johnhancock.com
- Manulife Financial Corporation -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number f6:8a:37:1e:54:e3:f0:2a:55:4f:fb:e7:2f:24:dd:4f was issued on by Sectigo Limited.
With 62 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Manulife Financial Corporation
Organization:
Manulife Financial Corporation
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): f6:8a:37:1e:54:e3:f0:2a:55:4f:fb:e7:2f:24:dd:4fSerial Number (int): 327707741865212488351789245620459724111
Serial Number lenght: 128 bits, 16 octets
SubjectKeyId: 56:b1:cb:7d:e1:f1:48:92:43:e6:eb:01:e7:90:66:94:16:39:1f:6c
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 20:bb:3b:f6:f8:c2:56:00:4a:e8:ad:8f:44:69:6f:91:da:72:2a:41
Fingerprint (sha256): ac:a2:a7:7a:ff:a9:2d:b0:79:83:4a:6a:77:ed:8b:28:41:76:62:c4:4d:96:20:78:7f:fd:cf:51:5b:d8:02:ee
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate johnhancock.com
62
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for johnhancock.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
johnhancock.com
admin.jhrpsportal.com
admin5.jhnavigator.com
agent-stg.johnhancockinsurance.com
annuitiescopilot.nonprod.jhancock.com
annuitiescopilot.prod.jhancock.com
annuitiesvoice.nonprod.jhancock.com
annuitiesvoice.prod.jhancock.com
apps-test.johnhancockinsurance.com
assets.jhnavigator.com
azkv-usseg.prod.jhancock.com
ciamverification.registration.johnhancock.com
crverifyidentity.registration.johnhancock.com
data.igpinfo.com
dev-pdf.jhinvestments.com
dev.illustrationservicesportal.com
dev.jhadvancedmarkets.com
dev.jhillust.com
dev.jhinforcedownload.com
fwat.jhmylearningcenter.com
igpinfo.com
jhauditpackage.com
jhcashoutcalculator.com
jhdiscover.com
jhemarketing-info.com
jhi-apim.dev.manulife.com
jhi-apim.test.manulife.com
jhillust.com
jhmylearningcenter.com
jhnavigator.com
jhrps.com
jhrpsportal.com
jhvitality.com
patternlab.jhrps.com
provider.registration.johnhancock.com
qa.tmp.mysales.johnhancock.com
sales-stg.manulifebermuda.com
stage.identity.johnhancock.com
stage.jhadvancedmarkets.com
stage.jhillust.com
stage.jhinforcedownload.com
stg.tmp.mysales.johnhancock.com
test.identity.jhancock.com
test.identity.johnhancock.com
test.jhadvancedmarkets.com
test.jhannuities.com
test.jhillust.com
test.jhinforcedownload.com
test.johnhancockvitality.com
testc.partnerlink.jhancock.com
uat.data.igpinfo.com
www.data.igpinfo.com
www.igpinfo.com
www.jhauditpackage.com
www.jhcashoutcalculator.com
www.jhdiscover.com
www.jhemarketing-info.com
www.jhillust.com
www.jhmylearningcenter.com
www.jhnavigator.com
www.jhrps.com
www.jhrpsportal.com
admin.jhrpsportal.com
admin5.jhnavigator.com
agent-stg.johnhancockinsurance.com
annuitiescopilot.nonprod.jhancock.com
annuitiescopilot.prod.jhancock.com
annuitiesvoice.nonprod.jhancock.com
annuitiesvoice.prod.jhancock.com
apps-test.johnhancockinsurance.com
assets.jhnavigator.com
azkv-usseg.prod.jhancock.com
ciamverification.registration.johnhancock.com
crverifyidentity.registration.johnhancock.com
data.igpinfo.com
dev-pdf.jhinvestments.com
dev.illustrationservicesportal.com
dev.jhadvancedmarkets.com
dev.jhillust.com
dev.jhinforcedownload.com
fwat.jhmylearningcenter.com
igpinfo.com
jhauditpackage.com
jhcashoutcalculator.com
jhdiscover.com
jhemarketing-info.com
jhi-apim.dev.manulife.com
jhi-apim.test.manulife.com
jhillust.com
jhmylearningcenter.com
jhnavigator.com
jhrps.com
jhrpsportal.com
jhvitality.com
patternlab.jhrps.com
provider.registration.johnhancock.com
qa.tmp.mysales.johnhancock.com
sales-stg.manulifebermuda.com
stage.identity.johnhancock.com
stage.jhadvancedmarkets.com
stage.jhillust.com
stage.jhinforcedownload.com
stg.tmp.mysales.johnhancock.com
test.identity.jhancock.com
test.identity.johnhancock.com
test.jhadvancedmarkets.com
test.jhannuities.com
test.jhillust.com
test.jhinforcedownload.com
