thepni.org

Issued by R3

About this certificate

This digital certificate with serial number 03:e1:39:f8:05:eb:bb:1a:ca:54:cd:3c:9d:25:37:9d:7b:47 was issued on by Let's Encrypt.

With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=thepni.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:e1:39:f8:05:eb:bb:1a:ca:54:cd:3c:9d:25:37:9d:7b:47
Serial Number (int): 337977444157961123354639095617620107164487
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 3c:30:d2:42:bd:44:2a:fa:4e:cf:06:f8:fb:0b:09:13:d3:85:24:19
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 7a:6c:f9:fa:c2:39:de:68:84:f6:63:ad:fa:69:9f:a9:17:4a:11:99
Fingerprint (sha256): 20:60:ec:85:ef:b3:ac:97:1d:73:5c:76:d7:60:d2:b2:e5:80:d4:9d:7d:3f:8a:3c:b8:69:b6:14:c7:c6:e2:6f

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate thepni.org

14

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for thepni.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

amiamorecrochet.com.sweetketotreat.com
cutewho.com
dccourts.com
eastsyracuse.com.hairbotoxparty.com
ifainaction.com
indiabuyline.com
joblooke.com
kidscapital.com.easyhabits.com
marketingauthorisation.com.school4vip.com
masonvideoproduction.com
nationalhomeschoolconferences.com
netzeroeconomy.com
thepni.org
youngpersonrehab.com

Other certificates including the domain name thepni.org

(limited to 100 certificates)
thepni.org
thepni.org
thepni.org
scriptureuntangled.ca
ypp.co.za
programming.vc
thepni.org
thepni.org
thepni.org
thepni.org
thepni.org
thepni.org
thepni.org
thepni.org

