2.magicshop.nl

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:6c:64:aa:b4:91:70:f6:1a:2b:83:e3:52:85:b8:3f:2f:a7 was issued on by Let's Encrypt.

With 100 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=2.magicshop.nl

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:6c:64:aa:b4:91:70:f6:1a:2b:83:e3:52:85:b8:3f:2f:a7
Serial Number (int): 298221162575143308564208250188829456019367
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 11:fc:56:3b:a1:26:4c:1d:7f:ea:1b:ef:f9:9c:e7:cd:71:8d:b4:1e
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): eb:5e:76:d9:7c:4c:eb:ce:de:9a:5a:4a:ce:0d:18:88:52:56:e5:7f
Fingerprint (sha256): 05:d8:a5:67:10:d9:c5:46:76:13:ac:ab:58:3f:c1:09:0b:6e:63:33:0c:4a:64:19:de:fd:8e:05:25:8e:45:21

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate 2.magicshop.nl

100

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for 2.magicshop.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

2.magicshop.nl
access.magicshop.nl
admin.magicshop.nl
alpha.magicshop.nl
api.magicshop.nl
app.magicshop.nl
apps.magicshop.nl
autoconfig.magicshop.nl
b.magicshop.nl
beta.magicshop.nl
blog.magicshop.nl
blogs.magicshop.nl
bookmarks.magicshop.nl
clients.magicshop.nl
code.magicshop.nl
console.magicshop.nl
corp.magicshop.nl
corporate.magicshop.nl
demo.magicshop.nl
docs.magicshop.nl
events.magicshop.nl
f.magicshop.nl
feeds.magicshop.nl
files.magicshop.nl
forums.magicshop.nl
ftp.magicshop.nl
gamma.magicshop.nl
gitlab.magicshop.nl
go.magicshop.nl
groups.magicshop.nl
help.magicshop.nl
home.magicshop.nl
homepage.magicshop.nl
images.magicshop.nl
imap.magicshop.nl
img.magicshop.nl
info.magicshop.nl
internal.magicshop.nl
intra.magicshop.nl
kb.magicshop.nl
live.magicshop.nl
local.magicshop.nl
login.magicshop.nl
lyncdiscoverinternal.magicshop.nl
m.magicshop.nl
magicshop.nl
mail.magicshop.nl
media.magicshop.nl
members.magicshop.nl
mobile.magicshop.nl
mysql.magicshop.nl
newsletter.magicshop.nl
nulloutlook.magicshop.nl
office.magicshop.nl
online.magicshop.nl
order.magicshop.nl
outlook.magicshop.nl
photos.magicshop.nl
pic.magicshop.nl
pics.magicshop.nl
pictures.magicshop.nl
pop.magicshop.nl
pre.magicshop.nl
prelive.magicshop.nl
prerelease.magicshop.nl
release.magicshop.nl
resources.magicshop.nl
search.magicshop.nl
secure.magicshop.nl
server.magicshop.nl
service.magicshop.nl
services.magicshop.nl
shop.magicshop.nl
sites.magicshop.nl
smtp.magicshop.nl
spool.magicshop.nl
ssl.magicshop.nl
sslvpn.magicshop.nl
staging.magicshop.nl
stats.magicshop.nl
store.magicshop.nl
svn.magicshop.nl
unbounce.magicshop.nl
user.magicshop.nl
videos.magicshop.nl
vpn.magicshop.nl
web.magicshop.nl
webdisk.magicshop.nl
webmail.magicshop.nl
wiki.magicshop.nl
www-staging.magicshop.nl
www.access.magicshop.nl
www.clients.magicshop.nl
www.lyncdiscoverinternal.magicshop.nl
www.office.magicshop.nl
www.outlook.magicshop.nl
www.secure.magicshop.nl
www.service.magicshop.nl
www.services.magicshop.nl
www.sslvpn.magicshop.nl

Other certificates including the domain name magicshop.nl

(limited to 100 certificates)
magicshop.nl
access.magicshop.nl
blog.magicshop.nl
magicshop.nl
magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
2.magicshop.nl
magicshop.nl
2.magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
2.magicshop.nl
magicshop.nl
magicshop.nl
2.magicshop.nl
blog.magicshop.nl
magicshop.nl
2.magicshop.nl
magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
access.magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
2.magicshop.nl
2.magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
www.magicshop.nl
blog.magicshop.nl
magicshop.nl
magicshop.nl
magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
access.magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
magicshop.nl
magicshop.nl
2.magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
magicshop.nl
magicshop.nl
access.magicshop.nl
magicshop.nl
magicshop.nl
blog.magicshop.nl
access.magicshop.nl
magicshop.nl
magicshop.nl
access.magicshop.nl
magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
access.magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
magicshop.nl
magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
blog.magicshop.nl
2.magicshop.nl
blog.magicshop.nl
access.magicshop.nl
access.magicshop.nl
access.magicshop.nl
www.magicshop.nl
access.magicshop.nl

