kioskmagazine.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:64:4c:16:d3:e7:57:c8:38:da:9f:20:e9:4a:dd:38:67:eb was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=kioskmagazine.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:64:4c:16:d3:e7:57:c8:38:da:9f:20:e9:4a:dd:38:67:ebSerial Number (int): 295466234343502426819558957311995875452907
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 70:ea:8f:25:62:67:5c:d9:b5:1c:e0:21:9e:de:5f:c0:39:5f:19:76
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 64:96:3c:7b:62:77:64:b2:7d:ca:1c:42:59:f6:cb:1d:c3:96:d4:b4
Fingerprint (sha256): 19:41:30:6e:29:3a:c5:f3:9a:17:d3:15:81:be:e5:41:e4:3b:e5:20:57:d7:17:23:75:49:52:76:53:1a:a7:67
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate kioskmagazine.com
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for kioskmagazine.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
kioskmagazine.com
Other certificates including the domain name kioskmagazine.com
(limited to 100 certificates)
www.kioskmagazine.com
kioskmagazine.com
kioskmagazine.com
kioskmagazine.com
www.kioskmagazine.com
kioskmagazine.com
www.kioskmagazine.com
kioskmagazine.com
89954.com
www.kioskmagazine.com
www.peanutpost.com
kioskmagazine.com
www.treviolo.org
www.kioskmagazine.com
pussiesmollett.com
kioskmagazine.com
www.kioskmagazine.com
kioskmagazine.com
kioskmagazine.com
www.kioskmagazine.com
kioskmagazine.com
kioskmagazine.com
kioskmagazine.com
www.kioskmagazine.com
kioskmagazine.com
www.kioskmagazine.com
kioskmagazine.com
89954.com
www.kioskmagazine.com
www.peanutpost.com
kioskmagazine.com
www.treviolo.org
www.kioskmagazine.com
pussiesmollett.com
kioskmagazine.com
www.kioskmagazine.com
kioskmagazine.com
kioskmagazine.com
www.kioskmagazine.com
Certificate
The complete raw certificate details for kioskmagazine.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGXDCCBUSgAwIBAgISA2RMFtPnV8g42p8g6UrdOGfrMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MjYwNTA1NTVaFw0x OTA5MjQwNTA1NTVaMBwxGjAYBgNVBAMTEWtpb3NrbWFnYXppbmUuY29tMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmFsCuxlMV2d5DeXVS1sN+A0ss/Ml NPKLKRKSB6hLQ50kH/fiaZjTi3k3wZzdQgYVPcZRBQpIxiyTw3gGHNvh0wAPLYQF wQKGXUTLPvnthYirOeRA62kQwPxze4K3RHcl76HvPS+LfDYkKAG+hpLv+hdvmuUv fZ1xv0w4QWhOGxN92uKlpBYQHRJrOIFLEjzRxTkQHOQpPjCtoxzGY5x5UbkPmKmn P65a+/egyKNtvjl2g3j0ENJayEJ7Ao1Tab5RDVCYLswmgMvPWP6fP8Chm23RAGxE YEpvT9Yxx6HiR4nz++N+l7oEmRMk9y8jrrgYnkTuMEv3L+aDNf3XqmyyVg1ZeZvy bgyuWH1muWx41easdRn+ib1GRh0KVXtpqL+USmCpCDQHCtGW6foCSWyulajF/0lu DEuM1HLCWtvTbJXH6jZgpkIveiXwq+0Zn5GmrEssB4ua0osJFxbVtizsigJ78Ixl b4jVCKJvwby8ebdgEC+WBSE0mOZAmhhfBBqMSL0ly4bAynD3FSKHKcB7nzGIce8+ tUrbY7Qpmx2kibpRJlyCvEUBCWWn0cla09OQbplu50UukxajeD+IOD2F7DPevz6g KrJZD91roOSF11MDKpS0pDJruMU4MpY+KFRc61YlyBcWLQUSV6UcM6mIvI4x++3Q c4Enmo8G37gFb70CAwEAAaOCAmgwggJkMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU cOqPJWJnXNm1HOAhnt5fwDlfGXYwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl 7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5p bnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5p bnQteDMubGV0c2VuY3J5cHQub3JnLzAcBgNVHREEFTATghFraW9za21hZ2F6aW5l LmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQYGCisGAQQB1nkC BAIEgfcEgfQA8gB3AOJpS64m6OlACeiGG7Y7g9Q+5/50iPukjyiTAZ3d8dv+AAAB a5JkAO4AAAQDAEgwRgIhALPXlbjn1mWe1EuTbPlbs3FxNGZPTQy9oaH43e8Hgix9 AiEAk2cfIluFrM75WTOs3r8vfPfx4rag5ljporskS4CJhJoAdwBj8tvN6DvMLM8L coQnV2szpI1hd4+9daY4scdoVEvYjQAAAWuSZAETAAAEAwBIMEYCIQDEveAmTY24 oKptU7WRL6pv6neHobqQWGNSdECxKjAEcQIhAKv1xo2azpgjcOJfr0wUj4ddyIu0 C/OXJpo62grpVrXkMA0GCSqGSIb3DQEBCwUAA4IBAQAuCBoPKN0rFojQZJLfrjpK 8TCelYginUEWii4xE9Z/icwqnzhNYNNlWxbCHLEY6MwrkZdbejWMHalv8AfI8FYw gfP3lzSrNIIQicZrR96UmjB2ccBOCld1nNxpM+I44NgxmZNO5+HKxE2fcYu//etV