donations.blackthorn.io

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 04:ed:3f:45:84:b5:6f:67:4a:0c:94:f6:4f:ee:4f:26 was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=donations.blackthorn.io

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:ed:3f:45:84:b5:6f:67:4a:0c:94:f6:4f:ee:4f:26
Serial Number (int): 6548769638232024136850797021656665894
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b9:8a:7e:23:ec:bd:46:db:0c:5a:74:72:50:ed:d8:c4:e6:5d:b6:80
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 71:5f:6f:82:2d:33:fc:28:c7:51:23:69:09:62:9e:0f:ca:30:70:c2
Fingerprint (sha256): 05:d4:4c:3b:06:ea:0c:9f:52:d8:ec:5b:e3:2d:82:a0:ea:23:c3:b9:ca:b8:29:bb:d7:a7:45:22:ee:96:71:ce

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate donations.blackthorn.io

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for donations.blackthorn.io

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

donations.blackthorn.io

Other certificates including the domain name blackthorn.io

(limited to 100 certificates)
tracking.duckvideo.co
ssl955405.cloudflaressl.com
agency.ibex.co
s2-sni.cloudinary.com
auth.blackthorn.io
agency.ibex.co
agency.ibex.co
roadmap.blackthorn.io
sfdc-static-proxy.blackthorn.io
db.blackthorn.io
agency.ibex.co
agency.ibex.co
donations.blackthorn.io
iab-events.blackthorn.io
s2-cloudinary-pin-sni.map.fastly.net
sfdc-static-proxy.blackthorn.io
cheetah.apstra.com
discover.newswire.com
prod.14.slot.cdn.salesforce-communities.com
blackthorn.io
events.blackthorn.io
cloudinary-sni.map.fastly.net
s2-sni.cloudinary.com
docs.blackthorn.io
cloudinary-sni.map.fastly.net
paylink.blackthorn.io
cloudinary-sni.map.fastly.net
s.bbot.menu
s2-sni.cloudinary.com
s2-cloudinary-pin-sni.map.fastly.net
qatest.blackthorn.io
documentlink.blackthorn.io
s2-sni.cloudinary.com
events.blackthorn.io
tls.automattic.com
sfdc-static.blackthorn.io
cloudinary-sni.map.fastly.net
s2-sni.cloudinary.com
donations.blackthorn.io
docs.blackthorn.io
agency.ibex.co
blackthorn.io
s2-sni.cloudinary.com
paylink.blackthorn.io
s2-sni.cloudinary.com
www.blackthorn.io
cloudinary-sni.map.fastly.net
sales.blueriveranalytics.com
cloudinary-sni.map.fastly.net
iab-events.blackthorn.io
agency.ibex.co
info.blackthorn.io
docs.blackthorn.io
events.blackthorn.io
s2-cloudinary-pin-sni.map.fastly.net
mobilepayments.blackthorn.io
donations.blackthorn.io
production.donations.blackthorn.io
sfdc-static.blackthorn.io
docs.blackthorn.io
paylink.blackthorn.io
staging.payments-tokenizer.blackthorn.io
info.blackthorn.io
sales.decent.com
payments-auth.blackthorn.io
s2-cloudinary-pin-sni.map.fastly.net
sales.xcelservicesgroup.net
s2-sni.cloudinary.com
tls.automattic.com
blackthorn.io
agency.ibex.co
s2-sni.cloudinary.com
s2-sni.cloudinary.com
s2-sni.cloudinary.com
blackthorn.io
sni.cloudflaressl.com
cheer.givecheerbox.com
events.blackthorn.io
info.blackthorn.io
s2-sni.cloudinary.com
cloudinary-sni.map.fastly.net
s2-sni.cloudinary.com
events.blackthorn.io
events.marshall.usc.edu
prod.14.slot.cdn.salesforce-communities.com
agency.ibex.co
sales.nuodb.com
s2-sni.cloudinary.com
tls.automattic.com
cloudinary-sni.map.fastly.net
tracking.duckvideo.co
cloudinary-sni.map.fastly.net
prod.14.slot.cdn.salesforce-communities.com
docs.blackthorn.io
s2-sni.cloudinary.com
cloudinary-sni.map.fastly.net
cheer.givecheerbox.com
s2-cloudinary-pin-sni.map.fastly.net
s2-sni.cloudinary.com
prod.14.slot.cdn.salesforce-communities.com

