johnhancock.com

- Manulife Financial -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number d9:6e:95:52:95:9f:24:e6:d9:24:c9:f4:bd:59:bf:c9 was issued on by Sectigo Limited.

With 94 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Manulife Financial

Organization: Manulife Financial
State / Province: Ontario
Country: CA

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): d9:6e:95:52:95:9f:24:e6:d9:24:c9:f4:bd:59:bf:c9
Serial Number (int): 289016656361811505660123852085667676105
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: eb:b2:83:63:a5:29:07:49:ea:2e:83:cd:81:b9:95:98:03:3b:25:b2
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 99:e8:b4:68:dc:e8:d1:21:ad:3b:2b:0e:89:0f:14:3b:c1:ae:20:ad
Fingerprint (sha256): 26:25:65:e5:b4:23:00:af:b2:d8:c0:a9:59:99:ee:a0:90:08:3b:9c:63:8e:ca:09:54:01:10:ba:46:18:65:48

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate johnhancock.com

94

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for johnhancock.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

johnhancock.com
10058.johnhancock.com
75hawthorne.com
advisor.jhinvestment.com
advisor.jhinvestments.com
advisor.johnhancockinvestments.com
bob.jhfnjunction.com
bob.stage.jhfnjunction.com
consultants.jhinvestments.com
consultants.johnhancockinvestments.com
dcio.jhinvestments.com
dcio.johnhancockinvestments.com
dev.johnhancock.com
diablotechnologypark.com
identity.bcomplete.com
internal.jhinvestment.com
internal.jhinvestments.com
internal.johnhancockinvestments.com
jh-dreamui-brokerage-stage.jhase.uat.manulife.com
jhancockannuities.com
jhancockinvestment.com
jhancockinvestments.com
jhancocknewyork.com
jhannuities.com
jhannuitiesny.com
jhannuity.com
jhapim.dev.manulife.com
jhapim.manulife.com
jhapps.jhfnjunction.com
jhappsstaging.jhfnjunction.com
jhf529.com
jhfreedom529.com
jhfunds.com
jhfundsretirement.com
jhinvestment.com
jhinvestments.com
jhredefininglife.com
johnhancockannuities.com
johnhancockfreedom529.com
johnhancockinvestment.com
johnhancockinvestments.com
johnhancocknewyork.com
johnhancockrealestate.com
johnhancocktravel.com
manulife-venture.com
manulifebermuda.com
manulifehongkong.com
manuliferealestate.com
manulifeusa.com
mi.jhinvestments.com
news.johnhancock.com
ourdifferentapproach.com
parkplacechandler.com
qa.manulifebermuda.com
ria.jhinvestments.com
ria.johnhancockinvestments.com
sales-tst-tmp.johnhancockinsurance.com
slabtownmarketplace.com
stage-termlife.johnhancockinsurance.com
stage.identity.bcomplete.com
stg-cps.jhinvestments.com
stg-tmp.jhinvestments.com
stg.jhinvestments.com
tanasbournecommercecenter.com
uat.johnhancocktravel.com
www.75hawthorne.com
www.diablotechnologypark.com
www.jhancockannuities.com
www.jhancockinvestment.com
www.jhancockinvestments.com
www.jhannuities.com
www.jhannuitiesny.com
www.jhannuity.com
www.jhf529.com
www.jhfreedom529.com
www.jhfunds.com
www.jhinvestment.com
www.jhinvestments.com
www.jhredefininglife.com
www.johnhancockannuities.com
www.johnhancockfreedom529.com
www.johnhancockinvestment.com
www.johnhancockinvestments.com
www.johnhancockrealestate.com
www.johnhancocktravel.com
www.manulife-venture.com
www.manulifebermuda.com
www.manulifehongkong.com
www.manuliferealestate.com
www.manulifeusa.com
www.ourdifferentapproach.com
www.parkplacechandler.com
www.slabtownmarketplace.com
www.tanasbournecommercecenter.com

