blog.medallia.com

Issued by R3

About this certificate

This digital certificate with serial number 04:6a:77:a1:32:36:f1:ed:7b:e6:e2:d2:e2:1f:61:d6:81:2c was issued on by Let's Encrypt.

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=blog.medallia.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:6a:77:a1:32:36:f1:ed:7b:e6:e2:d2:e2:1f:61:d6:81:2c
Serial Number (int): 384678089730426766755987214008613112021292
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 17:7e:ee:75:67:e0:58:2f:4d:fd:2a:52:26:49:83:04:97:4d:76:99
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): d2:fd:ad:2d:6e:a3:f5:f4:5a:60:4c:8c:30:19:cd:d4:1c:97:6b:00
Fingerprint (sha256): 00:54:86:aa:c7:a8:22:b9:05:bc:6b:91:7e:50:06:5d:15:00:79:5d:a0:0f:7d:7c:f1:99:88:e8:6d:24:64:25

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate blog.medallia.com

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for blog.medallia.com

Public Key Algorithm

ECDSA

Key Size

256

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

blog.medallia.com
community.medallia.com
institute.medallia.com
medallia.co.uk
medallia.com
www.medallia.co.uk
www.medallia.com

Other certificates including the domain name medallia.com

(limited to 100 certificates)
*.aws-stg.medallia.com
1e291ab3status.snowflake.com
e2.shared.global.fastly.net
*.medallia.com
dns-vetting1c.map.fastly.net
es.medallia.com
*.sbx.usps.medallia.com
blog.medallia.com
*.jiveon.com
pt.medallia.com
1e291ab3status.snowflake.com
jobs.medallia.com
medallia.com
*.usps.medallia.com
*.digital-qa2.medallia.com
e2.shared.global.fastly.net
www.medallia.com
bp1054598.saagie.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
e2.shared.global.fastly.net
sales.medallia.com
medallia.com
*.md-apis.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
*.sbx.den.medallia.com
e2.shared.global.fastly.net
ocem-assessment-b2b.medallia.com
g2.shared.global.fastly.net
*.digital-cloud-syd1.medallia.com
*.digital-cloud-bofa.medallia.com
e2.shared.global.fastly.net
*.crowdicity-us1.medallia.com
*.sbx.sc4.medallia.com
*.eng.medallia.com
radius.medallia.com
e2.shared.global.fastly.net
*.iad1.medallia.com
bunnings-surveyauth-qa.customapps.medallia.com
blog.medallia.com
cvs-surveyauth-qa.customapps.medallia.com
bankofamerica.medallia.com
e2.shared.global.fastly.net
e2.shared.global.fastly.net
statuspage.io
statuspage.io
g2.shared.global.fastly.net
medallia.com
*.appsol.medallia.com
*.aws-stg.medallia.com
metrics.medallia.com
bp1054598.saagie.com
statuspage.io
*.apis.crt-qa1.den.medallia.com
zulu.tau.medallia.com
g2.shared.global.fastly.net
product-descriptions.medallia.com
cs-sm.medallia.com
*.sbx.fedw1.medallia.com
*.jed1.medallia.com
*.jed1.medallia.com
bp1054598.saagie.com
go.medallia.com
dns-vetting1c.map.fastly.net
dns-vetting1c.map.fastly.net
eola-test-survey.medallia.com
medallia.com
g2.shared.global.fastly.net
*.aws-lhr1.medallia.com
*.monkeylearn-1.sea1.medallia.com
*.eng.medallia.com
*.digital-cloud-gov-stg.medallia.com
*.apis.eng.sin1.medallia.com
e2.shared.global.fastly.net
1e291ab3status.snowflake.com
walmart-surveyauth-prod.customapps.medallia.com
*.digital-cloud-gov.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
*.agileresearch.medallia.com
*.fra2.medallia.com
*.sbx.voice.medallia.com
sea1.cdn.survey.medallia.com
g2.shared.global.fastly.net
e2.shared.global.fastly.net
g2.shared.global.fastly.net
api.medallia.com
*.hnd1.medallia.com
*.stella-legacy-devops.medallia.com
sales.medallia.com
dns-vetting1c.map.fastly.net
medallia.com
ix1.gc.medallia.com
medallia.com
*.sbx.ibm.medallia.com
*.stella-legacy-devops.medallia.com
1e291ab3status.snowflake.com
*.aws-pdx1.medallia.com
zenith-cb.ad.medallia.com