Certificate

The complete raw certificate details for 2.magicshop.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIOMTCCDRmgAwIBAgISA2xkqrSRcPYaK4PjUoW4Py+nMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA1MDExODQwMjlaFw0x
ODA3MzAxODQwMjlaMBkxFzAVBgNVBAMTDjIubWFnaWNzaG9wLm5sMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutS+nzncp4ZRuDxNlUfXsKfvlbBMpIZ7
Z9rubl2hyAUdOCgr7Y/bCusU3Nilyc0oHXQiKWb8/yZ1sQ4232DEA4vXwYTg9NZa
7N7BoBgEt+F7qRx55ax4MXrJBcTcRwBXa468yq7BXMJziN+QA0kvU7oXRfrePOO9
QX9Iyl6G9BBWwwPjpKHwgoveL4HGzhzeQqqmdSa+xjrd3jwh7JfhK+4zx+Bj6MDJ
ONZm+EvN/wJbmPzRGel/T3ymMlnD9wd6P1mveHOMlsksf37/tlB8L3s9XLIazrMG
qlltoj2RAyXgjEALlbKK5JUihlMbfRHvs/LIVTKGFdDmL18Q2dOEtwIDAQABo4IL
QDCCCzwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQR/FY7oSZMHX/qG+/5nOfNcY20
HjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEFBQcBAQRj
MGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5v
cmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5v
cmcvMIIIQQYDVR0RBIIIODCCCDSCDjIubWFnaWNzaG9wLm5sghNhY2Nlc3MubWFn
aWNzaG9wLm5sghJhZG1pbi5tYWdpY3Nob3AubmyCEmFscGhhLm1hZ2ljc2hvcC5u
bIIQYXBpLm1hZ2ljc2hvcC5ubIIQYXBwLm1hZ2ljc2hvcC5ubIIRYXBwcy5tYWdp
Y3Nob3AubmyCF2F1dG9jb25maWcubWFnaWNzaG9wLm5sgg5iLm1hZ2ljc2hvcC5u
bIIRYmV0YS5tYWdpY3Nob3AubmyCEWJsb2cubWFnaWNzaG9wLm5sghJibG9ncy5t
YWdpY3Nob3AubmyCFmJvb2ttYXJrcy5tYWdpY3Nob3AubmyCFGNsaWVudHMubWFn
aWNzaG9wLm5sghFjb2RlLm1hZ2ljc2hvcC5ubIIUY29uc29sZS5tYWdpY3Nob3Au
bmyCEWNvcnAubWFnaWNzaG9wLm5sghZjb3Jwb3JhdGUubWFnaWNzaG9wLm5sghFk
ZW1vLm1hZ2ljc2hvcC5ubIIRZG9jcy5tYWdpY3Nob3AubmyCE2V2ZW50cy5tYWdp
Y3Nob3AubmyCDmYubWFnaWNzaG9wLm5sghJmZWVkcy5tYWdpY3Nob3AubmyCEmZp
bGVzLm1hZ2ljc2hvcC5ubIITZm9ydW1zLm1hZ2ljc2hvcC5ubIIQZnRwLm1hZ2lj
c2hvcC5ubIISZ2FtbWEubWFnaWNzaG9wLm5sghNnaXRsYWIubWFnaWNzaG9wLm5s
gg9nby5tYWdpY3Nob3AubmyCE2dyb3Vwcy5tYWdpY3Nob3AubmyCEWhlbHAubWFn
aWNzaG9wLm5sghFob21lLm1hZ2ljc2hvcC5ubIIVaG9tZXBhZ2UubWFnaWNzaG9w
Lm5sghNpbWFnZXMubWFnaWNzaG9wLm5sghFpbWFwLm1hZ2ljc2hvcC5ubIIQaW1n
Lm1hZ2ljc2hvcC5ubIIRaW5mby5tYWdpY3Nob3AubmyCFWludGVybmFsLm1hZ2lj
c2hvcC5ubIISaW50cmEubWFnaWNzaG9wLm5sgg9rYi5tYWdpY3Nob3AubmyCEWxp
dmUubWFnaWNzaG9wLm5sghJsb2NhbC5tYWdpY3Nob3AubmyCEmxvZ2luLm1hZ2lj
c2hvcC5ubIIhbHluY2Rpc2NvdmVyaW50ZXJuYWwubWFnaWNzaG9wLm5sgg5tLm1h
Z2ljc2hvcC5ubIIMbWFnaWNzaG9wLm5sghFtYWlsLm1hZ2ljc2hvcC5ubIISbWVk
aWEubWFnaWNzaG9wLm5sghRtZW1iZXJzLm1hZ2ljc2hvcC5ubIITbW9iaWxlLm1h
Z2ljc2hvcC5ubIISbXlzcWwubWFnaWNzaG9wLm5sghduZXdzbGV0dGVyLm1hZ2lj
c2hvcC5ubIIYbnVsbG91dGxvb2subWFnaWNzaG9wLm5sghNvZmZpY2UubWFnaWNz
aG9wLm5sghNvbmxpbmUubWFnaWNzaG9wLm5sghJvcmRlci5tYWdpY3Nob3AubmyC
FG91dGxvb2subWFnaWNzaG9wLm5sghNwaG90b3MubWFnaWNzaG9wLm5sghBwaWMu
bWFnaWNzaG9wLm5sghFwaWNzLm1hZ2ljc2hvcC5ubIIVcGljdHVyZXMubWFnaWNz
aG9wLm5sghBwb3AubWFnaWNzaG9wLm5sghBwcmUubWFnaWNzaG9wLm5sghRwcmVs
aXZlLm1hZ2ljc2hvcC5ubIIXcHJlcmVsZWFzZS5tYWdpY3Nob3AubmyCFHJlbGVh
c2UubWFnaWNzaG9wLm5sghZyZXNvdXJjZXMubWFnaWNzaG9wLm5sghNzZWFyY2gu
bWFnaWNzaG9wLm5sghNzZWN1cmUubWFnaWNzaG9wLm5sghNzZXJ2ZXIubWFnaWNz
aG9wLm5sghRzZXJ2aWNlLm1hZ2ljc2hvcC5ubIIVc2VydmljZXMubWFnaWNzaG9w
Lm5sghFzaG9wLm1hZ2ljc2hvcC5ubIISc2l0ZXMubWFnaWNzaG9wLm5sghFzbXRw
Lm1hZ2ljc2hvcC5ubIISc3Bvb2wubWFnaWNzaG9wLm5sghBzc2wubWFnaWNzaG9w
Lm5sghNzc2x2cG4ubWFnaWNzaG9wLm5sghRzdGFnaW5nLm1hZ2ljc2hvcC5ubIIS
c3RhdHMubWFnaWNzaG9wLm5sghJzdG9yZS5tYWdpY3Nob3AubmyCEHN2bi5tYWdp
Y3Nob3AubmyCFXVuYm91bmNlLm1hZ2ljc2hvcC5ubIIRdXNlci5tYWdpY3Nob3Au
bmyCE3ZpZGVvcy5tYWdpY3Nob3AubmyCEHZwbi5tYWdpY3Nob3AubmyCEHdlYi5t
YWdpY3Nob3AubmyCFHdlYmRpc2subWFnaWNzaG9wLm5sghR3ZWJtYWlsLm1hZ2lj
c2hvcC5ubIIRd2lraS5tYWdpY3Nob3AubmyCGHd3dy1zdGFnaW5nLm1hZ2ljc2hv
cC5ubIIXd3d3LmFjY2Vzcy5tYWdpY3Nob3AubmyCGHd3dy5jbGllbnRzLm1hZ2lj
c2hvcC5ubIIld3d3Lmx5bmNkaXNjb3ZlcmludGVybmFsLm1hZ2ljc2hvcC5ubIIX
d3d3Lm9mZmljZS5tYWdpY3Nob3AubmyCGHd3dy5vdXRsb29rLm1hZ2ljc2hvcC5u
bIIXd3d3LnNlY3VyZS5tYWdpY3Nob3AubmyCGHd3dy5zZXJ2aWNlLm1hZ2ljc2hv
cC5ubIIZd3d3LnNlcnZpY2VzLm1hZ2ljc2hvcC5ubIIXd3d3LnNzbHZwbi5tYWdp
Y3Nob3Aubmwwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEB
MIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYI
KwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGll
ZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNl
IHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xl
dHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA
