ki.guj.digital
Issued by R3
About this certificate
This digital certificate with serial number 03:e2:f5:4b:f8:1b:bb:9e:5c:ee:73:71:79:b3:58:86:de:51 was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ki.guj.digital
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:e2:f5:4b:f8:1b:bb:9e:5c:ee:73:71:79:b3:58:86:de:51Serial Number (int): 338566728032879334422999785274724275641937
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 21:44:43:95:cc:0b:0f:a9:27:ae:22:4d:f3:d2:9c:09:37:18:f9:db
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 9d:38:d7:04:2b:42:29:69:7f:b3:e6:00:70:4d:87:35:ef:16:77:f1
Fingerprint (sha256): 0f:5d:4b:f3:37:fa:47:c7:16:d9:cb:37:44:47:88:d3:5c:72:e1:af:d4:2a:6d:1a:9d:51:ed:c4:54:51:24:cb
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate ki.guj.digital
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ki.guj.digital
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ki.guj.digital
Other certificates including the domain name guj.digital
(limited to 100 certificates)
static.stern.de
static.stern.de
static.stern.de
www.guj.digital
assetcloud-stage.guj.digital
static.stern.de
confluence.guj.digital
www.stage.stern.de
b0173.guj.digital
*.stage.mobile-toolkit.guj.digital
www.guj.digital
www.stage.stern.de
static.stern.de
www.guj.digital
ki.guj.digital
static.stern.de
static.stern.de
www.guj.digital
www.stage.stern.de
*.coremedia-dev.guj.digital
www.guj.digital
www.stage.stern.de
a0818.guj.digital
*.onecore-dev.guj.digital
www.guj.digital
*.harmony.guj.digital
*.das-001-prod-eks2.guj.digital
static.stern.de
www.guj.digital
static.stern.de
static.stern.de
a0162.guj.digital
static.stern.de
guj.digital
static.stern.de
*.coremedia.guj.digital
dcvtest.guj.digital
static.stern.de
a0127.guj.digital
static.stern.de
static.stern.de
static.stern.de
ck.neue-umgebung.de
api-warmup.paid.guj.digital
www.stage.stern.de
www.guj.digital
static.stern.de
static.stern.de
guj.digital
www.guj.digital
*.guj.digital
static.stern.de
*.harmony-dev.guj.digital
guj.digital
static.stern.de
static.stern.de
www.stage.stern.de
guj.digital
api.paid-dev.guj.digital
static.stern.de
www.stage.stern.de
static.stern.de
static.stern.de
das.guj.digital
static.stern.de
static.stern.de
*.harmony.guj.digital
www.stage.stern.de
static.stern.de
*.onecore-dev.guj.digital
www.guj.digital
konfi.guj.digital
www.stage.stern.de
www.stage.stern.de
static.stern.de
static.stern.de
static.stern.de
static.stern.de
*.harmony.guj.digital
www.guj.digital
static.stern.de
www.guj.digital
static.stern.de
static.stern.de
s3repo.guj.digital
guj.digital
www.guj.digital
static.stern.de
static.stern.de
diginet.guj.digital
static.stern.de
static.stern.de
static.stern.de
*.harmony-dev.guj.digital
paid-preview.stern.de
api.paid.guj.digital
static.stern.de
*.aws-dvs.guj.digital
www.stage.stern.de
*.harmony-dev.guj.digital
static.stern.de
static.stern.de
www.guj.digital
assetcloud-stage.guj.digital
static.stern.de
confluence.guj.digital
www.stage.stern.de
b0173.guj.digital
*.stage.mobile-toolkit.guj.digital
www.guj.digital
www.stage.stern.de
static.stern.de
www.guj.digital
ki.guj.digital
static.stern.de
static.stern.de
www.guj.digital
www.stage.stern.de
*.coremedia-dev.guj.digital
www.guj.digital
www.stage.stern.de
a0818.guj.digital
*.onecore-dev.guj.digital
www.guj.digital
*.harmony.guj.digital
*.das-001-prod-eks2.guj.digital
static.stern.de
www.guj.digital
static.stern.de
static.stern.de
a0162.guj.digital
static.stern.de
guj.digital
static.stern.de
*.coremedia.guj.digital
dcvtest.guj.digital
static.stern.de
a0127.guj.digital
static.stern.de
static.stern.de
static.stern.de
ck.neue-umgebung.de
api-warmup.paid.guj.digital
www.stage.stern.de
www.guj.digital
static.stern.de
static.stern.de
guj.digital
www.guj.digital
*.guj.digital
static.stern.de
*.harmony-dev.guj.digital
guj.digital
static.stern.de
static.stern.de
www.stage.stern.de
guj.digital
api.paid-dev.guj.digital
static.stern.de
www.stage.stern.de
static.stern.de
static.stern.de
das.guj.digital
static.stern.de
static.stern.de
*.harmony.guj.digital
www.stage.stern.de
static.stern.de
*.onecore-dev.guj.digital
www.guj.digital
konfi.guj.digital
www.stage.stern.de
www.stage.stern.de
static.stern.de
static.stern.de
static.stern.de
static.stern.de
*.harmony.guj.digital
www.guj.digital
static.stern.de
www.guj.digital
static.stern.de
static.stern.de
s3repo.guj.digital
guj.digital
www.guj.digital
static.stern.de
static.stern.de
diginet.guj.digital
