sales.johnhancockinsurance.com
- Manulife Financial -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number cd:9c:f2:38:f0:80:87:7b:9b:0c:f9:28:b7:4c:0b:13 was issued on by Sectigo Limited.
With 27 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Manulife Financial
Organization:
Manulife Financial
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): cd:9c:f2:38:f0:80:87:7b:9b:0c:f9:28:b7:4c:0b:13Serial Number (int): 273306650300172156220007481483658529555
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 7f:9d:97:da:cc:c8:ee:23:fc:14:ee:29:c2:ae:7e:54:69:24:3d:b6
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): c1:b0:d1:8a:04:5b:11:90:05:dd:01:a5:c7:75:90:7c:7b:a1:bd:8c
Fingerprint (sha256): 49:3e:a3:44:f9:23:a0:8e:69:e7:c7:83:ac:26:94:3c:ab:23:7c:53:1c:a2:e1:cb:5b:77:6d:b7:b9:fd:36:5b
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate sales.johnhancockinsurance.com
27
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for sales.johnhancockinsurance.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
sales.johnhancockinsurance.com
jh1.jhlifeinsurance.com
jherppx4.jhancock.com
jhillustrator.com
johnhancockinsurance.com
manulifeillustrator.com
mas.jhancock.com
partnerlink.jhancock.com
pers.manulifebermuda.com
pers1.manulifebermuda.com
register.jhancock.com
register1.jhancock.com
sales-tmp.johnhancockinsurance.com
sales.manulifebermuda.com
sales1.johnhancockinsurance.com
tmp.manulifebermuda.com
usc.jhancock.com
www.jhillustrator.com
www.jhsalesnet.com
www.johnhancockvitality.com
www.manulifebermuda.com
www.manulifehongkong.com
www.manulifeillustrator.com
www.sales-tmp.johnhancockinsurance.com
www1.jhillustrator.com
www1.manulifebermuda.com
www1.manulifeillustrator.com
jh1.jhlifeinsurance.com
jherppx4.jhancock.com
jhillustrator.com
johnhancockinsurance.com
manulifeillustrator.com
mas.jhancock.com
partnerlink.jhancock.com
pers.manulifebermuda.com
pers1.manulifebermuda.com
register.jhancock.com
register1.jhancock.com
sales-tmp.johnhancockinsurance.com
sales.manulifebermuda.com
sales1.johnhancockinsurance.com
tmp.manulifebermuda.com
usc.jhancock.com
www.jhillustrator.com
www.jhsalesnet.com
www.johnhancockvitality.com
www.manulifebermuda.com
www.manulifehongkong.com
www.manulifeillustrator.com
www.sales-tmp.johnhancockinsurance.com
www1.jhillustrator.com
www1.manulifebermuda.com
www1.manulifeillustrator.com
Other certificates including the domain name johnhancockinsurance.com
(limited to 100 certificates)
johnhancockinsurance.com
stage.jherpmx2.jhancock.com
manulife.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
stg.johnhancock.com
myplanuat.johnhancock.com
manulife.com
stage.jherpmx3.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
johnhancock.com
myplanuat.johnhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
johnhancock.com
manulife.com
jherppx2.jhancock.com
instant-apply.johnhancockinsurance.com
manulife.com
instant-apply.johnhancockinsurance.com
go.johnhancockinsurance.com
partner.johnhancockinsurance.com
jherpmx8.mod.manulifeusa.com
johnhancock.com
johnhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
manulife.com
manulife.com
johnhancock.com
manulife.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
expresstrack-stg.johnhancockinsurance.com
partner.johnhancockinsurance.com
manulife.com
stg.johnhancock.com
johnhancock.com
johnhancock.com
johnhancockinsurance.com
jherppx2.jhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
go.johnhancockinsurance.com
test.jherpdx3.jhancock.com
manulife.com
manulife.com
johnhancock.com
johnhancock.com
jherppx2.jhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
manulife.com
jherpx8.prd.manulifeusa.com
manulife.com
johnhancock.com
qa.manulifebermuda.com
stage.partnerlink.jhancock.com
anderppx01.jhancock.com
test.jherpdx3.jhancock.com
johnhancock.com
johnhancock.com
expresstrack-stg.johnhancockinsurance.com
johnhancock.com
manulife.com
partnerlinkc.jhancock.com
myplan.johnhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
advisor-tst.johnhancockinsurance.com
dev.johnhancockinsurance.com
preprod.johnhancockinsurance.com
johnhancock.com
programs.johnhancockinsurance.com
manulife.com
jherpmx8.mod.manulifeusa.com
stage.partnerlink.jhancock.com
stage.partnerlink.jhancock.com
stage.jherpmx2.jhancock.com
