ticketsdirect.ca
Issued by R3
About this certificate
This digital certificate with serial number 04:fd:da:bc:29:d4:eb:d3:73:f4:dc:a3:d2:5c:d7:d2:a1:10 was issued on by Let's Encrypt.
With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ticketsdirect.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:fd:da:bc:29:d4:eb:d3:73:f4:dc:a3:d2:5c:d7:d2:a1:10Serial Number (int): 434831331261377082861604098958793899155728
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 55:6b:c4:3f:26:36:40:64:b0:30:1b:68:6b:4b:27:c6:f6:bf:d4:30
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): a4:47:4e:22:d5:6c:11:e2:d8:03:2c:3a:7d:24:07:70:e2:35:84:83
Fingerprint (sha256): 1d:31:f3:ab:4d:1a:dd:0d:4a:11:ab:74:c5:15:11:5e:8b:c0:a7:16:fa:ab:7f:13:44:71:64:eb:db:7b:4c:d9
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate ticketsdirect.ca
15
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ticketsdirect.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
adfattorneys.net
cognacforvip.com
collegelistmaker.com
deathmatchlegends.com
easybot.in
hempdrivethru.com
intltaxlaw.com
isoladellascala.com.takeflightclothing.com.soilsshop.com.bigdaddylimited.com
kaupgirls.com.internationalmuseumofart.com
lasportsattorney.co
motorcycleduiinsurance.com
sagadahoccounty.com
themoviedepartment.com
theonlineclassifieds.net
ticketsdirect.ca
cognacforvip.com
collegelistmaker.com
deathmatchlegends.com
easybot.in
hempdrivethru.com
intltaxlaw.com
isoladellascala.com.takeflightclothing.com.soilsshop.com.bigdaddylimited.com
kaupgirls.com.internationalmuseumofart.com
lasportsattorney.co
motorcycleduiinsurance.com
sagadahoccounty.com
themoviedepartment.com
theonlineclassifieds.net
ticketsdirect.ca
Other certificates including the domain name ticketsdirect.ca
(limited to 100 certificates)
Certificate
The complete raw certificate details for ticketsdirect.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGZDCCBUygAwIBAgISBP3avCnU69Nz9Nyj0lzX0qEQMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEyMTEyMDEwMDBaFw0yNDAzMTAyMDA5NTlaMBsxGTAXBgNVBAMT EHRpY2tldHNkaXJlY3QuY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCnbQXNgxepld6dm0yE6aRPdjFswuogACjFM8lRscT/nDcOflWYa67uOfnmnlqP phJ4tLu9niYEE75jqFgQtErWKu8v6W+P8i4KuhygiU4dt7jIF7VQR6ba8Jdk/7V1 dvU6mGcmSEJxEDgHu6Iam5YzTnSQlk/TlGqIBgo6rCW+5Ck3khZLlXo/rvN3Jw15 WgN1/zmsT6Je862DTiqv8l1zcO0xdiwJYiZSfYn5voKkf+ZzVwPAXtzkUaEkyyWh t+nkEtgZqb32sX8MoQUtzLGwnuPFB4Q6CVCR9FF6z9qywSJMTgXDo4E8svVN0L0m PIHI/nkaOknVYrWBK/AlEjndAgMBAAGjggOJMIIDhTAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFFVrxD8mNkBksDAbaGtLJ8b2v9QwMB8GA1UdIwQYMBaAFBQusxe3WFbL rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v cmcvMIIBkQYDVR0RBIIBiDCCAYSCEGFkZmF0dG9ybmV5cy5uZXSCEGNvZ25hY2Zv cnZpcC5jb22CFGNvbGxlZ2VsaXN0bWFrZXIuY29tghVkZWF0aG1hdGNobGVnZW5k cy5jb22CCmVhc3lib3QuaW6CEWhlbXBkcml2ZXRocnUuY29tgg5pbnRsdGF4bGF3 LmNvbYJMaXNvbGFkZWxsYXNjYWxhLmNvbS50YWtlZmxpZ2h0Y2xvdGhpbmcuY29t LnNvaWxzc2hvcC5jb20uYmlnZGFkZHlsaW1pdGVkLmNvbYIqa2F1cGdpcmxzLmNv bS5pbnRlcm5hdGlvbmFsbXVzZXVtb2ZhcnQuY29tghNsYXNwb3J0c2F0dG9ybmV5 LmNvghptb3RvcmN5Y2xlZHVpaW5zdXJhbmNlLmNvbYITc2FnYWRhaG9jY291bnR5 LmNvbYIWdGhlbW92aWVkZXBhcnRtZW50LmNvbYIYdGhlb25saW5lY2xhc3NpZmll ZHMubmV0ghB0aWNrZXRzZGlyZWN0LmNhMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIB AwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAouK/1h7eLy8HoNZObTen3GVDsMa1LqLa t4r4mm31F9gAAAGMWrckrAAABAMARjBEAiA/cUF1aO0JLphjNjvq1DN7Hj58ECGu 5vgBj+FNtzERYQIgUfn4x9X5FeD+z6ZAKf1zmoXLo8TeT/WLZEHfIRpJZogAdgB2 /4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYxatyT2AAAEAwBHMEUC IQC4w72tyQa8wcUbeiu4s4Q9wFTMtoaI8/83S9wAXURFwQIgRy198aluwPAdE/6H pl35A20XH/CsZauZYt9jLRClT70wDQYJKoZIhvcNAQELBQADggEBAG5IPOieBnka 8SRl+/7sQ/nrDSmDGncko0aiNGM+6cuo6hYTKIwv4bBBiXRo62ZCUg0oXwY+y3/H wo43UWtmrEeOwNZDmHN4djssJCF76/dC9cFqU3Dqih4AWBgmhPECdwYZegXdWY2l