manulife.com

- Manulife Financial Corporation -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number d8:20:77:a0:5a:0f:83:87:c0:af:01:5b:24:7f:98:74 was issued on by Sectigo Limited.

With 71 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Manulife Financial Corporation

Organization: Manulife Financial Corporation
State / Province: Ontario
Country: CA

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): d8:20:77:a0:5a:0f:83:87:c0:af:01:5b:24:7f:98:74
Serial Number (int): 287281826900136185767829064757360433268
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: d8:68:de:69:86:24:b6:7e:0e:ac:8a:7c:64:94:f7:ea:4c:2a:f3:cd
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 89:87:f3:3e:2e:10:37:25:b3:60:0a:94:6a:8e:2e:94:32:5d:88:27
Fingerprint (sha256): 32:59:01:a0:ea:8d:df:43:39:0b:88:ea:88:70:0f:cb:33:76:c7:4f:6e:9c:f9:37:00:cb:bd:d7:33:a7:d6:b3

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate manulife.com

71

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for manulife.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

manulife.com
11321.manulife.com
advisorcafe.ca
agent-stg.johnhancockinsurance.com
api.manulife.com
asampuat.manulife.com
cafeconseiller.ca
cdd-prod-bes.manulife.com
cdd-uat-bes.manulife.com
cdncetdvcacicaafnapp.manulife.io
cdncettscacicaafnapp.manulife.io
cdncetuacacicaafnapp.manulife.io
cdncetuacacicfrtr.manulife.io
dev.github.api.manulife.com
dpcon.manulifesecurities.ca
dprc.manulifesecurities.ca
edi-designer.manulife.ca
edi-hotfix-designer.manulife.ca
edi-preprod-designer.manulife.ca
edi-staging-designer.manulife.ca
edi-uat-designer.manulife.ca
epargnemanuvie.ca
feedback.manulife.com
gbpmfmo.manulife.com
gbwsfederationfmo.manulife.com
github.api.manulife.com
groupsavings.manulife.com
invite.manulifeghnw.com
jhapim-nonprod.dev.developer.manulife.com
jhapim-nonprod.dev.management.manulife.com
jhapim-nonprod.dev.portal.manulife.com
jhapim-nonprod.dev.scm.manulife.com
jhapim.dev.developer.manulife.com
jhapim.dev.management.manulife.com
jhapim.dev.portal.manulife.com
jhapim.dev.scm.manulife.com
johnstonfuturestep.manulife.ca
manulifeplan.ca
manulifepromos.com
mfc.manulife.com
plateformederetroaction.manuvie.ca
qat-grsmembers.manulife.com
qat-grsprpp.manulife.com
sales-stg.manulifebermuda.com
sales.manulifebermuda.com
stage.identity.johnhancock.com
stage.invite.manulifeghnw.com
staging.epargnemanuvie.ca
staging.manulifeplan.ca
test.identity.jhancock.com
test.identity.johnhancock.com
test.invite.manulifeghnw.com
test.jhannuities.com
testc.partnerlink.jhancock.com
tokenize-ds-t1.manulife.com
tokenize-ds.manulife.ca
tokenize-ds.manulife.com
uat-grsmembers.manulife.com
uat-grsprpp.manulife.com
victorinsurance.manulifetravelinsurance.ca
wmsrepo1.manulife.com
wmsrepo2.manulife.com
www.advisorcafe.ca
www.cafeconseiller.ca
www.epargnemanuvie.ca
www.feedback.manulife.com
www.manulifeplan.ca
www.manulifepromos.com
www.plateformederetroaction.manuvie.ca
www.staging.epargnemanuvie.ca
www.staging.manulifeplan.ca

