client.manulifebank.com
- Manulife Financial Corporation -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 27:a7:bd:a9:fe:96:b6:df:31:38:cd:5b:d2:2f:9c:1e was issued on by Sectigo Limited.
With 37 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Manulife Financial Corporation
Organization:
Manulife Financial Corporation
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 27:a7:bd:a9:fe:96:b6:df:31:38:cd:5b:d2:2f:9c:1eSerial Number (int): 52710852254752985289030710623099395102
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 0c:97:ba:84:09:b1:e7:0d:28:ee:22:af:ed:17:1c:b1:e0:ad:59:31
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): ac:5d:40:a2:ce:54:be:a9:d2:19:8a:8e:56:a1:c8:d0:e7:08:49:49
Fingerprint (sha256): 31:9f:8c:bd:c0:92:0d:78:73:c0:76:66:95:70:a9:58:76:a1:c7:90:d7:ec:b7:03:6a:43:b9:8f:86:54:ee:13
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate client.manulifebank.com
37
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for client.manulifebank.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
client.manulifebank.com
*.banquemanuvie.com
*.manulifebank.com
3449.client.manulifebank.com
banquemanuvie.com
client.banquemanuvie.com
manulifebank.com
manulifebankmortgages.ca
manulifebankmortgages.com
online.banquemanuvie.ca
online.banquemanuvie.com
online.manulifebank.ca
online.manulifebank.com
partnerservices.manulifebank.com
prd-banklink.manulife.com
pretshypothecairesbanquemanuvie.ca
pretshypothecairesbanquemanuvie.com
uat-banklink.manulife.com
uatclient.banquemanuvie.com
uatclient.manulifebank.com
uatonline.banquemanuvie.ca
uatonline.banquemanuvie.com
uatonline.manulifebank.ca
uatonline.manulifebank.com
uatpartnerservices.manulifebank.com
www.manulifebankmortgages.ca
www.manulifebankmortgages.com
www.online.banquemanuvie.ca
www.online.banquemanuvie.com
www.online.manulifebank.ca
www.online.manulifebank.com
www.pretshypothecairesbanquemanuvie.ca
www.pretshypothecairesbanquemanuvie.com
www.uatonline.banquemanuvie.ca
www.uatonline.banquemanuvie.com
www.uatonline.manulifebank.ca
www.uatonline.manulifebank.com
*.banquemanuvie.com
*.manulifebank.com
3449.client.manulifebank.com
banquemanuvie.com
client.banquemanuvie.com
manulifebank.com
manulifebankmortgages.ca
manulifebankmortgages.com
online.banquemanuvie.ca
online.banquemanuvie.com
online.manulifebank.ca
online.manulifebank.com
partnerservices.manulifebank.com
prd-banklink.manulife.com
pretshypothecairesbanquemanuvie.ca
pretshypothecairesbanquemanuvie.com
uat-banklink.manulife.com
uatclient.banquemanuvie.com
uatclient.manulifebank.com
uatonline.banquemanuvie.ca
uatonline.banquemanuvie.com
uatonline.manulifebank.ca
uatonline.manulifebank.com
uatpartnerservices.manulifebank.com
www.manulifebankmortgages.ca
www.manulifebankmortgages.com
www.online.banquemanuvie.ca
www.online.banquemanuvie.com
www.online.manulifebank.ca
www.online.manulifebank.com
www.pretshypothecairesbanquemanuvie.ca
www.pretshypothecairesbanquemanuvie.com
www.uatonline.banquemanuvie.ca
www.uatonline.banquemanuvie.com
www.uatonline.manulifebank.ca
www.uatonline.manulifebank.com
Other certificates including the domain name manulifebank.com
(limited to 100 certificates)
client.manulifebank.com
manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
epic.manulifebank.com
manulife.com
uatpartnerservices.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulifebank.com
*.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulifebank.com
manulife.com
epic.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
tmx.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
epic.manulifebank.com
manulife.com
uatpartnerservices.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulifebank.com
*.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulifebank.com
manulife.com
epic.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
tmx.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
Certificate
