a7220-and-lc-dmz.prd.manulifeusa.com
- Manulife Financial -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 0c:cf:d6:91:d2:cb:84:d1:24:2e:ca:63:31:8e:fd:00 was issued on by Sectigo Limited.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Manulife Financial
Organization:
Manulife Financial
Organization unit: Enterprise Tech and Services
Organization unit: Enterprise Tech and Services
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:cf:d6:91:d2:cb:84:d1:24:2e:ca:63:31:8e:fd:00Serial Number (int): 17029893388112337033967901353970695424
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 67:53:dc:ac:b6:b1:01:40:b8:df:64:92:ba:50:23:22:52:23:81:24
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): f5:65:4f:90:97:3e:fe:96:c4:88:49:52:8c:48:35:b5:ce:81:25:28
Fingerprint (sha256): 25:aa:0f:f9:6e:f1:c0:3a:e3:c0:9d:37:48:e3:58:a5:c2:53:ad:11:68:c7:45:1b:9a:af:39:81:b8:99:18:d5
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate a7220-and-lc-dmz.prd.manulifeusa.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for a7220-and-lc-dmz.prd.manulifeusa.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
a7220-and-lc-dmz.prd.manulifeusa.com
www.a7220-and-lc-dmz.prd.manulifeusa.com
www.a7220-and-lc-dmz.prd.manulifeusa.com
Other certificates including the domain name manulifeusa.com
(limited to 100 certificates)
stage.jherpmx2.jhancock.com
b04orad10.dev.manulifeusa.com
b04llsp01.prd.manulifeusa.com
qa.johnhancock.com
johnhancock.com
b04wvgisvisd01.dev.manulifeusa.com
andmirp01.prd.manulifeusa.com
andappm01.mod.manulifeusa.com
andfaxp01.prd.manulifeusa.com
cconprem.manulife.com
b04xprm02.mod.manulifeusa.com
johnhancock.com
cl4orad10.dev.manulifeusa.com
johnhancock.com
nasbaccess01.manulife.com
jhcontractstest.mod.manulifeusa.com
test.jherpdx3.jhancock.com
azwapnwasm01.mfcgd.com
b04fimd02.dev.manulifeusa.com
johnhancock.com
beacon.prd.manulifeusa.com
a7220-b04-lc-a.prd.manulifeusa.com
brave.prd.manulifeusa.com
azaphnerpt01a1.mfcgd.com
barcpsp04.manulife.com
www.igpinfo.com
andwvgisvrcp04.prd.manulifeusa.com
b04sdsd01.dev.manulifeusa.com
b04bkpd01.dev.manulifeusa.com
b04faxp05.prd.manulifeusa.com
jherpmx8.mod.manulifeusa.com
johnhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
clbs37617.dev.manulifeusa.com
whbp30730.prd.manulifeusa.com
johnhancock.com
b04appd12.dev.manulifeusa.com
azwapnwasm01.mfcgd.com
johnhancock.com
johnhancock.com
usvmreset.prd.manulifeusa.com
azwapnwasm01.mfcgd.com
cl4oram10.mod.manulifeusa.com
johnhancock.com
azulvsasdb2m04.mod.manulifeusa.com
andmirp01.prd.manulifeusa.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
test.jherpdx3.jhancock.com
b04pwdd01.dev.manulifeusa.com
test.jherpdx3.jhancock.com
andllsp01.prd.manulifeusa.com
jherpx8.prd.manulifeusa.com
andwvetsrigp01.prd.manulifeusa.com
test.jherpdx3.jhancock.com
azaphnerpt01a1.mfcgd.com
azuwvjhibeas01.mfcgd.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
andrsap01.prd.manulifeusa.com
b04appd11.dev.manulifeusa.com
johnhancock.com
a7210-and-mclic-a.prd.manulifeusa.com
andwvgisvstp01.prd.manulifeusa.com
b04faxp05.prd.manulifeusa.com
jherpmx8.mod.manulifeusa.com
andsbc.manulife.com
stage.partnerlink.jhancock.com
stage.jherpmx2.jhancock.com
jherpx8.prd.manulifeusa.com
jhesb-stage2.mod.manulifeusa.com
jherpmx8.mod.manulifeusa.com
jhinsuranceanalytics.com
b04pwdd01.dev.manulifeusa.com
b04pwdd01.dev.manulifeusa.com
b04bkpd01.dev.manulifeusa.com
usvmreset.prd.manulifeusa.com
azwphnwast01.mfcgd.com
johnhancock.com
bravestage.mod.manulifeusa.com
andorap10.prd.manulifeusa.com
qa-siebel.mod.manulifeusa.com
dis.dev.manulifeusa.com
andorap04.prd.manulifeusa.com
johnhancock.com
