www.rybczynski.com
Issued by Starfield Secure Certificate Authority - G2
About this certificate
This digital certificate with serial number 2b:57:ab:f0:89:c5:03 was issued on by Starfield Technologies, Inc..
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.rybczynski.com,OU=Domain Control Validated
Starfield Technologies, Inc.
Organization:
Starfield Technologies, Inc.
Organization unit: http://certs.starfieldtech.com/repository/
Organization unit: http://certs.starfieldtech.com/repository/
State / Province:
Arizona
Locality: Scottsdale
Country: US
Locality: Scottsdale
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 2b:57:ab:f0:89:c5:03Serial Number (int): 12199819985143043
Serial Number lenght: 54 bits, 7 octets
SubjectKeyId: 5a:27:26:cf:2c:e7:f1:49:e0:ba:93:09:a8:c7:dd:28:45:e7:74:0d
AuthorityKeyId: 25:45:81:68:50:26:38:3d:3b:2d:2c:be:cd:6a:d9:b6:3d:b3:66:63
Fingerprint (sha1): 76:4d:ed:8f:c4:00:55:a3:1c:09:12:50:bc:08:16:42:8b:e7:a0:8a
Fingerprint (sha256): 15:ee:77:7b:af:03:c3:61:1d:77:28:e6:77:cf:44:b2:62:43:f4:2d:ed:2a:26:c3:d0:61:9a:5a:54:fc:b7:c8
Issuing Certificate URL: http://certificates.starfieldtech.com/repository/sfig2.crt
Revocation information
OCSP Server: http://ocsp.starfieldtech.com/CRL Distribution Point: http://crl.starfieldtech.com/sfig2s1-12.crl
Check the revocation status for certificate www.rybczynski.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.rybczynski.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.rybczynski.com
rybczynski.com
autodiscover.rybczynski.com
mail.rybczynski.com
greg.rybczynski.com
secure.rybczynski.com
rybczynski.com
autodiscover.rybczynski.com
mail.rybczynski.com
greg.rybczynski.com
secure.rybczynski.com
Other certificates including the domain name rybczynski.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.rybczynski.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFuTCCBKGgAwIBAgIHK1er8InFAzANBgkqhkiG9w0BAQsFADCBxjELMAkGA1UE BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAj BgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMzAxBgNVBAsTKmh0 dHA6Ly9jZXJ0cy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5LzE0MDIGA1UE AxMrU3RhcmZpZWxkIFNlY3VyZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAe Fw0xNDExMDkxNDQxMDJaFw0xNTExMjcxNjM5MjhaMEAxITAfBgNVBAsTGERvbWFp biBDb250cm9sIFZhbGlkYXRlZDEbMBkGA1UEAxMSd3d3LnJ5YmN6eW5za2kuY29t MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOhEg4muLOL5TOHDfbb/ eqeafuk+4a82aJtYMJ5KB15XRuE4V9+xCLLdrxdHzgVAASpUYQWWUVAulnPtznC8 mZ/Zp4fTbIGn4lLZ7oBkGlXRzhSkU3wuK3JSRCZGwqHvEhOBt0QB1aW2zjTciXuD RSJ0JIJi+4sy9JsadLGrgFZpAadxA3U4/+laSbmWOb5+IYjuUSaYuNBIttRC6X1C ORSAiFrw8D1HaqX5JcTLh7yLu2PFQ+8Opwikmo3RM8305BqlYgVPBp9z9BLLQbqS OmNDbI/iBDBD1kaDbf9rnZUDPP1LF6awusrkVFa4XPGnBJGlrWRbBgJPAFf/a5ZE vQIDAQABo4ICLzCCAiswDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDwGA1UdHwQ1MDMwMaAvoC2GK2h0 dHA6Ly9jcmwuc3RhcmZpZWxkdGVjaC5jb20vc2ZpZzJzMS0xMi5jcmwwWQYDVR0g BFIwUDBOBgtghkgBhv1uAQcXATA/MD0GCCsGAQUFBwIBFjFodHRwOi8vY2VydGlm aWNhdGVzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMIGCBggrBgEFBQcB AQR2MHQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJmaWVsZHRlY2guY29t LzBGBggrBgEFBQcwAoY6aHR0cDovL2NlcnRpZmljYXRlcy5zdGFyZmllbGR0ZWNo LmNvbS9yZXBvc2l0b3J5L3NmaWcyLmNydDAfBgNVHSMEGDAWgBQlRYFoUCY4PTst LL7Natm2PbNmYzCBjQYDVR0RBIGFMIGCghJ3d3cucnliY3p5bnNraS5jb22CDnJ5 YmN6eW5za2kuY29tghthdXRvZGlzY292ZXIucnliY3p5bnNraS5jb22CE21haWwu cnliY3p5bnNraS5jb22CE2dyZWcucnliY3p5bnNraS5jb22CFXNlY3VyZS5yeWJj enluc2tpLmNvbTAdBgNVHQ4EFgQUWicmzyzn8UngupMJqMfdKEXndA0wDQYJKoZI hvcNAQELBQADggEBAMGMr+PIJ4ptyO+iLv+9d/mVeRdSGvI+9DvR9rg33C9giEDk pUE5+EUknfrpg3JTmrPNT/3MAyu2Crh2kKBkdIEq/9VKr0rfbZBey9WppQ4UXvPo