client.manulifebank.com

- Manulife Financial Corporation -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number 8f:75:4f:2d:f7:3e:6e:7f:ad:92:6a:9f:93:cf:1f:96 was issued on by Sectigo Limited.

With 54 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Manulife Financial Corporation

Organization: Manulife Financial Corporation
State / Province: Ontario
Country: CA

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): 8f:75:4f:2d:f7:3e:6e:7f:ad:92:6a:9f:93:cf:1f:96
Serial Number (int): 190688708081835818923886289587650109334
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: 76:15:75:8b:97:fa:fa:f3:2d:cb:80:1c:24:44:21:51:5e:38:46:7a
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): 52:d1:da:1a:ae:2c:ef:25:3b:52:a0:ca:95:78:bc:02:81:18:90:fd
Fingerprint (sha256): 75:9b:03:88:8f:f0:a7:96:8c:72:b9:55:57:23:cf:ce:91:f9:c3:de:cf:dd:91:79:08:00:47:54:57:bb:60:ce

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate client.manulifebank.com

54

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for client.manulifebank.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

client.manulifebank.com
*.banquemanuvie.com
*.manulifebank.com
3449.client.manulifebank.com
banquemanuvie.com
client.banquemanuvie.com
decouvrezmanuvieun.ca
decouvrezmanuvieun.com
manulifebank.com
manulifebankbrokerhub.ca
manulifebankmortgages.ca
manulifebankmortgages.com
manulifebankselect.ca
manulifeone.ca
manuvieun.ca
online.banquemanuvie.ca
online.banquemanuvie.com
online.manulifebank.ca
online.manulifebank.com
partnerservices.manulifebank.com
prd-banklink.manulife.com
pretshypothecairesbanquemanuvie.ca
pretshypothecairesbanquemanuvie.com
selectbanquemanuvie.ca
uat-banklink.manulife.com
uatclient.banquemanuvie.com
uatclient.manulifebank.com
uatonline.banquemanuvie.ca
uatonline.banquemanuvie.com
uatonline.manulifebank.ca
uatonline.manulifebank.com
uatpartnerservices.manulifebank.com
www.decouvrezmanuvieun.ca
www.decouvrezmanuvieun.com
www.decouvrezselectbanquemanuvie.ca
www.decouvrezselectbanquemanuvie.com
www.manulifebankmortgages.ca
www.manulifebankmortgages.com
www.manulifebankselectgo.ca
www.manulifebankselectgo.com
www.manulifeonego.ca
www.manulifeonego.com
www.online.banquemanuvie.ca
www.online.banquemanuvie.com
www.online.manulifebank.ca
www.online.manulifebank.com
www.pretshypothecairesbanquemanuvie.ca
www.pretshypothecairesbanquemanuvie.com
www.uatonline.banquemanuvie.ca
www.uatonline.banquemanuvie.com
www.uatonline.manulifebank.ca
www.uatonline.manulifebank.com
www1.manulifeone.ca
www2.manulifeone.ca

Other certificates including the domain name manulifebank.com

(limited to 100 certificates)
client.manulifebank.com
manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
test.manulifebank.com
manulife.com
client.manulifebank.com
epic.manulifebank.com
manulife.com
uatpartnerservices.manulifebank.com
manulife.com
manulife.com
manulife.com
manulifebank.com
*.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulifebank.com
manulife.com
epic.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulifebank.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulifebank.com
manulife.com
manulife.com
manulife.com
test.manulifebank.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com
client.manulifebank.com
manulife.com
manulife.com
manulife.com