Other certificates including the domain name manulife.com

(limited to 100 certificates)
mlisxivg01.manulife.com
manulife.com
nasbfepool02.mfcgd.com
mfcentral.manulife.com
api1.np.ca.manulife.com
idwicrmapd01.mlijkt01.manulife.com
manulife.com
manulife.com
aidp.manulife.com
azalvedlwrkdp10.p01eaedl.manulife.com
manulife.com
client.manulifebank.com
rps.jhancock.com
manulife.com
sharepoint-externalpartner.uat.ap.manulife.com
hermes.manulife.com
manulife.com
clbs37841.manulife.com
internal.mesh.test.api.manulife.com
azcedlwrks003.s01caedl.manulife.com
manulife.com
cdcwvjhpwast21.americas.manulife.net
daily.manulife.com.vn
click.e.manulife.com
sft.institutional.manulife.com
johnhancock.com
manulife.com
sts.manulife.com
manulife.com
azslvedlmgtdd01.d01saedl.manulife.com
idwicrmapt21.mlijkt01.manulife.com
idwcasp.ap.manulife.com
mfcentral.manulife.com
manulife.com
view-e-ds.manulife.com
idwelems01.mlijkt01.manulife.com
druglookup-client.manulife.com
mfcentral.manulife.com
sharepoint-externalpartner.uat.ap.manulife.com
www-aem-prod.manulife.ca
insttrip.manulife.com
manulife.com
dbpartners.manulife.com
idwinetapt01.mlijkt01.manulife.com
asiacitrix.manulife.com
arrowonramp.manulife.com
manulife.com
qitsso-uat.manulife.com
manulife.com
sf.cac.internal.mesh.dev.api.manulife.com
manulife.com
giam-qa.manulife.com
manulife.com
cconprem.manulife.com
manulife.com
manulife.com
manulife.com
idp.grsportal.ca.manulife.com
manulife.com
insanalyticsdev01.manulife.com
awsuat.manulife.com.kh
idwiqmtapp01.mlijkt01.manulife.com
johnhancock.com
manulife.com
manulife.com
myasoaibp2.ap.manulife.com
remotejp2.manulife.com
johnhancock.com
sharepoint-int.ap.manulife.com
mlifs900g01.manulife.com
nasbaccess01.manulife.com
jhappsstaging-tst.aks.manulife.com
manulife.com
manulife.com
crverifyidentity-dev.johnhancock.com
manulife.com
jpnhoapt09.japan.corp.manulife.com
client.manulifebank.com
preprod.mtls.api.manulife.com
manulife.com
idwietsisft05.mlijkt01.manulife.com
remotehk.manulife.com
azcedledges001.s01caedl.manulife.com
idwcas4tap.ap.manulife.com
manulife.com
mlixnbarplzvnaca.manulife.com
manulife.com
manulife.com
druglookup-client.manulife.com
pcf.manulife.com
proxy.auw.my.underwriting.manulife.com
manulife.com
johnhancock.com
manulife.com
financeit.devsit202201.manulife.com
tw-ssg-fw1.manulife.com
advisor.manulife.ca
azwapnwasm01.mfcgd.com
azuedldbo01.p01usedl.manulife.com
edge.prod-ext.api.manulife.com

