client.manulifebank.com
- Manulife Financial Corporation -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 27:a7:bd:a9:fe:96:b6:df:31:38:cd:5b:d2:2f:9c:1e was issued on by Sectigo Limited.
With 37 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Manulife Financial Corporation
Organization:
Manulife Financial Corporation
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 27:a7:bd:a9:fe:96:b6:df:31:38:cd:5b:d2:2f:9c:1eSerial Number (int): 52710852254752985289030710623099395102
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 0c:97:ba:84:09:b1:e7:0d:28:ee:22:af:ed:17:1c:b1:e0:ad:59:31
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 9c:8b:38:aa:00:5d:c1:e9:b1:b7:e4:fe:d3:f0:f0:c5:9c:76:69:f5
Fingerprint (sha256): 75:20:0a:6a:81:9a:1c:b6:12:b2:55:b1:9e:b0:75:4e:b3:91:2e:a9:4d:64:70:0a:f5:c5:ff:00:bc:59:4b:c3
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate client.manulifebank.com
37
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for client.manulifebank.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
client.manulifebank.com
*.banquemanuvie.com
*.manulifebank.com
3449.client.manulifebank.com
banquemanuvie.com
client.banquemanuvie.com
manulifebank.com
manulifebankmortgages.ca
manulifebankmortgages.com
online.banquemanuvie.ca
online.banquemanuvie.com
online.manulifebank.ca
online.manulifebank.com
partnerservices.manulifebank.com
prd-banklink.manulife.com
pretshypothecairesbanquemanuvie.ca
pretshypothecairesbanquemanuvie.com
uat-banklink.manulife.com
uatclient.banquemanuvie.com
uatclient.manulifebank.com
uatonline.banquemanuvie.ca
uatonline.banquemanuvie.com
uatonline.manulifebank.ca
uatonline.manulifebank.com
uatpartnerservices.manulifebank.com
www.manulifebankmortgages.ca
www.manulifebankmortgages.com
www.online.banquemanuvie.ca
www.online.banquemanuvie.com
www.online.manulifebank.ca
www.online.manulifebank.com
www.pretshypothecairesbanquemanuvie.ca
www.pretshypothecairesbanquemanuvie.com
www.uatonline.banquemanuvie.ca
www.uatonline.banquemanuvie.com
www.uatonline.manulifebank.ca
www.uatonline.manulifebank.com
*.banquemanuvie.com
*.manulifebank.com
3449.client.manulifebank.com
banquemanuvie.com
client.banquemanuvie.com
manulifebank.com
manulifebankmortgages.ca
manulifebankmortgages.com
online.banquemanuvie.ca
online.banquemanuvie.com
online.manulifebank.ca
online.manulifebank.com
partnerservices.manulifebank.com
prd-banklink.manulife.com
pretshypothecairesbanquemanuvie.ca
pretshypothecairesbanquemanuvie.com
uat-banklink.manulife.com
uatclient.banquemanuvie.com
uatclient.manulifebank.com
uatonline.banquemanuvie.ca
uatonline.banquemanuvie.com
uatonline.manulifebank.ca
uatonline.manulifebank.com
uatpartnerservices.manulifebank.com
www.manulifebankmortgages.ca
www.manulifebankmortgages.com
www.online.banquemanuvie.ca
www.online.banquemanuvie.com
www.online.manulifebank.ca
www.online.manulifebank.com
www.pretshypothecairesbanquemanuvie.ca
www.pretshypothecairesbanquemanuvie.com
www.uatonline.banquemanuvie.ca
www.uatonline.banquemanuvie.com
www.uatonline.manulifebank.ca
www.uatonline.manulifebank.com
Other certificates including the domain name manulifebank.com
(limited to 100 certificates)
client.manulifebank.com
manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
epic.manulifebank.com
manulife.com
uatpartnerservices.manulifebank.com
manulife.com
manulife.com
manulife.com
manulifebank.com
*.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulifebank.com
manulife.com
epic.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
epic.manulifebank.com
manulife.com
uatpartnerservices.manulifebank.com
manulife.com
manulife.com
manulife.com
manulifebank.com