Certificate

The complete raw certificate details for blog.medallia.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgISBGp3oTI28e175uLS4h9h1oEsMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzAxMTYxNzEwMjdaFw0yMzA0MTYxNzEwMjZaMBwxGjAYBgNVBAMT
EWJsb2cubWVkYWxsaWEuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtt9X
yOSmZBoysDrzniE/H7FuyK25fSun4XPMcoMctZI+c1Cr8D0jShgDDi2wN1lkGu+S
JL0IBZqi4DCM1WhVXaOCAsMwggK/MA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUF37u
dWfgWC9N/SpSJkmDBJdNdpkwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsU
wsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5j
ci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgZIGA1Ud
EQSBijCBh4IRYmxvZy5tZWRhbGxpYS5jb22CFmNvbW11bml0eS5tZWRhbGxpYS5j
b22CFmluc3RpdHV0ZS5tZWRhbGxpYS5jb22CDm1lZGFsbGlhLmNvLnVrggxtZWRh
bGxpYS5jb22CEnd3dy5tZWRhbGxpYS5jby51a4IQd3d3Lm1lZGFsbGlhLmNvbTBM
BgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIB
FhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUE
gfIA8AB1ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4dCYEl7bSZAAABhbvGhP8A
AAQDAEYwRAIgH/IAx/XivugsS8SCtG8vBkB172e+7czwRFm0Bjc7pIACIFoWYqRl
oY4Ys2ZP0kSXRfR/L9M45xb2ifgxDQMAOFQ5AHcAejKMVNi3LbYg6jjgUh7phBZw
MhOFTTvSK8E6V6NS61IAAAGFu8aFCgAABAMASDBGAiEA8a5lxCc/JD5Gw4C9NWWy
2L0kkRQRMlxG/lDv+7lNSwsCIQDRdkrNVYCEikf8FSVdZ/OiGI9r//TZJWGq7Eg3
GmDC7zANBgkqhkiG9w0BAQsFAAOCAQEAgWx3WIjAhJ61qR7jIs+2zPhk/bXkQ1bb
93Q9GP4S/swikrYDmSd5lchq2/QuxADVLAx1N1D65kncRYRGvOtGtfG1IPDuZJfQ
33S+3yeyPly8CzzLNbCdg8zlT5jurCkYTnmueypzN2wwZa2gxbEww4NJZZ8OPUwe
hXi1/wuaPob6jHXVK+Bj0DSh17reBz1CJ7UI0oMG9ZCe1T+usGDYOdhdOoCct/hV
Zg6a+j+lDxH5VZT9NsQCPz0yU8pNaH+iCLypwrsZIGoOkPdbEmp3HOZITxZyo6yG
L/qPW7ZyNgDDjVme7wTh1JrQ+TtSiPsQRKocm7WNEuE3mWxN3Kd+Tg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtt9XyOSmZBoysDrzniE/H7FuyK25
fSun4XPMcoMctZI+c1Cr8D0jShgDDi2wN1lkGu+SJL0IBZqi4DCM1WhVXQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 384678089730426766755987214008613112021292
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-16 17:10:27 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-04-16 17:10:26 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blog.medallia.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.3.1.7 (prime256v1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (520 bits)
				0004b6df57c8e4a6641a32b03af39e213f1fb16ec8adb97d2ba7e173cc72831cb5923e7350abf03d234a18030e2db03759641aef9224bd08059aa2e0308cd568555d
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							177eee7567e0582f4dfd2a5226498304974d7699
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (138 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.medallia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'community.medallia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'institute.medallia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medallia.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medallia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.medallia.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.medallia.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb49900000185bbc684ff000004030046304402201ff200c7f5e2bee82c4bc482b46f2f064075ef67beedccf04459b406373ba48002205a1662a465a18e18b3664fd2449745f47f2fd338e716f689f8310d03003854390077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb5200000185bbc6850a0000040300483046022100f1ae65c4273f243e46c380bd3565b2d8bd24911411325c46fe50effbb94d4b0b022100d1764acd5580848a47fc15255d67f3a2188f6bfff4d92561aaec48371a60c2ef
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00816c775888c0849eb5a91ee322cfb6ccf864fdb5e44356dbf7743d18fe12fecc2292b60399277995c86adbf42ec400d52c0c753750fae649dc458446bceb46b5f1b520f0ee6497d0df74bedf27b23e5cbc0b3ccb35b09d83cce54f98eeac29184e79ae7b2a73376c3065ada0c5b130c38349659f0e3d4c1e8578b5ff0b9a3e86fa8c75d52be063d034a1d7bade073d4227b508d28306f5909ed53faeb060d839d85d3a809cb7f855660e9afa3fa50f11f95594fd36c4023f3d3253ca4d687fa208bca9c2bb19206a0e90f75b126a771ce6484f1672a3ac862ffa8f5bb6723600c38d599eef04e1d49ad0f93b5288fb1044aa1c9bb58d12e137996c4ddca77e4e