www.agefa.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:95:1d:bd:2e:06:23:c4:a6:ce:54:35:35:12:71:14:e2:18 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.agefa.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:95:1d:bd:2e:06:23:c4:a6:ce:54:35:35:12:71:14:e2:18
Serial Number (int): 312078460355961877094236268005315782697496
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: c5:8c:e9:2a:14:18:f8:12:c9:2a:89:ea:4c:74:de:87:36:9b:16:03
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 8a:40:7d:7f:b2:1e:0d:b7:b8:4f:6c:f2:a1:9c:f0:00:db:77:14:75
Fingerprint (sha256): 2a:77:21:f8:3d:19:82:67:c7:f7:2a:82:5c:ff:74:ad:d7:0a:c2:e0:42:b9:1b:a0:0b:9a:27:93:76:bb:f2:bb

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.agefa.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.agefa.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.agefa.org

Other certificates including the domain name agefa.org

(limited to 100 certificates)
agefa.org
www.agefa.org
www.agefa.org
www.agefa.org
www.agefa.org
*.agefa.org
www.agefa.org
agefa.org
www.agefa.org
*.agefa.org
*.agefa.org
agefa.org

Certificate

The complete raw certificate details for www.agefa.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGUjCCBTqgAwIBAgISA5UdvS4GI8SmzlQ1NRJxFOIYMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA2MjgxMjA3MzFaFw0x
OTA5MjYxMjA3MzFaMBgxFjAUBgNVBAMTDXd3dy5hZ2VmYS5vcmcwggIiMA0GCSqG
SIb3DQEBAQUAA4ICDwAwggIKAoICAQDHMmXug1Eb1dR1OUANQyW/7T7qfQLZ7Sbt
DMBjodY8xmTDgkjyzzXoiB+sX0CiaHgLxFGrA606NJ18D/gBDOwAwlf1g7eel+Eu
pf0YZvqWpMl6WDA8/GJrc9Hc/04JITBK8ELzGvIw1FTLUvzAakmK/umwIlAWm5DK
QkiUyF10+PUGsYU37SFfkx7jqTwg6JFCDkULRrx69v05OcxG++mOQJAQh70i3vaW
gpJqk0lznYvPHUTxE2O7Iin+6krFQdUk/zaGtdzyERfCdX1wB7JHHK3hZN70oTPZ
xKCIfqEud6nCxg7idq2ghn2CW6ZuWajeG6o5t4LGexKfovdWmnTxu+2q+9sMsTVB
u22FHPOIJiyzRzEas5pMDdUD5y3oZx8zPETxACwUifATds+9BNcud/6dEHiRFQlk
smDbBBSc2LlRnJysJnAnP8DOyxphTsSAii2+RVINJxt3ASYdX0hM35QT9IZqmk6q
iGwYEp23nZJ03KVjA6FPM3avwacJgIPCEfwaWXsrsZ5nsA2mESaplEODorRjBBuD
hGpRG4APl9gVSxRQe9J/aPVZh9kKaMDY/cRGsw4W4dQaeFQl1svz99PPBTk40eui
O3yt0Xa6o2jLao1He0OX5ERLaQZNQA2CC6gNuqhdrn8zHgALmafIjXw8xzeUQpSO
2EyoT4ksfwIDAQABo4ICYjCCAl4wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTFjOkq
FBj4EskqiepMdN6HNpsWAzAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86js
oTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14
My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14
My5sZXRzZW5jcnlwdC5vcmcvMBgGA1UdEQQRMA+CDXd3dy5hZ2VmYS5vcmcwTAYD
VR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYa
aHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHy
APAAdQB0ftqDMa0zEJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWueMrPaAAAE
AwBGMEQCIFKKkaHlsjC0NQRn+4/4A3J6rV5fJHf64/Drjxofx7GWAiAAmHl41tx3
P09M3u6+JITi5A9mEMPSv+umThXkqyDsmgB3AGPy283oO8wszwtyhCdXazOkjWF3
j711pjixx2hUS9iNAAABa54ys+wAAAQDAEgwRgIhANfS7l3zOU/XXGqi0/YR5tiZ
mAu+VLUVcgFiKT8OZn7QAiEA0A6asSN6H3lB4hB61pcyKuRhVLwKmnne1vpPPrIC
CB4wDQYJKoZIhvcNAQELBQADggEBAEDYrx8CEEyUr6te/IrUE95ZOfHAAi0rRdXL
vT9sjXN4okx3U9ucmF80iMBUZNAAGHoX10ZQyTTMErvbyi4/zTZTDw44NPsTkjn4
GV7DmqqVeu113TNv6g+4L9xKTUyAKpVPCXjdvqRekWJVfcriVcx0lSAYnhdNVEqG
R4VD9XrnPe4XY5wY14T30uqxPbyG94EoGpCjVneW4X7Yj+GVzHqdcrOjdn6oSH3f
ShQ1U/08rCFUlnwowOdaRfnNFLpCQN73rNNW6h2fEQhyUo1OPpQWLn7D7hZtUH4t
1qbsLOWsq1NimE7ZkX4hAfViGKFj0Y3cWmLdt2TdAWVoLMau+Uk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxzJl7oNRG9XUdTlADUMl
v+0+6n0C2e0m7QzAY6HWPMZkw4JI8s816IgfrF9Aomh4C8RRqwOtOjSdfA/4AQzs
