mitchellcountyelections.iowa.gov
Issued by R3
About this certificate
This digital certificate with serial number 03:eb:2f:49:46:99:05:39:e6:82:9c:30:99:0d:09:ee:9c:80 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mitchellcountyelections.iowa.gov
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:eb:2f:49:46:99:05:39:e6:82:9c:30:99:0d:09:ee:9c:80Serial Number (int): 341366068207066041484881913452805841919104
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d4:e3:02:6b:7a:a8:e0:20:29:cd:cd:b9:06:d4:aa:fb:c6:b0:57:60
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): ed:e1:ca:df:8b:ef:4a:ea:4d:ad:82:3c:83:34:18:70:b6:38:7b:26
Fingerprint (sha256): 00:2b:5d:bc:36:73:ce:d3:e9:49:24:cc:e5:86:7a:9f:96:16:79:42:38:02:ab:8b:3a:6b:9f:12:86:ed:88:1b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate mitchellcountyelections.iowa.gov
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mitchellcountyelections.iowa.gov
Public Key Algorithm
ECDSA
Key Size
256
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mitchellcountyelections.iowa.gov
Other certificates including the domain name iowa.gov
(limited to 100 certificates)
pottawattamiecounty.iowa.gov
mitchellcountyelections.iowa.gov
pocahontascountyiowa.gov
www.greenecounty.iowa.gov
earlychildhood.iowa.gov
ssl7.revizesites.com
elections101.iowa.gov
ssl8.revizesites.com
idacounty.iowa.gov
iris.iowa.gov
iowa.gov
www.cedarcounty.iowa.gov
incapsula.com
hsemdpreparedness.iowa.gov
pagecounty.iowa.gov
dhs.iowa.gov
delawarecounty.iowa.gov
harrisoncounty.iowa.gov
ssl3.revizesites.com
www.floodrisk.iowa.gov
fs.wdm.iowa.gov
ssl3.revizesites.com
login.iowa.gov
etranscript.iowa.gov
incapsula.com
incapsula.com
www.crawfordcounty.iowa.gov
norwalk.iowa.gov
incapsula.com
ileatraining.iowa.gov
incapsula.com
forms.cabarruscounty.us
dia.iowa.gov
clarkecountyiowa.org
san-f2.granicusgovaccess.net
ltgovernor.iowa.gov
hd.alborgdx.com
vaapp.iowa.gov
claycounty.iowa.gov
incapsula.com
ssl8.revizesites.com
www.wapellocounty.iowa.gov
googlehelp.iowa.gov
va.iowa.gov
lucascountyelections.iowa.gov
ssl8.revizesites.com
commerce.iowa.gov
www.idr.iowa.gov
filings.iowa.gov
incapsula.com
ssl3.revizesites.com
www.plb.iowa.gov
incapsula.com
datapro.plb.iowa.gov
incapsula.com
crawfordcounty.iowa.gov
ltgovernor.iowa.gov
efs.iowa.gov
www.muscatinecountyiowa.gov
monroecounty.iowa.gov
incapsula.com
howardcounty.iowa.gov
idol.iowa.gov
ssl8.revizesites.com
fayettecounty.iowa.gov
vaapp.iowa.gov
yourlifeiowa.org
incapsula.com
www.admissions.iastate.edu
entaa.iowa.gov
www.pocahontas-county.com
yourlifeiowa.com
train-qa.iowa.gov
incapsula.com
claycounty.iowa.gov
incapsula.com
mail.norwalk.iowa.gov
incapsula.com
*.iowa.gov
incapsula.com
city-budget-explorer.iowa.gov
earlychildhood.iowa.gov
terracehill.iowa.gov
madisoncounty.iowa.gov
vpn2.iowa.gov
ssl7.revizesites.com
incapsula.com
san-d2.granicusgovaccess.net
