johnhancock.com
- Manulife Financial -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 56:56:6b:c3:2c:96:2c:f2:c4:53:33:9b:64:28:dc:8f was issued on by Sectigo Limited.
With 65 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Manulife Financial
Organization:
Manulife Financial
Organization unit: John Hancock US Division
Organization unit: Multi-Domain SSL
Organization unit: John Hancock US Division
Organization unit: Multi-Domain SSL
Address:
200 Bloor Street East
Postal code: M4W 1E5
State / Province: Ontario
Locality: Toronto
Country: CA
Postal code: M4W 1E5
State / Province: Ontario
Locality: Toronto
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): 56:56:6b:c3:2c:96:2c:f2:c4:53:33:9b:64:28:dc:8fSerial Number (int): 114762330848454932823527620064571874447
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: e9:87:e6:01:85:6c:34:9c:87:a5:5c:74:cb:6b:26:6c:9e:8c:a7:18
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): d7:bd:a8:36:ee:b0:22:1e:d7:ef:12:bc:eb:b4:a2:53:25:10:7e:b4
Fingerprint (sha256): 2f:eb:37:44:65:b6:e6:a0:39:76:37:fa:aa:94:63:43:13:00:71:87:08:3c:63:a5:de:03:2f:84:a2:26:61:d2
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate johnhancock.com
65
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for johnhancock.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
johnhancock.com
11514.johnhancock.com
707fifth.com
980howe.com
advisor.johnhancockinsurance.com
apply.johnhancockinsurance.com
authoring.jhfnjunction.com
bostonmarathonmediaguide.com
fuw-apply.johnhancockinsurance.com
instant-apply.johnhancockinsurance.com
jh401kadviser.com
jh401kadvisor.com
jhancock.com
jhancockannuities.com
jhancockinvestment.com
jhancockinvestments.com
jhancocknewyork.com
jhancockny.com
jhancocknypensions.com
jhancockpensions.com
jhannuitiesny.com
jhannuity.com
jhbusinessanalyzer.com
jhf529.com
jhfnjunction.com
jhfreedom529.com
jhfunds.com
jhgoenroll.com
jhillustrator.com
jhinforcedownload.com
jhinvestment.com
jhinvestments.com
jhlife.com
jhlifeproducts.com
jhmclient.com
jhmgroup.com
jhopenenrollment.com
jhsaleshub.com
jhsalesnet.com
jhservicenet.com
johnhancockannuities.com
johnhancockfreedom529.com
johnhancockinsurance.com
johnhancockinvestment.com
johnhancockinvestments.com
johnhancocknewyork.com
johnhancockvitality.com
manulife-venture.com
manulifebermuda.com
manulifehongkong.com
manulifeillustrator.com
manulifeusa.com
mas.jhancock.com
ourdifferentapproach.com
partnerlink.jhancock.com
register.jhancock.com
sales-stg.johnhancockinsurance.com
sales.johnhancockinsurance.com
secure.johnhancockinsurance.com
stage-apply.johnhancockinsurance.com
stage-termlife.johnhancockinsurance.com
termlife.johnhancockinsurance.com
usc.jhancock.com
www.jhlifeinsurance.com
www.jhsaleshub.com
11514.johnhancock.com
707fifth.com
980howe.com
advisor.johnhancockinsurance.com
apply.johnhancockinsurance.com
authoring.jhfnjunction.com
bostonmarathonmediaguide.com
fuw-apply.johnhancockinsurance.com
instant-apply.johnhancockinsurance.com
jh401kadviser.com
jh401kadvisor.com
jhancock.com
jhancockannuities.com
jhancockinvestment.com
jhancockinvestments.com
jhancocknewyork.com
jhancockny.com
jhancocknypensions.com
jhancockpensions.com
jhannuitiesny.com
jhannuity.com
jhbusinessanalyzer.com
jhf529.com
jhfnjunction.com
jhfreedom529.com
jhfunds.com
jhgoenroll.com
jhillustrator.com
jhinforcedownload.com
jhinvestment.com
jhinvestments.com
jhlife.com
jhlifeproducts.com
jhmclient.com
jhmgroup.com
jhopenenrollment.com
jhsaleshub.com
jhsalesnet.com
jhservicenet.com
johnhancockannuities.com
johnhancockfreedom529.com
johnhancockinsurance.com
