oaa-adc.education.ky.gov

Issued by R3

About this certificate

This digital certificate with serial number 03:15:25:d6:48:bf:d6:46:7c:00:33:e6:cd:e9:3b:bd:e9:c3 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=oaa-adc.education.ky.gov

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:15:25:d6:48:bf:d6:46:7c:00:33:e6:cd:e9:3b:bd:e9:c3
Serial Number (int): 268533081563524601518643595303206462024131
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 4d:95:79:29:94:5f:79:78:5b:c4:53:bb:2b:76:c8:5f:68:1b:41:43
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 32:f7:d0:15:4a:6e:53:0e:f0:1e:ef:b4:63:7c:ec:30:0a:29:38:34
Fingerprint (sha256): 00:9d:99:44:b3:ea:22:7a:a6:5b:3a:e1:39:38:e2:99:87:17:13:8b:95:d2:fc:f8:07:8b:b3:3b:b5:65:96:34

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate oaa-adc.education.ky.gov

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for oaa-adc.education.ky.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

oaa-adc.education.ky.gov

Other certificates including the domain name ky.gov

(limited to 100 certificates)
uat2.citizenconnect.ky.gov
justware.dpa.ky.gov
lessonbank.kyae.ky.gov
test.Kppps.kpeds.ky.gov
safeschools.ky.gov
mycgt.ky.gov
focusassisttest.ky.gov
FMWebWorks.ky.gov
staging.988.ky.gov
notify.education.ky.gov
oaa-adc.education.ky.gov
teds.ky.gov
cot1vp-apsx001.eas.ds.ky.gov
entrustapitest4.ky.gov
kspportal.ky.gov
trn3.kyplans.ky.gov
dfiweb.ky.gov
Kyeasxlyncpool01.eas.ds.ky.gov
refund.ky.gov
stu1.kyplans.ky.gov
brandenburg.ky.gov
cloud.chfsmail.ky.gov
cemcsapp.ky.gov
search.jeffersondeeds.com
vdi.ky.gov
impact.ky.gov
tls.automattic.com
trn2.kyplans.ky.gov
dev.pmis.ky.gov
test.precon.business.kytc.ky.gov
letrs.ky.gov
dev.kog.externalsync.ky.gov
lessonbank.kyae.ky.gov
muat.trs.ky.gov
portal.chfs.ky.gov
KYCHFSPCH01.KY.GOV
hbc.ky.gov
test.epayments.dor.ky.gov
cgt.ky.gov
kentuckyasm.kytc.ky.gov
www.ekos.ky.gov
safesleepky.com
ThinkKentucky.ky.gov
sso.mykentuckycareercenter.ky.gov
search.jeffersondeeds.com
uat4.kyagent.ky.gov
COT1VP-WS002.eas.ds.ky.gov
jeffersonpva.ky.gov
kyprdesxsctax1.eas.ds.ky.gov
test.justware.dpa.ky.gov
sso.uat.kog.ky.gov
uat2.kyagent.ky.gov
Abcdev.ky.gov
elsweb.kyboels.ky.gov
vdi.ky.gov
api.uat.dwc.ky.gov
intranet.education.ky.gov
mysite.ky.gov
hands.chfs.ky.gov
stlp.education.ky.gov
*.ky.gov
partnership.jcurve.xyz
trn4.kywaiver.chfsinet.ky.gov
*.kyret.ky.gov
kares.ky.gov
sp13cspnp.chfs.ky.gov
staging.nedssphinms.chfs.ky.gov
test.kaers.ky.gov
trn1.kyagent.ky.gov
onestop.portal.ky.gov
kohs.ky.gov
uat4.kyshop.ky.gov
perf.issuerportal.kynect.ky.gov
stu2.kyagent.ky.gov
cdcb2.ky.gov
trn4.kyplans.ky.gov
5702143428263936-fe2.pantheonsite.io
opsupport.education.ky.gov
training.ehands.chfs.ky.gov
sut-sst.ky.gov
impact.ky.gov
uat.webapps.chfs.ky.gov
media.education.ky.gov
epg.ky.gov
prdweb.chfs.ky.gov
uat.naicwebsrvgw.chfs.ky.gov
opengisdata.ky.gov
uat2.kyplans.ky.gov
PROD.KOG.SalesforceSSP.ky.gov
kchild.chfs.ky.gov
uat2.benefind.ky.gov
uat1.kyshop.ky.gov
uat3.kyshopping.ky.gov
epg.ky.gov
trn4.kyshop.ky.gov
perf.klocs.ky.gov
web1.ky.gov
kyfaces.ky.gov
kylmi.ky.gov
stu4.kywaiver.ky.gov