emmetcounty.iowa.gov
ssl7.revizesites.com
incapsula.com
butlercoiowa.org
incapsula.com
guestaccess.iwd.iowa.gov
iowanewbornscreening.iowa.gov
ssl1.revizesites.com
dia.iowa.gov
san-e2.granicusgovaccess.net
desktop.iwd.iowa.gov
san-f2.granicusgovaccess.net
mitchellcountyelections.iowa.gov
pocahontascountyiowa.gov
www.greenecounty.iowa.gov
earlychildhood.iowa.gov
ssl7.revizesites.com
elections101.iowa.gov
ssl8.revizesites.com
idacounty.iowa.gov
iris.iowa.gov
iowa.gov
www.cedarcounty.iowa.gov
incapsula.com
hsemdpreparedness.iowa.gov
pagecounty.iowa.gov
dhs.iowa.gov
delawarecounty.iowa.gov
harrisoncounty.iowa.gov
ssl3.revizesites.com
www.floodrisk.iowa.gov
fs.wdm.iowa.gov
ssl3.revizesites.com
login.iowa.gov
etranscript.iowa.gov
incapsula.com
incapsula.com
www.crawfordcounty.iowa.gov
norwalk.iowa.gov
incapsula.com
ileatraining.iowa.gov
incapsula.com
forms.cabarruscounty.us
dia.iowa.gov
clarkecountyiowa.org
san-f2.granicusgovaccess.net
ltgovernor.iowa.gov
hd.alborgdx.com
vaapp.iowa.gov
claycounty.iowa.gov
incapsula.com
ssl8.revizesites.com
www.wapellocounty.iowa.gov
googlehelp.iowa.gov
va.iowa.gov
lucascountyelections.iowa.gov
ssl8.revizesites.com
commerce.iowa.gov
www.idr.iowa.gov
filings.iowa.gov
incapsula.com
ssl3.revizesites.com
www.plb.iowa.gov
incapsula.com
datapro.plb.iowa.gov
incapsula.com
crawfordcounty.iowa.gov
ltgovernor.iowa.gov
efs.iowa.gov
www.muscatinecountyiowa.gov
monroecounty.iowa.gov
incapsula.com
howardcounty.iowa.gov
idol.iowa.gov
ssl8.revizesites.com
fayettecounty.iowa.gov
vaapp.iowa.gov
yourlifeiowa.org
incapsula.com
www.admissions.iastate.edu
entaa.iowa.gov
www.pocahontas-county.com
yourlifeiowa.com
train-qa.iowa.gov
incapsula.com
claycounty.iowa.gov
incapsula.com
mail.norwalk.iowa.gov
incapsula.com
*.iowa.gov
incapsula.com
city-budget-explorer.iowa.gov
earlychildhood.iowa.gov
terracehill.iowa.gov
madisoncounty.iowa.gov
vpn2.iowa.gov
ssl7.revizesites.com
incapsula.com
san-d2.granicusgovaccess.net
emmetcounty.iowa.gov
ssl7.revizesites.com
incapsula.com
butlercoiowa.org
incapsula.com
guestaccess.iwd.iowa.gov
iowanewbornscreening.iowa.gov
ssl1.revizesites.com
dia.iowa.gov
san-e2.granicusgovaccess.net
desktop.iwd.iowa.gov
san-f2.granicusgovaccess.net
Certificate
The complete raw certificate details for mitchellcountyelections.iowa.gov in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEQzCCAyugAwIBAgISA+svSUaZBTnmgpwwmQ0J7pyAMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMTIxMzA2NTRaFw0yNDA0MTExMzA2NTNaMCsxKTAnBgNVBAMT IG1pdGNoZWxsY291bnR5ZWxlY3Rpb25zLmlvd2EuZ292MFkwEwYHKoZIzj0CAQYI KoZIzj0DAQcDQgAECK74jZuvGS6tKLkbtXTYEXumsvA/XvoLAsq1NB6zUoaWgufI RNxK+wDZRFgMl6q2J8FRIF+3oFBGd2MlxPStg6OCAiMwggIfMA4GA1UdDwEB/wQE AwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQU1OMCa3qo4CApzc25BtSq+8awV2AwHwYDVR0jBBgwFoAUFC6z F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl bmNyLm9yZy8wKwYDVR0RBCQwIoIgbWl0Y2hlbGxjb3VudHllbGVjdGlvbnMuaW93 