*.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulifebank.com
manulife.com
epic.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
Certificate
The complete raw certificate details for client.manulifebank.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIJkTCCCHmgAwIBAgIQJ6e9qf6Wtt8xOM1b0i+cHjANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIzMTEzMDAwMDAwMFoXDTI0MTEyOTIzNTk1OVowajELMAkGA1UE BhMCQ0ExEDAOBgNVBAgTB09udGFyaW8xJzAlBgNVBAoTHk1hbnVsaWZlIEZpbmFu Y2lhbCBDb3Jwb3JhdGlvbjEgMB4GA1UEAxMXY2xpZW50Lm1hbnVsaWZlYmFuay5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK7P3l+NlRsBNNui5U /aK7zzXmjC0DJC7o1qxrZ8Y2xDIikdF7A+E46Fe/BNTHpd/tRS7CaiTn8aKdiy6A KdNkSH4gIVSVpu4jTQgd9IEg2u0iiRzJrhMbxqshtQwpFSscAHTvZvzqs1A17bIq 1zXfbJwJWTdXErOQDwazCYvF+JsaelNTiUsIWPxUtwoxHWcpTIb4W7UxBXJTsBD2 AjlpYo/sPEzibDJm4duK42hg3gSD5TmZl1NhCTlFCzYgXMIkU10gHC/LzxgWfyYw gDL7hYP5+FczM3i/IdKdJXEBZFjV3bNG7HtemUDp3mOpWE/pstsFILtdshC/V8zk UIS1AgMBAAGjggYFMIIGATAfBgNVHSMEGDAWgBQX2dYlJ2f5McJJQ9kwNkSMbKlP 6zAdBgNVHQ4EFgQUDJe6hAmx5w0o7iKv7RccseCtWTEwDgYDVR0PAQH/BAQDAgWg MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEoG A1UdIARDMEEwNQYMKwYBBAGyMQECAQMEMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8v c2VjdGlnby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRw Oi8vY3JsLnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRpb25WYWxpZGF0 aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGKBggrBgEFBQcBAQR+MHwwVQYIKwYBBQUH MAKGSWh0dHA6Ly9jcnQuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlv blZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwIwYIKwYBBQUHMAGGF2h0dHA6 Ly9vY3NwLnNlY3RpZ28uY29tMBMGCisGAQQB1nkCBAMBAf8EAgUAMIIENgYDVR0R BIIELTCCBCmCF2NsaWVudC5tYW51bGlmZWJhbmsuY29tghMqLmJhbnF1ZW1hbnV2 aWUuY29tghIqLm1hbnVsaWZlYmFuay5jb22CHDM0NDkuY2xpZW50Lm1hbnVsaWZl YmFuay5jb22CEWJhbnF1ZW1hbnV2aWUuY29tghhjbGllbnQuYmFucXVlbWFudXZp ZS5jb22CEG1hbnVsaWZlYmFuay5jb22CGG1hbnVsaWZlYmFua21vcnRnYWdlcy5j YYIZbWFudWxpZmViYW5rbW9ydGdhZ2VzLmNvbYIXb25saW5lLmJhbnF1ZW1hbnV2 aWUuY2GCGG9ubGluZS5iYW5xdWVtYW51dmllLmNvbYIWb25saW5lLm1hbnVsaWZl YmFuay5jYYIXb25saW5lLm1hbnVsaWZlYmFuay5jb22CIHBhcnRuZXJzZXJ2aWNl cy5tYW51bGlmZWJhbmsuY29tghlwcmQtYmFua2xpbmsubWFudWxpZmUuY29tgiJw cmV0c2h5cG90aGVjYWlyZXNiYW5xdWVtYW51dmllLmNhgiNwcmV0c2h5cG90aGVj YWlyZXNiYW5xdWVtYW51dmllLmNvbYIZdWF0LWJhbmtsaW5rLm1hbnVsaWZlLmNv bYIbdWF0Y2xpZW50LmJhbnF1ZW1hbnV2aWUuY29tghp1YXRjbGllbnQubWFudWxp ZmViYW5rLmNvbYIadWF0b25saW5lLmJhbnF1ZW1hbnV2aWUuY2GCG3VhdG9ubGlu ZS5iYW5xdWVtYW51dmllLmNvbYIZdWF0b25saW5lLm1hbnVsaWZlYmFuay5jYYIa dWF0b25saW5lLm1hbnVsaWZlYmFuay5jb22CI3VhdHBhcnRuZXJzZXJ2aWNlcy5t YW51bGlmZWJhbmsuY29tghx3d3cubWFudWxpZmViYW5rbW9ydGdhZ2VzLmNhgh13 d3cubWFudWxpZmViYW5rbW9ydGdhZ2VzLmNvbYIbd3d3Lm9ubGluZS5iYW5xdWVt YW51dmllLmNhghx3d3cub25saW5lLmJhbnF1ZW1hbnV2aWUuY29tghp3d3cub25s aW5lLm1hbnVsaWZlYmFuay5jYYIbd3d3Lm9ubGluZS5tYW51bGlmZWJhbmsuY29t giZ3d3cucHJldHNoeXBvdGhlY2FpcmVzYmFucXVlbWFudXZpZS5jYYInd3d3LnBy ZXRzaHlwb3RoZWNhaXJlc2JhbnF1ZW1hbnV2aWUuY29tgh53d3cudWF0b25saW5l LmJhbnF1ZW1hbnV2aWUuY2GCH3d3dy51YXRvbmxpbmUuYmFucXVlbWFudXZpZS5j b22CHXd3dy51YXRvbmxpbmUubWFudWxpZmViYW5rLmNhgh53d3cudWF0b25saW5l Lm1hbnVsaWZlYmFuay5jb20wDQYJKoZIhvcNAQELBQADggEBAELZus+VrH4c08JX A3ID2x9Ojz7bR6X/arOSy5FoqihnPp9oFntvoLgtnv/r0kMQm8U27vj8kG4lvubD l3B1nxHTPMJ4t9V5gD5b0cJFsy0ob0/oWBx9j2Ya/GtydiEVmVEI1O/U9Ej2UV9z NcOanAKhP0cVAGqhchyU8eME1B8Srgxu8OzaKtpd3xFwCFpFoNQNF4dDaHJzGW23 culD9sw3xheB/3GLe6r5I8n1d3kR/6uDQduySbHfL12bbwJERwVt0RLG2u7NJONA ++SeXF02WZr42gEbChjcdJjdBwPYzXoWNjtUIH+0HKh3oGBm20y8JpwaDWNB5Q60 7kgZvj8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuz95fjZUbATTbouVP2i u8815owtAyQu6Nasa2fGNsQyIpHRewPhOOhXvwTUx6Xf7UUuwmok5/GinYsugCnT ZEh+ICFUlabuI00IHfSBINrtIokcya4TG8arIbUMKRUrHAB072b86rNQNe2yKtc1 32ycCVk3VxKzkA8GswmLxfibGnpTU4lLCFj8VLcKMR1nKUyG+Fu1MQVyU7AQ9gI5 aWKP7DxM4mwyZuHbiuNoYN4Eg+U5mZdTYQk5RQs2IFzCJFNdIBwvy88YFn8mMIAy +4WD+fhXMzN4vyHSnSVxAWRY1d2zRux7XplA6d5jqVhP6bLbBSC7XbIQv1fM5FCE tQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 52710852254752985289030710623099395102 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-30 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-29 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'client.manulifebank.