Certificate

The complete raw certificate details for client.manulifebank.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIMrDCCC5SgAwIBAgIRAI91Ty33Pm5/rZJqn5PPH5YwDQYJKoZIhvcNAQELBQAw
gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE
AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0yNDAzMTkwMDAwMDBaFw0yNTAzMTkyMzU5NTlaMGoxCzAJBgNV
BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMScwJQYDVQQKEx5NYW51bGlmZSBGaW5h
bmNpYWwgQ29ycG9yYXRpb24xIDAeBgNVBAMTF2NsaWVudC5tYW51bGlmZWJhbmsu
Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm9MEQpuy6iQyGIr
7nU+TlWTIdks1LPUIUe1J9NNX8NRj3j5NLe6okGNq6+5o73MHRNDHWy+nvpH0uaw
CcYep7urAv9vajyv0oAzb1aOWQdszGQP/751UA7lq6JQjpc7qLTFNhvDCxClGJqQ
Z45cxI30WVww4gC17Dj8t2J9jx0WALJ6VjLzaj+Mft5yppRStlk+1j+he0z97ztM
cFM9bIitTUgJzX2MQl8LuFfRizBkrtMCV8KMcjI0KxtVsO+EKtW1ID6LXJtWe3NW
7j0EwG2p5m1RVtuAjdF2QF/uLgibWCMbw68tVaC0x/JCdBsJXn7g/xlV6eBZN4yx
Wi2CMwIDAQABo4IJHzCCCRswHwYDVR0jBBgwFoAUF9nWJSdn+THCSUPZMDZEjGyp
T+swHQYDVR0OBBYEFHYVdYuX+vrzLcuAHCREIVFeOEZ6MA4GA1UdDwEB/wQEAwIF
oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBK
BgNVHSAEQzBBMDUGDCsGAQQBsjEBAgEDBDAlMCMGCCsGAQUFBwIBFhdodHRwczov
L3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2gS4ZJaHR0
cDovL2NybC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRh
dGlvblNlY3VyZVNlcnZlckNBLmNybDCBigYIKwYBBQUHAQEEfjB8MFUGCCsGAQUF
BzAChklodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29SU0FPcmdhbml6YXRp
b25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzABhhdodHRw
Oi8vb2NzcC5zZWN0aWdvLmNvbTCCAYEGCisGAQQB1nkCBAIEggFxBIIBbQFrAHcA
zxFW7tUufK/zh1vZaS6b6RpxZ0qwF+ysAdJbd87MOwgAAAGOV+eu2gAABAMASDBG
AiEA98SR7jCu2COIIbuaZtGdsvFvfEnQKM7Mqe7NCH7B7OkCIQCeXGC3l1vfnBmn
PzE8Hotdxk23l3j9RIyDP5kMogxZxgB3AKLjCuRF772tm3447Udnd1PXgluElNcr
XhssxLlQpEfnAAABjlfnroMAAAQDAEgwRgIhAJSmRcblQU63OwUe9rf9ZaBDRhGm
5H1zZ6QsUlWIZkzKAiEA6j8+FY1alJDxj0Co1FRSULEW65RD2Dw8ybXZsOmZL78A
dwBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY5X565ZAAAEAwBI
MEYCIQC/pbFTf/aHj6f655sZi2EOIe5MFKOx6/Vp1hPtOXbwjgIhAL7fjXx2jUj5
4RkysvlIuOk89V7Acno+HrKzdaislyz4MIIF4AYDVR0RBIIF1zCCBdOCF2NsaWVu
dC5tYW51bGlmZWJhbmsuY29tghMqLmJhbnF1ZW1hbnV2aWUuY29tghIqLm1hbnVs
aWZlYmFuay5jb22CHDM0NDkuY2xpZW50Lm1hbnVsaWZlYmFuay5jb22CEWJhbnF1
ZW1hbnV2aWUuY29tghhjbGllbnQuYmFucXVlbWFudXZpZS5jb22CFWRlY291dnJl
em1hbnV2aWV1bi5jYYIWZGVjb3V2cmV6bWFudXZpZXVuLmNvbYIQbWFudWxpZmVi
YW5rLmNvbYIYbWFudWxpZmViYW5rYnJva2VyaHViLmNhghhtYW51bGlmZWJhbmtt
b3J0Z2FnZXMuY2GCGW1hbnVsaWZlYmFua21vcnRnYWdlcy5jb22CFW1hbnVsaWZl
YmFua3NlbGVjdC5jYYIObWFudWxpZmVvbmUuY2GCDG1hbnV2aWV1bi5jYYIXb25s
aW5lLmJhbnF1ZW1hbnV2aWUuY2GCGG9ubGluZS5iYW5xdWVtYW51dmllLmNvbYIW
b25saW5lLm1hbnVsaWZlYmFuay5jYYIXb25saW5lLm1hbnVsaWZlYmFuay5jb22C
IHBhcnRuZXJzZXJ2aWNlcy5tYW51bGlmZWJhbmsuY29tghlwcmQtYmFua2xpbmsu
bWFudWxpZmUuY29tgiJwcmV0c2h5cG90aGVjYWlyZXNiYW5xdWVtYW51dmllLmNh
giNwcmV0c2h5cG90aGVjYWlyZXNiYW5xdWVtYW51dmllLmNvbYIWc2VsZWN0YmFu
cXVlbWFudXZpZS5jYYIZdWF0LWJhbmtsaW5rLm1hbnVsaWZlLmNvbYIbdWF0Y2xp
ZW50LmJhbnF1ZW1hbnV2aWUuY29tghp1YXRjbGllbnQubWFudWxpZmViYW5rLmNv
bYIadWF0b25saW5lLmJhbnF1ZW1hbnV2aWUuY2GCG3VhdG9ubGluZS5iYW5xdWVt
YW51dmllLmNvbYIZdWF0b25saW5lLm1hbnVsaWZlYmFuay5jYYIadWF0b25saW5l
Lm1hbnVsaWZlYmFuay5jb22CI3VhdHBhcnRuZXJzZXJ2aWNlcy5tYW51bGlmZWJh
bmsuY29tghl3d3cuZGVjb3V2cmV6bWFudXZpZXVuLmNhghp3d3cuZGVjb3V2cmV6
bWFudXZpZXVuLmNvbYIjd3d3LmRlY291dnJlenNlbGVjdGJhbnF1ZW1hbnV2aWUu
Y2GCJHd3dy5kZWNvdXZyZXpzZWxlY3RiYW5xdWVtYW51dmllLmNvbYIcd3d3Lm1h
bnVsaWZlYmFua21vcnRnYWdlcy5jYYIdd3d3Lm1hbnVsaWZlYmFua21vcnRnYWdl
cy5jb22CG3d3dy5tYW51bGlmZWJhbmtzZWxlY3Rnby5jYYIcd3d3Lm1hbnVsaWZl