CGFEl4qjpFg84h2Q4V49ww9pEP6MNakUisffXDrvV1ile/OIZGRE+Eb+D08U+So9 HWzYnqSSROdNJGX7Lm3Fs6gYhq+f6Y6LjhMxyNQjbxMfjBEuk0dMq3A7ItbOAyiB KZn1/njaQho8D5MWrjclxpqnNX/JIuiBSQCV8pdfV2Y1TwxgFnugHYG2yoLqPk8Z 7xwo+9g7j3K/Dwat4jScmdTsfzVG49Gkx4jAmjs= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOhEg4muLOL5TOHDfbb/ eqeafuk+4a82aJtYMJ5KB15XRuE4V9+xCLLdrxdHzgVAASpUYQWWUVAulnPtznC8 mZ/Zp4fTbIGn4lLZ7oBkGlXRzhSkU3wuK3JSRCZGwqHvEhOBt0QB1aW2zjTciXuD RSJ0JIJi+4sy9JsadLGrgFZpAadxA3U4/+laSbmWOb5+IYjuUSaYuNBIttRC6X1C ORSAiFrw8D1HaqX5JcTLh7yLu2PFQ+8Opwikmo3RM8305BqlYgVPBp9z9BLLQbqS OmNDbI/iBDBD1kaDbf9rnZUDPP1LF6awusrkVFa4XPGnBJGlrWRbBgJPAFf/a5ZE vQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12199819985143043 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Arizona' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Scottsdale' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Technologies, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'http://certs.starfieldtech.com/repository/' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Starfield Secure Certificate Authority - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2014-11-09 14:41:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-27 16:39:28 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Control Validated' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.rybczynski.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20817617452620189529276242940431696328494884823881843771360000347409190401125550487833275216113976045620498836561248115555958592817960994591316666836430286508952620255490570098888267782500618410061516438585511997633021670549121153136123983456822444508265634754608660893307010115529575302925786197188681398747124298012263754133400042211609709354254037633411991129057976292270399375578833596210834141777657675708696468119494052441980691081899239093451808990949037525713435551051413109271787934024311092525144462522986192532939941804498765380539578121703811172034724484889494106589613234850399283524616237393725367927997 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.starfieldtech.com/sfig2s1-12.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (82 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114414.1.7.23.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://certificates.starfieldtech.com/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (118 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.starfieldtech.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certificates.starfieldtech.com/repository/sfig2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 254581685026383d3b2d2cbecd6ad9b63db36663 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.rybczynski.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rybczynski.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'autodiscover.rybczynski.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.rybczynski.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greg.rybczynski.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'secure.rybczynski.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5a2726cf2ce7f149e0ba9309a8c7dd2845e7740d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00c18cafe3c8278a6dc8efa22effbd77f9957917521af23ef43bd1f6b837dc2f608840e4a54139f845249dfae98372539ab3cd4ffdcc032bb60ab87690a06474812affd54aaf4adf6d905ecbd5a9a50e145ef3e8086144978aa3a4583ce21d90e15e3dc30f6910fe8c35a9148ac7df5c3aef5758a57bf388646444f846fe0f4f14f92a3d1d6cd89ea49244e74d2465fb2e6dc5b3a81886af9fe98e8b8e1331c8d4236f131f8c112e93474cab703b22d6ce0328812999f5fe78da421a3c0f9316ae3725c69aa7357fc922e881490095f2975f5766354f0c60167ba01d81b6ca82ea3e4f19ef1c28fbd83b8f72bf0f06ade2349c99d4ec7f3546e3d1a4c788c09a3b