johnhancock.com
- Manulife Financial Corporation -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number d0:48:85:9f:c6:1a:58:aa:12:1d:58:6b:2f:88:2d:9b was issued on by Sectigo Limited.
With 65 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Manulife Financial Corporation
Organization:
Manulife Financial Corporation
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): d0:48:85:9f:c6:1a:58:aa:12:1d:58:6b:2f:88:2d:9bSerial Number (int): 276855978716142017314880712341765762459
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 7a:d1:cf:cc:a2:9e:af:6c:fb:c3:63:41:d3:c5:34:ea:57:94:f8:c8
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 53:f6:a7:e7:e0:ae:37:ae:78:bc:08:29:66:1e:32:e0:06:b2:61:bd
Fingerprint (sha256): a6:ad:c9:22:28:9d:68:2f:24:23:ea:9d:48:9b:b7:46:0d:3f:8d:97:84:24:7f:be:3b:ec:30:08:d0:4f:71:49
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate johnhancock.com
65
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for johnhancock.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
johnhancock.com
admin.jhrpsportal.com
admin5.jhnavigator.com
agent-stg.johnhancockinsurance.com
annuitiescopilot.nonprod.jhancock.com
annuitiesvoice.nonprod.jhancock.com
apps-test.johnhancockinsurance.com
assets.jhnavigator.com
assets.jhrps.com
ciamverification.registration.johnhancock.com
crverifyidentity.registration.johnhancock.com
data.igpinfo.com
dev-pdf.jhinvestments.com
dev.illustrationservicesportal.com
dev.jhadvancedmarkets.com
dev.jhillust.com
dev.jhinforcedownload.com
fwat.jhmylearningcenter.com
igpinfo.com
jh401kideas.com
jhancockretirementplanservices.com
jhapim.portal.manulife.com
jhauditpackage.com
jhcashoutcalculator.com
jhdiscover.com
jhemarketing-info.com
jhillust.com
jhmylearningcenter.com
jhnavigator.com
jhretirementadvisor.com
jhrps.com
jhrpsportal.com
jhvitality.com
patternlab.jhrps.com
provider.registration.johnhancock.com
qa.tmp.mysales.johnhancock.com
sales-stg.manulifebermuda.com
stage.identity.johnhancock.com
stage.jhadvancedmarkets.com
stage.jhillust.com
stage.jhinforcedownload.com
stg.tmp.mysales.johnhancock.com
test.identity.jhancock.com
test.identity.johnhancock.com
test.jhadvancedmarkets.com
test.jhannuities.com
test.jhillust.com
test.jhinforcedownload.com
test.johnhancockvitality.com
testc.partnerlink.jhancock.com
uat.data.igpinfo.com
www.data.igpinfo.com
www.igpinfo.com
www.jh401kideas.com
www.jhancockretirementplanservices.com
www.jhauditpackage.com
www.jhcashoutcalculator.com
www.jhdiscover.com
www.jhemarketing-info.com
www.jhillust.com
www.jhmylearningcenter.com
www.jhnavigator.com
www.jhretirementadvisor.com
www.jhrps.com
www.jhrpsportal.com
admin.jhrpsportal.com
admin5.jhnavigator.com
agent-stg.johnhancockinsurance.com
annuitiescopilot.nonprod.jhancock.com
annuitiesvoice.nonprod.jhancock.com
apps-test.johnhancockinsurance.com
assets.jhnavigator.com
assets.jhrps.com
ciamverification.registration.johnhancock.com
crverifyidentity.registration.johnhancock.com
data.igpinfo.com
dev-pdf.jhinvestments.com
dev.illustrationservicesportal.com
dev.jhadvancedmarkets.com
dev.jhillust.com
dev.jhinforcedownload.com
fwat.jhmylearningcenter.com
igpinfo.com
jh401kideas.com
jhancockretirementplanservices.com
jhapim.portal.manulife.com
jhauditpackage.com
jhcashoutcalculator.com
jhdiscover.com
jhemarketing-info.com
jhillust.com
jhmylearningcenter.com
jhnavigator.com
jhretirementadvisor.com
jhrps.com
jhrpsportal.com
jhvitality.com
patternlab.jhrps.com
provider.registration.johnhancock.com
qa.tmp.mysales.johnhancock.com
sales-stg.manulifebermuda.com
stage.identity.johnhancock.com
stage.jhadvancedmarkets.com
stage.jhillust.com
stage.jhinforcedownload.com
stg.tmp.mysales.johnhancock.com
test.identity.jhancock.com
test.identity.johnhancock.com
test.jhadvancedmarkets.com
test.jhannuities.com
