stage.jhaconnect.jhannuities.com
- Manulife Financial -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number f6:5c:b1:cd:26:d9:f9:bb:3e:c0:c2:f1:21:39:71:85 was issued on by Sectigo Limited.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Manulife Financial
Organization:
Manulife Financial
Organization unit: John Hancock US Division
Organization unit: John Hancock US Division
Address:
601 Congress Street
Postal code: 02210
State / Province: Massachusetts
Locality: Boston
Country: US
Postal code: 02210
State / Province: Massachusetts
Locality: Boston
Country: US
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate has expire since
Certificate Details
Serial Number (hex): f6:5c:b1:cd:26:d9:f9:bb:3e:c0:c2:f1:21:39:71:85Serial Number (int): 327471384514371617245400279665818038661
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: f9:e0:e8:dd:be:23:a5:80:cc:38:ca:67:e5:36:44:46:05:9f:dc:80
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 5f:b8:9a:15:2f:c8:83:e1:a1:b9:85:b4:1a:9e:1d:47:05:8d:ba:63
Fingerprint (sha256): 31:ef:9f:55:09:d8:36:2c:64:4a:81:b1:00:7f:4e:4f:62:17:74:cd:9d:ef:2e:85:fc:44:1d:30:b7:a7:ae:ff
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate stage.jhaconnect.jhannuities.com
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for stage.jhaconnect.jhannuities.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
stage.jhaconnect.jhannuities.com
azaapnerpm01.mfcgd.com
stage.jhannuities.com
azaapnerpm01.mfcgd.com
stage.jhannuities.com
Other certificates including the domain name jhannuities.com
(limited to 100 certificates)
insidejhaprd.mfcgd.com
stage.identity.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
johnhancock.com
dev.jhannuities.com
johnhancock.com
johnhancock.com
insidejhaprd.mfcgd.com
johnhancock.com
dev.jhannuities.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
manulife.com
azaapnerpm01.mfcgd.com
johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
johnhancock.com
azaapnerpm01.mfcgd.com
manulife.com
johnhancock.com
a360.jhannuities.com
manulife.com
johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
johnhancock.com
azaapnerpm01.mfcgd.com
www.jhannuities.com
manulife.com
johnhancock.com
dev.igpclaimreporting.jhancock.com
www.jhannuities.com
a360.jhannuities.com
johnhancock.com
johnhancock.com
azaapnerpm01.mfcgd.com
johnhancock.com
stage.jhaconnect.jhannuities.com
jhannuities.com
manulife.com
uat.igpclaimreporting.jhancock.com
jhannuities.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
azaapnerpm01.mfcgd.com
johnhancock.com
johnhancock.com
johnhancock.com
azaapperpp01.mfcgd.com
johnhancock.com
dev.jhaconnect.jhannuities.com
azaphnerpt01.mfcgd.com
azaapnerpm01.mfcgd.com
jhaconnect.jhannuities.com
jhaconnect.jhannuities.com
manulife.com
a360.jhannuities.com
test.identity.jhancock.com
anna360dev.jhannuities.com
johnhancock.com
johnhancock.com
jhaconnect.jhannuities.com
a360.jhannuities.com
outsidejhaprd.mfcgd.com
insidejhaprd.mfcgd.com
johnhancock.com
johnhancock.com
outsidejhaprd.mfcgd.com
azaapnerpm01.mfcgd.com
johnhancock.com
manulife.com
johnhancock.com
azaapperpp01.mfcgd.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
outsidejhaprd.mfcgd.com
stage.identity.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
johnhancock.com
dev.jhannuities.com
johnhancock.com
johnhancock.com
insidejhaprd.mfcgd.com
johnhancock.com
dev.jhannuities.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
manulife.com
azaapnerpm01.mfcgd.com
johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
johnhancock.com
azaapnerpm01.mfcgd.com
manulife.com
johnhancock.com
a360.jhannuities.com
manulife.com
johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
johnhancock.com
azaapnerpm01.mfcgd.com
www.jhannuities.com
manulife.com
johnhancock.com
dev.igpclaimreporting.jhancock.com
www.jhannuities.com
a360.jhannuities.com
johnhancock.com
johnhancock.com
azaapnerpm01.mfcgd.com
johnhancock.com
stage.jhaconnect.jhannuities.com
jhannuities.com
manulife.com
uat.igpclaimreporting.jhancock.com
jhannuities.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
azaapnerpm01.mfcgd.com
johnhancock.com
johnhancock.com
johnhancock.com
azaapperpp01.mfcgd.com
johnhancock.com
dev.jhaconnect.jhannuities.com
azaphnerpt01.mfcgd.com
azaapnerpm01.mfcgd.com
jhaconnect.jhannuities.com
jhaconnect.jhannuities.com
manulife.com
a360.jhannuities.com
test.identity.jhancock.com
anna360dev.jhannuities.com
johnhancock.com
johnhancock.com
jhaconnect.jhannuities.com
a360.jhannuities.com
outsidejhaprd.mfcgd.com
insidejhaprd.mfcgd.com
johnhancock.com
johnhancock.com
outsidejhaprd.mfcgd.com
azaapnerpm01.mfcgd.com
johnhancock.com
manulife.com
johnhancock.com
azaapperpp01.mfcgd.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