8AB2ANt0r+7LKeyx/so+cW0s5bmquzb3hHGDx12dTze2H79kAAABYx04d70AAAQD
AEcwRQIgT0ZDdkBe2z+bOds+VoTV+LR3PSrw9ES7WQpaf2n4u6YCIQCFf8464zgw
ZAClwZSjuWVM8gYxPcNGSVYEcxmGkM0GogB2ACk8UZZUyDlluqpQ/FgH1Ldvv1h6
KXLcpMMM9OVFR/R4AAABYx04d+EAAAQDAEcwRQIgM/o12yZG9yUqh40RQw+QFEJH
wkS7sMMe8ChdZMh7XJMCIQDP7Qpz4AWXiXZhc4nDq/zjF2S4+I9g2GERY7Z3eg4p
ATANBgkqhkiG9w0BAQsFAAOCAQEAaiROBcmj/doxwx7zXVAN6wL7o3Pohr71gSmK
RCulS6gBSqJLiN4dYUplIpe4laS4oC6sLihnU3TT94xEGhCgv5+7txlrkcN8YzLp
bGWZ6XahU8dh3mV1y0ElAE00r8Kd8FJn9osyXfn45XNpjTcCdyOGYJ7bFHcQbPKv
Nm/ysYqaqF7/9UR57FAM1f1v6GqZEWXCflDoXe42HChxi3FTZY9l+lrPT/ZENlqg
a394+eYSGeOtluDklGRXG6i2UlRKSGbbbmkr3Nn2qrV9aHDf8hZbkV1OcC9n5IUR
xQhq5PDvvE8g3PRoA+SO+M8m9rjBLB7v2iBpPD0L96XdoFeelA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutS+nzncp4ZRuDxNlUfX
sKfvlbBMpIZ7Z9rubl2hyAUdOCgr7Y/bCusU3Nilyc0oHXQiKWb8/yZ1sQ4232DE
A4vXwYTg9NZa7N7BoBgEt+F7qRx55ax4MXrJBcTcRwBXa468yq7BXMJziN+QA0kv
U7oXRfrePOO9QX9Iyl6G9BBWwwPjpKHwgoveL4HGzhzeQqqmdSa+xjrd3jwh7Jfh
K+4zx+Bj6MDJONZm+EvN/wJbmPzRGel/T3ymMlnD9wd6P1mveHOMlsksf37/tlB8
L3s9XLIazrMGqlltoj2RAyXgjEALlbKK5JUihlMbfRHvs/LIVTKGFdDmL18Q2dOE
twIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 298221162575143308564208250188829456019367
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-01 18:40:29 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-30 18:40:29 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2.magicshop.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23585233004362256041183008941645960979200390924081858171736026747044206739095246832336916443985064590396100677116392868822449655238752314140835503999123272957796390572700749240772834627519808803637961215322176819121671528704867532024605556905238800422688197136953759779587830934609025284497695334814780343497181732198403220709348090737941659794866606511234866983361472368045211542024175471332913455358636705789844278741585411144913050437693240737200863143227465695932389565651958725134996320368468201262387675049156318951661649097409257035856403246190848830140435060078909709511582818258992305865355258463650820883639
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							11fc563ba1264c1d7fea1beff99ce7cd718db41e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '2.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'access.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'admin.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alpha.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'app.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autoconfig.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beta.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blogs.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bookmarks.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'clients.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'code.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'console.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corp.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corporate.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'docs.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'events.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'f.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'feeds.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'files.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'forums.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ftp.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gamma.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gitlab.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'go.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'groups.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'help.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'home.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homepage.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'images.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'imap.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'img.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'info.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'internal.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intra.