2021.saechsische-staatsbaeder.de

Issued by R3

About this certificate

This digital certificate with serial number 04:ac:c9:69:10:cb:a8:37:7a:d0:da:a4:eb:32:33:3d:ab:0d was issued on by Let's Encrypt.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=2021.saechsische-staatsbaeder.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:ac:c9:69:10:cb:a8:37:7a:d0:da:a4:eb:32:33:3d:ab:0d
Serial Number (int): 407245431196419247750924532153847105039117
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 5d:f8:e8:51:c7:f7:19:50:ec:ef:eb:0c:f6:3d:43:af:6b:af:ee:72
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): d4:d6:4c:7e:dd:a1:e8:ed:b3:88:ad:1d:5f:07:68:b1:cb:35:16:0b
Fingerprint (sha256): 1b:91:6e:9a:28:c1:bf:61:1b:7f:02:ef:e1:dd:2b:b8:f1:27:da:e9:57:79:af:bc:7f:fe:a2:aa:18:43:90:38

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate 2021.saechsische-staatsbaeder.de

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for 2021.saechsische-staatsbaeder.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

2021.saechsische-staatsbaeder.de
beta.saechsische-staatsbaeder.de
old.saechsische-staatsbaeder.de
old.saechsische-staatsbaeder.web.mageprofis.de
saechsische-staatsbaeder.de
saechsische-staatsbaeder.web.mageprofis.de
soletherme.saechsische-staatsbaeder.de
www.saechsische-staatsbaeder.de

Other certificates including the domain name saechsische-staatsbaeder.de

(limited to 100 certificates)
saechsische-staatsbaeder.web.mageprofis.de
2021.saechsische-staatsbaeder.de
saechsische-staatsbaeder.web.mageprofis.de
2021.saechsische-staatsbaeder.de
www.saechsische-staatsbaeder.de
2021.saechsische-staatsbaeder.de
saechsische-staatsbaeder.web.mageprofis.de
saechsische-staatsbaeder.web.mageprofis.de
soletherme.saechsische-staatsbaeder.de
saechsische-staatsbaeder.web.mageprofis.de
saechsische-staatsbaeder.web.mageprofis.de
soletherme.saechsische-staatsbaeder.de
2021.saechsische-staatsbaeder.de
soletherme.saechsische-staatsbaeder.de
www.saechsische-staatsbaeder.de
saechsische-staatsbaeder.web.mageprofis.de
2021.saechsische-staatsbaeder.de
www.saechsische-staatsbaeder.de
saechsische-staatsbaeder.web.mageprofis.de
saechsische-staatsbaeder.web.mageprofis.de