bcVb2vXl0BNQd46YJ7jTSNlhz7Co5aKo6c43uzH2MocWuO4/C5CJR8pmcR9FGPFh K5DU3QSdOu/SIWkND5ZeVxapVMQ3a9MwrdXZpDXogRHG3di0rNu0Y3avqMLkIjdY Fe14RcofWVlX62JsizayRbwCHCHsKS0myVWGGQXWDWeUCxDKYiV5nr9A9j6yTUTv -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmFsCuxlMV2d5DeXVS1sN +A0ss/MlNPKLKRKSB6hLQ50kH/fiaZjTi3k3wZzdQgYVPcZRBQpIxiyTw3gGHNvh 0wAPLYQFwQKGXUTLPvnthYirOeRA62kQwPxze4K3RHcl76HvPS+LfDYkKAG+hpLv +hdvmuUvfZ1xv0w4QWhOGxN92uKlpBYQHRJrOIFLEjzRxTkQHOQpPjCtoxzGY5x5 UbkPmKmnP65a+/egyKNtvjl2g3j0ENJayEJ7Ao1Tab5RDVCYLswmgMvPWP6fP8Ch m23RAGxEYEpvT9Yxx6HiR4nz++N+l7oEmRMk9y8jrrgYnkTuMEv3L+aDNf3Xqmyy Vg1ZeZvybgyuWH1muWx41easdRn+ib1GRh0KVXtpqL+USmCpCDQHCtGW6foCSWyu lajF/0luDEuM1HLCWtvTbJXH6jZgpkIveiXwq+0Zn5GmrEssB4ua0osJFxbVtizs igJ78Ixlb4jVCKJvwby8ebdgEC+WBSE0mOZAmhhfBBqMSL0ly4bAynD3FSKHKcB7 nzGIce8+tUrbY7Qpmx2kibpRJlyCvEUBCWWn0cla09OQbplu50UukxajeD+IOD2F 7DPevz6gKrJZD91roOSF11MDKpS0pDJruMU4MpY+KFRc61YlyBcWLQUSV6UcM6mI vI4x++3Qc4Enmo8G37gFb70CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 295466234343502426819558957311995875452907 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-26 05:05:55 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-24 05:05:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kioskmagazine.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 621556254313242346124404304110069791732333059627159980406767218090081276294920393641387922734291763166064978545418452666269514805396507488558121069894955125760599704150782949979831381291513036551847775760248881008448442703606837430219386169934949612669020191685356186414240560953543779664619794028328962812593792364353252980170991907422207000910278417290652060946245400767465543070856526011178364170191067133902416591046740945332258582024185617562168515650762185392216318609056835337565273742122178184861353736508709920346339142695922042978462904393979134217419351163227684010112405152595206870621334535419608601257062945031788752402382504583593332062407558039760263984795032234004060160896427383492682329743866917536875549117354238544588699672845362231941193298369116107743362507836909429559083499725550222030300544540783720485516289429515423335855699347266193520213794002873873711791668527552355529652919582717652880136522633445673196152363881139593856327159125738671199313454781676439339284251529900541050598797295592430553096416745788681870132397946031225279815711947808004620824438761864026912533995962793155618335773947026871630595863276164650233702285457502793437689023989846107346536340525857298392336386626655129811366014909 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 70ea8f2562675cd9b51ce0219ede5fc0395f1976 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kioskmagazine.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe0000016b926400ee0000040300483046022100b3d795b8e7d6659ed44b936cf95bb3717134664f4d0cbda1a1f8ddef07822c7d02210093671f225b85accef95933acdebf2f7cf7f1e2b6a0e658e9a2bb244b8089849a00770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016b926401130000040300483046022100c4bde0264d8db8a0aa6d53b5912faa6fea7787a1ba905863527440b12a300471022100abf5c68d9ace982370e25faf4c148f875dc88bb40bf397269a3ada0ae956b5e4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002e081a0f28dd2b1688d06492dfae3a4af1309e9588229d41168a2e3113d67f89cc2a9f384d60d3655b16c21cb118e8cc2b91975b7a358c1da96ff007c8f0563081f3f79734ab34821089c66b47de949a307671c04e0a57759cdc6933e238e0d83199934ee7e1cac44d9f718bbffdeb556dc55bdaf5e5d01350778e9827b8d348d961cfb0a8e5a2a8e9ce37bb31f6328716b8ee3f0b908947ca66711f4518f1612b90d4dd049d3aefd221690d0f965e5716a954c4376bd330add5d9a435e88111c6ddd8b4acdbb46376afa8c2e422375815ed7845ca1f595957eb626c8b36b245bc021c21ec292d26c955861905d60d67940b10ca6225799ebf40f63eb24d44ef