ucc.on.ca
Issued by R3
About this certificate
This digital certificate with serial number 03:fe:5c:15:0f:a5:75:74:1a:ad:08:51:1f:c2:ef:be:c5:66 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=ucc.on.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:fe:5c:15:0f:a5:75:74:1a:ad:08:51:1f:c2:ef:be:c5:66Serial Number (int): 347890977324390492128402457491914455172454
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 5a:1d:17:28:d6:7f:09:8f:dc:55:6d:a2:b3:3e:d1:60:95:b2:9e:02
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 3c:75:db:1c:65:be:c5:76:ba:84:dd:22:b9:20:d5:78:c5:1f:04:1d
Fingerprint (sha256): 1d:5f:1d:87:8e:9e:0c:88:14:c0:80:51:21:8e:63:3a:ce:c6:52:04:1a:56:22:b9:8d:c3:19:8c:4d:7d:bd:06
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate ucc.on.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ucc.on.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ucc.on.ca
www.ucc.on.ca
www.ucc.on.ca
Other certificates including the domain name ucc.on.ca
(limited to 100 certificates)
headsup.ucc.on.ca
mountaindew.ucc.on.ca
ucc.on.ca
*.ucc.on.ca
ucc.on.ca
ucc.on.ca
ucc.on.ca
pc.ucc.on.ca
parents.ucc.on.ca
ucc.on.ca
ucc.on.ca
bluenet.ucc.on.ca
archive.ucc.on.ca
www1.ucc.on.ca
applications.ucc.on.ca
headsup.ucc.on.ca
*.ucc.on.ca
ucc.on.ca
towards2029.ucc.on.ca
ucc.on.ca
headsup.ucc.on.ca
pc.ucc.on.ca
pc.ucc.on.ca
ucc.on.ca
pc.ucc.on.ca
*.ucc.on.ca
ucc.on.ca
applications.ucc.on.ca
*.ucc.on.ca
pc.ucc.on.ca
pc.ucc.on.ca
www.ucc.on.ca
*.ucc.on.ca
webmail.ucc.on.ca
giving.ucc.on.ca
brightspace.ucc.on.ca
*.ucc.on.ca
ucc.on.ca
*.ucc.on.ca
parents.ucc.on.ca
events.ucc.on.ca
pc.ucc.on.ca
ucc.on.ca
events.ucc.on.ca
ucc.on.ca
ucc.on.ca
pc.ucc.on.ca
*.ucc.on.ca
ucc.on.ca
parents.ucc.on.ca
ucc.on.ca
ucc.on.ca
worldaffairs.ucc.on.ca
pc.ucc.on.ca
bluenet.ucc.on.ca
bluenet.ucc.on.ca
bluenet.ucc.on.ca
towards2029.ucc.on.ca
ucc.on.ca
*.ucc.on.ca
giving.ucc.on.ca
*.ucc.on.ca
pc.ucc.on.ca
ucc.on.ca
pc.ucc.on.ca
towards2029.ucc.on.ca
archive.ucc.on.ca
ucc.on.ca
mountaindew.ucc.on.ca
archive.ucc.on.ca
*.ucc.on.ca
mountaindew.ucc.on.ca
ucc.on.ca
*.ucc.on.ca
ucc.on.ca
ucc.on.ca
ucc.on.ca
pc.ucc.on.ca
parents.ucc.on.ca
ucc.on.ca
ucc.on.ca
bluenet.ucc.on.ca
archive.ucc.on.ca
www1.ucc.on.ca
applications.ucc.on.ca
headsup.ucc.on.ca
*.ucc.on.ca
ucc.on.ca
towards2029.ucc.on.ca
ucc.on.ca
headsup.ucc.on.ca
pc.ucc.on.ca
pc.ucc.on.ca
ucc.on.ca
pc.ucc.on.ca
*.ucc.on.ca
ucc.on.ca
applications.ucc.on.ca
*.ucc.on.ca
pc.ucc.on.ca
pc.ucc.on.ca
www.ucc.on.ca
*.ucc.on.ca
webmail.ucc.on.ca
giving.ucc.on.ca
brightspace.ucc.on.ca
*.ucc.on.ca
ucc.on.ca
*.ucc.on.ca
parents.ucc.on.ca
events.ucc.on.ca
pc.ucc.on.ca
ucc.on.ca
events.ucc.on.ca
ucc.on.ca
ucc.on.ca
pc.ucc.on.ca
*.ucc.on.ca
ucc.on.ca
parents.ucc.on.ca
ucc.on.ca
ucc.on.ca
worldaffairs.ucc.on.ca
pc.ucc.on.ca
bluenet.ucc.on.ca
bluenet.ucc.on.ca
bluenet.ucc.on.ca
towards2029.ucc.on.ca
ucc.on.ca
*.ucc.on.ca
giving.ucc.on.ca
*.ucc.on.ca
pc.ucc.on.ca
ucc.on.ca
pc.ucc.on.ca
towards2029.ucc.on.ca
archive.ucc.on.ca
ucc.on.ca
mountaindew.ucc.on.ca
archive.ucc.on.ca
*.ucc.on.ca
Certificate
The complete raw certificate details for ucc.on.