gewis.nl

Issued by R3

About this certificate

This digital certificate with serial number 04:62:a0:bb:3c:9c:49:11:d6:97:c4:12:29:ce:e7:c7:ca:12 was issued on by Let's Encrypt.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=gewis.nl

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:62:a0:bb:3c:9c:49:11:d6:97:c4:12:29:ce:e7:c7:ca:12
Serial Number (int): 382010464353457872100504821701227026303506
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: af:ab:ba:08:e8:8d:66:a8:43:f0:3a:19:08:ee:bd:d7:5f:3c:cd:0a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 4d:b4:d5:b3:0e:73:1d:59:85:4f:41:9a:13:be:95:f6:10:d7:d6:d9
Fingerprint (sha256): 29:df:4e:af:06:67:bf:84:93:18:2c:03:e7:51:90:bf:4b:f2:f6:f9:08:34:e1:b3:e9:de:84:84:3b:eb:75:7b

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate gewis.nl

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gewis.nl

Public Key Algorithm

ECDSA

Key Size

384

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.gew.is
*.gewis.nl
*.test.gewis.nl
gew.is
gewis.nl

Other certificates including the domain name gewis.nl

(limited to 100 certificates)
judge.gewis.nl
webhost.gewis.nl
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
*.gew.is
sni46910.cloudflaressl.com
*.gewis.nl
secure.gewis.nl
gewis.nl
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
webhost.gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gewis.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
*.gewis.nl
gewis.nl
*.gewis.nl
gewis.nl
sni46910.cloudflaressl.com
gewis.nl
gewis.nl
gehack.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
*.gewis.nl
gewis.nl
gewis.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
judge.gewis.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gehack.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gehack.nl
sni.cloudflaressl.com
gelimbo.gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
*.gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gewis.nl
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
status.gewis.nl
sni46910.cloudflaressl.com
gewis.nl
gewis.nl
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
www.gewis.nl
sni46910.cloudflaressl.com
gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
*.gewis.nl
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
sni46910.cloudflaressl.com
gewis.nl
athena.gewis.nl
sni46910.cloudflaressl.com

Certificate

The complete raw certificate details for gewis.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIErDCCA5SgAwIBAgISBGKguzycSRHWl8QSKc7nx8oSMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzAyMDcwNjM0MzdaFw0yMzA1MDgwNjM0MzZaMBMxETAPBgNVBAMT
CGdld2lzLm5sMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEPbpfrpNilHdAw9yVKmKn
LsSbW+8y7jC8rZHD7NxG9QKmnxC+7ZLMvSTeCe1DWD8zka17IrP1SHOCWSHf1NHU
C4cdXHE18xxK5VA9GteI4NgZkB7VBAKrm74zvDC/KrIio4IChzCCAoMwDgYDVR0P
AQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBSvq7oI6I1mqEPwOhkI7r3XXzzNCjAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzBCBgNVHREEOzA5gggqLmdldy5pc4IKKi5nZXdpcy5ubIIP
Ki50ZXN0Lmdld2lzLm5sggZnZXcuaXOCCGdld2lzLm5sMEwGA1UdIARFMEMwCAYG
Z4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMu
bGV0c2VuY3J5cHQub3JnMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADyAHcAtz77JN+c
Tbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGGKsxONAAABAMASDBGAiEA8cuz
m3rQ79cyycoV6SDADad6FlDzdOl+/7l4HOiAw7ECIQCcRue1L9oOAElpEx3nTxbf
6wrSuDZV0HOZvpHrnkaCHAB3AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31t
Br1uAAABhirMTikAAAQDAEgwRgIhAPq8rV1YVLgUHZ5cpYzh76+7ELDk8UsUPmX4
4iPmrsslAiEAi+yAGdHelhR98+qTUHMfanz90qrk2xUMnO+icVuz674wEQYIKwYB
BQUHARgEBTADAgEFMA0GCSqGSIb3DQEBCwUAA4IBAQBeQMoJ3+12Gt2g5vNEA4nf
oNlabAF8TZY3VH2QO0d8xO0nTqIhE6KzQhGTBkts8J7yrBdgtIZFJydbpsW/rXes
eANSD4XIWYYws4ee/T0SiqaCa82ibCZ2xPCfdVIAGC3WZ9XSaEillzTxpEOOcnMC
55qrGJcsmeEh64A6hfmJL9n/LgUoqhaqSK9Q6QhzCZZ7c7hxq6ZMBizg84oXdz+F
UpoBSTiwsn4Gdqq3+zENFjhYvc4x+9H5AXir3nbxhnTFJ4Ub5Cl39clP4MLhBDVy
L1tLyXYYih+xEolt/2zOm0FUc6eQ8FTgOk7HCR/VLv4eKPzQcfolzTEMZHKyx/9W
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEPbpfrpNilHdAw9yVKmKnLsSbW+8y7jC8
rZHD7NxG9QKmnxC+7ZLMvSTeCe1DWD8zka17IrP1SHOCWSHf1NHUC4cdXHE18xxK
5VA9GteI4NgZkB7VBAKrm74zvDC/KrIi
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 382010464353457872100504821701227026303506
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-07 06:34:37 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-05-08 06:34:36 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gewis.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.10045.2.1 (ecPublicKey)
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.132.0.34 (secp384r1)
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (776 bits)
				00043dba5fae9362947740c3dc952a62a72ec49b5bef32ee30bcad91c3ecdc46f502a69f10beed92ccbd24de09ed43583f3391ad7b22b3f54873825921dfd4d1d40b871d5c7135f31c4ae5503d1ad788e0d819901ed50402ab9bbe33bc30bf2ab222
 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (1 bits)
							0780
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							afabba08e88d66a843f03a1908eebdd75f3ccd0a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gew.is'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gewis.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.test.gewis.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gew.is'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gewis.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
							00f2007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001862acc4e340000040300483046022100f1cbb39b7ad0efd732c9ca15e920c00da77a1650f374e97effb9781ce880c3b10221009c46e7b52fda0e004969131de74f16dfeb0ad2b83655d07399be91eb9e46821c007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001862acc4e290000040300483046022100fabcad5d5854b8141d9e5ca58ce1efafbb10b0e4f14b143e65f8e223e6aecb250221008bec8019d1de96147df3ea9350731f6a7cfdd2aae4db150c9cefa2715bb3ebbe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.24
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (5 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 5
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005e40ca09dfed761adda0e6f3440389dfa0d95a6c017c4d9637547d903b477cc4ed274ea22113a2b3421193064b6cf09ef2ac1760b4864527275ba6c5bfad77ac7803520f85c8598630b3879efd3d128aa6826bcda26c2676c4f09f755200182dd667d5d26848a59734f1a4438e727302e79aab18972c99e121eb803a85f9892fd9ff2e0528aa16aa48af50e9087309967b73b871aba64c062ce0f38a17773f85529a014938b0b27e0676aab7fb310d163858bdce31fbd1f90178abde76f18674c527851be42977f5c94fe0c2e10435722f5b4bc976188a1fb112896dff6cce9b415473a790f054e03a4ec7091fd52efe1e28fcd071fa25cd310c6472b2c7ff56