YmFua3NlbGVjdGdvLmNvbYIUd3d3Lm1hbnVsaWZlb25lZ28uY2GCFXd3dy5tYW51
bGlmZW9uZWdvLmNvbYIbd3d3Lm9ubGluZS5iYW5xdWVtYW51dmllLmNhghx3d3cu
b25saW5lLmJhbnF1ZW1hbnV2aWUuY29tghp3d3cub25saW5lLm1hbnVsaWZlYmFu
ay5jYYIbd3d3Lm9ubGluZS5tYW51bGlmZWJhbmsuY29tgiZ3d3cucHJldHNoeXBv
dGhlY2FpcmVzYmFucXVlbWFudXZpZS5jYYInd3d3LnByZXRzaHlwb3RoZWNhaXJl
c2JhbnF1ZW1hbnV2aWUuY29tgh53d3cudWF0b25saW5lLmJhbnF1ZW1hbnV2aWUu
Y2GCH3d3dy51YXRvbmxpbmUuYmFucXVlbWFudXZpZS5jb22CHXd3dy51YXRvbmxp
bmUubWFudWxpZmViYW5rLmNhgh53d3cudWF0b25saW5lLm1hbnVsaWZlYmFuay5j
b22CE3d3dzEubWFudWxpZmVvbmUuY2GCE3d3dzIubWFudWxpZmVvbmUuY2EwDQYJ
KoZIhvcNAQELBQADggEBACd68yKMmJgmvac5QMUbUvczWB4l8poOW0J2HDhY4bry
kHykqKncLIPqFUom2MzdflZfp1IhA7AYHHMs1TIpcmlBzQoQH7ZaFLgJlNU74JFg
fR9uTdPa/14VwhaFO9/TnyhJeKSwwKADFpJuTxrk3WQioQXusM624eYuEnIDiWs0
RLnr3b3W6ARvWYwtRvWBI54/sgDQKk4whtb1viaKWACyycH89SH+gbM9QMjMhMVu
gjFXvCZQlLrkn3HfGqI6DDvjKalHadKs0N0XM/rId2Ugs2PO3BbF1aBaeZqKWlRc
+6e35cqMj4mO5OnkBHq2/D4jwsbTR8zTt0JuCtfC5UU=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm9MEQpuy6iQyGIr7nU+
TlWTIdks1LPUIUe1J9NNX8NRj3j5NLe6okGNq6+5o73MHRNDHWy+nvpH0uawCcYe
p7urAv9vajyv0oAzb1aOWQdszGQP/751UA7lq6JQjpc7qLTFNhvDCxClGJqQZ45c
xI30WVww4gC17Dj8t2J9jx0WALJ6VjLzaj+Mft5yppRStlk+1j+he0z97ztMcFM9
bIitTUgJzX2MQl8LuFfRizBkrtMCV8KMcjI0KxtVsO+EKtW1ID6LXJtWe3NW7j0E
wG2p5m1RVtuAjdF2QF/uLgibWCMbw68tVaC0x/JCdBsJXn7g/xlV6eBZN4yxWi2C
MwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 190688708081835818923886289587650109334
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-19 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'client.manulifebank.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22020347726878036439158915201209889392362368298351032574303362530683639457066146242132535191035894815222828788277808318445450023888801955096863797913823350798477698112967520603599553931924918145059096853535548057810334762877400548396908952627234107956046683906475052663622380842577630909052837244014220807731495212051280110185457136461659661592465624869129331453041421816459814342600064459040625646400332168015407112990112029543873820641371278379005807252301525504393663429117447524090425749988213558861991466079701787525758785734353988503737861052363197635765216343055250906073125646064305709862019761903614678630963
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7615758b97fafaf32dcb801c244421515e38467a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
							016b007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018e57e7aeda0000040300483046022100f7c491ee30aed8238821bb9a66d19db2f16f7c49d028cecca9eecd087ec1ece90221009e5c60b7975bdf9c19a73f313c1e8b5dc64db79778fd448c833f990ca20c59c6007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018e57e7ae83000004030048304602210094a645c6e5414eb73b051ef6b7fd65a0434611a6e47d7367a42c525588664cca022100ea3f3e158d5a9490f18f40a8d4545250b116eb9443d83c3cc9b5d9b0e9992fbf0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e57e7ae590000040300483046022100bfa5b1537ff6878fa7fae79b198b610e21ee4c14a3b1ebf569d613ed3976f08e022100bedf8d7c768d48f9e11932b2f948b8e93cf55ec0727a3e1eb2b375a8ac972cf8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1495 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.banquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '3449.client.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'banquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client.banquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'decouvrezmanuvieun.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'decouvrezmanuvieun.