thefitstep.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:8a:2d:bf:ea:80:14:bf:bd:ef:de:73:d4:64:9e:ae:8d:a3 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=thefitstep.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:8a:2d:bf:ea:80:14:bf:bd:ef:de:73:d4:64:9e:ae:8d:a3Serial Number (int): 308356636175112022822471869171877681204643
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 69:74:99:56:e1:b0:26:ea:14:38:8d:c8:ed:73:c0:61:82:89:ae:ca
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 11:93:b3:0a:6d:60:42:27:cf:5e:48:3e:79:4e:28:04:d0:63:4f:fa
Fingerprint (sha256): 1d:87:34:92:6f:6f:39:4a:c8:7d:5b:fe:3d:8d:fc:da:02:ae:bc:05:de:20:95:29:c1:4d:73:18:51:69:98:a6
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate thefitstep.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for thefitstep.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
thefitstep.com
www.thefitstep.com
www.thefitstep.com
Other certificates including the domain name thefitstep.com
(limited to 100 certificates)
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
thefitstep.com
Certificate
The complete raw certificate details for thefitstep.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGFDCCBPygAwIBAgISA4otv+qAFL+9795z1GSero2jMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjA5MTgxMDM0MDBaFw0x NjEyMTcxMDM0MDBaMBkxFzAVBgNVBAMTDnRoZWZpdHN0ZXAuY29tMIICIjANBgkq hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2nvqFG2bYHaow61387jh/Vxnv25w5G0V iv0WWFzJfxlnPJf7cXXLIfK1u2pqdZoc0XTXZydlw9kjpKhNJBOc2K1w+tucLJpY zP8CUFzWMmdpuncKv5Cv2V+GiFbnL0Krwil63RJBlJTohR4LcP3GmghKm1Tbsao7 Y9ys4ywVVzfq87OWXBFmnU7XP5zXfnl1J6mZfyvsso4PCafEW6aH5bPzbQYuG1Vd IK2YmPVu+IzA/V6LYYAHtJhFWm7QlGEijoiaoSRgS5olvvRMfEME2oez2arOtM8h 8Yns82jKgywwWw4ibdE5ylFvtzqe7oz/TnFvLkKdnObWmY5whHeanQMt6+tc6cvH kV8uih96AvrITPGJgs+Ty65lf7XkGcFfOI8xBtxNVYF9ni+VkKk3YGqFz5aHK48z 6y6s1+3mace/VRL85waXVkisA+wryfHQN8U836GOTcFOZf3v5ofmA+bEe8mmqKZQ a7t/Htlynk0RT045eBPW4EZBMcVRBkzbgaW+nTJbtkysbFq2Du+oWnOcbW5S7sac 3MA1vN4+SWYRRtTDvlL6IxtKJHiXov/41ujIowk4+SyeaxrabTVSOPqyC3deohfc wEcW+4JLU1t3aTCAzVaDQ3deAhzWAYsyBdZG1li8WUdYRKe6ULLvil/ewtSpvZSj mggWl2uh7f0CAwEAAaOCAiMwggIfMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUaXSZ VuGwJuoUOI3I7XPAYYKJrsowHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo 7KEwcAYIKwYBBQUHAQEEZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQt eDMubGV0c2VuY3J5cHQub3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50 LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYDVR0RBCYwJIIOdGhlZml0c3RlcC5jb22C End3dy50aGVmaXRzdGVwLmNvbTCB/gYDVR0gBIH2MIHzMAgGBmeBDAECATCB5gYL KwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5 cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9u bHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVzIGFuZCBvbmx5IGlu IGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0 IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEB CwUAA4IBAQA/I/zXLXME8t5hyCF4DRjPFvJIp6ViVeQaVHxezNEVpzN6TRrai4iF riJjFnXB2RAQMgvQ3GK9fIv5TMb3tcJHtThT0sSojDDZDjx8tQLFJg54d8qIcHxh OTdFBTbNYuT/N9OsY7CUeu9vL8vbdVKIy6Cv6W6i14tDUjMbyyI1EcoZAeM/fSP1 TS0WMGf8V26+I94Kh0Fda/Xt77uwuQj7GOlYVfgBv8gz4iGvvXJ0If+YQiCyAtYX