uma-zakelijk.test.unive.nl
Issued by R3
About this certificate
This digital certificate with serial number 04:c5:5f:67:11:e5:9d:23:c4:2e:e3:db:22:13:a0:c3:ac:b7 was issued on by Let's Encrypt.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=uma-zakelijk.test.unive.nl
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:c5:5f:67:11:e5:9d:23:c4:2e:e3:db:22:13:a0:c3:ac:b7Serial Number (int): 415611581839634704847191363814048577858743
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 62:5b:3a:7d:78:72:6c:1e:99:c4:68:b2:3e:bf:aa:8f:46:2d:01:e2
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): bb:ae:21:ef:84:01:ea:54:80:e9:df:bd:38:5e:d1:82:99:60:64:69
Fingerprint (sha256): 16:76:cf:69:63:9f:ec:a5:9f:92:10:9f:4a:91:2f:6a:a4:84:b3:0e:fb:5e:63:a8:29:00:19:bd:ee:b8:dc:9c
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate uma-zakelijk.test.unive.nl
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for uma-zakelijk.test.unive.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
uma-zakelijk.test.unive.nl
Other certificates including the domain name unive.nl
(limited to 100 certificates)
www.acc.unive.nl
web.unive.nl
mail.vgz.nl
tracking.unive.nl
acc.unive.nl
mijn.unive.nl
rechtshulpagrarisch.unive.nl
lync.unive.nl
api-opa.unive.nl
iw.unive.nl
uma-zakelijk.test.unive.nl
tracking.unive.nl
iw.unive.nl
bb.unive.nl
vpn.unive.nl
remote.unive.nl
api-atp.unive.nl
webwerken.unive.nl
api.unive.nl
rechtshulpagrarisch.unive.nl
uma-zakelijk.test.unive.nl
dispatchtest.unive.nl
mijn.unive.nl
vpn.unive.nl
mxb.unive.nl
services-pat.unive.nl
unive.nl
mxa.unive.nl
prod.unive.nl
vpn.unive.nl
tracking.unive.nl
email.unive.nl
tracking.unive.nl
rd.unive.nl
dsuniverabobank.unive.nl
privatelease.beta.unive.nl
stadenland.unive.nl
www.unive.nl
lync.unive.nl
www.unive.nl
privatelease.beta.unive.nl
zakelijk.unive.nl
*.ot.daas.unive.nl
tracking.unive.nl
api.unive.nl
tracking.unive.nl
rechtshulpmkb.unive.nl
www.unive.nl
mijn.unive.nl
mijn.unive.nl
vpn.unive.nl
*.prod.daas.unive.nl
rechtshulpagrarisch.unive.nl
acc.unive.nl
stadenland.unive.nl
uma-zakelijk.pat.unive.nl
opa.unive.nl
tracking.unive.nl
rechtshulpagrarisch.unive.nl
cdn-pat.unive.nl
rechtshulpmkb.unive.nl
iw-pat.unive.nl
*.prod.daas.unive.nl
mijn.unive.nl
www.unive.nl
api.unive.nl
videochat.unive.nl
email.unive.nl
mail.unive.nl
lync.unive.nl
cdn.unive.nl
login.pat.unive.nl
mxb.unive.nl
pns-digital.unive.nl
*.ot.daas.unive.nl
services.unive.nl
bb.unive.nl
www.unive.nl
beta.unive.nl
login.unive.nl
login.unive.nl
www.unive.nl
flexwerken.unive.nl
pns-digital.unive.nl
dispatchtest.unive.nl
pns-digital.unive.nl
pat.unive.nl
vpn.unive.nl
dispatch.unive.nl
tracking.unive.nl