test.johnhancockvitality.com
testc.partnerlink.jhancock.com
uat.data.igpinfo.com
www.data.igpinfo.com
www.igpinfo.com
www.jhauditpackage.com
www.jhcashoutcalculator.com
www.jhdiscover.com
www.jhemarketing-info.com
www.jhillust.com
www.jhmylearningcenter.com
www.jhnavigator.com
www.jhrps.com
www.jhrpsportal.com
Other certificates including the domain name johnhancock.com
(limited to 100 certificates)
johnhancockinsurance.com
stage.identity.jhancock.com
manulife.com
rps.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
johnhancock.com
www.jhinvestments.com
stg.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
qr.retirement.johnhancock.com
dev-tmp.jhinvestments.com
johnhancock.com
www.jhinvestments.com
manulife.com
johnhancock.com
advisorfeedbackhub.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
crverifyidentity-dev.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
instant-apply.johnhancockinsurance.com
manulife.com
manulife.com
rps.jhancock.com
instant-apply.johnhancockinsurance.com
qr.myplan.johnhancock.com
manulife.com
digital-uat.customer.johnhancock.com
myplanuat.johnhancock.com
manulife.com
www.jhinvestments.com
digital-uat.customer.johnhancock.com
personalizedretirementadvice.johnhancock.com
rps.jhancock.com
www.jhinvestments.com
johnhancock.com
secure.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
www.jhinvestments.com
manulife.com
ww4.johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
preferences.johnhancock.com
qr.myplan.johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
manulife.com
jhshsm.johnhancock.com
qr.myplan.johnhancock.com
johnhancock.com
ww4.johnhancock.com
quote-uat.johnhancock.com
stg.johnhancock.com
johnhancock.com
digital.customer.johnhancock.com
johnhancock.com
johnhancockinsurance.com
johnhancock.com
retirementinfo.johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
protect.johnhancock.com
jhshsm.johnhancock.com
rps.jhancock.com
qr.retirement.johnhancock.com
manulife.com
johnhancock.com
newonboardingaugust2023.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
finapp.johnhancock.com
johnhancock.com
manulife.com
manulife.com
preferencesstg.johnhancock.com
stage.identity.jhancock.com
manulife.com
rps.jhancock.com
manulife.com
uat.igpclaimreporting.jhancock.com
qa.johnhancock.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
johnhancock.com
www.jhinvestments.com
stg.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
qr.retirement.johnhancock.com
dev-tmp.jhinvestments.com
johnhancock.com
www.jhinvestments.com
manulife.com
johnhancock.com
advisorfeedbackhub.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
crverifyidentity-dev.johnhancock.com
myplanuat.johnhancock.com
www.jhinvestments.com
johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
instant-apply.johnhancockinsurance.com
manulife.com
manulife.com
rps.jhancock.com
instant-apply.johnhancockinsurance.com
qr.myplan.johnhancock.com
manulife.com
digital-uat.customer.johnhancock.com
myplanuat.johnhancock.com
manulife.com
www.jhinvestments.com
digital-uat.customer.johnhancock.com
personalizedretirementadvice.johnhancock.com
rps.jhancock.com
www.jhinvestments.com
johnhancock.com
secure.johnhancock.com
manulife.com
johnhancock.com
johnhancock.com
www.jhinvestments.com
manulife.com
ww4.johnhancock.com
johnhancock.com
johnhancock.com
manulife.com
preferences.johnhancock.com
qr.myplan.johnhancock.com
img.retirement.johnhancock.com
johnhancock.com
manulife.com
jhshsm.johnhancock.com
qr.myplan.johnhancock.com
johnhancock.com
ww4.johnhancock.com
quote-uat.johnhancock.com
stg.johnhancock.com
johnhancock.com
digital.customer.johnhancock.com
johnhancock.com
johnhancockinsurance.com
johnhancock.com
retirementinfo.johnhancock.com
jhaconnect.jhannuities.com
johnhancock.com
johnhancock.com
onboarding.retirement.johnhancock.com
