wu1SHaAPYNFIG7oAnuyta6d5KLvV3ZkZaPWGgS7jbKyUivoPWhKQXZbJSWkb ymIhCUDLjaWMPcMbeMmCn0SBo5rTHJga+c8mlQRWxyXGyyb8d4q106mZoGMhDmrI 9AQFQ5R+GymXb7zZxoWDa+n2Ej2Vix1AONGj2SeSAUxI3wYNfmaFr9sgDQOzBFgy OGK+AE+ihMIBGqEoz6+DvpguLBiw1wRLU7QRX3k/RxWP3m6GdueiPx8o3+W6Dl4a ZJDag2cS7c2WiYBHpFcmqhllDRf5RnTY43irv0nY1eza2ZyXFlnf3rh+faxW4l4I 5NW2Tt0XI8DIxWt6u16/JaRPWL4MWUGpU6sPvBjwIZPFkhbtOqpRhn+XqwIS9LFd Ml9jXC5KgdOBS3/3EAQHJhU6L4OzGkr7k3Rsx0jI8YkD9aOanedWMDq9aLDNAgMB AAGjggOaMIIDljAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJQ9kwNkSMbKlP6zAdBgNV HQ4EFgQUS93FuFxGFIZjdava17uTYaMCYvQwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEoGA1UdIARD MEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGln by5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3Js LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2Vj dXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcBAQR+MHwwVQYIKwYBBQUHMAKGSWh0 dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlk YXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3Nw LnNlY3RpZ28uY29tMGAGA1UdEQRZMFeCGGpoaW5zdXJhbmNlYW5hbHl0aWNzLmNv bYIdYW5kdGFicDAxLnByZC5tYW51bGlmZXVzYS5jb22CHHd3dy5qaGluc3VyYW5j ZWFuYWx5dGljcy5jb20wggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB1APZclC/R dzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABbEM1U5kAAAQDAEYwRAIgPbRS aAW06DIp2pqkYTln93Ethmf8OUJQtLTGczacOX0CIDJAqb9bhZ2JZd1tDUc7eiTv clCmWQe33rNf64AZuldVAHcARJRlLrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2 gagAAAFsQzVTuAAABAMASDBGAiEAzF7RxaN3e+c0F+jxVI4ulip7rRvluPPlWtr2 QXkZN4QCIQDEyHkn7kv6tK5QM4b/rT75fmlIawui9fUTUqfW+6EOvwB2AG9Tdqwx 8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABbEM1U+EAAAQDAEcwRQIhAMUE HVdS/DnKLIzMpIFoCGyd0nJkpckCp0DTaKvk/yy0AiBM4t7CDlvqs/c2Y9/Zo0Sd l+Xn55dzcL/uBo9B4YtBejANBgkqhkiG9w0BAQsFAAOCAQEAL+PsJE/xPfmFuq/B 2Non5aCSXZpjnF8Q21S28u4Qv4EvhmBh/PROr6FjLqICN0WR/E2JkNH73qevYba3 9gYYLDLRROZUgoJ+iaB1aDCyZ71X8q/3M+IM+MhJvLqf0yBIWl0I3Q3xzCjmZWQW gZq33eFwqayrgHKSEEuDNBxwtysFj4x9hJLSrkG3GjKfYYwvTduHWiETD1gL7EFj 23+yRd0/ux5PUUK9NFL0toSM503M8VjbvoSAjmHMTZlH9vjgwxBWz+6n5LB09J4J DZDmqeqwWaqHrp8FcUI8v3m0wq0UmAqEHdDiO1AXjnPgzP5dGKcyqUlQUczAVRK7 Cep6SA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArtUW7Ndu4XT4S1DgI4qS 9pjrhn/4WdgL+hDa/wOfdWKnFGFnwCyfR79qob+OzoSBOjILS6JmXoY6NWjATmd0 APx5WsYEKI8iB3eGO8PuG+psuXxz/IjhKukms1EBy26f/t1siPHNv7vgOegtbD16 B7gAPSBecsAv1fSY+k2VOJAeNOnODLzNz1rur73mCf0KdaU6tm9aB1lwP+HqKatY VZH3JrS6G0bxJX1KEKt/Jb79xXLEjTvC7VIdoA9g0UgbugCe7K1rp3kou9XdmRlo 9YaBLuNsrJSK+g9aEpBdlslJaRvKYiEJQMuNpYw9wxt4yYKfRIGjmtMcmBr5zyaV BFbHJcbLJvx3irXTqZmgYyEOasj0BAVDlH4bKZdvvNnGhYNr6fYSPZWLHUA40aPZ J5IBTEjfBg1+ZoWv2yANA7MEWDI4Yr4AT6KEwgEaoSjPr4O+mC4sGLDXBEtTtBFf eT9HFY/eboZ256I/Hyjf5boOXhpkkNqDZxLtzZaJgEekVyaqGWUNF/lGdNjjeKu/ SdjV7NrZnJcWWd/euH59rFbiXgjk1bZO3RcjwMjFa3q7Xr8lpE9YvgxZQalTqw+8 GPAhk8WSFu06qlGGf5erAhL0sV0yX2NcLkqB04FLf/cQBAcmFTovg7MaSvuTdGzH SMjxiQP1o5qd51YwOr1osM0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 293113114498112428304857463026113289283 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02210' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Massachusetts' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Boston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '601 Congress Street' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'John Hancock US Division' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Multi-Domain SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'jhinsuranceanalytics.