johnhancockinvestment.com
johnhancockinvestments.com
johnhancocknewyork.com
johnhancockvitality.com
manulife-venture.com
manulifebermuda.com
manulifehongkong.com
manulifeillustrator.com
manulifeusa.com
mas.jhancock.com
ourdifferentapproach.com
partnerlink.jhancock.com
register.jhancock.com
sales-stg.johnhancockinsurance.com
sales.johnhancockinsurance.com
secure.johnhancockinsurance.com
stage-apply.johnhancockinsurance.com
stage-termlife.johnhancockinsurance.com
termlife.johnhancockinsurance.com
usc.jhancock.com
www.jhlifeinsurance.com
www.jhsaleshub.com
Other certificates including the domain name johnhancock.com
(limited to 100 certificates)
johnhancockinsurance.com
stage.identity.jhancock.com
manulife.com
rps.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
johnhancock.com
www.jhinvestments.com
stg.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
qr.retirement.johnhancock.com
dev-tmp.jhinvestments.com
johnhancock.com
www.jhinvestments.com
manulife.com
johnhancock.com
advisorfeedbackhub.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
crverifyidentity-dev.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
instant-apply.johnhancockinsurance.com
manulife.com
manulife.com
rps.jhancock.com
instant-apply.johnhancockinsurance.com
qr.myplan.johnhancock.com
manulife.com
digital-uat.customer.johnhancock.com
myplanuat.johnhancock.com
manulife.com
www.jhinvestments.com
digital-uat.customer.johnhancock.com
personalizedretirementadvice.johnhancock.com
rps.jhancock.com
www.jhinvestments.com
johnhancock.com
secure.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
www.jhinvestments.com
manulife.com
ww4.johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
preferences.johnhancock.com
qr.myplan.johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
manulife.com
jhshsm.johnhancock.com
qr.myplan.johnhancock.com
johnhancock.com
ww4.johnhancock.com
quote-uat.johnhancock.com
stg.johnhancock.com
johnhancock.com
digital.customer.johnhancock.com
johnhancock.com
johnhancockinsurance.com
johnhancock.com
retirementinfo.johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
protect.johnhancock.com
jhshsm.johnhancock.com
rps.jhancock.com
qr.retirement.johnhancock.com
manulife.com
johnhancock.com
newonboardingaugust2023.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
finapp.johnhancock.com
johnhancock.com
manulife.com
manulife.com
preferencesstg.johnhancock.com
stage.identity.jhancock.com
manulife.com
rps.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
johnhancock.com
www.jhinvestments.com
stg.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
qr.retirement.johnhancock.com
dev-tmp.jhinvestments.com
johnhancock.com
www.jhinvestments.com
manulife.com
johnhancock.com
advisorfeedbackhub.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
crverifyidentity-dev.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
instant-apply.johnhancockinsurance.com
manulife.com
manulife.com
rps.jhancock.com
instant-apply.johnhancockinsurance.com
qr.myplan.johnhancock.com
manulife.com
digital-uat.customer.johnhancock.com
myplanuat.johnhancock.com
manulife.com
www.jhinvestments.com
digital-uat.customer.johnhancock.com
personalizedretirementadvice.johnhancock.com
rps.jhancock.com
www.jhinvestments.com
johnhancock.com
secure.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
www.jhinvestments.com
manulife.com
ww4.johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
preferences.johnhancock.com
qr.myplan.johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
manulife.com
jhshsm.johnhancock.com
qr.myplan.johnhancock.com
