fresnoweddingphotography.com
Issued by R3
About this certificate
This digital certificate with serial number 04:28:79:7c:d6:71:2d:cd:0d:9b:ba:cd:16:40:e1:53:89:d7 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=fresnoweddingphotography.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:28:79:7c:d6:71:2d:cd:0d:9b:ba:cd:16:40:e1:53:89:d7Serial Number (int): 362221923185581570529345673191155356109271
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: a6:ff:3a:c1:fd:29:bb:d1:19:f4:40:c9:e9:bd:aa:78:35:e2:bc:a1
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 97:ee:24:58:a9:76:7f:cb:50:19:79:b9:ea:14:49:f1:35:c6:4b:7f
Fingerprint (sha256): 22:95:24:38:ea:15:fc:08:b7:d1:a4:64:80:8e:a2:80:a8:3d:03:1b:8b:a3:aa:06:59:3b:b8:e6:9f:1e:63:aa
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate fresnoweddingphotography.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for fresnoweddingphotography.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
fresnoweddingphotography.com
www.fresnoweddingphotography.com
www.fresnoweddingphotography.com
Other certificates including the domain name fresnoweddingphotography.com
(limited to 100 certificates)
detroitsportstherapy.com
www.buffaloatty.com
fresnoweddingphotography.com
www.bigwatertoys.com
www.dollareasy.net
www.jewelease.in
webschooltv.com
www.blossomingsky.com
www.sportsmedicinesanantonio.com
intrauterinegrowthrestriction.com
www.phxmusicfest.com
www.jointpainconnecticut.com
www.porchgates.com
vitalmediapodcast.com
www.gocomputers.com
www.cercahotels.com
windsorphotographer.com
bannedbox.com
fresnoweddingphotography.com
sirtboostdiet.com
www.rehab4u.com
astaxantina.com
thegameofjoy.com
sirtboostdiet.com
www.madisonsportsdoctors.com
www.buffaloatty.com
fresnoweddingphotography.com
www.bigwatertoys.com
www.dollareasy.net
www.jewelease.in
webschooltv.com
www.blossomingsky.com
www.sportsmedicinesanantonio.com
intrauterinegrowthrestriction.com
www.phxmusicfest.com
www.jointpainconnecticut.com
www.porchgates.com
vitalmediapodcast.com
www.gocomputers.com
www.cercahotels.com
windsorphotographer.com
bannedbox.com
fresnoweddingphotography.com
sirtboostdiet.com
www.rehab4u.com
astaxantina.com
thegameofjoy.com
sirtboostdiet.com
www.madisonsportsdoctors.com
Certificate
The complete raw certificate details for fresnoweddingphotography.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJzCCBQ+gAwIBAgISBCh5fNZxLc0Nm7rNFkDhU4nXMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MDYwMTE1NDhaFw0yNDA3MDUwMTE1NDdaMCcxJTAjBgNVBAMT HGZyZXNub3dlZGRpbmdwaG90b2dyYXBoeS5jb20wggIiMA0GCSqGSIb3DQEBAQUA A4ICDwAwggIKAoICAQCPoEZo/twsmrAXo1pXpOV4tE43Ky9hvL/t73Ow4rbjQqxR pUQCYrondLrMwqer14w0WldM8qKFZHNijGsztX1t3WrQ0s5V9/HB6X+8pac+93oH jAl6Uazty6Qa/w6v2PeUC3NhLQpnO+M8gXK3AHVzDLcmlOE3RIfv2ZiYcCXNEDNi ADQj0XvVpmMnI7NPWQSXdVWC8hNyme6kP1o/ubt5uVNXkEHBRlYi2k9MMU5zrbjR poy3YbzLtwjigi6lpHQTb36/Hv/1xQs/keMgg9ct1IG4VPhQlOfwrWa31OHNYBRM AfkaODLhNJcAx4rN3b/kWA+EtMLhjf2PyyOijiRfOyIMMkBTV3BndfdmFXlRIsy0 BGAzpXlv4JuWME2UXeerjEmaOML3CljFI2Mn4DuXbG3eXVwOUrBTy77HQDJdKTOJ U+cOTmD2BIMJoWv9cTWULIxlmRToSGuZaEjDlOt6m+cgo3ubRZU2o38a+bhqgt0e 4a5mAS5cs3FFa4f+9ABzuVpT4g/PHSPe8nlpNfdeflbpNQoYa7866NnDRs4NghV6 CRXz0tRZGkjTHJ3nU2rPp1XnAbEJPPdsvYY4aA3UPcIVmk5+M/CVJYZby2MfyXep 077536Z3OIM4iwtgSCakiRINfd1fZyUyURWiQafN2gJHhhiZDZpCohkGYlGQ4wID AQABo4ICQDCCAjwwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSm/zrB/Sm70Rn0QMnp vap4NeK8oTAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEF BQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggr BgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzBJBgNVHREEQjBAghxmcmVz bm93ZWRkaW5ncGhvdG9ncmFwaHkuY29tgiB3d3cuZnJlc25vd2VkZGluZ3Bob3Rv Z3JhcGh5LmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIE gfUEgfIA8AB1AN/hVuuqBa+1nA+GcY2owDJOrlbZbqf1pWoB0cE7vlJcAAABjrEw yloAAAQDAEYwRAIgdzETMpsQAuiaEMGmhTPfe8hpNgKBIXj3Ws7VIml8gnICIBQ9 tnLPUylUAgwW9ZInFNMTfbB/SkGGswYVD5gR47HKAHcASLDja9qmRzQP5WoC+p0w 6xxSActW3SyB2bu/qznYhHMAAAGOsTDJYgAABAMASDBGAiEA0eW74tFksne87VYn RMUNG8kRK4/AjWqvtKFUT3xvjpgCIQC3qbo75+v0obg9NqDfgbLXG1JGTTGxdnw5 