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kb.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'live.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'local.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'login.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lyncdiscoverinternal.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'media.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'members.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mobile.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mysql.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'newsletter.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nulloutlook.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'office.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'order.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'outlook.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pic.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pics.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pictures.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pop.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pre.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prelive.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'prerelease.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'release.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resources.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'search.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'server.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'service.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'services.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'shop.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sites.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smtp.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'spool.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssl.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sslvpn.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stats.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'store.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'svn.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'unbounce.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'user.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'videos.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpn.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'web.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-staging.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.access.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.clients.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.lyncdiscoverinternal.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.office.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.outlook.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.secure.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.service.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.services.magicshop.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sslvpn.magicshop.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf64000001631d3877bd000004030047304502204f464376405edb3f9b39db3e5684d5f8b4773d2af0f444bb590a5a7f69f8bba6022100857fce3ae338306400a5c194a3b9654cf206313dc34649560473198690cd06a2007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f478000001631d3877e10000040300473045022033fa35db2646f7252a878d11430f90144247c244bbb0c31ef0285d64c87b5c93022100cfed0a73e005978976617389c3abfce31764b8f88f60d8611163b6777a0e2901
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006a244e05c9a3fdda31c31ef35d500deb02fba373e886bef581298a442ba54ba8014aa24b88de1d614a652297b895a4b8a02eac2e28675374d3f78c441a10a0bf9fbbb7196b91c37c6332e96c6599e976a153c761de6575cb4125004d34afc29df05267f68b325df9f8e573698d3702772386609edb1477106cf2af366ff2b18a9aa85efff54479ec500cd5fd6fe86a991165c27e50e85dee361c28718b7153658f65fa5acf4ff644365aa06b7f78f9e61219e3ad96e0e49464571ba8b652544a4866db6e692bdcd9f6aab57d6870dff2165b915d4e702f67e48511c5086ae4f0efbc4f20dcf46803e48ef8cf26f6b8c12c1eefda20693c3d0bf7a5dda0579e94