YS5nb3YwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgorBgEEAdZ5AgQCBIH2BIHz APEAdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYz9/0VCAAAE AwBIMEYCIQDJjna8WHxY4C44QcDZgr78VhOoT5pnZKC6WFjysmzloQIhAMfwS0Vi XX+kxU+6Q1kiaPoq+zVtxN7EJ6KObMxUKWNkAHYA7s3QZNXbGs7FXLedtM0TojKH Rny87N7DUUhZRnEftZsAAAGM/f9FQgAABAMARzBFAiBWXY0RpPJ/9UrdGmobQURK SLLGWMAusCS2YMcU6To+4wIhANkbbWkk176vBO2bh0Q4bNl8z6Mb6VKxsNtfWa8f gYJUMA0GCSqGSIb3DQEBCwUAA4IBAQCA1UoYQqlqZBI4pwAgtF9r4x4rhk0bGq8V nwc4P2AplkAbCAVOjGHbLMB3oDX1srovWS7ZD0hJiuFl0v1OUS/cOd4iQ4/811Mu fQSw670g/h+NgWiQuxE+uBCDIMN2Z1LpcqtZ446cl8le+JmTZ/fT0VqwXqBjP4bQ ApGHtsIW+KmmRbhe3a9lNbiiI74axqsGLm8zSsq4YMx8zXEFSotrxaJfYT3KBREn sxu4miL4aNoXuZLB/bPk77yosZnKLPRRS8JjEiG0jjmEm3WA0tWobXAAMWeQph+t zRfU/Kgoe/s4Ptj8sQJPB8QydO2NyYHG05MxyiDEOpTnDVWDjlzC -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAECK74jZuvGS6tKLkbtXTYEXumsvA/ XvoLAsq1NB6zUoaWgufIRNxK+wDZRFgMl6q2J8FRIF+3oFBGd2MlxPStgw== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 341366068207066041484881913452805841919104 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-12 13:06:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-11 13:06:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mitchellcountyelections.iowa.gov' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey) . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1) . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits) 000408aef88d9baf192ead28b91bb574d8117ba6b2f03f5efa0b02cab5341eb352869682e7c844dc4afb00d944580c97aab627c151205fb7a05046776325c4f4ad83 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits) 0780 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d4e3026b7aa8e02029cdcdb906d4aafbc6b05760 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mitchellcountyelections.iowa.gov' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f100770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cfdff45420000040300483046022100c98e76bc587c58e02e3841c0d982befc5613a84f9a6764a0ba5858f2b26ce5a1022100c7f04b45625d7fa4c54fba43592268fa2afb356dc4dec427a28e6ccc54296364007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cfdff454200000403004730450220565d8d11a4f27ff54add1a6a1b41444a48b2c658c02eb024b660c714e93a3ee3022100d91b6d6924d7beaf04ed9b8744386cd97ccfa31be952b1b0db5f59af1f818254 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0080d54a1842a96a641238a70020b45f6be31e2b864d1b1aaf159f07383f602996401b08054e8c61db2cc077a035f5b2ba2f592ed90f48498ae165d2fd4e512fdc39de22438ffcd7532e7d04b0ebbd20fe1f8d816890bb113eb8108320c3766752e972ab59e38e9c97c95ef8999367f7d3d15ab05ea0633f86d0029187b6c216f8a9a645b85eddaf6535b8a223be1ac6ab062e6f334acab860cc7ccd71054a8b6bc5a25f613dca051127b31bb89a22f868da17b992c1fdb3e4efbca8b199ca2cf4514bc2631221b48e39849b7580d2d5a86d7000316790a61fadcd17d4fca8287bfb383ed8fcb1024f07c43274ed8dc981c6d39331ca20c43a94e70d55838e5cc2