uZzR/zWozzANBgkqhkiG9w0BAQsFAAOCAQEAWTWWwas4Nzcbi4pEgU0+Rk6dBBQr D7Xtl+AbS16cYezMiWfKkRF8105afrNZQaitQLkw1F0xg0Y5dDw8f29rNScBd7C+ p906xk4nBsPwFp3WyhY1AFWujj0Cjm4d+cMrMwv6jG52MVyqoUkKdYFer94OYnwz /3IY0t1chWgjg4Q6lpSd/25vpuO5RlN8pHQQhvH0ZstMDpOFyxNUjNkoHfb5z3EB UifxR7e0vgmB3KvjuKfS1A/CzoMdJ0oV35adHWwo4ABKIdOnmi+Fl3bV4dq3eO2t JaXMg6gkFCbYc8XJ1prOF92e/rJPo5GF2c+AZ+hAEKia0ZiccMm4s8BL9Q== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAj6BGaP7cLJqwF6NaV6Tl eLRONysvYby/7e9zsOK240KsUaVEAmK6J3S6zMKnq9eMNFpXTPKihWRzYoxrM7V9 bd1q0NLOVffxwel/vKWnPvd6B4wJelGs7cukGv8Or9j3lAtzYS0KZzvjPIFytwB1 cwy3JpThN0SH79mYmHAlzRAzYgA0I9F71aZjJyOzT1kEl3VVgvITcpnupD9aP7m7 eblTV5BBwUZWItpPTDFOc6240aaMt2G8y7cI4oIupaR0E29+vx7/9cULP5HjIIPX LdSBuFT4UJTn8K1mt9ThzWAUTAH5Gjgy4TSXAMeKzd2/5FgPhLTC4Y39j8sjoo4k XzsiDDJAU1dwZ3X3ZhV5USLMtARgM6V5b+CbljBNlF3nq4xJmjjC9wpYxSNjJ+A7 l2xt3l1cDlKwU8u+x0AyXSkziVPnDk5g9gSDCaFr/XE1lCyMZZkU6EhrmWhIw5Tr epvnIKN7m0WVNqN/Gvm4aoLdHuGuZgEuXLNxRWuH/vQAc7laU+IPzx0j3vJ5aTX3 Xn5W6TUKGGu/OujZw0bODYIVegkV89LUWRpI0xyd51Nqz6dV5wGxCTz3bL2GOGgN 1D3CFZpOfjPwlSWGW8tjH8l3qdO++d+mdziDOIsLYEgmpIkSDX3dX2clMlEVokGn zdoCR4YYmQ2aQqIZBmJRkOMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 362221923185581570529345673191155356109271 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-06 01:15:48 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-05 01:15:47 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fresnoweddingphotography.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 585943262330690048555245603817650157295226751928946885590711894730253433958291659476976303146711466302898809058676962439511276671809627400241086872167653259285155138531518993504587940413684462794730869328949133323416449743360689488669098482602497953111398316610081596781627913226726522553815710485415135290321876770773487653069398324688360062387231071595363578033331758509463292389774584293340926759237661094178205126103864948636759698019190916750774539048611400199103620230815016004055526278502753500240525662584111778790431391221280499803175563128550203231251352095811709939517270908424119456183204497445607326136645141605934169088446062800834454874191069977544920450292058397195521908256928056694750608919370439469592633361528678462238203782310155037904296085051025162230688183571468887538889879869408546711540185441632295907517639405734282137948215357310234558429821052473738420738105406149231669425168105144961638480047558439768680106952519822465702334208401249020091070105200745345984067878480417006444765046764572869837835670479074063780772048129136748682527521293261609551443030019412079266434427958892637484704082183091756090672009509587139416767289529150022994578020079770584340339398484201840886856339035315022551422439651 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) a6ff3ac1fd29bbd119f440c9e9bdaa7835e2bca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fresnoweddingphotography.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.fresnoweddingphotography.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018eb130ca5a00000403004630440220773113329b1002e89a10c1a68533df7bc8693602812178f75aced522697c82720220143db672cf532954020c16f5922714d3137db07f4a4186b306150f9811e3b1ca00770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018eb130c9620000040300483046022100d1e5bbe2d164b277bced562744c50d1bc9112b8fc08d6aafb4a1544f7c6f8e98022100b7a9ba3be7ebf4a1b83d36a0df81b2d71b52464d31b1767c39b99cd1ff35a8cf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00593596c1ab3837371b8b8a44814d3e464e9d04142b0fb5ed97e01b4b5e9c61eccc8967ca91117cd74e5a7eb35941a8ad40b930d45d31834639743c3c7f6f6b35270177b0bea7dd3ac64e2706c3f0169dd6ca16350055ae8e3d028e6e1df9c32b330bfa8c6e76315caaa1490a75815eafde0e627c33ff7218d2dd5c85682383843a96949dff6e6fa6e3b946537ca4741086f1f466cb4c0e9385cb13548cd9281df6f9cf71015227f147b7b4be0981dcabe3b8a7d2d40fc2ce831d274a15df969d1d6c28e0004a21d3a79a2f859776d5e1dab778edad25a5cc83a8241426d873c5c9d69ace17dd9efeb24fa39185d9cf8067e84010a89ad1989c70c9b8b3c04bf5