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 713253886290140424449239711792348781470387210182395391815065816861618237872787457483173255987221249484003354325664981193345004799586899056322963830543048783324586269044049648786993222482263979600048478797141610234551308196717063224726853314248292340324098561179275330493506808189868063181581435822170281317226542178885143532755923998667405344835359679910327107785377662056778724871449674893127556816819352151294395443176485796338153611138936875718137579355332109121281811787997188340407063306740042506676138247567200527271428427554931365967614261610211177242114833789935932585831423551014532462819664308405143963761508688781837630170398696844687172551203320280089665798703624938714489495280120238838388609769287110203220172090568381229469009117173759314131780786809179161091569440381510897431132251064401723131751324386646738078509719448588996885573062864916747421124322898135927655723204906155832213958586638353052256493773915091424481517455814481440171497598570700898437657322275564140877331261417638358234605488830401223707055808614167330268285322539493511670294649666598591404662084800480995094496858632664735510368488434125614361041366143712237017614462762146106475246231023579996362055866301495146152176571831985136510723207373 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4bddc5b85c4614866375abdad7bb9361a30262f4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhinsuranceanalytics.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'andtabp01.prd.manulifeusa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhinsuranceanalytics.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007500f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000016c43355399000004030046304402203db4526805b4e83229da9aa4613967f7712d8667fc394250b4b4c673369c397d02203240a9bf5b859d8965dd6d0d473b7a24ef7250a65907b7deb35feb8019ba57550077004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a80000016c433553b80000040300483046022100cc5ed1c5a3777be73417e8f1548e2e962a7bad1be5b8f3e55adaf64179193784022100c4c87927ee4bfab4ae503386ffad3ef97e69486b0ba2f5f51352a7d6fba10ebf0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016c433553e10000040300473045022100c5041d5752fc39ca2c8ccca48168086c9dd27264a5c902a740d368abe4ff2cb402204ce2dec20e5beab3f73663dfd9a3449d97e5e7e7977370bfee068f41e18b417a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002fe3ec244ff13df985baafc1d8da27e5a0925d9a639c5f10db54b6f2ee10bf812f866061fcf44eafa1632ea202374591fc4d8990d1fbdea7af61b6b7f606182c32d144e65482827e89a0756830b267bd57f2aff733e20cf8c849bcba9fd320485a5d08dd0df1cc28e6656416819ab7dde170a9acab807292104b83341c70b72b058f8c7d8492d2ae41b71a329f618c2f4ddb875a21130f580bec4163db7fb245dd3fbb1e4f5142bd3452f4b6848ce74dccf158dbbe84808e61cc4d9947f6f8e0c31056cfeea7e4b074f49e090d90e6a9eab059aa87ae9f0571423cbf79b4c2ad14980a841dd0e23b50178e73e0ccfe5d18a732a9495051ccc05512bb09ea7a48