Certificate

The complete raw certificate details for thepni.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGMjCCBRqgAwIBAgISA+E5+AXruxrKVM08nSU3nXtHMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMTAwNzM1MDJaFw0yNDA0MDkwNzM1MDFaMBUxEzARBgNVBAMT
CnRoZXBuaS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcnXD6
pQsYKgTSLDgohY3vEiMKflUbdGwnI6Sw1CXF/z4ndaRT7KVRGr1+snjNzrBLn4oA
6VQR/81Tk+Q/U8sNTSflOXunQqAd5HVrP0VHLpKchhvoo79tLFvgw9OeitS8C4kk
s/fjhytmGg06AtXTG2STWp5emuYIrZIu3KgmEIKwPbGpkh9+wvC9g+qKMkXvc3dm
hCexBwNk1tDuvvldJWLlAjw/EMYIB8AUdueBwpqtjAjweFxnqmZxdNdII5QbnoMj
L+y180ss7GhFM1rVLuTyXooZuQZ5nhpYWtjgSbmAbHB05xKgXTqWsmpC2nHdlmUI
zATmkRk8uO4jBgM5AgMBAAGjggNdMIIDWTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE
FDww0kK9RCr6Ts8G+PsLCRPThSQZMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYf
r52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8u
bGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIB
ZAYDVR0RBIIBWzCCAVeCJmFtaWFtb3JlY3JvY2hldC5jb20uc3dlZXRrZXRvdHJl
YXQuY29tggtjdXRld2hvLmNvbYIMZGNjb3VydHMuY29tgiNlYXN0c3lyYWN1c2Uu
Y29tLmhhaXJib3RveHBhcnR5LmNvbYIPaWZhaW5hY3Rpb24uY29tghBpbmRpYWJ1
eWxpbmUuY29tggxqb2Jsb29rZS5jb22CHmtpZHNjYXBpdGFsLmNvbS5lYXN5aGFi
aXRzLmNvbYIpbWFya2V0aW5nYXV0aG9yaXNhdGlvbi5jb20uc2Nob29sNHZpcC5j
b22CGG1hc29udmlkZW9wcm9kdWN0aW9uLmNvbYIhbmF0aW9uYWxob21lc2Nob29s
Y29uZmVyZW5jZXMuY29tghJuZXR6ZXJvZWNvbm9teS5jb22CCnRoZXBuaS5vcmeC
FHlvdW5ncGVyc29ucmVoYWIuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBBAYK
KwYBBAHWeQIEAgSB9QSB8gDwAHYASLDja9qmRzQP5WoC+p0w6xxSActW3SyB2bu/
qznYhHMAAAGM8oK3ewAABAMARzBFAiAtxMBh2xzk3tF3vNCq9Iz+1Cfwh8QFnb+0
6hZJaMID0QIhAI/J1/JjlnwcJp1Yb+fgQL+V/0FX9UBlm2L1nl1ORWRdAHYAouK/
1h7eLy8HoNZObTen3GVDsMa1LqLat4r4mm31F9gAAAGM8oK31AAABAMARzBFAiAI
3YM84L0lRzVZiIzzCDKR6ccsoJuf9R0LSIbJ5A2p0gIhAJRN94CMeTWb3hzK0gZV
sqMkYqqtDB7pF5ylOS8ROcZXMA0GCSqGSIb3DQEBCwUAA4IBAQA5M+Cqy6Kvkd9F
rztlb7sOUiw+6R7Okwa1fKXw3gjqex2p6EVxAOALre4SnG5Fb5qXsOc/YqNXpkPF
W55RIhWvDgZlGuY86XPI1JX4Rd3+aNkKZb9Lv8TitnMTs01gvdjPhdgOBLfOH41G
oOaej7GlsIzJgtKL+PeX7+giU1jPauWdGFF1zeSnnP+G3OmB3c4khYMH5dN9TrNO
MCXIzbTm8yW1Qf5XLr6DSJpMQ1jLvTUqQBdfB994KamLwbEkeql3u2tEqf77geuu
UNk+A+U8ruD8JwiPYYe3rocP9y8rFKrTQ5jkreJiD5QTMxd4rOvNdyqOD85p9EW6
g8nLOYg2
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3J1w+qULGCoE0iw4KIWN
7xIjCn5VG3RsJyOksNQlxf8+J3WkU+ylURq9frJ4zc6wS5+KAOlUEf/NU5PkP1PL
DU0n5Tl7p0KgHeR1az9FRy6SnIYb6KO/bSxb4MPTnorUvAuJJLP344crZhoNOgLV
0xtkk1qeXprmCK2SLtyoJhCCsD2xqZIffsLwvYPqijJF73N3ZoQnsQcDZNbQ7r75
XSVi5QI8PxDGCAfAFHbngcKarYwI8HhcZ6pmcXTXSCOUG56DIy/stfNLLOxoRTNa
1S7k8l6KGbkGeZ4aWFrY4Em5gGxwdOcSoF06lrJqQtpx3ZZlCMwE5pEZPLjuIwYD
OQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 337977444157961123354639095617620107164487
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-10 07:35:02 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-09 07:35:01 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thepni.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27850064303239384992860969415514903061867994823260705903749097256191767403442266752811201097968856391547331699074061212054517875032121679746213537417887191853777838705974849613558113752923624122564259116313995771767541922395171698566782680642157525033303565184589383514414843224912083715865305673721291939187251508597590829832504690580376979221726445897206952314691015165562042912093594891250637833277779528019129404457346116607365869528565834644197315210163933011377444554651894497475628638067106069977889404713269319060288008376051172732465528088836945339663363870930697693211343381756385051136570550733581150716729
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							3c30d242bd442afa4ecf06f8fb0b0913d3852419
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (347 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amiamorecrochet.com.sweetketotreat.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cutewho.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dccourts.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'eastsyracuse.com.hairbotoxparty.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ifainaction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'indiabuyline.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'joblooke.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kidscapital.com.easyhabits.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marketingauthorisation.com.school4vip.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'masonvideoproduction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nationalhomeschoolconferences.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'netzeroeconomy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thepni.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'youngpersonrehab.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cf282b77b000004030047304502202dc4c061db1ce4ded177bcd0aaf48cfed427f087c4059dbfb4ea164968c203d10221008fc9d7f263967c1c269d586fe7e040bf95ff4157f540659b62f59e5d4e45645d007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018cf282b7d40000040300473045022008dd833ce0bd25473559888cf3083291e9c72ca09b9ff51d0b4886c9e40da9d2022100944df7808c79359bde1ccad20655b2a32462aaad0c1ee9179ca5392f1139c657
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003933e0aacba2af91df45af3b656fbb0e522c3ee91ece9306b57ca5f0de08ea7b1da9e8457100e00badee129c6e456f9a97b0e73f62a357a643c55b9e512215af0e06651ae63ce973c8d495f845ddfe68d90a65bf4bbfc4e2b67313b34d60bdd8cf85d80e04b7ce1f8d46a0e69e8fb1a5b08cc982d28bf8f797efe8225358cf6ae59d185175cde4a79cff86dce981ddce24858307e5d37d4eb34e3025c8cdb4e6f325b541fe572ebe83489a4c4358cbbd352a40175f07df7829a98bc1b1247aa977bb6b44a9fefb81ebae50d93e03e53caee0fc27088f6187b7ae870ff72f2b14aad34398e4ade2620f9413331778acebcd772a8e0fce69f445ba83c9cb398836