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17537751092753806130121898979881804663389656741410205317179012867841854193790620062286467348655783980895799333952946151497032756388072418838377141541571676138310529208579764335122130492964650086701706943449813166217941375785350344674773285707510617677554998510186966303229553678207716209362501897428992376587817969047787267498750229002329830743526670655306688854705778454634693650262225090154034498312966787061068823360398408561864014994047931126554376804591651511644315138365605003084274575447051432659243958009017067668146646555432849138336927614845971962987024037776630539518329861509232886122166120787337536373941 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 0c97ba8409b1e70d28ee22afed171cb1e0ad5931 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1069 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3449.client.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebankmortgages.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebankmortgages.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.banquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.manulifebank.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partnerservices.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prd-banklink.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pretshypothecairesbanquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pretshypothecairesbanquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat-banklink.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatclient.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatclient.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.banquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.manulifebank.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatpartnerservices.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebankmortgages.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebankmortgages.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.banquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.manulifebank.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.manulifebank.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pretshypothecairesbanquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pretshypothecairesbanquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.banquemanuvie.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.banquemanuvie.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.manulifebank.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.manulifebank.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0042d9bacf95ac7e1cd3c257037203db1f4e8f3edb47a5ff6ab392cb9168aa28673e9f68167b6fa0b82d9effebd243109bc536eef8fc906e25bee6c39770759f11d33cc278b7d579803e5bd1c245b32d286f4fe8581c7d8f661afc6b72762115995108d4efd4f448f6515f7335c39a9c02a13f4715006aa1721c94f1e304d41f12ae0c6ef0ecda2ada5ddf1170085a45a0d40d178743687273196db772e943f6cc37c61781ff718b7baaf923c9f5777911ffab8341dbb249b1df2f5d9b6f024447056dd112c6daeecd24e340fbe49e5c5d36599af8da011b0a18dc7498dd0703d8cd7a16363b54207fb41ca877a06066db4cbc269c1a0d6341e50eb4ee4819be3f