johnhancock.com
jherpx8.prd.manulifeusa.com
jherpmx8.mod.manulifeusa.com
johnhancockinsurance.com
expresstrack.johnhancockinsurance.com
manulife.com
stg.johnhancock.com
stage.jherpmx2.jhancock.com
manulife.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
stg.johnhancock.com
myplanuat.johnhancock.com
manulife.com
stage.jherpmx3.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
johnhancock.com
myplanuat.johnhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
johnhancock.com
manulife.com
jherppx2.jhancock.com
instant-apply.johnhancockinsurance.com
manulife.com
instant-apply.johnhancockinsurance.com
go.johnhancockinsurance.com
partner.johnhancockinsurance.com
jherpmx8.mod.manulifeusa.com
johnhancock.com
johnhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
manulife.com
manulife.com
johnhancock.com
manulife.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
expresstrack-stg.johnhancockinsurance.com
partner.johnhancockinsurance.com
manulife.com
stg.johnhancock.com
johnhancock.com
johnhancock.com
johnhancockinsurance.com
jherppx2.jhancock.com
johnhancock.com
johnhancock.com
johnhancock.com
go.johnhancockinsurance.com
test.jherpdx3.jhancock.com
manulife.com
manulife.com
johnhancock.com
johnhancock.com
jherppx2.jhancock.com
johnhancock.com
test.jherpdx3.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
manulife.com
jherpx8.prd.manulifeusa.com
manulife.com
johnhancock.com
qa.manulifebermuda.com
stage.partnerlink.jhancock.com
anderppx01.jhancock.com
test.jherpdx3.jhancock.com
johnhancock.com
johnhancock.com
expresstrack-stg.johnhancockinsurance.com
johnhancock.com
manulife.com
partnerlinkc.jhancock.com
myplan.johnhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
advisor-tst.johnhancockinsurance.com
dev.johnhancockinsurance.com
preprod.johnhancockinsurance.com
johnhancock.com
programs.johnhancockinsurance.com
manulife.com
jherpmx8.mod.manulifeusa.com
stage.partnerlink.jhancock.com
stage.partnerlink.jhancock.com
stage.jherpmx2.jhancock.com
johnhancock.com
jherpx8.prd.manulifeusa.com
jherpmx8.mod.manulifeusa.com
johnhancockinsurance.com
expresstrack.johnhancockinsurance.com
manulife.com
stg.johnhancock.com
Certificate
The complete raw certificate details for sales.johnhancockinsurance.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIIJTCCBw2gAwIBAgIRAM2c8jjwgId7mwz5KLdMCxMwDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yMzA3MjQwMDAwMDBaFw0yNDA3MjMyMzU5NTlaMGUxCzAJBgNV BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMRswGQYDVQQKExJNYW51bGlmZSBGaW5h bmNpYWwxJzAlBgNVBAMTHnNhbGVzLmpvaG5oYW5jb2NraW5zdXJhbmNlLmNvbTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALo+xkIZp8QmkJhy8HPmal5s UWXUd9tSnjeNTwu6mi96I8fLBX7/xqH68JYBj2b3L2ZMqeXv8RnOpv7Pdx3ZpGBX 9Qr0/VUQk8yAVKhun1UIGP6AmpWEJNvAa0HL27RpQH6JD6tECkNTyOZ9oDyKBdvn 8Vyzk8pulJl4btxbSNXomOqT4k9daDiA1CfmCLYjJ5Rlf01rStNEPvFK7VNrRzft RFJ9db1rvisrs9QM/dNtADJ+zjjUInN8/0ujGErng5a+NuDOrry6UhHreyUv2aho r7lykY25C5txw7OO04k7UkZbwIzj/MnywjJjsplV+dr7vKieHysi1evXKM06KCMC AwEAAaOCBJ0wggSZMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0G A1UdDgQWBBR/nZfazMjuI/wU7inCrn5UaSQ9tjAOBgNVHQ8BAf8EBAMCBaAwDAYD VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0g BEMwQTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0 aWdvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9j cmwuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25T ZWN1cmVTZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJ aHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFs aWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29j c3Auc2VjdGlnby5jb20wEwYKKwYBBAHWeQIEAwEB/wQCBQAwggLOBgNVHREEggLF MIICwYIec2FsZXMuam9obmhhbmNvY2tpbnN1cmFuY2UuY29tghdqaDEuamhsaWZl aW5zdXJhbmNlLmNvbYIVamhlcnBweDQuamhhbmNvY2suY29tghFqaGlsbHVzdHJh dG9yLmNvbYIYam9obmhhbmNvY2tpbnN1cmFuY2UuY29tghdtYW51bGlmZWlsbHVz dHJhdG9yLmNvbYIQbWFzLmpoYW5jb2NrLmNvbYIYcGFydG5lcmxpbmsuamhhbmNv Y2suY29tghhwZXJzLm1hbnVsaWZlYmVybXVkYS5jb22CGXBlcnMxLm1hbnVsaWZl YmVybXVkYS5jb22CFXJlZ2lzdGVyLmpoYW5jb2NrLmNvbYIWcmVnaXN0ZXIxLmpo YW5jb2NrLmNvbYIic2FsZXMtdG1wLmpvaG5oYW5jb2NraW5zdXJhbmNlLmNvbYIZ c2FsZXMubWFudWxpZmViZXJtdWRhLmNvbYIfc2FsZXMxLmpvaG5oYW5jb2NraW5z dXJhbmNlLmNvbYIXdG1wLm1hbnVsaWZlYmVybXVkYS5jb22CEHVzYy5qaGFuY29j ay5jb22CFXd3dy5qaGlsbHVzdHJhdG9yLmNvbYISd3d3Lmpoc2FsZXNuZXQuY29t