outsidejhaprd.mfcgd.com
Certificate
The complete raw certificate details for stage.jhaconnect.jhannuities.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGGjCCBQKgAwIBAgIRAPZcsc0m2fm7PsDC8SE5cYUwDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yMDA4MjQwMDAwMDBaFw0yMTA4MjQyMzU5NTlaMIHPMQswCQYD VQQGEwJVUzEOMAwGA1UEERMFMDIyMTAxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMx DzANBgNVBAcTBkJvc3RvbjEcMBoGA1UECRMTNjAxIENvbmdyZXNzIFN0cmVldDEb MBkGA1UEChMSTWFudWxpZmUgRmluYW5jaWFsMSEwHwYDVQQLExhKb2huIEhhbmNv Y2sgVVMgRGl2aXNpb24xKTAnBgNVBAMTIHN0YWdlLmpoYWNvbm5lY3Quamhhbm51 aXRpZXMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQv0YCbO MTicnmotMZCWebBbd21FiXY2YQ18SfThMLfmtO1ooHLYchkOOOQ/zl/RQu/14jaR pYKvyM5/PFbbY3ytxAWOwzCEgV2lBkfzsHMLdnTGG0+3bJofTzsE3xrV9P8x7Qqc PVFS0YjdNO0oj80yvSM2FL9u3e/iPiGDEhAZFiOqXvSoHc7BWZ7mmH0hWddyKQPt TUR+sMMHA4MBQlvJv4Azka3WIDqTXiCXl8vk5nY6Y1nb7bc39IBsXomKChroxEOO Z3zNXCg22OO7HxVqianfi9BHtoKryjj8hZLxEjxJxR6yfTurWaFLe0aceMg3DYqJ gy9ACGmLpfB9kwIDAQABo4ICJzCCAiMwHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZ MDZEjGypT+swHQYDVR0OBBYEFPng6N2+I6WAzDjKZ+U2REYFn9yAMA4GA1UdDwEB /wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF BQcDAjBKBgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdo dHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2g S4ZJaHR0cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9u VmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUG CCsGAQUFBzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdh bml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzAB hhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTATBgorBgEEAdZ5AgQDAQH/BAIFADBa BgNVHREEUzBRgiBzdGFnZS5qaGFjb25uZWN0LmpoYW5udWl0aWVzLmNvbYIWYXph YXBuZXJwbTAxLm1mY2dkLmNvbYIVc3RhZ2Uuamhhbm51aXRpZXMuY29tMA0GCSqG SIb3DQEBCwUAA4IBAQAXFlzU6uhvz0oCvsjiLruumphvTs5+lFfvIvJKW/kOAWae yZDXvSlx0oNZaT4+R4iVwKtjVroAFPzljscnBxBu0WgNV8fJYef7vdTMlFuTKhQb Wc6cUl6vWPN20/8EYk79Bbx4Luw/IMs8LQnbxUXZ8heniVUePKdFQkvFP03ACwha uUA3KkZSE6OZGuuyXSV26f2AEi0mKB9fSdN5p1KGDUGKwZMsiujH0qGq2LhYHTlg Ig3rgeFxQzaJp524/xzvbPUmtvAp2XAY0uhiRW3qtnO413hoSh8L6qxpDxLLXixG Ly1Iqv7fyk/nia7IpWtCp5q5UKJ6BF83o67pmY2S -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQv0YCbOMTicnmotMZCW ebBbd21FiXY2YQ18SfThMLfmtO1ooHLYchkOOOQ/zl/RQu/14jaRpYKvyM5/PFbb Y3ytxAWOwzCEgV2lBkfzsHMLdnTGG0+3bJofTzsE3xrV9P8x7QqcPVFS0YjdNO0o j80yvSM2FL9u3e/iPiGDEhAZFiOqXvSoHc7BWZ7mmH0hWddyKQPtTUR+sMMHA4MB QlvJv4Azka3WIDqTXiCXl8vk5nY6Y1nb7bc39IBsXomKChroxEOOZ3zNXCg22OO7 HxVqianfi9BHtoKryjj8hZLxEjxJxR6yfTurWaFLe0aceMg3DYqJgy9ACGmLpfB9 kwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 327471384514371617245400279665818038661 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-08-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-08-24 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '02210' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Massachusetts' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Boston' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '601 Congress Street' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'John Hancock US Division' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stage.jhaconnect.jhannuities.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21845121788231370899279422637963679242400433780712018616686465809010771742450600441021493907603010891139676656854948271430465720834216842934701407138324115223289706237739697560647322073249068059055478734686383575210001784851867759946625146717141205085265644168905041458563635917059710652861507400887109131904986103886913699654989246377242153002364528193456290927571226855346471020148305294808293200796531243313969416090829928210635724532122913815423652479203824592124402427281928507577317656677122381451542377212788889989332444292686098131904820511989164635404307072327668518777248290091345556656385825080721072487827 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f9e0e8ddbe23a580cc38ca67e5364446059fdc80 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jhaconnect.jhannuities.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azaapnerpm01.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jhannuities.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0017165cd4eae86fcf4a02bec8e22ebbae9a986f4ece7e9457ef22f24a5bf90e01669ec990d7bd2971d28359693e3e478895c0ab6356ba0014fce58ec72707106ed1680d57c7c961e7fbbdd4cc945b932a141b59ce9c525eaf58f376d3ff04624efd05bc782eec3f20cb3c2d09dbc545d9f217a789551e3ca745424bc53f4dc00b085ab940372a465213a3991aebb25d2576e9fd80122d26281f5f49d379a752860d418ac1932c8ae8c7d2a1aad8b8581d3960220deb81e171433689a79db8ff1cef6cf526b6f029d97018d2e862456deab673b8d778684a1f0beaac690f12cb5e2c462f2d48aafedfca4fe789aec8a56b42a79ab950a27a045f37a3aee9998d92