Other certificates including the domain name johnhancock.com

(limited to 100 certificates)
johnhancockinsurance.com
stage.identity.jhancock.com
manulife.com
rps.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
johnhancock.com
www.jhinvestments.com
stg.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
qr.retirement.johnhancock.com
dev-tmp.jhinvestments.com
johnhancock.com
www.jhinvestments.com
manulife.com
johnhancock.com
advisorfeedbackhub.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
crverifyidentity-dev.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
instant-apply.johnhancockinsurance.com
manulife.com
manulife.com
rps.jhancock.com
instant-apply.johnhancockinsurance.com
qr.myplan.johnhancock.com
manulife.com
digital-uat.customer.johnhancock.com
myplanuat.johnhancock.com
manulife.com
www.jhinvestments.com
digital-uat.customer.johnhancock.com
personalizedretirementadvice.johnhancock.com
rps.jhancock.com
www.jhinvestments.com
johnhancock.com
secure.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
www.jhinvestments.com
manulife.com
ww4.johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
preferences.johnhancock.com
qr.myplan.johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
manulife.com
jhshsm.johnhancock.com
qr.myplan.johnhancock.com
johnhancock.com
ww4.johnhancock.com
quote-uat.johnhancock.com
stg.johnhancock.com
johnhancock.com
digital.customer.johnhancock.com
johnhancock.com
johnhancockinsurance.com
johnhancock.com
retirementinfo.johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
protect.johnhancock.com
jhshsm.johnhancock.com
rps.jhancock.com
qr.retirement.johnhancock.com
manulife.com
johnhancock.com
newonboardingaugust2023.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
finapp.johnhancock.com
johnhancock.com
manulife.com
manulife.com
preferencesstg.johnhancock.com