protect.johnhancock.com
jhshsm.johnhancock.com
rps.jhancock.com
qr.retirement.johnhancock.com
manulife.com
johnhancock.com
newonboardingaugust2023.retirement.johnhancock.com
johnhancock.com
rps.jhancock.com
manulife.com
johnhancock.com
manulife.com
johnhancock.com
finapp.johnhancock.com
johnhancock.com
manulife.com
manulife.com
preferencesstg.johnhancock.com
Certificate
The complete raw certificate details for johnhancock.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIINGzCCDAOgAwIBAgIRAPaKNx5U4/AqVU/75y8k3U8wDQYJKoZIhvcNAQELBQAw gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl cnZlciBDQTAeFw0yNDA0MTIwMDAwMDBaFw0yNTA0MTIyMzU5NTlaMGIxCzAJBgNV BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMScwJQYDVQQKEx5NYW51bGlmZSBGaW5h bmNpYWwgQ29ycG9yYXRpb24xGDAWBgNVBAMTD2pvaG5oYW5jb2NrLmNvbTCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxDQ0MVB6blQMS6Um8cAuYRZ2Ot kCKDcH2+VkY1efosgfzg1rY3/2rLIs/8mQPO4E2Ladn30ntlnyx4g716Evmyn7Vy c4eMaCiolPX7uR/97uKPCl47m5LSB3baxWFse1m/kNWjaubdgsQE62Ocx5ypEmpd iw/7scVlMB4vzWEZ9aTikHQD5czMUDY7X1AQ3/L8NnKdbkOENP9vukVi87bziJ7S 2ubTHjUK8x5FAuejdaYS7rbDSca4XoJmeuHnnMN5q0lYdE7ku4XXuff+pxwmvVgm FWRUmV2mACEWiiDKm6w5J3Nzl/OtgdUI5EVa69KPNyta+XSPanJRMt3aJgECAwEA AaOCCZYwggmSMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1Ud DgQWBBRWsct94fFIkkPm6wHnkGaUFjkfbDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMw QTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdv LmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwu c2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1 cmVTZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0 cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRh dGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Au c2VjdGlnby5jb20wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3AM8RVu7VLnyv 84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjtLPebMAAAQDAEgwRgIhAPBQzSCR GsUB6V8Mv9xP9lmuBzyrB+XxtK1kc6L7RSfWAiEA5qlcev4F55dHE0NyXN1nYb3U wGOPRZysZDvsOUxDsAgAdwCi4wrkRe+9rZt+OO1HZ3dT14JbhJTXK14bLMS5UKRH 5wAAAY7Sz3lJAAAEAwBIMEYCIQDJ9uYYlvy5DnGiqjn+YwJGQ+stb3JSlPlh/p/l k1SvJwIhAJEp3L+C4rfmWjtGLQgffnoyd5TxHwrxLa1zmpSRv0mZAHUATnWjJ1ya EMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGO0s95SQAABAMARjBEAiBVpwZy nvL81UfDp7ew8qLD5aYGMe0qnd1cb7+jswsXFQIgRBDUfPFFPu6uql8vjDyXni6g thPeu9Nttx+J4hne6+MwggZZBgNVHREEggZQMIIGTIIPam9obmhhbmNvY2suY29t ghVhZG1pbi5qaHJwc3BvcnRhbC5jb22CFmFkbWluNS5qaG5hdmlnYXRvci5jb22C ImFnZW50LXN0Zy5qb2huaGFuY29ja2luc3VyYW5jZS5jb22CJWFubnVpdGllc2Nv cGlsb3Qubm9ucHJvZC5qaGFuY29jay5jb22CImFubnVpdGllc2NvcGlsb3QucHJv ZC5qaGFuY29jay5jb22CI2FubnVpdGllc3ZvaWNlLm5vbnByb2QuamhhbmNvY2su Y29tgiBhbm51aXRpZXN2b2ljZS5wcm9kLmpoYW5jb2NrLmNvbYIiYXBwcy10ZXN0 LmpvaG5oYW5jb2NraW5zdXJhbmNlLmNvbYIWYXNzZXRzLmpobmF2aWdhdG9yLmNv bYIcYXprdi11c3NlZy5wcm9kLmpoYW5jb2NrLmNvbYItY2lhbXZlcmlmaWNhdGlv bi5yZWdpc3RyYXRpb24uam9obmhhbmNvY2suY29tgi1jcnZlcmlmeWlkZW50aXR5 LnJlZ2lzdHJhdGlvbi5qb2huaGFuY29jay5jb22CEGRhdGEuaWdwaW5mby5jb22C GWRldi1wZGYuamhpbnZlc3RtZW50cy5jb22CImRldi5pbGx1c3RyYXRpb25zZXJ2 aWNlc3BvcnRhbC5jb22CGWRldi5qaGFkdmFuY2VkbWFya2V0cy5jb22CEGRldi5q aGlsbHVzdC5jb22CGWRldi5qaGluZm9yY2Vkb3dubG9hZC5jb22CG2Z3YXQuamht eWxlYXJuaW5nY2VudGVyLmNvbYILaWdwaW5mby5jb22CEmpoYXVkaXRwYWNrYWdl LmNvbYIXamhjYXNob3V0Y2FsY3VsYXRvci5jb22CDmpoZGlzY292ZXIuY29tghVq aGVtYXJrZXRpbmctaW5mby5jb22CGWpoaS1hcGltLmRldi5tYW51bGlmZS5jb22C GmpoaS1hcGltLnRlc3QubWFudWxpZmUuY29tggxqaGlsbHVzdC5jb22CFmpobXls ZWFybmluZ2NlbnRlci5jb22CD2pobmF2aWdhdG9yLmNvbYIJamhycHMuY29tgg9q aHJwc3BvcnRhbC5jb22CDmpodml0YWxpdHkuY29tghRwYXR0ZXJubGFiLmpocnBz LmNvbYIlcHJvdmlkZXIucmVnaXN0cmF0aW9uLmpvaG5oYW5jb2NrLmNvbYIecWEu dG1wLm15c2FsZXMuam9obmhhbmNvY2suY29tgh1zYWxlcy1zdGcubWFudWxpZmVi ZXJtdWRhLmNvbYIec3RhZ2UuaWRlbnRpdHkuam9obmhhbmNvY2suY29tghtzdGFn ZS5qaGFkdmFuY2VkbWFya2V0cy5jb22CEnN0YWdlLmpoaWxsdXN0LmNvbYIbc3Rh