The complete raw certificate details for client.manulifebank.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIK/DCCCeSgAwIBAgIQJ6e9qf6Wtt8xOM1b0i+cHjANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIzMTEzMDAwMDAwMFoXDTI0MTEyOTIzNTk1OVowajELMAkGA1UE BhMCQ0ExEDAOBgNVBAgTB09udGFyaW8xJzAlBgNVBAoTHk1hbnVsaWZlIEZpbmFu Y2lhbCBDb3Jwb3JhdGlvbjEgMB4GA1UEAxMXY2xpZW50Lm1hbnVsaWZlYmFuay5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK7P3l+NlRsBNNui5U /aK7zzXmjC0DJC7o1qxrZ8Y2xDIikdF7A+E46Fe/BNTHpd/tRS7CaiTn8aKdiy6A KdNkSH4gIVSVpu4jTQgd9IEg2u0iiRzJrhMbxqshtQwpFSscAHTvZvzqs1A17bIq 1zXfbJwJWTdXErOQDwazCYvF+JsaelNTiUsIWPxUtwoxHWcpTIb4W7UxBXJTsBD2 AjlpYo/sPEzibDJm4duK42hg3gSD5TmZl1NhCTlFCzYgXMIkU10gHC/LzxgWfyYw gDL7hYP5+FczM3i/IdKdJXEBZFjV3bNG7HtemUDp3mOpWE/pstsFILtdshC/V8zk UIS1AgMBAAGjggdwMIIHbDAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJQ9kwNkSMbKlP 6zAdBgNVHQ4EFgQUDJe6hAmx5w0o7iKv7RccseCtWTEwDgYDVR0PAQH/BAQDAgWg MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEoG A1UdIARDMEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8v c2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRw Oi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0 aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcBAQR+MHwwVQYIKwYBBQUH MAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlv blZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6 Ly9vY3NwLnNlY3RpZ28uY29tMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdQB2 /4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYwgwmlyAAAEAwBGMEQC IDh+RD7n36GNjPi0rufeMlpnw8a5E/kYN6D8MjFXCcdUAiA6gsfKxu85VlGwCh8g QeErwH8oo8501b9ea7tjz+H6QwB1AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/ KIXs+GRuAAABjCDCaiUAAAQDAEYwRAIgB6lSaM8mqV9r3rodveU2p3Q35uDDDaNY hM9VXBG+FlACICEpKu/7QujzfItPiA0VByv0Ol7k62gRfqfB66ZYV234AHYA7s3Q ZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGMIMJp7AAABAMARzBFAiAX bNDCNHfgt6MD+vo+2xAOMRcin+lWysgoaO4mjPuF6AIhANkUfj7XptcSN8Kr2blF m/7m1gdes8DwqHOBWkpLhilWMIIENgYDVR0RBIIELTCCBCmCF2NsaWVudC5tYW51 bGlmZWJhbmsuY29tghMqLmJhbnF1ZW1hbnV2aWUuY29tghIqLm1hbnVsaWZlYmFu ay5jb22CHDM0NDkuY2xpZW50Lm1hbnVsaWZlYmFuay5jb22CEWJhbnF1ZW1hbnV2 aWUuY29tghhjbGllbnQuYmFucXVlbWFudXZpZS5jb22CEG1hbnVsaWZlYmFuay5j b22CGG1hbnVsaWZlYmFua21vcnRnYWdlcy5jYYIZbWFudWxpZmViYW5rbW9ydGdh Z2VzLmNvbYIXb25saW5lLmJhbnF1ZW1hbnV2aWUuY2GCGG9ubGluZS5iYW5xdWVt YW51dmllLmNvbYIWb25saW5lLm1hbnVsaWZlYmFuay5jYYIXb25saW5lLm1hbnVs aWZlYmFuay5jb22CIHBhcnRuZXJzZXJ2aWNlcy5tYW51bGlmZWJhbmsuY29tghlw cmQtYmFua2xpbmsubWFudWxpZmUuY29tgiJwcmV0c2h5cG90aGVjYWlyZXNiYW5x dWVtYW51dmllLmNhgiNwcmV0c2h5cG90aGVjYWlyZXNiYW5xdWVtYW51dmllLmNv bYIZdWF0LWJhbmtsaW5rLm1hbnVsaWZlLmNvbYIbdWF0Y2xpZW50LmJhbnF1ZW1h bnV2aWUuY29tghp1YXRjbGllbnQubWFudWxpZmViYW5rLmNvbYIadWF0b25saW5l LmJhbnF1ZW1hbnV2aWUuY2GCG3VhdG9ubGluZS5iYW5xdWVtYW51dmllLmNvbYIZ dWF0b25saW5lLm1hbnVsaWZlYmFuay5jYYIadWF0b25saW5lLm1hbnVsaWZlYmFu ay5jb22CI3VhdHBhcnRuZXJzZXJ2aWNlcy5tYW51bGlmZWJhbmsuY29tghx3d3cu bWFudWxpZmViYW5rbW9ydGdhZ2VzLmNhgh13d3cubWFudWxpZmViYW5rbW9ydGdh Z2VzLmNvbYIbd3d3Lm9ubGluZS5iYW5xdWVtYW51dmllLmNhghx3d3cub25saW5l LmJhbnF1ZW1hbnV2aWUuY29tghp3d3cub25saW5lLm1hbnVsaWZlYmFuay5jYYIb d3d3Lm9ubGluZS5tYW51bGlmZWJhbmsuY29tgiZ3d3cucHJldHNoeXBvdGhlY2Fp cmVzYmFucXVlbWFudXZpZS5jYYInd3d3LnByZXRzaHlwb3RoZWNhaXJlc2JhbnF1 ZW1hbnV2aWUuY29tgh53d3cudWF0b25saW5lLmJhbnF1ZW1hbnV2aWUuY2GCH3d3 dy51YXRvbmxpbmUuYmFucXVlbWFudXZpZS5jb22CHXd3dy51YXRvbmxpbmUubWFu dWxpZmViYW5rLmNhgh53d3cudWF0b25saW5lLm1hbnVsaWZlYmFuay5jb20wDQYJ KoZIhvcNAQELBQADggEBAA9Uaz9coUsbiEzCmZOAMRtMLQowmLgpBp6rGzIxUnO8 9HwshmvHVYpAwYE837oV9fo9yeJhtPW/hhBxD9rUIRUzVN48vSEdKWajXjmvZIq+ ugw+MfjIZnA3BsBEadW+6a4Cw/+XgUaIViowqqciDxGNbGY9N62z4l3yl1mx5MDa N6AP1dR7WL89gNrsd0XUhj0Ut5F13fkAD2oCwIzYV3ayXVXQ46aYZzemiv+d9EMb UDoeeb17e4hj+ScNpj1MO1SI6vv+68JGVDqorIB3r4Xp4vSVrukm+NRfMpehizq5 UAt2gpM5kwZOmCuxY+usRD/zBarhKrqBx2b5oISctNI= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuz95fjZUbATTbouVP2i u8815owtAyQu6Nasa2fGNsQyIpHRewPhOOhXvwTUx6Xf7UUuwmok5/GinYsugCnT ZEh+ICFUlabuI00IHfSBINrtIokcya4TG8arIbUMKRUrHAB072b86rNQNe2yKtc1 32ycCVk3VxKzkA8GswmLxfibGnpTU4lLCFj8VLcKMR1nKUyG+Fu1MQVyU7AQ9gI5 aWKP7DxM4mwyZuHbiuNoYN4Eg+U5mZdTYQk5RQs2IFzCJFNdIBwvy88YFn8mMIAy +4WD+fhXMzN4vyHSnSVxAWRY1d2zRux7XplA6d5jqVhP6bLbBSC7XbIQv1fM5FCE tQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 52710852254752985289030710623099395102 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'client.manulifebank.