canadaslandtrust.ca
Issued by R3
About this certificate
This digital certificate with serial number 04:e3:54:b8:b8:fc:b4:1b:6f:7d:52:94:ec:68:dd:de:46:e5 was issued on by Let's Encrypt.
With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=canadaslandtrust.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:e3:54:b8:b8:fc:b4:1b:6f:7d:52:94:ec:68:dd:de:46:e5Serial Number (int): 425805855304346525629050619337442766767845
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 35:38:22:b2:01:69:ca:be:cf:d1:48:c7:8a:9a:d6:96:fa:ef:d4:ce
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): d5:55:56:e5:99:31:f3:dd:79:48:2e:48:87:a9:5a:d3:fa:ae:c8:ee
Fingerprint (sha256): 06:01:af:29:b2:b4:7d:dc:98:6b:93:ac:07:e8:6a:da:1e:ff:ce:d9:1e:6f:16:0b:29:87:87:66:29:67:db:d7
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate canadaslandtrust.ca
11
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for canadaslandtrust.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
buyorleaseit.com
canadaslandtrust.ca
diskret-ohne-rezept.info
dotetx.com
gustofino.com.rentlittlecamper.com
mikelindellbook.org.speechlessdj.com.flagstickcams.com
peerlesswindows.com
revx2.com
tvp5.cz
www.abuse.epik.com
www.alpacacoats.com.dinardoforstaterep.org
canadaslandtrust.ca
diskret-ohne-rezept.info
dotetx.com
gustofino.com.rentlittlecamper.com
mikelindellbook.org.speechlessdj.com.flagstickcams.com
peerlesswindows.com
revx2.com
tvp5.cz
www.abuse.epik.com
www.alpacacoats.com.dinardoforstaterep.org
Other certificates including the domain name canadaslandtrust.ca
(limited to 100 certificates)
canadaslandtrust.ca
arbitrager.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
writeathon.com.handpiecerepair.co.canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
norwoodwaterworks.ca
canadaslandtrust.ca
hombresparahombres.com.canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
arbitrager.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
writeathon.com.handpiecerepair.co.canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
norwoodwaterworks.ca
canadaslandtrust.ca
hombresparahombres.com.canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
canadaslandtrust.ca
Certificate
The complete raw certificate details for canadaslandtrust.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgISBONUuLj8tBtvfVKU7Gjd3kblMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMjUyMzM4NTRaFw0yNDAzMjQyMzM4NTNaMB4xHDAaBgNVBAMT E2NhbmFkYXNsYW5kdHJ1c3QuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC/A4HQIoBMvFMMv23hOKeMmvgQELQgqWhXSvSf0kSdhZ1ExArUyOLG9yCQ 4xzH4KVinvt3SPIaG7JDkGvdr9rRiBVz8JVJqwHQiqefudG6btgzf7JDAKg9xnuN HZ1QexJOMQHqwuQ3Pzj9rz0KhYra6uRj4FwKKAWFbI24wB+jq3cKyChRa//Of5Qw wBi7tszdWLlnZgAyMe4KJQRqUUzQaPuCWa0d37ALPyvbA5wZJCFm4yVV5E9YYkDE Cqv4/CKKiBuNmPjhSahbw+ge6PmXqGCISZYPUPA8a++BVv54YL6/bbG4TavD3LbJ 47ldmB5vI0x6gO7rjGYeNmkCSaT3AgMBAAGjggMaMIIDFjAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAw HQYDVR0OBBYEFDU4IrIBacq+z9FIx4qa1pb679TOMB8GA1UdIwQYMBaAFBQusxe3 WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0 cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5j ci5vcmcvMIIBHwYDVR0RBIIBFjCCARKCEGJ1eW9ybGVhc2VpdC5jb22CE2NhbmFk YXNsYW5kdHJ1c3QuY2GCGGRpc2tyZXQtb2huZS1yZXplcHQuaW5mb4IKZG90ZXR4 LmNvbYIiZ3VzdG9maW5vLmNvbS5yZW50bGl0dGxlY2FtcGVyLmNvbYI2bWlrZWxp bmRlbGxib29rLm9yZy5zcGVlY2hsZXNzZGouY29tLmZsYWdzdGlja2NhbXMuY29t ghNwZWVybGVzc3dpbmRvd3MuY29tgglyZXZ4Mi5jb22CB3R2cDUuY3qCEnd3dy5h YnVzZS5lcGlrLmNvbYIqd3d3LmFscGFjYWNvYXRzLmNvbS5kaW5hcmRvZm9yc3Rh dGVyZXAub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBgYKKwYBBAHWeQIEAgSB 9wSB9ADyAHcASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGMo49q wgAABAMASDBGAiEA9N/v4SCxjCk7L2ybPEhq+xwaE2QK3HtXoPZUlQUMv8ICIQC0 9GQz6oyg1HRcq6VUwHbar054vGW4mUWnTzgzgYBoRAB3AHb/iD8KtvuVUcJhzPWH ujS0pM27KdxoQgqf5mdMWjp0AAABjKOPaxgAAAQDAEgwRgIhAK8LB4mdmRRhqsvT