Certificate

The complete raw certificate details for johnhancock.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIQHDCCDwSgAwIBAgIRANlulVKVnyTm2STJ9L1Zv8kwDQYJKoZIhvcNAQELBQAw
gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE
AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0yMjA4MDkwMDAwMDBaFw0yMzA4MDkyMzU5NTlaMFYxCzAJBgNV
BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRswGQYDVQQKExJNYW51bGlmZSBGaW5h
bmNpYWwxGDAWBgNVBAMTD2pvaG5oYW5jb2NrLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAMcBG2qbB59b2pQeGIKgvgEMBoqis5sC7r0qi2dAXOf1
I19SXMb3T8xqdKmsk6f3EwGUiHd76S7igmSZbax5mBqYZ89AMYKj5yWJAStECcwS
07A3UtbmOBcFWt6ZY+qICN3Z9bPeFsYfVaeMPQzL11f69ezl5YqZmJojuFAwQo9O
i3HTaljoms0MIa4a2/9A/Kf8GXazC6+FP13Ocw9DSu21MektlxtPmqmRg7+EvFFP
+pQfwWh+U+OlnyKumo+LEMcazdqvMYeC7CTQQ6shpUWMgKwMPsz+3mTh1zYfOT0J
TCl2x1KSMrB/yNFsuchUx7ydDnKr6PxQVOxCH+AAntcCAwEAAaOCDKMwggyfMB8G
A1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1UdDgQWBBTrsoNjpSkH
Seoug82BuZWYAzslsjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMwQTA1BgwrBgEEAbIx
AQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwCAYG
Z4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5jb20v
U2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
cmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0
aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNl
cnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20w
ggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB3AK33vvp8/xDIi509nB4+GGq0Zyld
z7EMJMqFhjTr3IKKAAABgoF2AN4AAAQDAEgwRgIhAM7xxePRkeJCbtGi3lqvwWKC
HeEfDPrQPpKFmCfXGqbeAiEAsNV8crb7B5+AGxzadcPaMumcHbWUDwiiCp3j3BZA
xn8AdQB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYKBdgC6AAAE
AwBGMEQCICPLT8szFev+8aGMaVLayucPcjh0dyf/95iL3eSHLJeoAiBNSJb6so7h
fIOi7A/M3732Z0VvCWMwB0UxQ6ddUgYkiwB2AOg+0No+9QY1MudXKLyJa8kD08vR
EWvs62nhd31tBr1uAAABgoF2AIkAAAQDAEcwRQIgCk3+U6asb9Rn1bq6TCyVpgTi
A6+ulIBdazauh8MyK1UCIQDn8TrsdDgvRxOCIInIltHKRiajvETllqvk6h3H3RUV
VzCCCWcGA1UdEQSCCV4wgglagg9qb2huaGFuY29jay5jb22CFTEwMDU4LmpvaG5o
YW5jb2NrLmNvbYIPNzVoYXd0aG9ybmUuY29tghhhZHZpc29yLmpoaW52ZXN0bWVu
dC5jb22CGWFkdmlzb3IuamhpbnZlc3RtZW50cy5jb22CImFkdmlzb3Iuam9obmhh
bmNvY2tpbnZlc3RtZW50cy5jb22CFGJvYi5qaGZuanVuY3Rpb24uY29tghpib2Iu
c3RhZ2Uuamhmbmp1bmN0aW9uLmNvbYIdY29uc3VsdGFudHMuamhpbnZlc3RtZW50
cy5jb22CJmNvbnN1bHRhbnRzLmpvaG5oYW5jb2NraW52ZXN0bWVudHMuY29tghZk
Y2lvLmpoaW52ZXN0bWVudHMuY29tgh9kY2lvLmpvaG5oYW5jb2NraW52ZXN0bWVu
dHMuY29tghNkZXYuam9obmhhbmNvY2suY29tghhkaWFibG90ZWNobm9sb2d5cGFy
ay5jb22CFmlkZW50aXR5LmJjb21wbGV0ZS5jb22CGWludGVybmFsLmpoaW52ZXN0
bWVudC5jb22CGmludGVybmFsLmpoaW52ZXN0bWVudHMuY29tgiNpbnRlcm5hbC5q
b2huaGFuY29ja2ludmVzdG1lbnRzLmNvbYIxamgtZHJlYW11aS1icm9rZXJhZ2Ut
c3RhZ2Uuamhhc2UudWF0Lm1hbnVsaWZlLmNvbYIVamhhbmNvY2thbm51aXRpZXMu
Y29tghZqaGFuY29ja2ludmVzdG1lbnQuY29tghdqaGFuY29ja2ludmVzdG1lbnRz
LmNvbYITamhhbmNvY2tuZXd5b3JrLmNvbYIPamhhbm51aXRpZXMuY29tghFqaGFu
bnVpdGllc255LmNvbYINamhhbm51aXR5LmNvbYIXamhhcGltLmRldi5tYW51bGlm
ZS5jb22CE2poYXBpbS5tYW51bGlmZS5jb22CF2poYXBwcy5qaGZuanVuY3Rpb24u
Y29tgh5qaGFwcHNzdGFnaW5nLmpoZm5qdW5jdGlvbi5jb22CCmpoZjUyOS5jb22C
EGpoZnJlZWRvbTUyOS5jb22CC2poZnVuZHMuY29tghVqaGZ1bmRzcmV0aXJlbWVu
dC5jb22CEGpoaW52ZXN0bWVudC5jb22CEWpoaW52ZXN0bWVudHMuY29tghRqaHJl
ZGVmaW5pbmdsaWZlLmNvbYIYam9obmhhbmNvY2thbm51aXRpZXMuY29tghlqb2hu
aGFuY29ja2ZyZWVkb201MjkuY29tghlqb2huaGFuY29ja2ludmVzdG1lbnQuY29t
ghpqb2huaGFuY29ja2ludmVzdG1lbnRzLmNvbYIWam9obmhhbmNvY2tuZXd5b3Jr
LmNvbYIZam9obmhhbmNvY2tyZWFsZXN0YXRlLmNvbYIVam9obmhhbmNvY2t0cmF2
ZWwuY29tghRtYW51bGlmZS12ZW50dXJlLmNvbYITbWFudWxpZmViZXJtdWRhLmNv
bYIUbWFudWxpZmVob25na29uZy5jb22CFm1hbnVsaWZlcmVhbGVzdGF0ZS5jb22C
D21hbnVsaWZldXNhLmNvbYIUbWkuamhpbnZlc3RtZW50cy5jb22CFG5ld3Muam9o
bmhhbmNvY2suY29tghhvdXJkaWZmZXJlbnRhcHByb2FjaC5jb22CFXBhcmtwbGFj
ZWNoYW5kbGVyLmNvbYIWcWEubWFudWxpZmViZXJtdWRhLmNvbYIVcmlhLmpoaW52
ZXN0bWVudHMuY29tgh5yaWEuam9obmhhbmNvY2tpbnZlc3RtZW50cy5jb22CJnNh
bGVzLXRzdC10bXAuam9obmhhbmNvY2tpbnN1cmFuY2UuY29tghdzbGFidG93bm1h
cmtldHBsYWNlLmNvbYInc3RhZ2UtdGVybWxpZmUuam9obmhhbmNvY2tpbnN1cmFu
Y2UuY29tghxzdGFnZS5pZGVudGl0eS5iY29tcGxldGUuY29tghlzdGctY3BzLmpo
aW52ZXN0bWVudHMuY29tghlzdGctdG1wLmpoaW52ZXN0bWVudHMuY29tghVzdGcu
amhpbnZlc3RtZW50cy5jb22CHXRhbmFzYm91cm5lY29tbWVyY2VjZW50ZXIuY29t
ghl1YXQuam9obmhhbmNvY2t0cmF2ZWwuY29tghN3d3cuNzVoYXd0aG9ybmUuY29t
ghx3d3cuZGlhYmxvdGVjaG5vbG9neXBhcmsuY29tghl3d3cuamhhbmNvY2thbm51
aXRpZXMuY29tghp3d3cuamhhbmNvY2tpbnZlc3RtZW50LmNvbYIbd3d3LmpoYW5j
b2NraW52ZXN0bWVudHMuY29tghN3d3cuamhhbm51aXRpZXMuY29tghV3d3cuamhh
bm51aXRpZXNueS5jb22CEXd3dy5qaGFubnVpdHkuY29tgg53d3cuamhmNTI5LmNv
bYIUd3d3LmpoZnJlZWRvbTUyOS5jb22CD3d3dy5qaGZ1bmRzLmNvbYIUd3d3Lmpo
aW52ZXN0bWVudC5jb22CFXd3dy5qaGludmVzdG1lbnRzLmNvbYIYd3d3LmpocmVk
ZWZpbmluZ2xpZmUuY29tghx3d3cuam9obmhhbmNvY2thbm51aXRpZXMuY29tgh13