Certificate

The complete raw certificate details for manulife.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIOnDCCDYSgAwIBAgIRANggd6BaD4OHwK8BWyR/mHQwDQYJKoZIhvcNAQELBQAw
gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE
AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0yMzEwMjQwMDAwMDBaFw0yNDEwMjMyMzU5NTlaMF8xCzAJBgNV
BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMScwJQYDVQQKEx5NYW51bGlmZSBGaW5h
bmNpYWwgQ29ycG9yYXRpb24xFTATBgNVBAMTDG1hbnVsaWZlLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMSf3fMNo/T4o/HGRt4LS4HhvHhZ1Syu
S+pBa5hs0LpVtvw0YtzLWoBgCKm3znJui1tWyVIfzjMdzp5XpYfw1WeJGR1nFNiH
e3QnURRyjMi2xoMpgzNcUgTBDAd0X4aopr3YLLvB2g8d8Hfl5I0taCjrl8vG5W0Q
zlN5npJxxFbw95t9vJKgIkvWuZBauPTyGeteSs6JTdZiNaSDsQM3iE1YxuQdSxtc
3Bbqk7xuYuy4XYSwX3SeRumkDvenIUyUYTWQ7hJdenTJ7Oh+4dFd/VHimSB2G1/7
/3ItNPSaaKuRfUE6KWjK5hNGVxrpsPeS2SFySvjwG1jIsOCFtWwIuUECAwEAAaOC
CxowggsWMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1UdDgQW
BBTYaN5phiS2fg6sinxklPfqTCrzzTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMwQTA1
BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNv
bS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2Vj
dGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDov
L2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlv
blNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2Vj
dGlnby5jb20wggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AHb/iD8KtvuVUcJh
zPWHujS0pM27KdxoQgqf5mdMWjp0AAABi2H224wAAAQDAEcwRQIgPp2JmqwIle2E
JBu+B0CT7sfNNoifCQ+PQupmpmIvNWkCIQCy9IcM0ro1YptI2VNPVk9gVIBnIK5U
QWyEelfCzKChOQB3ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAAB
i2H22+kAAAQDAEgwRgIhAIeeykHMBOHVf1qGgN5jnajcX7koG2D+40b6BsZyEP1J
AiEA9HS1jMbRyR9EA3aguR9tK9lynAQ4uff0FtCtAt8v8TMAdQDuzdBk1dsazsVc
t520zROiModGfLzs3sNRSFlGcR+1mwAAAYth9twlAAAEAwBGMEQCIAnThAvJCX0K
h3YdvmkkZT2YnqxAXPFTTunLSzYNLsYZAiBqx6NYM+yMzV123nIbAgPd0APVVK3H
QDveVB5vdWXxFTCCB94GA1UdEQSCB9UwggfRggxtYW51bGlmZS5jb22CEjExMzIx
Lm1hbnVsaWZlLmNvbYIOYWR2aXNvcmNhZmUuY2GCImFnZW50LXN0Zy5qb2huaGFu
Y29ja2luc3VyYW5jZS5jb22CEGFwaS5tYW51bGlmZS5jb22CFWFzYW1wdWF0Lm1h
bnVsaWZlLmNvbYIRY2FmZWNvbnNlaWxsZXIuY2GCGWNkZC1wcm9kLWJlcy5tYW51
bGlmZS5jb22CGGNkZC11YXQtYmVzLm1hbnVsaWZlLmNvbYIgY2RuY2V0ZHZjYWNp
Y2FhZm5hcHAubWFudWxpZmUuaW+CIGNkbmNldHRzY2FjaWNhYWZuYXBwLm1hbnVs
aWZlLmlvgiBjZG5jZXR1YWNhY2ljYWFmbmFwcC5tYW51bGlmZS5pb4IdY2RuY2V0
dWFjYWNpY2ZydHIubWFudWxpZmUuaW+CG2Rldi5naXRodWIuYXBpLm1hbnVsaWZl
LmNvbYIbZHBjb24ubWFudWxpZmVzZWN1cml0aWVzLmNhghpkcHJjLm1hbnVsaWZl
c2VjdXJpdGllcy5jYYIYZWRpLWRlc2lnbmVyLm1hbnVsaWZlLmNhgh9lZGktaG90
Zml4LWRlc2lnbmVyLm1hbnVsaWZlLmNhgiBlZGktcHJlcHJvZC1kZXNpZ25lci5t
YW51bGlmZS5jYYIgZWRpLXN0YWdpbmctZGVzaWduZXIubWFudWxpZmUuY2GCHGVk
aS11YXQtZGVzaWduZXIubWFudWxpZmUuY2GCEWVwYXJnbmVtYW51dmllLmNhghVm
ZWVkYmFjay5tYW51bGlmZS5jb22CFGdicG1mbW8ubWFudWxpZmUuY29tgh5nYndz
ZmVkZXJhdGlvbmZtby5tYW51bGlmZS5jb22CF2dpdGh1Yi5hcGkubWFudWxpZmUu
Y29tghlncm91cHNhdmluZ3MubWFudWxpZmUuY29tghdpbnZpdGUubWFudWxpZmVn
aG53LmNvbYIpamhhcGltLW5vbnByb2QuZGV2LmRldmVsb3Blci5tYW51bGlmZS5j
b22CKmpoYXBpbS1ub25wcm9kLmRldi5tYW5hZ2VtZW50Lm1hbnVsaWZlLmNvbYIm
amhhcGltLW5vbnByb2QuZGV2LnBvcnRhbC5tYW51bGlmZS5jb22CI2poYXBpbS1u
b25wcm9kLmRldi5zY20ubWFudWxpZmUuY29tgiFqaGFwaW0uZGV2LmRldmVsb3Bl
ci5tYW51bGlmZS5jb22CImpoYXBpbS5kZXYubWFuYWdlbWVudC5tYW51bGlmZS5j
b22CHmpoYXBpbS5kZXYucG9ydGFsLm1hbnVsaWZlLmNvbYIbamhhcGltLmRldi5z
Y20ubWFudWxpZmUuY29tgh5qb2huc3RvbmZ1dHVyZXN0ZXAubWFudWxpZmUuY2GC
D21hbnVsaWZlcGxhbi5jYYISbWFudWxpZmVwcm9tb3MuY29tghBtZmMubWFudWxp
ZmUuY29tgiJwbGF0ZWZvcm1lZGVyZXRyb2FjdGlvbi5tYW51dmllLmNhghtxYXQt
Z3JzbWVtYmVycy5tYW51bGlmZS5jb22CGHFhdC1ncnNwcnBwLm1hbnVsaWZlLmNv
bYIdc2FsZXMtc3RnLm1hbnVsaWZlYmVybXVkYS5jb22CGXNhbGVzLm1hbnVsaWZl
YmVybXVkYS5jb22CHnN0YWdlLmlkZW50aXR5LmpvaG5oYW5jb2NrLmNvbYIdc3Rh
Z2UuaW52aXRlLm1hbnVsaWZlZ2hudy5jb22CGXN0YWdpbmcuZXBhcmduZW1hbnV2
aWUuY2GCF3N0YWdpbmcubWFudWxpZmVwbGFuLmNhghp0ZXN0LmlkZW50aXR5Lmpo
YW5jb2NrLmNvbYIddGVzdC5pZGVudGl0eS5qb2huaGFuY29jay5jb22CHHRlc3Qu
aW52aXRlLm1hbnVsaWZlZ2hudy5jb22CFHRlc3Quamhhbm51aXRpZXMuY29tgh50
ZXN0Yy5wYXJ0bmVybGluay5qaGFuY29jay5jb22CG3Rva2VuaXplLWRzLXQxLm1h
bnVsaWZlLmNvbYIXdG9rZW5pemUtZHMubWFudWxpZmUuY2GCGHRva2VuaXplLWRz
Lm1hbnVsaWZlLmNvbYIbdWF0LWdyc21lbWJlcnMubWFudWxpZmUuY29tghh1YXQt
