www.iff-charity.org
Issued by Encryption Everywhere DV TLS CA - G2
About this certificate
This digital certificate with serial number 03:80:17:4d:22:25:16:96:b1:81:b2:c4:a9:65:9b:7e was issued on by DigiCert Inc.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.iff-charity.org
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:80:17:4d:22:25:16:96:b1:81:b2:c4:a9:65:9b:7eSerial Number (int): 4652770591803930403053478979813350270
Serial Number lenght: 122 bits, 16 octets
SubjectKeyId: 5d:85:cc:96:90:b0:61:ae:f9:8f:eb:19:5f:38:48:7b:72:69:70:39
AuthorityKeyId: 78:df:91:90:5f:ee:de:ac:f6:c5:75:eb:d5:4c:55:53:ef:24:4a:b6
Fingerprint (sha1): c2:b4:34:93:bb:c3:05:7c:73:7e:e9:53:ac:e0:d0:ec:a7:13:07:4c
Fingerprint (sha256): 0f:22:a4:71:6b:28:8b:79:fe:2d:60:8b:84:90:3a:1f:10:60:e3:11:a1:1d:d7:8a:2e:af:0d:3d:85:92:62:05
Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCheck the revocation status for certificate www.iff-charity.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.iff-charity.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.iff-charity.org
Other certificates including the domain name iff-charity.org
(limited to 100 certificates)
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
dev.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
new.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
dev.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
www.iff-charity.org
www.iff-charity.org
new.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
www.iff-charity.org
mirror.iff-charity.org
mirror.iff-charity.org
Certificate
The complete raw certificate details for www.iff-charity.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF/TCCBOWgAwIBAgIQA4AXTSIlFpaxgbLEqWWbfjANBgkqhkiG9w0BAQsFADBu MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg RFYgVExTIENBIC0gRzIwHhcNMjMwOTI4MDAwMDAwWhcNMjQwOTI3MjM1OTU5WjAe MRwwGgYDVQQDExN3d3cuaWZmLWNoYXJpdHkub3JnMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAySHDzjTw3l5kRqvJab+rIgXjLzSC1JDqyVeh6B5dnzz9 8Kfrzr919fif4th6TCr4RsJpLrxW8enaJTryAenAfjcQgP/1hhl0U5Me7IvYTsUQ 44XmnjWVfrySulAwtAiGjfExypWmgcOvbKEf7eFu5Ps9qSZC55ptDI1klrmQmYyr tpb1x0jETfD7oxuCwpoJpGrehGu/sPCv26F3xDlaJyRU4p7xB1k0e1uZdjbQmhD3 2SNmnQ4FK91Azy1xTHySLncSVKIhzUXrw+S1W62bZhf2Lw8vq49SAd1+VavGZPQQ HN2QYd2VoYMEcdJ8sJAZ7IITkQy63/5CBDYpP+4irQIDAQABo4IC5TCCAuEwHwYD VR0jBBgwFoAUeN+RkF/u3qz2xXXr1UxVU+8kSrYwHQYDVR0OBBYEFF2FzJaQsGGu +Y/rGV84SHtyaXA5MB4GA1UdEQQXMBWCE3d3dy5pZmYtY2hhcml0eS5vcmcwPgYD VR0gBDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdp Y2VydC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwgYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDov L29jc3AuZGlnaWNlcnQuY29tMEoGCCsGAQUFBzAChj5odHRwOi8vY2FjZXJ0cy5k aWdpY2VydC5jb20vRW5jcnlwdGlvbkV2ZXJ5d2hlcmVEVlRMU0NBLUcyLmNydDAM BgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgB2/4g/Crb7 lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYrdsx6iAAAEAwBHMEUCIGjG4pF6 6LeCs4Jqn80/QB7AbCU16hkLLIjQU4DkAXyMAiEAniucRerKlXgk7daYSTIjHMJ1 MkDMi1281YG26YCdHGgAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE cwAAAYrdsx7DAAAEAwBGMEQCIB48j8PV5dhwRktGoF8JbfADHx/kFjZPCZ1T1toN o7cBAiBaYU2pILUnHlb+iisPerRM2sduS3/KOzNJxofpWPJTJgB2ANq2v2s/tbYi