d3cuam9obmhhbmNvY2tmcmVlZG9tNTI5LmNvbYIdd3d3LmpvaG5oYW5jb2NraW52
ZXN0bWVudC5jb22CHnd3dy5qb2huaGFuY29ja2ludmVzdG1lbnRzLmNvbYIdd3d3
LmpvaG5oYW5jb2NrcmVhbGVzdGF0ZS5jb22CGXd3dy5qb2huaGFuY29ja3RyYXZl
bC5jb22CGHd3dy5tYW51bGlmZS12ZW50dXJlLmNvbYIXd3d3Lm1hbnVsaWZlYmVy
bXVkYS5jb22CGHd3dy5tYW51bGlmZWhvbmdrb25nLmNvbYIad3d3Lm1hbnVsaWZl
cmVhbGVzdGF0ZS5jb22CE3d3dy5tYW51bGlmZXVzYS5jb22CHHd3dy5vdXJkaWZm
ZXJlbnRhcHByb2FjaC5jb22CGXd3dy5wYXJrcGxhY2VjaGFuZGxlci5jb22CG3d3
dy5zbGFidG93bm1hcmtldHBsYWNlLmNvbYIhd3d3LnRhbmFzYm91cm5lY29tbWVy
Y2VjZW50ZXIuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCJZhHgTnAIObEjmPXK+HT3
S5NXffLsyeHJSB+IGrQX0zR8d5czoEF06HuWsiaMhSMGifJdDWTekD1ICEr5enjI
2up3ygoRAGU+mRvML8AxlodGP22/ls226w05Y9HMHjrJFXHsigKsJiAA9ycD1RoI
nbbxLB1avLyVpQ10PW5nq4Ui+X2J5K1Ohp4cQ2H6LZiw5Vg02gztkI0bnpM3YGXO
hX5xpIvw7vBffsNBc6R4RJlOIrtksLsXvJGeaXTBd9ayKrI2SvRduA3T7auglz2q
sZs7igf/exuLQfwlFdXUn81wMFV7SpcV+31TjW7AdfjM336w8s3yBxXNIxcvZeiw
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwEbapsHn1valB4YgqC+
AQwGiqKzmwLuvSqLZ0Bc5/UjX1JcxvdPzGp0qayTp/cTAZSId3vpLuKCZJltrHmY
Gphnz0AxgqPnJYkBK0QJzBLTsDdS1uY4FwVa3plj6ogI3dn1s94Wxh9Vp4w9DMvX
V/r17OXlipmYmiO4UDBCj06LcdNqWOiazQwhrhrb/0D8p/wZdrMLr4U/Xc5zD0NK
7bUx6S2XG0+aqZGDv4S8UU/6lB/BaH5T46WfIq6aj4sQxxrN2q8xh4LsJNBDqyGl
RYyArAw+zP7eZOHXNh85PQlMKXbHUpIysH/I0Wy5yFTHvJ0Ocqvo/FBU7EIf4ACe
1wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 289016656361811505660123852085667676105
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-08-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'johnhancock.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25121968617345376946212166099442469654628379444587062546488571197971983042541684044092992911125793690974337535932470320833747640403150658639427112142760318996639015643602153200059930520974270922970536721708923463500571693325018292126164835722982911134556944806770217265486508607047761582810502959431014184099201991115467419014811859815569425974921987825687946424634140174982674160068672282891110265401310570245939329302140602707960534150938908729152617537526169057472490712798206943767576250823720851744003443449713568979307895756386162144061762690406861450981801305817092390334958263700283832265232277817107712876247
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ebb28363a5290749ea2e83cd81b99598033b25b2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007700adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a00000182817600de0000040300483046022100cef1c5e3d191e2426ed1a2de5aafc162821de11f0cfad03e92859827d71aa6de022100b0d57c72b6fb079f801b1cda75c3da32e99c1db5940f08a20a9de3dc1640c67f0075007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000182817600ba0000040300463044022023cb4fcb3315ebfef1a18c6952dacae70f7238747727fff7988bdde4872c97a802204d4896fab28ee17c83a2ec0fccdfbdf667456f09633007453143a75d5206248b007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018281760089000004030047304502200a4dfe53a6ac6fd467d5baba4c2c95a604e203afae94805d6b36ae87c3322b55022100e7f13aec74382f4713822089c896d1ca4626a3bc44e596abe4ea1dc7dd151557
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2398 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '10058.johnhancock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '75hawthorne.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advisor.jhinvestment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advisor.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advisor.johnhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bob.jhfnjunction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bob.stage.jhfnjunction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'consultants.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'consultants.johnhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dcio.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dcio.johnhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.johnhancock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diablotechnologypark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'identity.bcomplete.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.jhinvestment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.johnhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jh-dreamui-brokerage-stage.jhase.uat.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockannuities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockinvestment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancocknewyork.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhannuities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhannuitiesny.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhannuity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapps.jhfnjunction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhappsstaging.jhfnjunction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhf529.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhfreedom529.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhfunds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhfundsretirement.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhinvestment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhredefininglife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockannuities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockfreedom529.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockinvestment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancocknewyork.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockrealestate.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancocktravel.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife-venture.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebermuda.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifehongkong.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manuliferealestate.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifeusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mi.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'news.johnhancock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ourdifferentapproach.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'parkplacechandler.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.manulifebermuda.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ria.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ria.johnhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales-tst-tmp.johnhancockinsurance.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'slabtownmarketplace.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage-termlife.johnhancockinsurance.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.identity.bcomplete.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-cps.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg-tmp.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tanasbournecommercecenter.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.johnhancocktravel.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.75hawthorne.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.diablotechnologypark.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhancockannuities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhancockinvestment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhannuities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhannuitiesny.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhannuity.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhf529.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhfreedom529.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhfunds.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhinvestment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhredefininglife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.johnhancockannuities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.johnhancockfreedom529.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.johnhancockinvestment.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.johnhancockinvestments.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.johnhancockrealestate.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.johnhancocktravel.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulife-venture.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebermuda.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifehongkong.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manuliferealestate.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifeusa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ourdifferentapproach.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.parkplacechandler.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.slabtownmarketplace.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tanasbournecommercecenter.com'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00896611e04e700839b12398f5caf874f74b93577df2ecc9e1c9481f881ab417d3347c779733a04174e87b96b2268c85230689f25d0d64de903d48084af97a78c8daea77ca0a1100653e991bcc2fc0319687463f6dbf96cdb6eb0d3963d1cc1e3ac91571ec8a02ac262000f72703d51a089db6f12c1d5abcbc95a50d743d6e67ab8522f97d89e4ad4e869e1c4361fa2d98b0e55834da0ced908d1b9e93376065ce857e71a48bf0eef05f7ec34173a47844994e22bb64b0bb17bc919e6974c177d6b22ab2364af45db80dd3edaba0973daab19b3b8a07ff7b1b8b41fc2515d5d49fcd7030557b4a9715fb7d538d6ec075f8ccdf7eb0f2cdf20715cd23172f65e8b0