johnhancock.com
ww4.johnhancock.com
quote-uat.johnhancock.com
stg.johnhancock.com
johnhancock.com
digital.customer.johnhancock.com
johnhancock.com
johnhancockinsurance.com
johnhancock.com
retirementinfo.johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
protect.johnhancock.com
jhshsm.johnhancock.com
rps.jhancock.com
qr.retirement.johnhancock.com
manulife.com
johnhancock.com
newonboardingaugust2023.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
finapp.johnhancock.com
johnhancock.com
manulife.com
manulife.com
preferencesstg.johnhancock.com
Certificate
The complete raw certificate details for johnhancock.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIILoTCCComgAwIBAgIQVlZrwyyWLPLEUzObZCjcjzANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTE5MDQyMjAwMDAwMFoXDTIxMDQyMTIzNTk1OVowgdgxCzAJBgNV BAYTAkNBMRAwDgYDVQQREwdNNFcgMUU1MRAwDgYDVQQIEwdPbnRhcmlvMRAwDgYD VQQHEwdUb3JvbnRvMR4wHAYDVQQJExUyMDAgQmxvb3IgU3RyZWV0IEVhc3QxGzAZ BgNVBAoTEk1hbnVsaWZlIEZpbmFuY2lhbDEhMB8GA1UECxMYSm9obiBIYW5jb2Nr IFVTIERpdmlzaW9uMRkwFwYDVQQLExBNdWx0aS1Eb21haW4gU1NMMRgwFgYDVQQD Ew9qb2huaGFuY29jay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDp9ok/3V67bnaor/oG7rygJXxKF7Ql48GBemi7rjDgu4R0+1BkyJZRaMzgcWZy DElrrSMt8Ie0iv/T+eOr0+jT+tSezhIBszdrflb22D2gzvS8FSpNu4A+yRGNFAjF QkGkKFEIyWUBwp5UgOmjiJa1Thjearp8dfIeSX9IOI38F/iAeqb7DzQpNCKCQddI KpBlegc0wGEtjHtcBd2FRZm9YMXOF9+wZzV53fJD8X6EVFwVrE/8A5/XNNdo1XRH vH7DqiBU859pr2d+Jr1JLGhDciUTAvF9DgFxS6tVer5Nzsc7jX/jEwbyK9eETk5d 5or2P6Q7ZrJgZCVqVgpgz5tTAgMBAAGjggemMIIHojAfBgNVHSMEGDAWgBQX2dYl J2f5McJJQ9kwNkSMbKlP6zAdBgNVHQ4EFgQU6YfmAYVsNJyHpVx0y2smbJ6Mpxgw DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMEoGA1UdIARDMEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYB BQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8E UzBRME+gTaBLhklodHRwOi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdh bml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcB AQR+MHwwVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGln b1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYI KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnNlY3RpZ28uY29tMBMGCisGAQQB1nkCBAMB Af8EAgUAMIIF1wYDVR0RBIIFzjCCBcqCD2pvaG5oYW5jb2NrLmNvbYIVMTE1MTQu am9obmhhbmNvY2suY29tggw3MDdmaWZ0aC5jb22CCzk4MGhvd2UuY29tgiBhZHZp c29yLmpvaG5oYW5jb2NraW5zdXJhbmNlLmNvbYIeYXBwbHkuam9obmhhbmNvY2tp bnN1cmFuY2UuY29tghphdXRob3Jpbmcuamhmbmp1bmN0aW9uLmNvbYIcYm9zdG9u bWFyYXRob25tZWRpYWd1aWRlLmNvbYIiZnV3LWFwcGx5LmpvaG5oYW5jb2NraW5z dXJhbmNlLmNvbYImaW5zdGFudC1hcHBseS5qb2huaGFuY29ja2luc3VyYW5jZS5j b22CEWpoNDAxa2FkdmlzZXIuY29tghFqaDQwMWthZHZpc29yLmNvbYIMamhhbmNv Y2suY29tghVqaGFuY29ja2FubnVpdGllcy5jb22CFmpoYW5jb2NraW52ZXN0bWVu dC5jb22CF2poYW5jb2NraW52ZXN0bWVudHMuY29tghNqaGFuY29ja25ld3lvcmsu Y29tgg5qaGFuY29ja255LmNvbYIWamhhbmNvY2tueXBlbnNpb25zLmNvbYIUamhh bmNvY2twZW5zaW9ucy5jb22CEWpoYW5udWl0aWVzbnkuY29tgg1qaGFubnVpdHku Y29tghZqaGJ1c2luZXNzYW5hbHl6ZXIuY29tggpqaGY1MjkuY29tghBqaGZuanVu Y3Rpb24uY29tghBqaGZyZWVkb201MjkuY29tggtqaGZ1bmRzLmNvbYIOamhnb2Vu cm9sbC5jb22CEWpoaWxsdXN0cmF0b3IuY29tghVqaGluZm9yY2Vkb3dubG9hZC5j b22CEGpoaW52ZXN0bWVudC5jb22CEWpoaW52ZXN0bWVudHMuY29tggpqaGxpZmUu Y29tghJqaGxpZmVwcm9kdWN0cy5jb22CDWpobWNsaWVudC5jb22CDGpobWdyb3Vw LmNvbYIUamhvcGVuZW5yb2xsbWVudC5jb22CDmpoc2FsZXNodWIuY29tgg5qaHNh bGVzbmV0LmNvbYIQamhzZXJ2aWNlbmV0LmNvbYIYam9obmhhbmNvY2thbm51aXRp ZXMuY29tghlqb2huaGFuY29ja2ZyZWVkb201MjkuY29tghhqb2huaGFuY29ja2lu c3VyYW5jZS5jb22CGWpvaG5oYW5jb2NraW52ZXN0bWVudC5jb22CGmpvaG5oYW5j b2NraW52ZXN0bWVudHMuY29tghZqb2huaGFuY29ja25ld3lvcmsuY29tghdqb2hu aGFuY29ja3ZpdGFsaXR5LmNvbYIUbWFudWxpZmUtdmVudHVyZS5jb22CE21hbnVs