BLXENd6H6uzzeM494tQ0KPtv4xR10o+lpcs9z31xxRYvb1XLsrDJSz1C9fU2N4uN AGm4RXrtBbasROa8e1omwc5pLhujV6wBoajzLjR4dyi7pXRQA0GGRcu0ARfDLglj AFOKERfpJKrhw4CAcCj+JYh/qua6Yx6wcwHorCpRXrWowkGvw0/hoWk8AwP/NPyD AmklC/Cm60c= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp20FzYMXqZXenZtMhOmk T3YxbMLqIAAoxTPJUbHE/5w3Dn5VmGuu7jn55p5aj6YSeLS7vZ4mBBO+Y6hYELRK 1irvL+lvj/IuCrocoIlOHbe4yBe1UEem2vCXZP+1dXb1OphnJkhCcRA4B7uiGpuW M050kJZP05RqiAYKOqwlvuQpN5IWS5V6P67zdycNeVoDdf85rE+iXvOtg04qr/Jd c3DtMXYsCWImUn2J+b6CpH/mc1cDwF7c5FGhJMslobfp5BLYGam99rF/DKEFLcyx sJ7jxQeEOglQkfRRes/assEiTE4Fw6OBPLL1TdC9JjyByP55GjpJ1WK1gSvwJRI5 3QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 434831331261377082861604098958793899155728 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-11 20:10:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-10 20:09:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ticketsdirect.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21135558010189354379773903449298936699468354327509048658544726317399440126112633635023986304325145879231369706936310153859670207574982233147595638172475292833166853128926484876538939464216877827809724233393996290433770368207229260272463756199389479283846552915747070772720210064157031550382857487917399817065856095557694221189466431937188922936549534842643241048823832085039550794303787012292276098823600790619635671277074054661329299653049176051600196170665296008198529054202520524081161728902694367977436171317001892060185453509739281507062307550263833703215256488902813653713017634354359293185683166670567706343901 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 556bc43f26364064b0301b686b4b27c6f6bfd430 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (392 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'adfattorneys.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cognacforvip.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'collegelistmaker.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'deathmatchlegends.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'easybot.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hempdrivethru.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'intltaxlaw.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'isoladellascala.com.takeflightclothing.com.soilsshop.com.bigdaddylimited.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kaupgirls.com.internationalmuseumofart.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lasportsattorney.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'motorcycleduiinsurance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sagadahoccounty.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'themoviedepartment.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theonlineclassifieds.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ticketsdirect.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018c5ab724ac000004030046304402203f71417568ed092e9863363bead4337b1e3e7c1021aee6f8018fe14db7311161022051f9f8c7d5f915e0fecfa64029fd739a85cba3c4de4ff58b6441df211a49668800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018c5ab724f60000040300473045022100b8c3bdadc906bcc1c51b7a2bb8b3843dc054ccb68688f3ff374bdc005d4445c10220472d7df1a96ec0f01d13fe87a65df9036d171ff0ac65ab9962df632d10a54fbd . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006e483ce89e06791af12465fbfeec43f9eb0d29831a7724a346a234633ee9cba8ea1613288c2fe1b041897468eb6642520d285f063ecb7fc7c28e37516b66ac478ec0d643987378763b2c24217bebf742f5c16a5370ea8a1e0058182684f1027706197a05dd598da504b5c435de87eaecf378ce3de2d43428fb6fe31475d28fa5a5cb3dcf7d71c5162f6f55cbb2b0c94b3d42f5f536378b8d0069b8457aed05b6ac44e6bc7b5a26c1ce692e1ba357ac01a1a8f32e34787728bba5745003418645cbb40117c32e096300538a1117e924aae1c380807028fe25887faae6ba631eb07301e8ac2a515eb5a8c241afc34fe1a1693c0303ff34fc830269250bf0a6eb47