SZ9p9KQ+Q/2yNgxxarZ67j0t5POLp77+RjVLa4s7XBfkTK2WgrcwyfcqWCD78vQn t04guHQ+vzbBUP56mrTzMHLhP/nRauzu -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2nvqFG2bYHaow61387jh /Vxnv25w5G0Viv0WWFzJfxlnPJf7cXXLIfK1u2pqdZoc0XTXZydlw9kjpKhNJBOc 2K1w+tucLJpYzP8CUFzWMmdpuncKv5Cv2V+GiFbnL0Krwil63RJBlJTohR4LcP3G mghKm1Tbsao7Y9ys4ywVVzfq87OWXBFmnU7XP5zXfnl1J6mZfyvsso4PCafEW6aH 5bPzbQYuG1VdIK2YmPVu+IzA/V6LYYAHtJhFWm7QlGEijoiaoSRgS5olvvRMfEME 2oez2arOtM8h8Yns82jKgywwWw4ibdE5ylFvtzqe7oz/TnFvLkKdnObWmY5whHea nQMt6+tc6cvHkV8uih96AvrITPGJgs+Ty65lf7XkGcFfOI8xBtxNVYF9ni+VkKk3 YGqFz5aHK48z6y6s1+3mace/VRL85waXVkisA+wryfHQN8U836GOTcFOZf3v5ofm A+bEe8mmqKZQa7t/Htlynk0RT045eBPW4EZBMcVRBkzbgaW+nTJbtkysbFq2Du+o WnOcbW5S7sac3MA1vN4+SWYRRtTDvlL6IxtKJHiXov/41ujIowk4+SyeaxrabTVS OPqyC3deohfcwEcW+4JLU1t3aTCAzVaDQ3deAhzWAYsyBdZG1li8WUdYRKe6ULLv il/ewtSpvZSjmggWl2uh7f0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 308356636175112022822471869171877681204643 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-09-18 10:34:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-12-17 10:34:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thefitstep.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 891337119881839315413569339149277861850669673600091951217157329826748825117388351664642946918860544356879020430349427624783509636710084499910782306853916841583831641114399078378946579600128886212625705272823368875707018159559460787012523806063252182457941935157713387560418501824759044042409471706226870843058733850408852045337476063977798563167055524297126515662731506647466846207956294855605031533329682308827961394116986299184226350794861296883955900983865859242075855866624064826198772952787018509258199344766758813254863192370743930262624033430782911410350305105203190215805518232244627820595149239869624957905819906757728369133133714503436976454619115668257257277032758881629502449470832067988824647950454794840215423203644110899296963398386696868009912042801039220070268313425233329269810119726862533064212978215391636074004319427365203418857941206211475206299228411831575843067182593188266443994859679815785214442897126004249250265356744170303087507065633642448380968420724967831861497858306187488237478026087733137974750166985225490913780998027535619601831151693099303158538650145263893070352498515456777341143183354708456255677076609255244058633948417849540863098593925143255969175812442063431512597583410687340792525221373 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 69749956e1b026ea14388dc8ed73c0618289aeca . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thefitstep.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.thefitstep.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003f23fcd72d7304f2de61c821780d18cf16f248a7a56255e41a547c5eccd115a7337a4d1ada8b8885ae22631675c1d91010320bd0dc62bd7c8bf94cc6f7b5c247b53853d2c4a88c30d90e3c7cb502c5260e7877ca88707c613937450536cd62e4ff37d3ac63b0947aef6f2fcbdb755288cba0afe96ea2d78b4352331bcb223511ca1901e33f7d23f54d2d163067fc576ebe23de0a87415d6bf5edefbbb0b908fb18e95855f801bfc833e221afbd727421ff984220b202d617499f69f4a43e43fdb2360c716ab67aee3d2de4f38ba7befe46354b6b8b3b5c17e44cad9682b730c9f72a5820fbf2f427b74e20b8743ebf36c150fe7a9ab4f33072e13ff9d16aecee