test.jhillust.com
test.jhinforcedownload.com
test.johnhancockvitality.com
testc.partnerlink.jhancock.com
uat.data.igpinfo.com
www.data.igpinfo.com
www.igpinfo.com
www.jh401kideas.com
www.jhancockretirementplanservices.com
www.jhauditpackage.com
www.jhcashoutcalculator.com
www.jhdiscover.com
www.jhemarketing-info.com
www.jhillust.com
www.jhmylearningcenter.com
www.jhnavigator.com
www.jhretirementadvisor.com
www.jhrps.com
www.jhrpsportal.com
Other certificates including the domain name johnhancock.com
(limited to 100 certificates)
johnhancockinsurance.com
stage.identity.jhancock.com
manulife.com
rps.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
johnhancock.com
www.jhinvestments.com
stg.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
qr.retirement.johnhancock.com
dev-tmp.jhinvestments.com
johnhancock.com
www.jhinvestments.com
manulife.com
johnhancock.com
advisorfeedbackhub.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
crverifyidentity-dev.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
instant-apply.johnhancockinsurance.com
manulife.com
manulife.com
rps.jhancock.com
instant-apply.johnhancockinsurance.com
qr.myplan.johnhancock.com
manulife.com
digital-uat.customer.johnhancock.com
myplanuat.johnhancock.com
manulife.com
www.jhinvestments.com
digital-uat.customer.johnhancock.com
personalizedretirementadvice.johnhancock.com
rps.jhancock.com
www.jhinvestments.com
johnhancock.com
secure.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
www.jhinvestments.com
manulife.com
ww4.johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
preferences.johnhancock.com
qr.myplan.johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
manulife.com
jhshsm.johnhancock.com
qr.myplan.johnhancock.com
johnhancock.com
ww4.johnhancock.com
quote-uat.johnhancock.com
stg.johnhancock.com
johnhancock.com
digital.customer.johnhancock.com
johnhancock.com
johnhancockinsurance.com
johnhancock.com
retirementinfo.johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
protect.johnhancock.com
jhshsm.johnhancock.com
rps.jhancock.com
qr.retirement.johnhancock.com
manulife.com
johnhancock.com
newonboardingaugust2023.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
finapp.johnhancock.com
johnhancock.com
manulife.com
manulife.com
preferencesstg.johnhancock.com
stage.identity.jhancock.com
manulife.com
rps.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
johnhancock.com
www.jhinvestments.com
stg.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
qr.retirement.johnhancock.com
dev-tmp.jhinvestments.com
johnhancock.com
www.jhinvestments.com
manulife.com
johnhancock.com
advisorfeedbackhub.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
crverifyidentity-dev.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
instant-apply.johnhancockinsurance.com
manulife.com
manulife.com
rps.jhancock.com
instant-apply.johnhancockinsurance.com
qr.myplan.johnhancock.com
manulife.com
digital-uat.customer.johnhancock.com
myplanuat.johnhancock.com
manulife.com
www.jhinvestments.com
digital-uat.customer.johnhancock.com
personalizedretirementadvice.johnhancock.com
rps.jhancock.com
www.jhinvestments.com
johnhancock.com
secure.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
www.jhinvestments.com
manulife.com
ww4.johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
preferences.johnhancock.com
qr.myplan.johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
manulife.com
jhshsm.johnhancock.com
qr.myplan.johnhancock.com
johnhancock.com
ww4.johnhancock.com
quote-uat.johnhancock.com
stg.johnhancock.com
johnhancock.com
digital.customer.johnhancock.com
johnhancock.com
johnhancockinsurance.com
johnhancock.com
retirementinfo.johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
protect.johnhancock.com
jhshsm.johnhancock.com
rps.jhancock.com