static.stern.de
static.stern.de
static.stern.de
*.harmony-dev.guj.digital
paid-preview.stern.de
api.paid.guj.digital
static.stern.de
*.aws-dvs.guj.digital
www.stage.stern.de
*.harmony-dev.guj.digital
Certificate
The complete raw certificate details for ki.guj.digital in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE6TCCA9GgAwIBAgISA+L1S/gbu55c7nNxebNYht5RMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTUwNzA3MzdaFw0yNDA3MTQwNzA3MzZaMBkxFzAVBgNVBAMT DmtpLmd1ai5kaWdpdGFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA 0auwwZlb1k32+VEw/ntgg9UDjApW7KHXph20H4P5i0I8kH5LFrdOTUg1tBSwE/KJ MdaGMf69Sbv6l6UUz0aCDxXJgWDfhQfzXHSPdw9Hdq4O6s26R5g3Yxz/otPs42TD NK0i6ObVcehrwm5b+L3D4EWFlq+a5K8xoNrWmVf8YcaKwl++SwBYpg7WztxyVHmI fZpCcvzNcxyTcLImAzmiD6agCJyOct0RJxncImfPbOdRHBHZzd91okG3jRWCU3kE MGEyCkNIdRWBAPaeMivT3c8PeVlhmRVz22IBq1i8Zx6LHwac8pES3vkhwMokM5qC JrgHvD36RGU984COeontuQIDAQABo4ICEDCCAgwwDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBQhREOVzAsPqSeuIk3z0pwJNxj52zAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzAZBgNVHREEEjAQgg5raS5ndWouZGlnaXRhbDATBgNVHSAEDDAKMAgGBmeBDAEC ATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3ABmYEHEJ8NZSLjCA0p4/ZLuDbijM +Q9Sju7fzko/FrTKAAABjuDMH3YAAAQDAEgwRgIhAK0mFYvsEJaZP+hrxer4g5kM AldxMqi3q0zwDpJEXYxvAiEArcgjHzKmFwrBGwOjjbDPre+d7PIy8R5OC2t1YQJv of0AdQB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAY7gzB+xAAAE AwBGMEQCIFCjRafUcWAb1SyPF3rGFCfmVTCYNm/MTHuhw4dBi+I/AiA+wXA1MQ20 lrgQmsvcf+OGs4Fd1CyTNI1XDK92YKUu4jANBgkqhkiG9w0BAQsFAAOCAQEAHzV7 8DGA19NotgWpcaIYgU83VOVoIfYtaTpaVB3J6PYkMZAIz6ZklR/or4EH4FPygYRd ap/ztPQLQRXS1QLocDqlIYrtcAEfkevvVEGK3Xh5N5FtKp/hl/DGd7m+2XUWgNBO xnyUH6sOkSetnF9GbiQoyahngJvaoku1HwPUDdODpmOK99pX6Wbq8U6ctOvWLojM ehKs2XTkqVsyTak/YUCuoV2Kv6AtYP4ltt9Xp7rMIK9BO9YfuZN6/uO1+Jbio1sO Ir9GLPLhJ3iA+D1A23klEoY339ICm+Vqh05uHCfCKGl262Tcl42b204/vvuhs0Sl IPdKNPqjZH4ef5ibpQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0auwwZlb1k32+VEw/ntg g9UDjApW7KHXph20H4P5i0I8kH5LFrdOTUg1tBSwE/KJMdaGMf69Sbv6l6UUz0aC DxXJgWDfhQfzXHSPdw9Hdq4O6s26R5g3Yxz/otPs42TDNK0i6ObVcehrwm5b+L3D 4EWFlq+a5K8xoNrWmVf8YcaKwl++SwBYpg7WztxyVHmIfZpCcvzNcxyTcLImAzmi D6agCJyOct0RJxncImfPbOdRHBHZzd91okG3jRWCU3kEMGEyCkNIdRWBAPaeMivT 3c8PeVlhmRVz22IBq1i8Zx6LHwac8pES3vkhwMokM5qCJrgHvD36RGU984COeont uQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 338566728032879334422999785274724275641937 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-15 07:07:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-14 07:07:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ki.guj.digital' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26468469456276637967896711083213000795654225431620705562576035098832712243534266052754753926531663827522259773455307242595024469186961285049264659426625133736024099576311155919112547646469578935415125538863970201336788814399741512952483247268064709149203212766243109497644112142329633756847585439514259778415109203107362875221549341023911682462575512675690465632124058683239773491355554631141169353111502677850261920918522940230786666428371901201102765658536095182100410370449733864090070499468448780297923999478678590725949872216861215600854108107151129492345960445539267329983184393693014065855427183008109493349817 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 21444395cc0b0fa927ae224df3d29c093718f9db . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (18 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ki.guj.digital' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018ee0cc1f760000040300483046022100ad26158bec1096993fe86bc5eaf883990c02577132a8b7ab4cf00e92445d8c6f022100adc8231f32a6170ac11b03a38db0cfadef9decf232f11e4e0b6b7561026fa1fd00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ee0cc1fb10000040300463044022050a345a7d471601bd52c8f177ac61427e6553098366fcc4c7ba1c387418be23f02203ec17035310db496b8109acbdc7fe386b3815dd42c93348d570caf7660a52ee2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001f357bf03180d7d368b605a971a218814f3754e56821f62d693a5a541dc9e8f624319008cfa664951fe8af8107e053f281845d6a9ff3b4f40b4115d2d502e8703aa5218aed70011f91ebef54418add787937916d2a9fe197f0c677b9bed9751680d04ec67c941fab0e9127ad9c5f466e2428c9a867809bdaa24bb51f03d40dd383a6638af7da57e966eaf14e9cb4ebd62e88cc7a12acd974e4a95b324da93f6140aea15d8abfa02d60fe25b6df57a7bacc20af413bd61fb9937afee3b5f896e2a35b0e22bf462cf2e1277880f83d40db7925128637dfd2029be56a874e6e1c27c2286976eb64dc978d9bdb4e3fbefba1b344a520f74a34faa3647e1e7f989ba5