mail.charlottekidsfest.org

Issued by R3

About this certificate

This digital certificate with serial number 03:87:b9:8b:04:35:e2:c9:40:ea:06:a1:22:89:bc:6e:dd:fc was issued on by Let's Encrypt.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=mail.charlottekidsfest.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:87:b9:8b:04:35:e2:c9:40:ea:06:a1:22:89:bc:6e:dd:fc
Serial Number (int): 307521606323489896225675369388186845240828
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 1b:f9:f9:91:49:92:b3:7b:06:5b:0e:59:1b:56:ad:15:0c:65:d0:31
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 4d:30:93:cf:1d:ea:c8:e6:30:48:80:b9:41:9e:8d:99:eb:e0:34:67
Fingerprint (sha256): 22:75:fe:f7:e0:74:10:64:0b:bb:a9:8f:77:5e:8f:c9:d2:49:5b:90:06:d0:e6:55:61:09:68:33:84:d2:58:86

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate mail.charlottekidsfest.org

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mail.charlottekidsfest.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

charlottekidsfest.org
cpanel.charlottekidsfest.org
cpcalendars.charlottekidsfest.org
cpcontacts.charlottekidsfest.org
mail.charlottekidsfest.org
webdisk.charlottekidsfest.org
webmail.charlottekidsfest.org
www.charlottekidsfest.org

Other certificates including the domain name charlottekidsfest.org

(limited to 100 certificates)
charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
mail.charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org
www.charlottekidsfest.org
www.charlottekidsfest.org
charlottekidsfest.org
charlottekidsfest.org