Certificate

The complete raw certificate details for donations.blackthorn.io in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEbTCCA1WgAwIBAgIQBO0/RYS1b2dKDJT2T+5PJjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIwNDAwMDAwMFoXDTI1MDEwMTIzNTk1OVowIjEg
MB4GA1UEAxMXZG9uYXRpb25zLmJsYWNrdGhvcm4uaW8wggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDsoLB0cUoSU0WQLe+0mBFj1uLnUga+m6/gz1T5wTuK
TBJvKW50lN+S2ZpK9UyFn5pI2ptoQsRmjIu8iFn1OvmI5i2jlzMUzkqh+fbo9pwj
TSQstWsBRDXgsIOEToWugZGS8MtxETAdNRui8053GC2FUDuMIiZgA0IT3vO83Zzn
Gep1spmDzhg6Ih7SSAM5ZE6xNit6Ku2EJzYx3OsVQpUHXmyazay5HykILjzPfCTZ
uk3gpZUs1QAP5bEXkfhuYXz1oC5d0RpoOqX9iFbUgWo9Emmoei4SSGi0covywc3N
/Q9oKrNfpBvwDnpom9TFkyaVRnGwbJrQhR52JerZu8K3AgMBAAGjggGDMIIBfzAf
BgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUuYp+I+y9
RtsMWnRyUO3YxOZdtoAwIgYDVR0RBBswGYIXZG9uYXRpb25zLmJsYWNrdGhvcm4u
aW8wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v
Y3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEE
aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5j
b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29t
L3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0G
CSqGSIb3DQEBCwUAA4IBAQCa9AxZg5CmD8piptB8wZQO12xIx1iNOk4ATqkssr4L
C4NIr15NAwlaQRXPgengs0wPCHHfioRpNMQgjm57DDGgPf2B0yK1aKeoz0Dy/mMe
Ao4dL8LOg27nU+iIe9L1ZsCNZCjViTB+IihkseLtgh3LgWqjf3RnxEBrug4Gs3yR
TpVvJ1dPqhFcvUZ45jU+E61CBNEyMn3A5dn9/w3biAlwiQhwk/Jn3rUqE/SBLCGv
u3Ks7s66DV2NSuGDY8FZHDe4aqbEZaK4vb45FQfkcGW1PQPch2j1W+qDR0JnnoBE
aTZHW8zP9f6RhxYM00dIG/KWD+X92E2OnBbwRPsQFlif
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KCwdHFKElNFkC3vtJgR
Y9bi51IGvpuv4M9U+cE7ikwSbyludJTfktmaSvVMhZ+aSNqbaELEZoyLvIhZ9Tr5
iOYto5czFM5Kofn26PacI00kLLVrAUQ14LCDhE6FroGRkvDLcREwHTUbovNOdxgt
hVA7jCImYANCE97zvN2c5xnqdbKZg84YOiIe0kgDOWROsTYreirthCc2MdzrFUKV
B15sms2suR8pCC48z3wk2bpN4KWVLNUAD+WxF5H4bmF89aAuXdEaaDql/YhW1IFq
PRJpqHouEkhotHKL8sHNzf0PaCqzX6Qb8A56aJvUxZMmlUZxsGya0IUediXq2bvC
twIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6548769638232024136850797021656665894
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-04 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'donations.blackthorn.io'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29871478807638006898816294210461665985127520592793593039835243599757898937939154266933604944959750233731364655194535572411098297315742756135744244633504293242341725253274564156137086068031611528547388087268115535217018845390184620623583207282766014076778306396419542299958161667573907591305085305676509997357024144121964352548985030381793131151864916190120086478897680882610931160424996637587301504760197521760582855802477164392014828977743465194630536061136002262492782893980173646896640976972267602914769420443858634285651389995391416677762853037854548992870237375496285906882122688410327080215734795156818184880823
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b98a7e23ecbd46db0c5a747250edd8c4e65db680
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (27 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'donations.blackthorn.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009af40c598390a60fca62a6d07cc1940ed76c48c7588d3a4e004ea92cb2be0b0b8348af5e4d03095a4115cf81e9e0b34c0f0871df8a846934c4208e6e7b0c31a03dfd81d322b568a7a8cf40f2fe631e028e1d2fc2ce836ee753e8887bd2f566c08d6428d589307e222864b1e2ed821dcb816aa37f7467c4406bba0e06b37c914e956f27574faa115cbd4678e6353e13ad4204d132327dc0e5d9fdff0ddb88097089087093f267deb52a13f4812c21afbb72aceeceba0d5d8d4ae18363c1591c37b86aa6c465a2b8bdbe391507e47065b53d03dc8768f55bea834742679e80446936475bcccff5fe9187160cd347481bf2960fe5fdd84d8e9c16f044fb1016589f