ght3d3cuam9obmhhbmNvY2t2aXRhbGl0eS5jb22CF3d3dy5tYW51bGlmZWJlcm11 ZGEuY29tghh3d3cubWFudWxpZmVob25na29uZy5jb22CG3d3dy5tYW51bGlmZWls bHVzdHJhdG9yLmNvbYImd3d3LnNhbGVzLXRtcC5qb2huaGFuY29ja2luc3VyYW5j ZS5jb22CFnd3dzEuamhpbGx1c3RyYXRvci5jb22CGHd3dzEubWFudWxpZmViZXJt dWRhLmNvbYIcd3d3MS5tYW51bGlmZWlsbHVzdHJhdG9yLmNvbTANBgkqhkiG9w0B AQsFAAOCAQEAFmnhCsvk4wlZHVepyaIMtteHMvOkrNFuumcGs+x2PYD9sgJvXl1a bPKSeDDu1utAWAfiy6DC7HExsIH+hZAuYEOJgLaHhyafwiqjqXhH/DL28R0BAesK h/cRYTy3fvu+C/i+lruD5/CW/y/Q50JkJ2y/H+r2exf+MGlokBBf5hrd7tYYvPQg T9DApI2Icjl6mxiOMKHdsQSQKijrL7fqmxNPagcAas4siAaZQZY6Q7rlX+g40Vsl adVb4nmw2aIDaSBR9Uvz0KRx2DYFjMYlVhYn4A8eSYN3ZFnUAG5ydnX0gNcLqR8y rtaTpNnc/Ep/QyFpYQEd/BcBC8w4Q2k0nQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj7GQhmnxCaQmHLwc+Zq XmxRZdR321KeN41PC7qaL3ojx8sFfv/GofrwlgGPZvcvZkyp5e/xGc6m/s93Hdmk YFf1CvT9VRCTzIBUqG6fVQgY/oCalYQk28BrQcvbtGlAfokPq0QKQ1PI5n2gPIoF 2+fxXLOTym6UmXhu3FtI1eiY6pPiT11oOIDUJ+YItiMnlGV/TWtK00Q+8UrtU2tH N+1EUn11vWu+Kyuz1Az9020AMn7OONQic3z/S6MYSueDlr424M6uvLpSEet7JS/Z qGivuXKRjbkLm3HDs47TiTtSRlvAjOP8yfLCMmOymVX52vu8qJ4fKyLV69cozToo IwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 273306650300172156220007481483658529555 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-24 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-23 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sales.johnhancockinsurance.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23511279956780714641347044068573757489525352697331614063738486621237724973081561442869711940919893089457399077249952390856558696665810195615200548688823933734427169944621015564633304683837594594191865010612484100912833914850381414856689426953459871471297417618047156327013418923406783525432604762457772128681573070866775499998495179453984189360483520348972665087042306423314460244693509392246834084066326893043274547271420879145706908978497108173598925957104723451594358641814574249907143945128885134773477561417871039927594253000957999858127434472833573535766189439573044078430088596197786376681081947748114795997219 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7f9d97daccc8ee23fc14ee29c2ae7e5469243db6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (709 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jh1.jhlifeinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jherppx4.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhillustrator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifeillustrator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mas.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partnerlink.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pers.manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pers1.manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'register.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'register1.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales-tmp.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales.manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales1.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tmp.manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usc.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhillustrator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhsalesnet.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.johnhancockvitality.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifehongkong.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifeillustrator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sales-tmp.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www1.jhillustrator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www1.manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www1.manulifeillustrator.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001669e10acbe4e309591d57a9c9a20cb6d78732f3a4acd16eba6706b3ec763d80fdb2026f5e5d5a6cf2927830eed6eb405807e2cba0c2ec7131b081fe85902e60438980b68787269fc22aa3a97847fc32f6f11d0101eb0a87f711613cb77efbbe0bf8be96bb83e7f096ff2fd0e74264276cbf1feaf67b17fe30696890105fe61addeed618bcf4204fd0c0a48d8872397a9b188e30a1ddb104902a28eb2fb7ea9b134f6a07006ace2c88069941963a43bae55fe838d15b2569d55be279b0d9a203692051f54bf3d0a471d836058cc625561627e00f1e4983776459d4006e727675f480d70ba91f32aed693a4d9dcfc4a7f43216961011dfc17010bcc384369349d