ZcQSgsEvSztjA443O/tAXtusj0UeAiEAnDOobKSVsVOUOpVyvZHPNA9ZBgaGl/y1 shcYbBcIMzkwDQYJKoZIhvcNAQELBQADggEBADulMsqRaD9hNcur+5kTGzn5W6c0 aaDzRZ7+RdtUzmB3pi3YfgRi/ncFT1sbz9ZnJ+yr5i0b/ptaifeCVYeimjOt/6Da DsW8icses4P18vXq2AFQtldVGFK+nXRkWZWapL5XSC5gyUhoBbpvnSyEMy3MCzQH faSd2zaPqvr3hQECosQD2u3lhtAOuOp9VtBTWthqOX2UNkR9rzklu82k1zg/zv9O DaKa3WpGSSO3dUgNgFe+4Xm+iy4qkGPctHb4YyygzZybxzNiOqQyRM95KNxO+DIw swls/jJ7tXD70N8jNkVPJyv24EFyxQ0v2uz35HyA3TAwGOUz5W9rDDTOT/E= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwOB0CKATLxTDL9t4Tin jJr4EBC0IKloV0r0n9JEnYWdRMQK1MjixvcgkOMcx+ClYp77d0jyGhuyQ5Br3a/a 0YgVc/CVSasB0Iqnn7nRum7YM3+yQwCoPcZ7jR2dUHsSTjEB6sLkNz84/a89CoWK 2urkY+BcCigFhWyNuMAfo6t3CsgoUWv/zn+UMMAYu7bM3Vi5Z2YAMjHuCiUEalFM 0Gj7glmtHd+wCz8r2wOcGSQhZuMlVeRPWGJAxAqr+PwiiogbjZj44UmoW8PoHuj5 l6hgiEmWD1DwPGvvgVb+eGC+v22xuE2rw9y2yeO5XZgebyNMeoDu64xmHjZpAkmk 9wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 425805855304346525629050619337442766767845 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-25 23:38:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-24 23:38:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'canadaslandtrust.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24113245655173614722017891726751527281097444928160103072622730285532816708716231565099908471991569127331088337315436022449092980625287715923123260431977705391794476126916611971668137290336387929017594142702439914305059426431294770047258270720164639018344832228668584614898613212132631454759870766381872299274929668615516256150289278121621461989314890623634700092015456538172370150392291060282638895147878109109700008963154398406155723688266214710108591372164295202376706805601248565787675530401981266042650370360963153922274120833581675395932549733862804298179542208914401336784370580086607653655696000063419655496951 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 353822b20169cabecfd148c78a9ad696faefd4ce . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (278 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buyorleaseit.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canadaslandtrust.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'diskret-ohne-rezept.info' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dotetx.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gustofino.com.rentlittlecamper.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mikelindellbook.org.speechlessdj.com.flagstickcams.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'peerlesswindows.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'revx2.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tvp5.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.abuse.epik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.alpacacoats.com.dinardoforstaterep.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f200770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ca38f6ac20000040300483046022100f4dfefe120b18c293b2f6c9b3c486afb1c1a13640adc7b57a0f65495050cbfc2022100b4f46433ea8ca0d4745caba554c076daaf4e78bc65b89945a74f38338180684400770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ca38f6b180000040300483046022100af0b07899d991461aacbd365c41282c12f4b3b63038e373bfb405edbac8f451e0221009c33a86ca495b153943a9572bd91cf340f5906068697fcb5b217186c17083339 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003ba532ca91683f6135cbabfb99131b39f95ba73469a0f3459efe45db54ce6077a62dd87e0462fe77054f5b1bcfd66727ecabe62d1bfe9b5a89f7825587a29a33adffa0da0ec5bc89cb1eb383f5f2f5ead80150b657551852be9d746459959aa4be57482e60c9486805ba6f9d2c84332dcc0b34077da49ddb368faafaf7850102a2c403daede586d00eb8ea7d56d0535ad86a397d9436447daf3925bbcda4d7383fceff4e0da29add6a464923b775480d8057bee179be8b2e2a9063dcb476f8632ca0cd9c9bc733623aa43244cf7928dc4ef83230b3096cfe327bb570fbd0df2336454f272bf6e04172c50d2fdaecf7e47c80dd303018e533e56f6b0c34ce4ff1