AMJX9YO3npfhLqX9GGb6lqTJelgwPPxia3PR3P9OCSEwSvBC8xryMNRUy1L8wGpJ
iv7psCJQFpuQykJIlMhddPj1BrGFN+0hX5Me46k8IOiRQg5FC0a8evb9OTnMRvvp
jkCQEIe9It72loKSapNJc52Lzx1E8RNjuyIp/upKxUHVJP82hrXc8hEXwnV9cAey
Rxyt4WTe9KEz2cSgiH6hLnepwsYO4natoIZ9glumblmo3huqObeCxnsSn6L3Vpp0
8bvtqvvbDLE1QbtthRzziCYss0cxGrOaTA3VA+ct6GcfMzxE8QAsFInwE3bPvQTX
Lnf+nRB4kRUJZLJg2wQUnNi5UZycrCZwJz/AzssaYU7EgIotvkVSDScbdwEmHV9I
TN+UE/SGappOqohsGBKdt52SdNylYwOhTzN2r8GnCYCDwhH8Gll7K7GeZ7ANphEm
qZRDg6K0YwQbg4RqURuAD5fYFUsUUHvSf2j1WYfZCmjA2P3ERrMOFuHUGnhUJdbL
8/fTzwU5ONHrojt8rdF2uqNoy2qNR3tDl+RES2kGTUANgguoDbqoXa5/Mx4AC5mn
yI18PMc3lEKUjthMqE+JLH8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 312078460355961877094236268005315782697496
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-06-28 12:07:31 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-26 12:07:31 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.agefa.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 812652320309475592286495916822614955809238386993991640723819663082086250514921869314863483189114264395105534613266379990110226440386267180665861926786814512278646244880569107185744030949698236421373215573616581774720798849222540384391737259628204928923896499732135180209172179861945699152886183179461692079236850637066278450501674921693473399161485674027396161930910021013983305255647953988633425225659775414959668607354099508969499183142858827984557549922937509441636017334506313484910519348500211503147444372734399181763389000121638497152735984882339089922496355780642047001707044545264408973293312822393289879600732869062314831914883342690777626044522670841349927462696131167512955345400703780244999663175139186365666284650262751647959579244940149392735903496504557827367937105759380433281238580008554709314524292458826044848714492482288994968249955998085565754867322433143263392191492392546748525738551289260314824941727263436216858752285865591208683765385224656825388046566168704380042003934421353787701402405123317982233157582265227962221422665429332658304280841410037858585595370297820553829741331431253046241883283296242220185847576911050167834446941558676453629082258633066110958306796823748766666150306495188342494150077567
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c58ce92a1418f812c92a89ea4c74de87369b1603
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (17 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agefa.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016b9e32b3da00000403004630440220528a91a1e5b230b4350467fb8ff803727aad5e5f2477fae3f0eb8f1a1fc7b196022000987978d6dc773f4f4cdeeebe2484e2e40f6610c3d2bfeba64e15e4ab20ec9a00770063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016b9e32b3ec0000040300483046022100d7d2ee5df3394fd75c6aa2d3f611e6d899980bbe54b515720162293f0e667ed0022100d00e9ab1237a1f7941e2107ad697322ae46154bc0a9a79ded6fa4f3eb202081e
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0040d8af1f02104c94afab5efc8ad413de5939f1c0022d2b45d5cbbd3f6c8d7378a24c7753db9c985f3488c05464d000187a17d74650c934cc12bbdbca2e3fcd36530f0e3834fb139239f8195ec39aaa957aed75dd336fea0fb82fdc4a4d4c802a954f0978ddbea45e9162557dcae255cc749520189e174d544a86478543f57ae73dee17639c18d784f7d2eab13dbc86f781281a90a3567796e17ed88fe195cc7a9d72b3a3767ea8487ddf4a143553fd3cac2154967c28c0e75a45f9cd14ba4240def7acd356ea1d9f110872528d4e3e94162e7ec3ee166d507e2dd6a6ec2ce5acab5362984ed9917e2101f56218a163d18ddc5a62ddb764dd0165682cc6aef949