aidajerusalem.org
Issued by Encryption Everywhere DV TLS CA - G1
About this certificate
This digital certificate with serial number 08:b4:f8:24:a9:f3:d1:68:7f:d5:a7:11:11:f3:af:78 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=aidajerusalem.org
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 08:b4:f8:24:a9:f3:d1:68:7f:d5:a7:11:11:f3:af:78Serial Number (int): 11573470343208876620388665337601830776
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 33:0c:43:5b:dd:41:b5:08:11:91:46:fa:c0:9e:99:98:84:01:1f:ac
AuthorityKeyId: 55:74:4f:b2:72:4f:f5:60:ba:50:d1:d7:e6:51:5c:9a:01:87:1a:d7
Fingerprint (sha1): 9f:6b:f4:d1:86:4c:0c:ca:0d:f1:6c:1d:aa:51:4e:a6:b8:d6:d7:12
Fingerprint (sha256): 21:ec:c9:75:c4:ce:b5:6b:34:8e:15:ce:c4:6d:dc:62:83:49:4c:d0:df:57:84:db:4b:89:c7:84:d9:d7:9e:3b
Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G1.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCheck the revocation status for certificate aidajerusalem.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aidajerusalem.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
Other certificates including the domain name aidajerusalem.org
(limited to 100 certificates)
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
aidajerusalem.org
aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
www.aidajerusalem.org
Certificate
The complete raw certificate details for aidajerusalem.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgIQCLT4JKnz0Wh/1acREfOveDANBgkqhkiG9w0BAQsFADBu MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg RFYgVExTIENBIC0gRzEwHhcNMjAwMjE3MDAwMDAwWhcNMjEwMjE3MTIwMDAwWjAc MRowGAYDVQQDExFhaWRhamVydXNhbGVtLm9yZzCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAOUe/jbQVqXLGbPCgI6f2BwDpPulbdqLJLgaqK60l/JCqJOX Cuxj09zVQ9N4DB+0YH6il3K8Cjyi8rLirH9eLGzDB1bg+/NW538LhggqStrlK5Ao QVhUmuoXrFSEtVjO8lz+qg7F6EH8k90ZUj0zeIl09nT6nswcGRkZ0qc+wrj8BYvg 7vAV9HM1aYS0JR1hXXJJTO0i4ye1uPnPKoBI2eQ0u0Wv99fhrphAWZ6Iyd7ikHHe 8oumxiyd6EeOyfN7I549PwHIenZXBOIsVeXzTHU4geHZv5LBUPWlqKZ53Tmzva0o da4lY/a8ECXG0yTPnyTkG52HXn6r7hsDKskl6kkCAwEAAaOCAowwggKIMB8GA1Ud IwQYMBaAFFV0T7JyT/VgulDR1+ZRXJoBhxrXMB0GA1UdDgQWBBQzDENb3UG1CBGR RvrAnpmYhAEfrDAzBgNVHREELDAqghFhaWRhamVydXNhbGVtLm9yZ4IVd3d3LmFp ZGFqZXJ1c2FsZW0ub3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwTAYDVR0gBEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEF BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgEwgYAG CCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu Y29tMEoGCCsGAQUFBzAChj5odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRW5j cnlwdGlvbkV2ZXJ5d2hlcmVEVlRMU0NBLUcxLmNydDAJBgNVHRMEAjAAMIIBBAYK KwYBBAHWeQIEAgSB9QSB8gDwAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZk No4e0YUAAAFwUI+CZwAABAMARzBFAiEA8Za1AvIc2xzd6f6mr5GBUYzF3Ph1ru3s dPnfV2+HSHMCIBe/V3ip9PPLH/DzrxEZ8hcD/oxIzSdDFOgyfyYjuszYAHYARJRl LrDuzq/EQAfYqP4owNrmgr7YyzG1P9MzlrW2gagAAAFwUI+CNAAABAMARzBFAiAl r8kfmb0Vdl5K7DZaUXV8OLcp4bqZtsGqIAL6WVGbYQIhAOjh4+BLh9B6jHT9C5K5 nVuJDtr8jitRldTQHqFCB4RQMA0GCSqGSIb3DQEBCwUAA4IBAQAeLcax82uGSM6b