qr.retirement.johnhancock.com
manulife.com
johnhancock.com
newonboardingaugust2023.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
finapp.johnhancock.com
johnhancock.com
manulife.com
manulife.com
preferencesstg.johnhancock.com
Certificate
The complete raw certificate details for johnhancock.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIINVjCCDD6gAwIBAgIRANBIhZ/GGliqEh1Yay+ILZswDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yNDAyMjYwMDAwMDBaFw0yNTAyMjUyMzU5NTlaMGIxCzAJBgNV BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMScwJQYDVQQKEx5NYW51bGlmZSBGaW5h bmNpYWwgQ29ycG9yYXRpb24xGDAWBgNVBAMTD2pvaG5oYW5jb2NrLmNvbTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXgE62cBaiMNr3LyntrzN6FscvA bhf6/YsCy5HUuLffdvONKC+a2x/qR6wtdJTr76X73hXQd0Si1GT9z85qMi7Kcpeb KZgWNkOrl+pXrfmDJPeodXJkGNwA3l0zL3qB3gJfN97ADWiX3PUXFhRljKvvyS+3 mo4Bnk6wRIRZufiHIrVqtOXTR4POzfVu2IntqRbd/AVhVdTnObdRcCvod4h4zZyr VM5e3aTU3pATZV1R1O+Rh7z6OE4bSKhT7lXxfyiIVueVaviVAbRSix1F3U9+/SSu tgU2Kfp+mWSuRjsMBXzzFbO0Ea+YyHWNiCLcFHJxS/joeeDoAnacQoHgvLsCAwEA AaOCCdEwggnNMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1Ud DgQWBBR60c/Mop6vbPvDY0HTxTTqV5T4yDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMw QTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdv LmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwu c2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1 cmVTZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0 cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRh dGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Au c2VjdGlnby5jb20wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AM8RVu7VLnyv 84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjeXnJrEAAAQDAEcwRQIgMYrJbVQz 6CoFpfXjRSVkVCL0+RvJqJbGm/9qx+I7svwCIQDPAeeA4fee6TpqwhcEfZEOE4Zz Pb97bDESbZ+blOtzFwB2AKLjCuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfn AAABjeXnJ4MAAAQDAEcwRQIgXW5uZkVSeaibaOE1asvSQTR4YNobvSZwo3RdC9HH XUUCIQCASFOeLVruq8t/FVivcayp5Oh2CYj2+TozmWTrAtmoKQB3AE51oydcmhDD OFts1N8/Uusd8OCOG41pwLH6ZLFimjnfAAABjeXnJycAAAQDAEgwRgIhANGDXJjz HegpzEyMnn4DFD7vkig/fDi1FBMLpmL5a5pcAiEA5vVCp7Nkw3raly3UOwdTPSVA 57Uj0DjKNVAMvXxLWbEwggaUBgNVHREEggaLMIIGh4IPam9obmhhbmNvY2suY29t ghVhZG1pbi5qaHJwc3BvcnRhbC5jb22CFmFkbWluNS5qaG5hdmlnYXRvci5jb22C ImFnZW50LXN0Zy5qb2huaGFuY29ja2luc3VyYW5jZS5jb22CJWFubnVpdGllc2Nv cGlsb3Qubm9ucHJvZC5qaGFuY29jay5jb22CI2FubnVpdGllc3ZvaWNlLm5vbnBy b2QuamhhbmNvY2suY29tgiJhcHBzLXRlc3Quam9obmhhbmNvY2tpbnN1cmFuY2Uu Y29tghZhc3NldHMuamhuYXZpZ2F0b3IuY29tghBhc3NldHMuamhycHMuY29tgi1j aWFtdmVyaWZpY2F0aW9uLnJlZ2lzdHJhdGlvbi5qb2huaGFuY29jay5jb22CLWNy dmVyaWZ5aWRlbnRpdHkucmVnaXN0cmF0aW9uLmpvaG5oYW5jb2NrLmNvbYIQZGF0 YS5pZ3BpbmZvLmNvbYIZZGV2LXBkZi5qaGludmVzdG1lbnRzLmNvbYIiZGV2Lmls bHVzdHJhdGlvbnNlcnZpY2VzcG9ydGFsLmNvbYIZZGV2LmpoYWR2YW5jZWRtYXJr ZXRzLmNvbYIQZGV2LmpoaWxsdXN0LmNvbYIZZGV2LmpoaW5mb3JjZWRvd25sb2Fk LmNvbYIbZndhdC5qaG15bGVhcm5pbmdjZW50ZXIuY29tggtpZ3BpbmZvLmNvbYIP amg0MDFraWRlYXMuY29tgiJqaGFuY29ja3JldGlyZW1lbnRwbGFuc2VydmljZXMu Y29tghpqaGFwaW0ucG9ydGFsLm1hbnVsaWZlLmNvbYISamhhdWRpdHBhY2thZ2Uu Y29tghdqaGNhc2hvdXRjYWxjdWxhdG9yLmNvbYIOamhkaXNjb3Zlci5jb22CFWpo ZW1hcmtldGluZy1pbmZvLmNvbYIMamhpbGx1c3QuY29tghZqaG15bGVhcm5pbmdj ZW50ZXIuY29tgg9qaG5hdmlnYXRvci5jb22CF2pocmV0aXJlbWVudGFkdmlzb3Iu Y29tgglqaHJwcy5jb22CD2pocnBzcG9ydGFsLmNvbYIOamh2aXRhbGl0eS5jb22C FHBhdHRlcm5sYWIuamhycHMuY29tgiVwcm92aWRlci5yZWdpc3RyYXRpb24uam9o bmhhbmNvY2suY29tgh5xYS50bXAubXlzYWxlcy5qb2huaGFuY29jay5jb22CHXNh bGVzLXN0Zy5tYW51bGlmZWJlcm11ZGEuY29tgh5zdGFnZS5pZGVudGl0eS5qb2hu aGFuY29jay5jb22CG3N0YWdlLmpoYWR2YW5jZWRtYXJrZXRzLmNvbYISc3RhZ2Uu amhpbGx1c3QuY29tghtzdGFnZS5qaGluZm9yY2Vkb3dubG9hZC5jb22CH3N0Zy50 bXAubXlzYWxlcy5qb2huaGFuY29jay5jb22CGnRlc3QuaWRlbnRpdHkuamhhbmNv Y2suY29tgh10ZXN0LmlkZW50aXR5LmpvaG5oYW5jb2NrLmNvbYIadGVzdC5qaGFk dmFuY2VkbWFya2V0cy5jb22CFHRlc3Quamhhbm51aXRpZXMuY29tghF0ZXN0Lmpo