Certificate

The complete raw certificate details for mail.charlottekidsfest.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISA4e5iwQ14slA6gahIom8bt38MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMDUwMjA3MjNaFw0yNDA0MDQwMjA3MjJaMCUxIzAhBgNVBAMT
Gm1haWwuY2hhcmxvdHRla2lkc2Zlc3Qub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxS6XKciE99IhH0fZ2y0mjOQVEl5hecXq25ENXqJ8R23wnjE5
81i+nRrKmUi5STk3oY48ItWm1zYkQor9FL9VgIMilqMOl6n8qlnErKZ4uTxfOXoa
SOWbrd5ntaxxMLNtAbIKDnA54PU6KxWsi9xaQLuH51Yv7DK5N6HknjO45E8VNMel
0BA3GumlD2QXcAxPHq6u+peqaJ+ZEPpodoQMNRX2vqFVBQSmwclV/CNHz0sQ0qPN
bqPE5/7AufaWcpPDxsN03AauHKwUNgKMyZDlUNmeKPX4xAsiUWPEBcZlEzOonZIi
Pk+jZ44EWm88qByxk+NznQHRqbxq4GaOffubTwIDAQABo4IC8jCCAu4wDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBQb+fmRSZKzewZbDlkbVq0VDGXQMTAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzCB+gYDVR0RBIHyMIHvghVjaGFybG90dGVraWRzZmVzdC5v
cmeCHGNwYW5lbC5jaGFybG90dGVraWRzZmVzdC5vcmeCIWNwY2FsZW5kYXJzLmNo
YXJsb3R0ZWtpZHNmZXN0Lm9yZ4IgY3Bjb250YWN0cy5jaGFybG90dGVraWRzZmVz
dC5vcmeCGm1haWwuY2hhcmxvdHRla2lkc2Zlc3Qub3Jngh13ZWJkaXNrLmNoYXJs
b3R0ZWtpZHNmZXN0Lm9yZ4Idd2VibWFpbC5jaGFybG90dGVraWRzZmVzdC5vcmeC
GXd3dy5jaGFybG90dGVraWRzZmVzdC5vcmcwEwYDVR0gBAwwCjAIBgZngQwBAgEw
ggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bd
LIHZu7+rOdiEcwAAAYzXlvQlAAAEAwBGMEQCIBKNiwEp9zynkGGlKlGvHTp59i80
3FtDe8et1DJvfZ3VAiBoePTeAUVrJ1Amr6f0j3GXiLL50z89Mc28FDZUHv6uAAB3
ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjNeW9C0AAAQDAEgw
RgIhAKbcF3BTMdYyAmgrpcn28zsRmCzFXbnNb49HgkqlNHkjAiEAmlv+BOXFJVCK
XZX7/Yro1G3rgyX9xVmYFvKI9vZeywgwDQYJKoZIhvcNAQELBQADggEBAAEXbaFq
/1HnYw+Cj/QmIB8/aw3wIhCmzM6A4w/MgXg2C141YTrbhqMgrwxbVmzSzQu1ochy
bpkeSMFKDDuRNS61SY2/7S1dMZMNqDS1ToS1dL5FYuvLLptRljmbVRgrVTIDT4f6
DnCxnf1GhcCuk2Hho4BhTG4K27CtfoENAprjIb/Gz5OBG/PDgSiyZhMiTz4Gm5mx
lnvM4UebsMgQaCjTryg8RmD9HYg3CgsiYTZC6QgVL0OnM+HqCnA2UPv/12HXdEko
mizYyHsg9PDsj9TH1qfFRdYASQQ1D8hgT3HTuwbbolI2qHQMenmZfGuJ4XdX+r6e
UqwNUK7cbGKvCvc=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS6XKciE99IhH0fZ2y0m
jOQVEl5hecXq25ENXqJ8R23wnjE581i+nRrKmUi5STk3oY48ItWm1zYkQor9FL9V
gIMilqMOl6n8qlnErKZ4uTxfOXoaSOWbrd5ntaxxMLNtAbIKDnA54PU6KxWsi9xa
QLuH51Yv7DK5N6HknjO45E8VNMel0BA3GumlD2QXcAxPHq6u+peqaJ+ZEPpodoQM
NRX2vqFVBQSmwclV/CNHz0sQ0qPNbqPE5/7AufaWcpPDxsN03AauHKwUNgKMyZDl
UNmeKPX4xAsiUWPEBcZlEzOonZIiPk+jZ44EWm88qByxk+NznQHRqbxq4GaOffub
TwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 307521606323489896225675369388186845240828
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-05 02:07:23 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-04 02:07:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.charlottekidsfest.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24891920700924524961718042661592024600540478676877523065953203882538511008319067220735285312410114922905525058637173741104186351923242955633556596485810851327951838477829939375582282531536380435499070255155623077434189274113866354830352618447404051568078362554525606995773744786082680055972817677812901900224738082999142886573064750639792122800632540798057735534578763735013609362415466817181946328257995715094859938761802392233617684736381448735941419358853244806337404067622997457509781222527405821411369932905001529130180808077169015228032088691251677274781514517896623796367973109815740879265246708066564683045711
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							1bf9f9914992b37b065b0e591b56ad150c65d031
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'charlottekidsfest.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.charlottekidsfest.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpcalendars.charlottekidsfest.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpcontacts.charlottekidsfest.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.charlottekidsfest.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.charlottekidsfest.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.charlottekidsfest.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.charlottekidsfest.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cd796f42500000403004630440220128d8b0129f73ca79061a52a51af1d3a79f62f34dc5b437bc7add4326f7d9dd502206878f4de01456b275026afa7f48f719788b2f9d33f3d31cdbc1436541efeae000077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cd796f42d0000040300483046022100a6dc17705331d63202682ba5c9f6f33b11982cc55db9cd6f8f47824aa53479230221009a5bfe04e5c525508a5d95fbfd8ae8d46deb8325fdc5599816f288f6f65ecb08
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0001176da16aff51e7630f828ff426201f3f6b0df02210a6ccce80e30fcc8178360b5e35613adb86a320af0c5b566cd2cd0bb5a1c8726e991e48c14a0c3b91352eb5498dbfed2d5d31930da834b54e84b574be4562ebcb2e9b5196399b55182b5532034f87fa0e70b19dfd4685c0ae9361e1a380614c6e0adbb0ad7e810d029ae321bfc6cf93811bf3c38128b26613224f3e069b99b1967bcce1479bb0c8106828d3af283c4660fd1d88370a0b22613642e908152f43a733e1ea0a703650fbffd761d77449289a2cd8c87b20f4f0ec8fd4c7d6a7c545d6004904350fc8604f71d3bb06dba25236a8740c7a79997c6b89e17757fabe9e52ac0d50aedc6c62af0af7