Z3JzcHJwcC5tYW51bGlmZS5jb22CKnZpY3Rvcmluc3VyYW5jZS5tYW51bGlmZXRy
YXZlbGluc3VyYW5jZS5jYYIVd21zcmVwbzEubWFudWxpZmUuY29tghV3bXNyZXBv
Mi5tYW51bGlmZS5jb22CEnd3dy5hZHZpc29yY2FmZS5jYYIVd3d3LmNhZmVjb25z
ZWlsbGVyLmNhghV3d3cuZXBhcmduZW1hbnV2aWUuY2GCGXd3dy5mZWVkYmFjay5t
YW51bGlmZS5jb22CE3d3dy5tYW51bGlmZXBsYW4uY2GCFnd3dy5tYW51bGlmZXBy
b21vcy5jb22CJnd3dy5wbGF0ZWZvcm1lZGVyZXRyb2FjdGlvbi5tYW51dmllLmNh
gh13d3cuc3RhZ2luZy5lcGFyZ25lbWFudXZpZS5jYYIbd3d3LnN0YWdpbmcubWFu
dWxpZmVwbGFuLmNhMA0GCSqGSIb3DQEBCwUAA4IBAQBU5W4hG872pb2Fkfy7GWxJ
Sh+3yZOlSnT+aSjZbjpudoFkfTikXoBb/ajUDhWhSbt69rE+zY/oUrAK5081/ii2
Ca7Mn/mSWsj5Mu06mapSqRHgixWnGU4O/a6jH1V8yV1s4ZIvw/ltBP7b9t4n0pIt
ROPYvGXXd/PbQv4B0dxvOdM6hmHfz8Cg6CpFuvBhVNLhggjaobukYHeK0EccCAHW
bRDmtd7Lxe36ezygKhrUzBLkXdAhphDmcycCEicwZbd/ZROHCQPnyjWOXNTAbv6W
Z3YSz1ZF6iEZBLrLCgu/3tH4CW3NmmgrEYfMGKjJCYcjjuQdvwJvAj5NQRGRwzW5
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJ/d8w2j9Pij8cZG3gtL
geG8eFnVLK5L6kFrmGzQulW2/DRi3MtagGAIqbfOcm6LW1bJUh/OMx3Onlelh/DV
Z4kZHWcU2Id7dCdRFHKMyLbGgymDM1xSBMEMB3Rfhqimvdgsu8HaDx3wd+XkjS1o
KOuXy8blbRDOU3meknHEVvD3m328kqAiS9a5kFq49PIZ615KzolN1mI1pIOxAzeI
TVjG5B1LG1zcFuqTvG5i7LhdhLBfdJ5G6aQO96chTJRhNZDuEl16dMns6H7h0V39
UeKZIHYbX/v/ci009Jpoq5F9QTopaMrmE0ZXGumw95LZIXJK+PAbWMiw4IW1bAi5
QQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 287281826900136185767829064757360433268
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-24 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-23 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'manulife.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24821541124250456799327204833285079445054496207435618199808843597388544255093238371330949741238379977231798201148233390372111705409287074817606207223794152744618131883912820089114250635618866246275679060955734507019060213283774741512637285688000752247778781655855581773819819271350343496214164744501441367926226769224615125841543939431892888787955028211292815998313215614098589337368736617064204006464625278225303555466210610064367644743469832228737823183308515738558304637918149328639004255098798826039970148058924151854212363268294470550178934633025449375832039626928911667153264988853431035278029223478301785897281
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d868de698624b67e0eac8a7c6494f7ea4c2af3cd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b61f6db8c000004030047304502203e9d899aac0895ed84241bbe074093eec7cd36889f090f8f42ea66a6622f3569022100b2f4870cd2ba35629b48d9534f564f6054806720ae54416c847a57c2cca0a139007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b61f6dbe90000040300483046022100879eca41cc04e1d57f5a8680de639da8dc5fb9281b60fee346fa06c67210fd49022100f474b58cc6d1c91f440376a0b91f6d2bd9729c0438b9f7f416d0ad02df2ff133007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b61f6dc250000040300463044022009d3840bc9097d0a87761dbe6924653d989eac405cf1534ee9cb4b360d2ec61902206ac7a35833ec8ccd5d76de721b0203ddd003d554adc7403bde541e6f7565f115
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2005 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '11321.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'advisorcafe.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agent-stg.johnhancockinsurance.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asampuat.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cafeconseiller.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdd-prod-bes.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdd-uat-bes.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdncetdvcacicaafnapp.manulife.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdncettscacicaafnapp.manulife.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdncetuacacicaafnapp.manulife.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdncetuacacicfrtr.manulife.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.github.api.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dpcon.manulifesecurities.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dprc.manulifesecurities.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edi-designer.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edi-hotfix-designer.