Z2UuamhpbmZvcmNlZG93bmxvYWQuY29tgh9zdGcudG1wLm15c2FsZXMuam9obmhh bmNvY2suY29tghp0ZXN0LmlkZW50aXR5LmpoYW5jb2NrLmNvbYIddGVzdC5pZGVu dGl0eS5qb2huaGFuY29jay5jb22CGnRlc3QuamhhZHZhbmNlZG1hcmtldHMuY29t ghR0ZXN0LmpoYW5udWl0aWVzLmNvbYIRdGVzdC5qaGlsbHVzdC5jb22CGnRlc3Qu amhpbmZvcmNlZG93bmxvYWQuY29tghx0ZXN0LmpvaG5oYW5jb2Nrdml0YWxpdHku Y29tgh50ZXN0Yy5wYXJ0bmVybGluay5qaGFuY29jay5jb22CFHVhdC5kYXRhLmln cGluZm8uY29tghR3d3cuZGF0YS5pZ3BpbmZvLmNvbYIPd3d3LmlncGluZm8uY29t ghZ3d3cuamhhdWRpdHBhY2thZ2UuY29tght3d3cuamhjYXNob3V0Y2FsY3VsYXRv ci5jb22CEnd3dy5qaGRpc2NvdmVyLmNvbYIZd3d3LmpoZW1hcmtldGluZy1pbmZv LmNvbYIQd3d3LmpoaWxsdXN0LmNvbYIad3d3LmpobXlsZWFybmluZ2NlbnRlci5j b22CE3d3dy5qaG5hdmlnYXRvci5jb22CDXd3dy5qaHJwcy5jb22CE3d3dy5qaHJw c3BvcnRhbC5jb20wDQYJKoZIhvcNAQELBQADggEBADSI7uvFDR2j9VR6ZZsk7WUu p4sJS3wN/7AhwKufgQFfgoNw626HCVbfqHLX5p+b0zZtmr81tXom1v+fdLNQJo3N osXC0O+oBxcoBvl45MDKviQ+ZfkkGI8ZOuFdh4D0SQmqx/81Wxpxb3qG4iijsGKi Y/eA1z4EGIZKjMCoAy8SjrxqXDPtY1kOvsn9EgOy5LfD6EZnJKee8vmH6FB/0AfJ mtgzn2/4uHoU6EB8KsTJ8QWU37dwxdLLhuqu7h/AEYDS6wye04E5uAo9kkLd7wFC zrnJvfDGtovSwLr5EFtY686QTqNSdtzfHSCVlJ5IhIJum9H8b2YfhtFh97o5dCM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvENDQxUHpuVAxLpSbxwC 5hFnY62QIoNwfb5WRjV5+iyB/ODWtjf/assiz/yZA87gTYtp2ffSe2WfLHiDvXoS +bKftXJzh4xoKKiU9fu5H/3u4o8KXjubktIHdtrFYWx7Wb+Q1aNq5t2CxATrY5zH nKkSal2LD/uxxWUwHi/NYRn1pOKQdAPlzMxQNjtfUBDf8vw2cp1uQ4Q0/2+6RWLz tvOIntLa5tMeNQrzHkUC56N1phLutsNJxrhegmZ64eecw3mrSVh0TuS7hde59/6n HCa9WCYVZFSZXaYAIRaKIMqbrDknc3OX862B1QjkRVrr0o83K1r5dI9qclEy3dom AQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 327707741865212488351789245620459724111 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-12 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'johnhancock.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23765969828074749660839739434143793246779699323505269328306858632730001875057096216295592159387180105873049129889769866290659976060889001332700889651079770236487094962190573781264385146405917997219305876023082132505462185265594316919692319703748892210361944885966659321904064640598486942234346785097654354436550126519468231829894316933376951322519803973215564247133080717131046839376034955614988474568826065033965847577809737777722019736727499344659699155400647165871844489826840700633846151557942554863780338796985959399373942818073669121229027887046522518996940472410659885505718642336418535774079007735669208000001 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 56b1cb7de1f1489243e6eb01e790669416391f6c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018ed2cf79b30000040300483046022100f050cd20911ac501e95f0cbfdc4ff659ae073cab07e5f1b4ad6473a2fb4527d6022100e6a95c7afe05e797471343725cdd6761bdd4c0638f459cac643bec394c43b008007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018ed2cf79490000040300483046022100c9f6e61896fcb90e71a2aa39fe63024643eb2d6f725294f961fe9fe59354af270221009129dcbf82e2b7e65a3b462d081f7e7a327794f11f0af12dad739a9491bf49990075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018ed2cf79490000040300463044022055a706729ef2fcd547c3a7b7b0f2a2c3e5a60631ed2a9ddd5c6fbfa3b30b171502204410d47cf1453eeeaeaa5f2f8c3c979e2ea0b613debbd36db71f89e219deebe3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1616 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin.jhrpsportal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin5.jhnavigator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agent-stg.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annuitiescopilot.nonprod.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annuitiescopilot.prod.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annuitiesvoice.nonprod.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'annuitiesvoice.prod.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps-test.johnhancockinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'assets.jhnavigator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azkv-usseg.prod.