aWxsdXN0LmNvbYIadGVzdC5qaGluZm9yY2Vkb3dubG9hZC5jb22CHHRlc3Quam9o bmhhbmNvY2t2aXRhbGl0eS5jb22CHnRlc3RjLnBhcnRuZXJsaW5rLmpoYW5jb2Nr LmNvbYIUdWF0LmRhdGEuaWdwaW5mby5jb22CFHd3dy5kYXRhLmlncGluZm8uY29t gg93d3cuaWdwaW5mby5jb22CE3d3dy5qaDQwMWtpZGVhcy5jb22CJnd3dy5qaGFu Y29ja3JldGlyZW1lbnRwbGFuc2VydmljZXMuY29tghZ3d3cuamhhdWRpdHBhY2th Z2UuY29tght3d3cuamhjYXNob3V0Y2FsY3VsYXRvci5jb22CEnd3dy5qaGRpc2Nv dmVyLmNvbYIZd3d3LmpoZW1hcmtldGluZy1pbmZvLmNvbYIQd3d3LmpoaWxsdXN0 LmNvbYIad3d3LmpobXlsZWFybmluZ2NlbnRlci5jb22CE3d3dy5qaG5hdmlnYXRv ci5jb22CG3d3dy5qaHJldGlyZW1lbnRhZHZpc29yLmNvbYINd3d3LmpocnBzLmNv bYITd3d3LmpocnBzcG9ydGFsLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEALrE9qQQQ xCsIwt0JRVSqkzZO7uz1BU8O49JVCX2eONLqJBRBnFHW88lAuQzkco9ZJDRRHmBK WWC++tsjag2TEZDEC8kMqbh3EEY1wTShrMPvMS9HMWKywUmTqwsY2cZVzVv37JxA f5+22++GVUZySTHjdTZexcTKqQ0uOHZoN9r7F2j9sgUSbwNmPgYC4YF+u1/v4ide 4VTSHDqGwyp3Z0/sTJC/g0MGjEZp+ktftJ4A65FiO4Gd9MjiDp344jZHOFK6u2qU B70i1BhwfoZCQ5TEtJ6DlTD4RMlcnGeXO3E/zeNiIN1nDFOZPVCzZfEU7e+U7xTK EkqYSQPX6Q/wRA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9eATrZwFqIw2vcvKe2vM 3oWxy8BuF/r9iwLLkdS4t992840oL5rbH+pHrC10lOvvpfveFdB3RKLUZP3Pzmoy Lspyl5spmBY2Q6uX6let+YMk96h1cmQY3ADeXTMveoHeAl833sANaJfc9RcWFGWM q+/JL7eajgGeTrBEhFm5+IcitWq05dNHg87N9W7Yie2pFt38BWFV1Oc5t1FwK+h3 iHjNnKtUzl7dpNTekBNlXVHU75GHvPo4ThtIqFPuVfF/KIhW55Vq+JUBtFKLHUXd T379JK62BTYp+n6ZZK5GOwwFfPMVs7QRr5jIdY2IItwUcnFL+Oh54OgCdpxCgeC8 uwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 276855978716142017314880712341765762459 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-26 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-02-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'johnhancock.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31038881138464515907059085855994878761287977119285264272937293569038384574147312369160043920561213654678082432022564486373795398750001205916062829263531625198275044205153273876053718411075720079850949681604814563293040924765220931644951150182780043422222943413087831317962584748241653616575368029706605058651254374219892044116382142915242193801539599650497920113518866429508689525415827693507564306817934686835246379337807488088765433672820403420065839069890796666209719983538393484354171240991844740015988716840838816452055763723800209035021172442544940991450810439264864910370003699236797634580004712141137855429819 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7ad1cfcca29eaf6cfbc36341d3c534ea5794f8c8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018de5e726b100000403004730450220318ac96d5433e82a05a5f5e34525645422f4f91bc9a896c69bff6ac7e23bb2fc022100cf01e780e1f79ee93a6ac217047d910e1386733dbf7b6c31126d9f9b94eb7317007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018de5e72783000004030047304502205d6e6e66455279a89b68e1356acbd241347860da1bbd2670a3745d0bd1c75d450221008048539e2d5aeeabcb7f1558af71aca9e4e8760988f6f93a339964eb02d9a8290077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018de5e727270000040300483046022100d1835c98f31de829cc4c8c9e7e03143eef92283f7c38b514130ba662f96b9a5c022100e6f542a7b364c37ada972dd43b07533d2540e7b523d038ca35500cbd7c4b59b1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1675 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin.jhrpsportal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin5.jhnavigator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agent-stg.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annuitiescopilot.nonprod.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annuitiesvoice.nonprod.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps-test.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.jhnavigator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.jhrps.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ciamverification.registration.