n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABit2zHpgAAAQDAEcwRQIgZfe8GTsN TWikkld6nt0iNS8yxLdl0krGH7u6V7vvanwCIQDiQI6BAI902d/JhDsISLpzxEK7 jgXjZJ4GtMUhUpWW2DANBgkqhkiG9w0BAQsFAAOCAQEAmwG9B3dFJL0cHbkF1npP //Q4IbV3+e7i/ttk0Q1mi/JpfrLX3RvWILVCQnGiTgpiVthsshwAb6vHKKBh8rCv 1erSroHlLbFQSp3XTQ5wLHupI1IL+PH7sEzBsE2JNg9/2/BiSWx52o4C4kDud9Nn JcueZYtSPaUZ5z7i6xudzxNx8VUwrJ/VKOslSkJoinuuApqNYoFy5wH8Nhm+dQSG R7VJ0PvX2MB6KLG9+fqujeJIh3vf620K4YoUduBdj0yUKaQ7ohiTwUNp9Iu45KIe DdKu3Cvs5oMTKX1urXqWP8GarhGQgODhyH3utdMHAmzhXbXzHE4Ibfbkuvg0Hz7V Kw== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySHDzjTw3l5kRqvJab+r IgXjLzSC1JDqyVeh6B5dnzz98Kfrzr919fif4th6TCr4RsJpLrxW8enaJTryAenA fjcQgP/1hhl0U5Me7IvYTsUQ44XmnjWVfrySulAwtAiGjfExypWmgcOvbKEf7eFu 5Ps9qSZC55ptDI1klrmQmYyrtpb1x0jETfD7oxuCwpoJpGrehGu/sPCv26F3xDla JyRU4p7xB1k0e1uZdjbQmhD32SNmnQ4FK91Azy1xTHySLncSVKIhzUXrw+S1W62b Zhf2Lw8vq49SAd1+VavGZPQQHN2QYd2VoYMEcdJ8sJAZ7IITkQy63/5CBDYpP+4i rQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 4652770591803930403053478979813350270 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.iff-charity.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25390549373772642879229883850937439120189363615930009964514205905288739148195830101402667525609991258975774119599227236722860042904961038966594343666839735574842274099186772947686634864958235725707646793477647913472666190538862848961013338122838761185031759049730341605226934352956358815571833730978487023593882361962184289453281505647105854134548255340898442341727781613953989899484342629082683260468626747946956513512815969439753962206051236184480548848643614708877337050176838411480047728513103048806468643891204860022443719007870678316028794670887687786273623691755639669284568328081758969413341414361297171915437 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 78df91905feedeacf6c575ebd54c5553ef244ab6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5d85cc9690b061aef98feb195f38487b72697039 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.iff-charity.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018addb31ea20000040300473045022068c6e2917ae8b782b3826a9fcd3f401ec06c2535ea190b2c88d05380e4017c8c0221009e2b9c45eaca957824edd6984932231cc2753240cc8b5dbcd581b6e9809d1c6800750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018addb31ec3000004030046304402201e3c8fc3d5e5d870464b46a05f096df0031f1fe416364f099d53d6da0da3b70102205a614da920b5271e56fe8a2b0f7ab44cdac76e4b7fca3b3349c687e958f25326007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018addb31e980000040300473045022065f7bc193b0d4d68a492577a9edd22352f32c4b765d24ac61fbbba57bbef6a7c022100e2408e81008f74d9dfc9843b0848ba73c442bb8e05e3649e06b4c521529596d8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009b01bd07774524bd1c1db905d67a4ffff43821b577f9eee2fedb64d10d668bf2697eb2d7dd1bd620b5424271a24e0a6256d86cb21c006fabc728a061f2b0afd5ead2ae81e52db1504a9dd74d0e702c7ba923520bf8f1fbb04cc1b04d89360f7fdbf062496c79da8e02e240ee77d36725cb9e658b523da519e73ee2eb1b9dcf1371f15530ac9fd528eb254a42688a7bae029a8d628172e701fc3619be75048647b549d0fbd7d8c07a28b1bdf9faae8de248877bdfeb6d0ae18a1476e05d8f4c9429a43ba21893c14369f48bb8e4a21e0dd2aedc2bece68313297d6ead7a963fc19aae119080e0e1c87deeb5d307026ce15db5f31c4e086df6e4baf8341f3ed52b