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edi-preprod-designer.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edi-staging-designer.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'edi-uat-designer.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'epargnemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'feedback.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gbpmfmo.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gbwsfederationfmo.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'github.api.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'groupsavings.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'invite.manulifeghnw.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim-nonprod.dev.developer.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim-nonprod.dev.management.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim-nonprod.dev.portal.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim-nonprod.dev.scm.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.developer.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.management.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.portal.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.scm.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnstonfuturestep.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifeplan.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifepromos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mfc.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'plateformederetroaction.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qat-grsmembers.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qat-grsprpp.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales-stg.manulifebermuda.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales.manulifebermuda.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.identity.johnhancock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.invite.manulifeghnw.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.epargnemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.manulifeplan.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.identity.jhancock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.identity.johnhancock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.invite.manulifeghnw.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhannuities.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testc.partnerlink.jhancock.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokenize-ds-t1.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokenize-ds.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokenize-ds.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat-grsmembers.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat-grsprpp.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'victorinsurance.manulifetravelinsurance.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wmsrepo1.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wmsrepo2.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.advisorcafe.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cafeconseiller.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.epargnemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.feedback.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifeplan.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifepromos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.plateformederetroaction.manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.staging.epargnemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.staging.manulifeplan.ca'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0054e56e211bcef6a5bd8591fcbb196c494a1fb7c993a54a74fe6928d96e3a6e7681647d38a45e805bfda8d40e15a149bb7af6b13ecd8fe852b00ae74f35fe28b609aecc9ff9925ac8f932ed3a99aa52a911e08b15a7194e0efdaea31f557cc95d6ce1922fc3f96d04fedbf6de27d2922d44e3d8bc65d777f3db42fe01d1dc6f39d33a8661dfcfc0a0e82a45baf06154d2e18208daa1bba460778ad0471c0801d66d10e6b5decbc5edfa7b3ca02a1ad4cc12e45dd021a610e673270212273065b77f6513870903e7ca358e5cd4c06efe96677612cf5645ea211904bacb0a0bbfded1f8096dcd9a682b1187cc18a8c90987238ee41dbf026f023e4d411191c335b9