a7220-and-lc-a.prd.manulifeusa.com
azaphnerpt01a1.mfcgd.com
b04pwdd01.dev.manulifeusa.com
stage.jherpmx1.jhancock.com
andsdsm01.mod.manulifeusa.com
prod-siebel.manulifeusa.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
cl4oram10.mod.manulifeusa.com
a7220-and-lc-dmz.prd.manulifeusa.com
stage.inforceillustrationportal.com
b04pwdd01.dev.manulifeusa.com
b04amxd02.dev.manulifeusa.com
johnhancock.com
b04orad10.dev.manulifeusa.com
b04llsp01.prd.manulifeusa.com
qa.johnhancock.com
johnhancock.com
b04wvgisvisd01.dev.manulifeusa.com
andmirp01.prd.manulifeusa.com
andappm01.mod.manulifeusa.com
andfaxp01.prd.manulifeusa.com
cconprem.manulife.com
b04xprm02.mod.manulifeusa.com
johnhancock.com
cl4orad10.dev.manulifeusa.com
johnhancock.com
nasbaccess01.manulife.com
jhcontractstest.mod.manulifeusa.com
test.jherpdx3.jhancock.com
azwapnwasm01.mfcgd.com
b04fimd02.dev.manulifeusa.com
johnhancock.com
beacon.prd.manulifeusa.com
a7220-b04-lc-a.prd.manulifeusa.com
brave.prd.manulifeusa.com
azaphnerpt01a1.mfcgd.com
barcpsp04.manulife.com
www.igpinfo.com
andwvgisvrcp04.prd.manulifeusa.com
b04sdsd01.dev.manulifeusa.com
b04bkpd01.dev.manulifeusa.com
b04faxp05.prd.manulifeusa.com
jherpmx8.mod.manulifeusa.com
johnhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
clbs37617.dev.manulifeusa.com
whbp30730.prd.manulifeusa.com
johnhancock.com
b04appd12.dev.manulifeusa.com
azwapnwasm01.mfcgd.com
johnhancock.com
johnhancock.com
usvmreset.prd.manulifeusa.com
azwapnwasm01.mfcgd.com
cl4oram10.mod.manulifeusa.com
johnhancock.com
azulvsasdb2m04.mod.manulifeusa.com
andmirp01.prd.manulifeusa.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
test.jherpdx3.jhancock.com
b04pwdd01.dev.manulifeusa.com
test.jherpdx3.jhancock.com
andllsp01.prd.manulifeusa.com
jherpx8.prd.manulifeusa.com
andwvetsrigp01.prd.manulifeusa.com
test.jherpdx3.jhancock.com
azaphnerpt01a1.mfcgd.com
azuwvjhibeas01.mfcgd.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
andrsap01.prd.manulifeusa.com
b04appd11.dev.manulifeusa.com
johnhancock.com
a7210-and-mclic-a.prd.manulifeusa.com
andwvgisvstp01.prd.manulifeusa.com
b04faxp05.prd.manulifeusa.com
jherpmx8.mod.manulifeusa.com
andsbc.manulife.com
stage.partnerlink.jhancock.com
stage.jherpmx2.jhancock.com
jherpx8.prd.manulifeusa.com
jhesb-stage2.mod.manulifeusa.com
jherpmx8.mod.manulifeusa.com
jhinsuranceanalytics.com
b04pwdd01.dev.manulifeusa.com
b04pwdd01.dev.manulifeusa.com
b04bkpd01.dev.manulifeusa.com
usvmreset.prd.manulifeusa.com
azwphnwast01.mfcgd.com
johnhancock.com
bravestage.mod.manulifeusa.com
andorap10.prd.manulifeusa.com
qa-siebel.mod.manulifeusa.com
dis.dev.manulifeusa.com
andorap04.prd.manulifeusa.com
johnhancock.com
a7220-and-lc-a.prd.manulifeusa.com
azaphnerpt01a1.mfcgd.com
b04pwdd01.dev.manulifeusa.com
stage.jherpmx1.jhancock.com
andsdsm01.mod.manulifeusa.com
prod-siebel.manulifeusa.com
qa-siebel.mod.manulifeusa.com
johnhancock.com
cl4oram10.mod.manulifeusa.com
a7220-and-lc-dmz.prd.manulifeusa.com
stage.inforceillustrationportal.com
b04pwdd01.dev.manulifeusa.com
b04amxd02.dev.manulifeusa.com
johnhancock.com
Certificate