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17537751092753806130121898979881804663389656741410205317179012867841854193790620062286467348655783980895799333952946151497032756388072418838377141541571676138310529208579764335122130492964650086701706943449813166217941375785350344674773285707510617677554998510186966303229553678207716209362501897428992376587817969047787267498750229002329830743526670655306688854705778454634693650262225090154034498312966787061068823360398408561864014994047931126554376804591651511644315138365605003084274575447051432659243958009017067668146646555432849138336927614845971962987024037776630539518329861509232886122166120787337536373941 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0c97ba8409b1e70d28ee22afed171cb1e0ad5931 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (360 bytes) 016600750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c20c2697200000403004630440220387e443ee7dfa18d8cf8b4aee7de325a67c3c6b913f91837a0fc32315709c75402203a82c7cac6ef395651b00a1f2041e12bc07f28a3ce74d5bf5e6bbb63cfe1fa430075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c20c26a250000040300463044022007a95268cf26a95f6bdeba1dbde536a77437e6e0c30da35884cf555c11be1650022021292aeffb42e8f37c8b4f880d15072bf43a5ee4eb68117ea7c1eba658576df8007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c20c269ec00000403004730450220176cd0c23477e0b7a303fafa3edb100e3117229fe956cac82868ee268cfb85e8022100d9147e3ed7a6d71237c2abd9b9459bfee6d6075eb3c0f0a873815a4a4b862956 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1069 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3449.client.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebankmortgages.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebankmortgages.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.banquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.manulifebank.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partnerservices.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prd-banklink.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pretshypothecairesbanquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pretshypothecairesbanquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat-banklink.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatclient.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatclient.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.banquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.manulifebank.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatpartnerservices.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebankmortgages.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebankmortgages.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.banquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.manulifebank.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pretshypothecairesbanquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pretshypothecairesbanquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.banquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.manulifebank.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.manulifebank.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000f546b3f5ca14b1b884cc2999380311b4c2d0a3098b829069eab1b32315273bcf47c2c866bc7558a40c1813cdfba15f5fa3dc9e261b4f5bf8610710fdad421153354de3cbd211d2966a35e39af648abeba0c3e31f8c866703706c04469d5bee9ae02c3ff97814688562a30aaa7220f118d6c663d37adb3e25df29759b1e4c0da37a00fd5d47b58bf3d80daec7745d4863d14b79175ddf9000f6a02c08cd85776b25d55d0e3a6986737a68aff9df4431b503a1e79bd7b7b8863f9270da63d4c3b5488eafbfeebc246543aa8ac8077af85e9e2f495aee926f8d45f3297a18b3ab9500b7682933993064e982bb163ebac443ff305aae12aba81c766f9a0849cb4d2