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebankbrokerhub.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebankmortgages.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebankmortgages.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifebankselect.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifeone.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manuvieun.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.banquemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.banquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.manulifebank.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partnerservices.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prd-banklink.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pretshypothecairesbanquemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pretshypothecairesbanquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'selectbanquemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat-banklink.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatclient.banquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatclient.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.banquemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.banquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.manulifebank.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatonline.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uatpartnerservices.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.decouvrezmanuvieun.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.decouvrezmanuvieun.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.decouvrezselectbanquemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.decouvrezselectbanquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebankmortgages.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebankmortgages.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebankselectgo.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifebankselectgo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifeonego.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifeonego.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.banquemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.banquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.manulifebank.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.online.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pretshypothecairesbanquemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pretshypothecairesbanquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.banquemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.banquemanuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.manulifebank.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.uatonline.manulifebank.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www1.manulifeone.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www2.manulifeone.ca'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00277af3228c989826bda73940c51b52f733581e25f29a0e5b42761c3858e1baf2907ca4a8a9dc2c83ea154a26d8ccdd7e565fa7522103b0181c732cd53229726941cd0a101fb65a14b80994d53be091607d1f6e4dd3daff5e15c216853bdfd39f284978a4b0c0a00316926e4f1ae4dd6422a105eeb0ceb6e1e62e127203896b3444b9ebddbdd6e8046f598c2d46f581239e3fb200d02a4e3086d6f5be268a5800b2c9c1fcf521fe81b33d40c8cc84c56e823157bc265094bae49f71df1aa23a0c3be329a94769d2acd0dd1733fac8776520b363cedc16c5d5a05a799a8a5a545cfba7b7e5ca8c8f898ee4e9e4047ab6fc3e23c2c6d347ccd3b7426e0ad7c2e545