The complete raw certificate details for a7220-and-lc-dmz.prd.manulifeusa.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF2zCCBMOgAwIBAgIQDM/WkdLLhNEkLspjMY79ADANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIyMDMwMzAwMDAwMFoXDTIzMDMwMzIzNTk1OVowgZIxCzAJBgNV BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRswGQYDVQQKExJNYW51bGlmZSBGaW5h bmNpYWwxJTAjBgNVBAsTHEVudGVycHJpc2UgVGVjaCBhbmQgU2VydmljZXMxLTAr BgNVBAMTJGE3MjIwLWFuZC1sYy1kbXoucHJkLm1hbnVsaWZldXNhLmNvbTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMSnUcW01AjuQfBA5PUBgPNgDlZv A1BUKDNwplaNM+z5Hc9WBXF0bcZ2n3q2P1KuZEfwnu+nJBdbPw1Ue5Lh2L3en8Ve OWUynN8gDDlogxQFUqdCcktDcfqwtnf2LBXREL+utjnMu0BAtMXHIO1FapK/lmKG TR60FBHILIMJjJTgM+xpeK2X6biP4WuutWTrE00vWFnzZc+0IFnQVDyQB0zmm+v7 gdIXWVodSoWODUaIyLGEW+9V1IHdHui4QAeT3XCyQDT7k3W7VZ8u3M7gUTfDHghV wthdENGQ4I4u0sYsnLvGT8PVc5/m9MwJENmJi83x7Ery+CSJ87fjAWVtfXsCAwEA AaOCAiYwggIiMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1Ud DgQWBBRnU9ystrEBQLjfZJK6UCMiUiOBJDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMw QTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdv LmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwu c2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1 cmVTZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0 cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRh dGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Au c2VjdGlnby5jb20wWQYDVR0RBFIwUIIkYTcyMjAtYW5kLWxjLWRtei5wcmQubWFu dWxpZmV1c2EuY29tgih3d3cuYTcyMjAtYW5kLWxjLWRtei5wcmQubWFudWxpZmV1 c2EuY29tMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBs TdMNxYAPMHCwIbdAyCnf5ct/uohW9XG87Sh/F8UIMiS5CMmzUa7tAZSmbxLO9y7r 7+uGSplNOme5xjFxUppF80VnAybyOXDql4rRomBQFVM9Egbw82b9J6NTgNooUAJM MT62RAJzWpmxK+imYP7t6vXSjG+Z7AVTMj3MdHpHX9tYsroV/lxq/kNt0IxfW39V WJvpiM0tIu/3/7tO7nqCmmXS34fOiC0Y5jR4h+oE2Zbw43HbB9hQV7bRqza/B2C5 ebmLZLDje1TDPcKmDdkRUK0Qnhl/Ud66G3GbJpnY+Y3rs6BXYBgRZTR3ToDFAc1Y LuOb22KfNa7fKvyT15NS -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKdRxbTUCO5B8EDk9QGA 82AOVm8DUFQoM3CmVo0z7Pkdz1YFcXRtxnaferY/Uq5kR/Ce76ckF1s/DVR7kuHY vd6fxV45ZTKc3yAMOWiDFAVSp0JyS0Nx+rC2d/YsFdEQv662Ocy7QEC0xccg7UVq kr+WYoZNHrQUEcgsgwmMlOAz7Gl4rZfpuI/ha661ZOsTTS9YWfNlz7QgWdBUPJAH TOab6/uB0hdZWh1KhY4NRojIsYRb71XUgd0e6LhAB5PdcLJANPuTdbtVny7czuBR N8MeCFXC2F0Q0ZDgji7Sxiycu8ZPw9Vzn+b0zAkQ2YmLzfHsSvL4JInzt+MBZW19 ewIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17029893388112337033967901353970695424 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-03-03 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Enterprise Tech and Services' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'a7220-and-lc-dmz.prd.manulifeusa.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24825216055959353680494388738898174715170410548271073837220376847913936004784822237751206949609179715835773853355789008753060335485122088768614642834791420180475136904791219970497530034538245510374147096095154994155627956339135619612255136232137484576698441070732415274059890296634567526852775765649735133197011352367297109551349135382696394943964243227167472641110176832079454846701352557746890348295669924304085572433902369724957726595692552333472736349480125398034240257661655047505469895297571572999419849857646418682514570177333350755062653170208689684712041125269811463501006373735277490402128151063797328346491 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6753dcacb6b10140b8df6492ba50232252238124 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a7220-and-lc-dmz.prd.manulifeusa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.a7220-and-lc-dmz.prd.manulifeusa.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006c4dd30dc5800f3070b021b740c829dfe5cb7fba8856f571bced287f17c5083224b908c9b351aeed0194a66f12cef72eebefeb864a994d3a67b9c63171529a45f345670326f23970ea978ad1a2605015533d1206f0f366fd27a35380da2850024c313eb64402735a99b12be8a660feedeaf5d28c6f99ec0553323dcc747a475fdb58b2ba15fe5c6afe436dd08c5f5b7f55589be988cd2d22eff7ffbb4eee7a829a65d2df87ce882d18e6347887ea04d996f0e371db07d85057b6d1ab36bf0760b979b98b64b0e37b54c33dc2a60dd91150ad109e197f51deba1b719b2699d8f98debb3a0576018116534774e80c501cd582ee39bdb629f35aedf2afc93d79352