aWZlYmVybXVkYS5jb22CFG1hbnVsaWZlaG9uZ2tvbmcuY29tghdtYW51bGlmZWls bHVzdHJhdG9yLmNvbYIPbWFudWxpZmV1c2EuY29tghBtYXMuamhhbmNvY2suY29t ghhvdXJkaWZmZXJlbnRhcHByb2FjaC5jb22CGHBhcnRuZXJsaW5rLmpoYW5jb2Nr LmNvbYIVcmVnaXN0ZXIuamhhbmNvY2suY29tgiJzYWxlcy1zdGcuam9obmhhbmNv Y2tpbnN1cmFuY2UuY29tgh5zYWxlcy5qb2huaGFuY29ja2luc3VyYW5jZS5jb22C H3NlY3VyZS5qb2huaGFuY29ja2luc3VyYW5jZS5jb22CJHN0YWdlLWFwcGx5Lmpv aG5oYW5jb2NraW5zdXJhbmNlLmNvbYInc3RhZ2UtdGVybWxpZmUuam9obmhhbmNv Y2tpbnN1cmFuY2UuY29tgiF0ZXJtbGlmZS5qb2huaGFuY29ja2luc3VyYW5jZS5j b22CEHVzYy5qaGFuY29jay5jb22CF3d3dy5qaGxpZmVpbnN1cmFuY2UuY29tghJ3 d3cuamhzYWxlc2h1Yi5jb20wDQYJKoZIhvcNAQELBQADggEBAF5utwusyo3o4R9t w8N/xD2i0fx6xRO5/KqoZAGT+TqiAi0wu4Sao+6jm697ZmB4Ok3M7taTpebZ6GIz aV8xl1FawTcAz3ExQUyZ1quHBrVviq+JCrxzWku/nZ4iE1g8YCZ5eW7JjC8ak1vS 3G/5DSnUzPxxiIL6mwxk1IJAcwkA3IJo3Ssf3AOKheprUkYgbwv8Bpsp9whR8/MP WG5WDsK1AYFpIsqx/+PtSLjCYil/qtspGfb0sKvgAkGyXR8WY/7xqi7JZF5Fs4sj LDqIjmNaMcX+tlXJrAUiN+QzbR3fVd62fYcSbOFMjFZN2+AMmOecwnE7n1Ewp46a 1cXv8KY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6faJP91eu252qK/6Bu68 oCV8She0JePBgXpou64w4LuEdPtQZMiWUWjM4HFmcgxJa60jLfCHtIr/0/njq9Po 0/rUns4SAbM3a35W9tg9oM70vBUqTbuAPskRjRQIxUJBpChRCMllAcKeVIDpo4iW tU4Y3mq6fHXyHkl/SDiN/Bf4gHqm+w80KTQigkHXSCqQZXoHNMBhLYx7XAXdhUWZ vWDFzhffsGc1ed3yQ/F+hFRcFaxP/AOf1zTXaNV0R7x+w6ogVPOfaa9nfia9SSxo Q3IlEwLxfQ4BcUurVXq+Tc7HO41/4xMG8ivXhE5OXeaK9j+kO2ayYGQlalYKYM+b UwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 114762330848454932823527620064571874447 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-22 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-04-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'M4W 1E5' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Toronto' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '200 Bloor Street East' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'John Hancock US Division' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Multi-Domain SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'johnhancock.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29535096554195439698446469531112828388045701124636258560403591380215273016314862794289595885569913652330761207612901155070579781460060749372659517168276020789551692856912880720537724002966234126337763032118069629410225482834251281864519705118206155396910023978247526331989905043877696184363036627239494973634574740953705008186978007282791421398639068285408042218338573691855026782194884046004621375990120948200114902391669608443083867329603182431085075020768976152531617841439358514089461214520248157295005538871762941394196776240354793807955261994078011182517057333010915074038186864296238375959357554403812228176723 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e987e601856c349c87a55c74cb6b266c9e8ca718 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1486 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '11514.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '707fifth.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '980howe.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advisor.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apply.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'authoring.jhfnjunction.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bostonmarathonmediaguide.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fuw-apply.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'instant-apply.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jh401kadviser.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jh401kadvisor.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockannuities.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockinvestment.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockinvestments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancocknewyork.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockny.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancocknypensions.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockpensions.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhannuitiesny.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhannuity.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhbusinessanalyzer.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhf529.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhfnjunction.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhfreedom529.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhfunds.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhgoenroll.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhillustrator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhinforcedownload.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhinvestment.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhinvestments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhlife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhlifeproducts.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhmclient.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhmgroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhopenenrollment.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhsaleshub.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhsalesnet.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhservicenet.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockannuities.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockfreedom529.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockinvestment.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockinvestments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancocknewyork.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockvitality.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife-venture.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifehongkong.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifeillustrator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifeusa.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mas.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ourdifferentapproach.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partnerlink.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'register.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales-stg.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage-apply.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage-termlife.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'termlife.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usc.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhlifeinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhsaleshub.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005e6eb70bacca8de8e11f6dc3c37fc43da2d1fc7ac513b9fcaaa8640193f93aa2022d30bb849aa3eea39baf7b6660783a4dcceed693a5e6d9e86233695f3197515ac13700cf7131414c99d6ab8706b56f8aaf890abc735a4bbf9d9e2213583c602679796ec98c2f1a935bd2dc6ff90d29d4ccfc718882fa9b0c64d48240730900dc8268dd2b1fdc038a85ea6b5246206f0bfc069b29f70851f3f30f586e560ec2b501816922cab1ffe3ed48b8c262297faadb2919f6f4b0abe00241b25d1f1663fef1aa2ec9645e45b38b232c3a888e635a31c5feb655c9ac052237e4336d1ddf55deb67d87126ce14c8c564ddbe00c98e79cc2713b9f5130a78e9ad5c5eff0a6