IhCk8r+CwREL51V57Bp6K6QEqX+q7Ov6WB1Rwv91qABPZtdMp90HfS+TQPKCgGW1 vfboGZBR1pjEx5BFFbV+GG3FXWrcgeD7ankg8P+qMmISjGxtFVqtzHgvVQZ0sn+V rCvEKAzHMMxPJO5R2kTZshiD7OhJAxNvlxvjpX/VEnyCmJKbawKauChBZuRNlQdo 6X0iRjC/b5eemI+jXmc6Ed80Ta+fJVk0XGPfEBMoInEP5yYqklq4T5okmi34Yhuv 6Q2AFbOMwG5Tu45aZ9QP0miP5HZ/L9vJL0V8PQye75rdqQvEPJdvxPF5H2B+GLNi x2omLXG2 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5R7+NtBWpcsZs8KAjp/Y HAOk+6Vt2oskuBqorrSX8kKok5cK7GPT3NVD03gMH7RgfqKXcrwKPKLysuKsf14s bMMHVuD781bnfwuGCCpK2uUrkChBWFSa6hesVIS1WM7yXP6qDsXoQfyT3RlSPTN4 iXT2dPqezBwZGRnSpz7CuPwFi+Du8BX0czVphLQlHWFdcklM7SLjJ7W4+c8qgEjZ 5DS7Ra/31+GumEBZnojJ3uKQcd7yi6bGLJ3oR47J83sjnj0/Ach6dlcE4ixV5fNM dTiB4dm/ksFQ9aWopnndObO9rSh1riVj9rwQJcbTJM+fJOQbnYdefqvuGwMqySXq SQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11573470343208876620388665337601830776 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-17 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-02-17 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aidajerusalem.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28923855066922612123753807820430514042721294849818395117636328916357775911658443388428456771556677252848685843614343144183190939311498989368836254062194621400008290155494233557731147793204617803838593159109749847599665679017872154699506702027915432638007585085535537666811946445707003904619169740821549031276451801124247998546359826059921532803189775414888993913129359365174517796918301291500023046133164360579791287617906384085598147737863006372008819683586188549030076355938549643387722529019072156945586900078772702601053687059351489603721289105865634922616948315861731441112111020734388496033123696286923642759753 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55744fb2724ff560ba50d1d7e6515c9a01871ad7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 330c435bdd41b508119146fac09e999884011fac . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aidajerusalem.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aidajerusalem.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed18500000170508f82670000040300473045022100f196b502f21cdb1cdde9fea6af9181518cc5dcf875aeedec74f9df576f874873022017bf5778a9f4f3cb1ff0f3af1119f21703fe8c48cd274314e8327f2623baccd80076004494652eb0eeceafc44007d8a8fe28c0dae682bed8cb31b53fd33396b5b681a800000170508f82340000040300473045022025afc91f99bd15765e4aec365a51757c38b729e1ba99b6c1aa2002fa59519b61022100e8e1e3e04b87d07a8c74fd0b92b99d5b890edafc8e2b5195d4d01ea142078450 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001e2dc6b1f36b8648ce9b2210a4f2bf82c1110be75579ec1a7a2ba404a97faaecebfa581d51c2ff75a8004f66d74ca7dd077d2f9340f2828065b5bdf6e8199051d698c4c7904515b57e186dc55d6adc81e0fb6a7920f0ffaa3262128c6c6d155aadcc782f550674b27f95ac2bc4280cc730cc4f24ee51da44d9b21883ece84903136f971be3a57fd5127c8298929b6b029ab8284166e44d950768e97d224630bf6f979e988fa35e673a11df344daf9f2559345c63df10132822710fe7262a925ab84f9a249a2df8621bafe90d8015b38cc06e53bb8e5a67d40fd2688fe4767f2fdbc92f457c3d0c9eef9adda90bc43c976fc4f1791f607e18b362c76a262d71b6