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgISA/5cFQ+ldXQarQhRH8LvvsVmMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMTgwMjA5MDFaFw0yNDA0MTcwMjA5MDBaMBQxEjAQBgNVBAMT CXVjYy5vbi5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALC3Mp6o Qzw685knwKZs3vEqep4AVRk9eZr8sixm9V4JFslGQGv6wJCUbS70gFfIVL7j0ekG nybL0yeAImoQWWJPboNe1N+8T9tk+RpR7+xk3ArOHdfXhNRJkieHXMbDkU8ZAJMu AuPFs/iKSO13Kf+nG/FuarSFGgDq09WrrZ8MBG2FRVeLihN/hdNrC5IDR9i+GrOH OkWkjIxATHAMbqK6ns+aXr1ZMXzfAvWfrcgeGFeV3Cd54Y5LhMnKBWiq9DdbGfSw MaDAmjCLXaJgAn4F+ryZdHSOlRWnDpaxdffFedEcwQ8oklADPAZOamIYfhGUzB9j lCdkOIs6nEBnrVcCAwEAAaOCAhowggIWMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU Wh0XKNZ/CY/cVW2isz7RYJWyngIwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wIwYD VR0RBBwwGoIJdWNjLm9uLmNhgg13d3cudWNjLm9uLmNhMBMGA1UdIAQMMAowCAYG Z4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcASLDja9qmRzQP5WoC+p0w 6xxSActW3SyB2bu/qznYhHMAAAGNGosgrwAABAMASDBGAiEAibuBU7+1w23gOMyH tlPWCOkViNViGF8NwhdtAdM6EpkCIQC75VFN/HmGsVrnDDuY8IJbUl/qfMu9v5iJ bkW33LkskQB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjRqL IO8AAAQDAEYwRAIgYn30Q5iCe4sY0ye8EV3NaYTo/M6bLiaTQTZfMbZzmUICICNg u9W4OPgDZl4Ll3ew2ee7HHvo/zSl3J3Yp2MM4c1hMA0GCSqGSIb3DQEBCwUAA4IB AQBwRVgfj1YGek7G/fx0YuHAaGLOaz0rGBeZSsfkGNlZcWGv21r1f7tQ8rf95WS/ 089yBGSas61sGnzAJBK4r3udeAG9nQllzVa7k36UQ6QgijPOWBALePoryHQehnxW yO5KuOYp6XKLutYWfUw7L6HyMVswi0yoeuXTAJlLaAnFsVr+9OoWNkX3F6gWPRV8 sxyVAdDFviZH2O2bdykM4oA8JS/ZaUyWSOlztgVuToi7hwGWQ2cHi3AWj1NdSX9B wTYhiF7tKj6slrSohM+Xa8ZNmBFiHcyXKvmSXVCjz/X0VuduX62PcdPqvBn2JW6p FPBlZKI3mh8HuG5uUJI5zuNR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLcynqhDPDrzmSfApmze 8Sp6ngBVGT15mvyyLGb1XgkWyUZAa/rAkJRtLvSAV8hUvuPR6QafJsvTJ4AiahBZ Yk9ug17U37xP22T5GlHv7GTcCs4d19eE1EmSJ4dcxsORTxkAky4C48Wz+IpI7Xcp /6cb8W5qtIUaAOrT1autnwwEbYVFV4uKE3+F02sLkgNH2L4as4c6RaSMjEBMcAxu orqez5pevVkxfN8C9Z+tyB4YV5XcJ3nhjkuEycoFaKr0N1sZ9LAxoMCaMItdomAC fgX6vJl0dI6VFacOlrF198V50RzBDyiSUAM8Bk5qYhh+EZTMH2OUJ2Q4izqcQGet VwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 347890977324390492128402457491914455172454 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-18 02:09:01 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-17 02:09:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ucc.on.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22308279843324365980523378110218514136414039544232170133733040689172890507025090078783845879982747899911247458203714166229262129289431066537966038979753754415106091507504498815213636997782380981380775157989220283164232370320777685690809876941669867237595743982799595570319663509184788526177912738535999882426082972421962185602932629445119663017170462511275474493851526649796037247390839088224904303696309220685340750451723153267252216496337458204130589316299495293449002033271670481996092767502444354917597082121468025733996178760212228012708055945795498298435434768888194965776906293928986200246787416043892949626199 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5a1d1728d67f098fdc556da2b33ed16095b29e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ucc.on.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ucc.on.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018d1a8b20af000004030048304602210089bb8153bfb5c36de038cc87b653d608e91588d562185f0dc2176d01d33a1299022100bbe5514dfc7986b15ae70c3b98f0825b525fea7ccbbdbf98896e45b7dcb92c9100750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018d1a8b20ef00000403004630440220627df44398827b8b18d327bc115dcd6984e8fcce9b2e269341365f31b673994202202360bbd5b838f803665e0b9777b0d9e7bb1c7be8ff34a5dc9dd8a7630ce1cd61 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007045581f8f56067a4ec6fdfc7462e1c06862ce6b3d2b1817994ac7e418d9597161afdb5af57fbb50f2b7fde564bfd3cf7204649ab3ad6c1a7cc02412b8af7b9d7801bd9d0965cd56bb937e9443a4208a33ce58100b78fa2bc8741e867c56c8ee4ab8e629e9728bbad6167d4c3b2fa1f2315b308b4ca87ae5d300994b6809c5b15afef4ea163645f717a8163d157cb31c9501d0c5be2647d8ed9b77290ce2803c252fd9694c9648e973b6056e4e88bb8701964367078b70168f535d497f41c13621885eed2a3eac96b4a884cf976bc64d9811621dcc972af9925d50a3cff5f456e76e5fad8f71d3eabc19f6256ea914f06564a2379a1f07b86e6e509239cee351