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ciamverification.registration.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'crverifyidentity.registration.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'data.igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev-pdf.jhinvestments.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.illustrationservicesportal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.jhadvancedmarkets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.jhinforcedownload.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fwat.jhmylearningcenter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhauditpackage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhcashoutcalculator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhdiscover.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhemarketing-info.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhi-apim.dev.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhi-apim.test.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhmylearningcenter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhnavigator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhrps.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhrpsportal.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhvitality.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patternlab.jhrps.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'provider.registration.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.tmp.mysales.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sales-stg.manulifebermuda.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.identity.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jhadvancedmarkets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.jhinforcedownload.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.tmp.mysales.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.identity.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.identity.johnhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhadvancedmarkets.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhannuities.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.jhinforcedownload.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.johnhancockvitality.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'testc.partnerlink.jhancock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.data.igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.data.igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.igpinfo.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhauditpackage.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhcashoutcalculator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhdiscover.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhemarketing-info.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhillust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhmylearningcenter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhnavigator.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhrps.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.jhrpsportal.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003488eeebc50d1da3f5547a659b24ed652ea78b094b7c0dffb021c0ab9f81015f828370eb6e870956dfa872d7e69f9bd3366d9abf35b57a26d6ff9f74b350268dcda2c5c2d0efa807172806f978e4c0cabe243e65f924188f193ae15d8780f44909aac7ff355b1a716f7a86e228a3b062a263f780d73e0418864a8cc0a8032f128ebc6a5c33ed63590ebec9fd1203b2e4b7c3e8466724a79ef2f987e8507fd007c99ad8339f6ff8b87a14e8407c2ac4c9f10594dfb770c5d2cb86eaaeee1fc01180d2eb0c9ed38139b80a3d9242ddef0142ceb9c9bdf0c6b68bd2c0baf9105b58ebce904ea35276dcdf1d2095949e4884826e9bd1fc6f661f86d161f7ba397423