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crverifyidentity.registration.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-pdf.jhinvestments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.illustrationservicesportal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.jhadvancedmarkets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.jhinforcedownload.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fwat.jhmylearningcenter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jh401kideas.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhancockretirementplanservices.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.portal.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhauditpackage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhcashoutcalculator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhdiscover.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhemarketing-info.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhmylearningcenter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhnavigator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhretirementadvisor.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhrps.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhrpsportal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhvitality.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patternlab.jhrps.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'provider.registration.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.tmp.mysales.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales-stg.manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.identity.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jhadvancedmarkets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jhinforcedownload.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.tmp.mysales.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.identity.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.identity.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhadvancedmarkets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhannuities.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhinforcedownload.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.johnhancockvitality.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testc.partnerlink.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.data.igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.data.igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jh401kideas.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhancockretirementplanservices.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhauditpackage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhcashoutcalculator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhdiscover.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhemarketing-info.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhmylearningcenter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhnavigator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhretirementadvisor.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhrps.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhrpsportal.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002eb13da90410c42b08c2dd094554aa93364eeeecf5054f0ee3d255097d9e38d2ea2414419c51d6f3c940b90ce4728f592434511e604a5960befadb236a0d931190c40bc90ca9b877104635c134a1acc3ef312f473162b2c14993ab0b18d9c655cd5bf7ec9c407f9fb6dbef865546724931e375365ec5c4caa90d2e38766837dafb1768fdb205126f03663e0602e1817ebb5fefe2275ee154d21c3a86c32a77674fec4c90bf8343068c4669fa4b5fb49e00eb91623b819df4c8e20e9df8e236473852babb6a9407bd22d418707e86424394c4b49e839530f844c95c9c67973b713fcde36220dd670c53993d50b365f114edef94ef14ca124a984903d7e90ff044