Certificate

The complete raw certificate details for 2021.saechsische-staatsbaeder.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISBKzJaRDLqDd60Nqk6zIzPasNMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAyMDUyMzAxMDFaFw0yNDA1MDUyMzAxMDBaMCsxKTAnBgNVBAMT
IDIwMjEuc2FlY2hzaXNjaGUtc3RhYXRzYmFlZGVyLmRlMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAssnfm0FHt5yuULhtRHXjBQsIiVlLfYEnyEPF76iE
YcYVntiCfZWwWabNNMHXqRUlwO3UZGzg/jFsV3AM/mVV8404tD2+MSUkOig/lOmX
rGp8Q4NrcbHAZ/L1n2I8R1MaplfdIgJdaHIvHeC5Pho4jaBjPegTykb+BAQuUOmg
aJ2+iVrcwiNDyBaKPODBJHIop2ySs5OLvtE58NgjvmQqeM7jvBISxhAcpsdVQNXP
t1ECux32a8N7aiJCl5OAGjnuXWmO0N4W58hWWoXf268+Dimypy3RBLm1XFXiP7GV
hVBF++3IqM8Ec9XLGjW4n96TNPw+/NfP8AiWIYBj3qzUMQIDAQABo4IDLDCCAygw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRd+OhRx/cZUOzv6wz2PUOva6/ucjAfBgNV
HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI
KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0
cDovL3IzLmkubGVuY3Iub3JnLzCCATQGA1UdEQSCASswggEngiAyMDIxLnNhZWNo
c2lzY2hlLXN0YWF0c2JhZWRlci5kZYIgYmV0YS5zYWVjaHNpc2NoZS1zdGFhdHNi
YWVkZXIuZGWCH29sZC5zYWVjaHNpc2NoZS1zdGFhdHNiYWVkZXIuZGWCLm9sZC5z
YWVjaHNpc2NoZS1zdGFhdHNiYWVkZXIud2ViLm1hZ2Vwcm9maXMuZGWCG3NhZWNo
c2lzY2hlLXN0YWF0c2JhZWRlci5kZYIqc2FlY2hzaXNjaGUtc3RhYXRzYmFlZGVy
LndlYi5tYWdlcHJvZmlzLmRlgiZzb2xldGhlcm1lLnNhZWNoc2lzY2hlLXN0YWF0
c2JhZWRlci5kZYIfd3d3LnNhZWNoc2lzY2hlLXN0YWF0c2JhZWRlci5kZTATBgNV
HSAEDDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AEiw42va
pkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjXu31iUAAAQDAEYwRAIgZ98g
ik/5xIv7rTUoQ5G2Y/GRKlz4bFFA2HG3szWG2ncCIGsDZYNnx2pGSMZDhVqPXY1n
EuY/IT+gaFpLlRlc3CZCAHYAO1N3dT4tuYBOizBbBv5AO2fYT8P0x70ADS1yb+H6
1BcAAAGNe7fYEAAABAMARzBFAiEA02RBoZN1MjNoa3XesnnKoyr7WIYqCixCn3Jh
btl2RTACIB6ek8GwPTPBdM3f8niSuyd413A+kQSphi0BXUVDQuNGMA0GCSqGSIb3
DQEBCwUAA4IBAQAtR5tIdryBNEjRbCi/LA4CspBvJtofOanuBcBlxAJvvP0bjkJT
BpRQw36YYWU02hYkRUEF41KFK/Q8ov3Gs/PvDwqCHIKcsIIpPdlfcq6BehhmqNHP
f1PjryWUa0/y2byNEZg2dqCWMF0if5PDiFkarxo3VP82JXH8mYpttiXr+qpXb1z0
/v3OQj+Z+78hQpZs6MWQVApF6saDw3uaAIbY3vPHmxOkr7m0E3TSLHgo1q/mHpr/
geTlrD6yH2wIRf4kDqY9C/e+5ebbdICU8x3IPTNot3vi5iTrHL7ih9RGNfmBk4e2
d5niyadfyI7P4jClfxCjD70YXdLY9vfPuW/i
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssnfm0FHt5yuULhtRHXj
BQsIiVlLfYEnyEPF76iEYcYVntiCfZWwWabNNMHXqRUlwO3UZGzg/jFsV3AM/mVV
8404tD2+MSUkOig/lOmXrGp8Q4NrcbHAZ/L1n2I8R1MaplfdIgJdaHIvHeC5Pho4
jaBjPegTykb+BAQuUOmgaJ2+iVrcwiNDyBaKPODBJHIop2ySs5OLvtE58NgjvmQq
eM7jvBISxhAcpsdVQNXPt1ECux32a8N7aiJCl5OAGjnuXWmO0N4W58hWWoXf268+
Dimypy3RBLm1XFXiP7GVhVBF++3IqM8Ec9XLGjW4n96TNPw+/NfP8AiWIYBj3qzU
MQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 407245431196419247750924532153847105039117
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-05 23:01:01 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-05 23:01:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2021.saechsische-staatsbaeder.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22569965798628770460384128603159534949858292273883271659567622854232000485213490031834445486579054782296735302030417824931331770640782966036985178765938840826802089299148030658739510108909190721593462361962920184034411283687099868540941126351505176977019119901769772594531332276833289439875756650227403053912415672000297597185111488341177963703475178695054100400395273803400139463801348929120248372132116903713753885615377863959859548193237997394784694788431552166086298248457106313825488333366632209724929014913893275925542438299510531104440820924117945719530435716339589155410721717347829845829297427830996504204337
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							5df8e851c7f71950ecefeb0cf63d43af6bafee72
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (299 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '2021.saechsische-staatsbaeder.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beta.saechsische-staatsbaeder.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'old.saechsische-staatsbaeder.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'old.saechsische-staatsbaeder.web.mageprofis.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saechsische-staatsbaeder.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saechsische-staatsbaeder.web.mageprofis.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'soletherme.saechsische-staatsbaeder.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.saechsische-staatsbaeder.de'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d7bb7d6250000040300463044022067df208a4ff9c48bfbad35284391b663f1912a5cf86c5140d871b7b33586da7702206b03658367c76a4648c643855a8f5d8d6712e63f213fa0685a4b95195cdc26420076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018d7bb7d8100000040300473045022100d36441a193753233686b75deb279caa32afb58862a0a2c429f72616ed976453002201e9e93c1b03d33c174cddff27892bb2778d7703e9104a9862d015d454342e346
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002d479b4876bc813448d16c28bf2c0e02b2906f26da1f39a9ee05c065c4026fbcfd1b8e4253069450c37e98616534da1624454105e352852bf43ca2fdc6b3f3ef0f0a821c829cb082293dd95f72ae817a1866a8d1cf7f53e3af25946b4ff2d9bc8d11983676a096305d227f93c388591aaf1a3754ff362571fc998a6db625ebfaaa576f5cf4fefdce423f99fbbf2142966ce8c590540a45eac683c37b9a0086d8def3c79b13a4afb9b41374d22c7828d6afe61e9aff81e4e5ac3eb21f6c0845fe240ea63d0bf7bee5e6db748094f31dc83d3368b77be2e624eb1cbee287d44635f9819387b67799e2c9a75fc88ecfe230a57f10a30fbd185dd2d8f6f7cfb96fe2