365.unive.nl
tracking.unive.nl
cdn.unive.nl
accmijn.unive.nl
tracking.unive.nl
cdn-pat.unive.nl
cdn.unive.nl
email.unive.nl
webwerken.unive.nl
iw-pat.unive.nl
web.unive.nl
mail.vgz.nl
tracking.unive.nl
acc.unive.nl
mijn.unive.nl
rechtshulpagrarisch.unive.nl
lync.unive.nl
api-opa.unive.nl
iw.unive.nl
uma-zakelijk.test.unive.nl
tracking.unive.nl
iw.unive.nl
bb.unive.nl
vpn.unive.nl
remote.unive.nl
api-atp.unive.nl
webwerken.unive.nl
api.unive.nl
rechtshulpagrarisch.unive.nl
uma-zakelijk.test.unive.nl
dispatchtest.unive.nl
mijn.unive.nl
vpn.unive.nl
mxb.unive.nl
services-pat.unive.nl
unive.nl
mxa.unive.nl
prod.unive.nl
vpn.unive.nl
tracking.unive.nl
email.unive.nl
tracking.unive.nl
rd.unive.nl
dsuniverabobank.unive.nl
privatelease.beta.unive.nl
stadenland.unive.nl
www.unive.nl
lync.unive.nl
www.unive.nl
privatelease.beta.unive.nl
zakelijk.unive.nl
*.ot.daas.unive.nl
tracking.unive.nl
api.unive.nl
tracking.unive.nl
rechtshulpmkb.unive.nl
www.unive.nl
mijn.unive.nl
mijn.unive.nl
vpn.unive.nl
*.prod.daas.unive.nl
rechtshulpagrarisch.unive.nl
acc.unive.nl
stadenland.unive.nl
uma-zakelijk.pat.unive.nl
opa.unive.nl
tracking.unive.nl
rechtshulpagrarisch.unive.nl
cdn-pat.unive.nl
rechtshulpmkb.unive.nl
iw-pat.unive.nl
*.prod.daas.unive.nl
mijn.unive.nl
www.unive.nl
api.unive.nl
videochat.unive.nl
email.unive.nl
mail.unive.nl
lync.unive.nl
cdn.unive.nl
login.pat.unive.nl
mxb.unive.nl
pns-digital.unive.nl
*.ot.daas.unive.nl
services.unive.nl
bb.unive.nl
www.unive.nl
beta.unive.nl
login.unive.nl
login.unive.nl
www.unive.nl
flexwerken.unive.nl
pns-digital.unive.nl
dispatchtest.unive.nl
pns-digital.unive.nl
pat.unive.nl
vpn.unive.nl
dispatch.unive.nl
tracking.unive.nl
365.unive.nl
tracking.unive.nl
cdn.unive.nl
accmijn.unive.nl
tracking.unive.nl
cdn-pat.unive.nl
cdn.unive.nl
email.unive.nl
webwerken.unive.nl
iw-pat.unive.nl
Certificate
The complete raw certificate details for uma-zakelijk.test.unive.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEDjCCAvagAwIBAgISBMVfZxHlnSPELuPbIhOgw6y3MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDIwMjU0MDdaFw0yNDA3MDEwMjU0MDZaMCUxIzAhBgNVBAMT GnVtYS16YWtlbGlqay50ZXN0LnVuaXZlLm5sMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA3XH3gYToPoK+WcGAVNWeI94Rt6mPf1puf6TMs3/vBQlRd4PT PxvGHlLUQzaWZDQKuWmE7/mZk6hSgKHuXviOQ3TpBCpvQMn3ycSiyYp6smZ4qqcr wr4NjtIr/bkU+Ti5dmM/UBRhBGuF0OSqbT7qaGrowH8vKiNbVweHxSPtQngfpRTN 5DCl5HB5si25byZM6mtJm1KEJTaMobWWnrFGbk6+qCP5Bd69/QzJ5FJVd3qCVMVp u/EXyTCDPFwyIKLpfTpfOhOi0fCka0wNXSGnoCeEiTY6s6NiGzTG0VdqY6GR3d7M EwfCjhXjL3POHSlZxdgp0fcvnRbhxP1jnJdgvwIDAQABo4IBKTCCASUwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBRiWzp9eHJsHpnEaLI+v6qPRi0B4jAfBgNVHSMEGDAW gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz LmkubGVuY3Iub3JnLzAlBgNVHREEHjAcghp1bWEtemFrZWxpamsudGVzdC51bml2 ZS5ubDATBgNVHSAEDDAKMAgGBmeBDAECATATBgorBgEEAdZ5AgQDAQH/BAIFADAN BgkqhkiG9w0BAQsFAAOCAQEALUE93vB0/R6ESfQ+9CkjnGp+rSH0uYeX0fudsW6g G1518BNLHhLXtjrkNbpTaYzVRSyVM+IsH6X+PMW/GLv9LRRQTLgGq7d7ODAG4e4+ FsYn6Dq+hTyM3jsWBKEjV6dQVEo5ycJWYXzIIhpqcC3O1ZOx6p+oanGSS6ZOabH4 lHGZI+ZGXNSEmmtAERxuo9t0aykZP7lUaXnLsBR7jG/C88KuFqM2Ua85dnN++bK9 hxqroIvwfF5KlPHZdSWcB4VBWsFbrqDSA0hvb7AlDiHf9wRynyZp6Zhd4d8FmJsL HHdyu0ABzyWGNgqGI6bQ43D/OV3BiWT+fPjUVpTA8NH+BA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XH3gYToPoK+WcGAVNWe I94Rt6mPf1puf6TMs3/vBQlRd4PTPxvGHlLUQzaWZDQKuWmE7/mZk6hSgKHuXviO Q3TpBCpvQMn3ycSiyYp6smZ4qqcrwr4NjtIr/bkU+Ti5dmM/UBRhBGuF0OSqbT7q aGrowH8vKiNbVweHxSPtQngfpRTN5DCl5HB5si25byZM6mtJm1KEJTaMobWWnrFG bk6+qCP5Bd69/QzJ5FJVd3qCVMVpu/EXyTCDPFwyIKLpfTpfOhOi0fCka0wNXSGn oCeEiTY6s6NiGzTG0VdqY6GR3d7MEwfCjhXjL3POHSlZxdgp0fcvnRbhxP1jnJdg vwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 415611581839634704847191363814048577858743 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-02 02:54:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-01 02:54:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'uma-zakelijk.test.unive.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27954864531038800519645377409835240201375815430404995045012386473517484600892304540769717710396203617422728943086527500203900797901944246985915832591764672308429894738881707314047549847040284797667650255490302796315224719953977285938516738213628965716975034095447189190971978424958932647764466920111944075326733399006011642891008135045698100222180928125436658242979107914985248609822519401011935416101202691109817135357587480444907835215756323238337297976620251640217536902430054868061768091104381333748213809084409449611292674722491210800444010017759449130785133313441552790486830553308261178870883077012702923022527 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 625b3a7d78726c1e99c468b23ebfaa8f462d01e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uma-zakelijk.test.unive.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002d413ddef074fd1e8449f43ef429239c6a7ead21f4b98797d1fb9db16ea01b5e75f0134b1e12d7b63ae435ba53698cd5452c9533e22c1fa5fe3cc5bf18bbfd2d14504cb806abb77b383006e1ee3e16c627e83abe853c8cde3b1604a12357a750544a39c9c256617cc8221a6a702dced593b1ea9fa86a71924ba64e69b1f894719923e6465cd4849a6b40111c6ea3db746b29193fb9546979cbb0147b8c6fc2f3c2ae16a33651af3976737ef9b2bd871aaba08bf07c5e4a94f1d975259c0785415ac15baea0d203486f6fb0250e21dff704729f2669e9985de1df05989b0b1c7772bb4001cf2586360a8623a6d0e370ff395dc18964fe7cf8d45694c0f0d1fe04