Certificate

The complete raw certificate details for oaa-adc.education.ky.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAxUl1ki/1kZ8ADPmzek7venDMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEwMTQxNjUxMzJaFw0yNDAxMTIxNjUxMzFaMCMxITAfBgNVBAMT
GG9hYS1hZGMuZWR1Y2F0aW9uLmt5LmdvdjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAIUdYDsyYOwk5t5fjqRVzBU4sFxtDWjjpH1E2S94z2zH7YovpfTk
wm5kWLDPdxoxo+GUcJBhuVQAjit/5NfoTBKctvE7N5cqFpUivGO+yTTxpaOgCB4l
xZ97gI8a0ap7a/S8+j8q14MAZSUWlhvN/VaieAd/67waOQ9ax8D+URjKQR2myYTd
Mx0K8YCo5Oa0qslQYgjVGBPP0ot306PVZ9qjrU5IDF48LjtorSHsafze9lHsNVxP
3oQz2r8rrCyMzY65glTanES5T7Qb7K995pUL/jgSPuQnedx695s3dsRbGU7qO8dI
+wAM8FlD6dPzCVTSuMjpgz6B3bNfSTjoKxMCAwEAAaOCAhswggIXMA4GA1UdDwEB
/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQUTZV5KZRfeXhbxFO7K3bIX2gbQUMwHwYDVR0jBBgwFoAU
FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB
hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p
LmxlbmNyLm9yZy8wIwYDVR0RBBwwGoIYb2FhLWFkYy5lZHVjYXRpb24ua3kuZ292
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA
O1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H61BcAAAGLL1CXfwAABAMASDBG
AiEA5NGvNpMljiSkuYjCUEbcCvYw5lrJa8clfDRrRXpWVfcCIQD+bRc2iv32U32E
qGSl6W7TNLNiiZhmvk827CZqvhHyXwB2ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSF
NL2kPTBI1/urAAABiy9Ql7sAAAQDAEcwRQIhAO6+eTrNjy8tWBfQIvhvtHTHG65s
2wfDV7EpH0UJ2s23AiBDZ8eZlDqWgWlxQSq/oAK+VYBnr3IZLbXUd8pmZCLr7TAN
BgkqhkiG9w0BAQsFAAOCAQEAIeERpINtEdRMN30ZmAa920chgEsetJBkk796s7yu
51z9c+xKCn2QY+o08/wyAmpOF4JkAz6iMwjPCRTze47W+tLfhpfoKPUpdKsN+zfZ
ZCXhD7rPe0gf2DicXIFHnd9G+Y2TpONntRXTBHn5T5DPHOw6U2FEuyGnlS5KKMmx
orNWvzefmsdaN6bZXZknwxxJlaUKB35P3wehg7TKRlrn0vjSCrGjWqOvcLNOiOKM
Xl8ogs8R9X8XYYR4jfmzHMVJtFKyzl9L21FFj9eCPRIoI/Ka0tB8XV2yGU4w5q1Z
QJjFWQMhqlg3WAcXS2/P2wHhds2vRbhe1FE55YTwfPMPew==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR1gOzJg7CTm3l+OpFXM
FTiwXG0NaOOkfUTZL3jPbMftii+l9OTCbmRYsM93GjGj4ZRwkGG5VACOK3/k1+hM
Epy28Ts3lyoWlSK8Y77JNPGlo6AIHiXFn3uAjxrRqntr9Lz6PyrXgwBlJRaWG839
VqJ4B3/rvBo5D1rHwP5RGMpBHabJhN0zHQrxgKjk5rSqyVBiCNUYE8/Si3fTo9Vn
2qOtTkgMXjwuO2itIexp/N72Uew1XE/ehDPavyusLIzNjrmCVNqcRLlPtBvsr33m
lQv+OBI+5Cd53Hr3mzd2xFsZTuo7x0j7AAzwWUPp0/MJVNK4yOmDPoHds19JOOgr
EwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 268533081563524601518643595303206462024131
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-14 16:51:32 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-12 16:51:31 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'oaa-adc.education.ky.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16804180358281978615923022668297494392256185303649321746303948452236919641179279223223138920111311008835689357593002583189267185171440058322015761831378021074555806952357564426870423373267006232265557507063742727404719378417692313031595075747792457901815762552465500322040518340751016188140924405517908763665542462021969591372352641756968057738750601940836703073067135332017315403740800066152062143908541789886184933239145192314718505763231832094530788217727956102781222961587853480345299780531469130591045442583907038665569358252869954427769846500408397288320409339097043242896171286148753557908480943706599726787347
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4d957929945f79785bc453bb2b76c85f681b4143
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oaa-adc.education.ky.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b2f50977f0000040300483046022100e4d1af3693258e24a4b988c25046dc0af630e65ac96bc7257c346b457a5655f7022100fe6d17368afdf6537d84a864a5e96ed334b362899866be4f36ec266abe11f25f007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b2f5097bb0000040300473045022100eebe793acd8f2f2d5817d022f86fb474c71bae6cdb07c357b1291f4509dacdb702204367c799943a96816971412abfa002be558067af72192db5d477ca666422ebed
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0021e111a4836d11d44c377d199806bddb4721804b1eb4906493bf7ab3bcaee75cfd73ec4a0a7d9063ea34f3fc32026a4e178264033ea23308cf0914f37b8ed6fad2df8697e828f52974ab0dfb37d96425e10fbacf7b481fd8389c5c81479ddf46f98d93a4e367b515d30479f94f90cf1cec3a536144bb21a7952e4a28c9b1a2b356bf379f9ac75a37a6d95d9927c31c4995a50a077e4fdf07a183b4ca465ae7d2f8d20ab1a35aa3af70b34e88e28c5e5f2882cf11f57f176184788df9b31cc549b452b2ce5f4bdb51458fd7823d122823f29ad2d07c5d5db2194e30e6ad594098c5590321aa58375807174b6fcfdb01e176cdaf45b85ed45139e584f07cf30f7b