www.theneweko.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:b0:8e:a1:bd:c4:66:06:c7:2a:a2:ae:a0:ed:4e:1c:fe:98 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.theneweko.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:b0:8e:a1:bd:c4:66:06:c7:2a:a2:ae:a0:ed:4e:1c:fe:98
Serial Number (int): 321416144557497302278681794433184457096856
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 76:5b:39:2b:0a:4a:17:85:9c:4d:48:20:4e:7a:44:e3:79:5c:1f:77
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): c3:9c:66:33:c8:36:80:9d:43:1b:57:31:b8:8d:93:09:44:a7:0c:12
Fingerprint (sha256): 2a:ee:90:15:e0:0a:54:95:74:6b:30:15:30:44:da:1f:a7:5a:74:40:12:ab:c6:d6:db:52:62:f8:ed:15:4f:5b

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.theneweko.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.theneweko.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.theneweko.org

Other certificates including the domain name theneweko.org

(limited to 100 certificates)
arv1.com
123overdracht.be
www.theneweko.org
tweezetastic.com
www.davidweissman.com
theneweko.org
theneweko.org
www.techvario.com
afinil.org
genitalmassage.com
afinil.org
www.madeincanada411.com
dotbio.org
www.sportsmedicinenebraska.com
racalmare.com
safica.com

Certificate

The complete raw certificate details for www.theneweko.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGWjCCBUKgAwIBAgISA7COob3EZgbHKqKuoO1OHP6YMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMDMwODI4NDRaFw0y
MDA0MDIwODI4NDRaMBwxGjAYBgNVBAMTEXd3dy50aGVuZXdla28ub3JnMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp/GT3pKXA11y+DKxpAPZZbjF/H2V
J9uXfIFwlX4D6T9mlPI+aFY7MVxGj3H/2L0/Eanu+p/pWKdJpxcSim9qxwlmZr8t
9mrE6T04KJkcfNW/YFaOZgW2dKeFEQkL90BWHhVdEf8xP+SVXBxx1xsyaiTHZd3O
IRzKZ/ZRNw1j9kdHvNzIOc/ZoPg7D0U5qUelUr3QoWkqwfiybaDv2F+uNYjVqad2
2xlNcf6GzlonfLxhrO8Kcu4E9g4wqSWFhZ6qYXFmFGB1oMvNDXRniYcrl9tNWkLa
7bI8KYL/Ssr+CXBw6wIfoQue90uIMVb0rxoGmVkDZvuV1z34qumlWi7z9l6V6WRe
fDcQRcgBzmMn6pq/EXhL4yglYNy9jn7TPWTS16qq7VVOI3v2MnP4rZWInVFoMeku
cl5EiA4AlLfLaG1wiJUx7vT0R47WBdOwu3Ohstr7lAxM/HzTZpqlsUxuT4TLcrSg
SuI+hYUIMpM0yuk0bLMRS7qiBbHp4apdJALJHNJRZ4WcdGZ+2PhHjEtDKfBVH166
uKXltEpE52YisFOSzSUtynHoA0+v0xGEPziTiSWmHFLbN0Zr6bpXsmwVU76qTEpZ
OGJzBfxncXnHbWwfLcV18Y8m1UhRrQMeIA4g6Z8zM6ALoi9OwXC/X6Z36BIHM8BT
RByiesBdeevwzSsCAwEAAaOCAmYwggJiMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
dls5KwpKF4WcTUggTnpE43lcH3cwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl
7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5p
bnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5p
bnQteDMubGV0c2VuY3J5cHQub3JnLzAcBgNVHREEFTATghF3d3cudGhlbmV3ZWtv
Lm9yZzBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsG
AQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkC
BAIEgfUEgfIA8AB2AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaBcUVYAAAB
b2q8VGcAAAQDAEcwRQIgKv0/RjsMmd/lyBHvSHJEQVvcSnHnITBOA9MOzz19GkwC
IQDLECU6lQmGR/kcratSHbNqUUUeS19pijk3s0ooPpc//AB2ALIeBcyLos2KIE6H
ZvkruYolIGdr2vpw57JJUy3vi5BeAAABb2q8VGYAAAQDAEcwRQIgXn5e8bGhE8Ja
18wHE4Ui8+qHVWzhjHxfnB5Xuc3oMkMCIQDaK0yCfHae7n6KmwSSahWZsOlGfErI
gYyzOnkPH5R7qjANBgkqhkiG9w0BAQsFAAOCAQEATNB40CLljLnJcEF/q+vHfmYD
PH2/5FpKZr/rgt79prgamxV6Nsbq7tlQqdcIIwQnPK2GCul1TAT59RGOF4BlJXcw
ucQTjHxrnNIUHibAJSXu2dIWujsBKA0KtHPboCO9yVxXaH1Fhud6zaQ2cjI0OIdS
t1rbtUQkVM4CQL4J4rC6OY4tLPz+IuwpHaJH2mOnM/DATl2qL+5WToLEpIiRaMsr
17+n9+0qkX06zOUjWMwpvvajxKrEQu/5VcyesIza/HZI4z4Upz0yIJo1E2KnhJx2
ZvHFdWZPN5CPCyVA+udfv7NCDAjIgbTgLjFGn8LfViqF9WOCTOWJwh8LHDWU/g==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp/GT3pKXA11y+DKxpAPZ
ZbjF/H2VJ9uXfIFwlX4D6T9mlPI+aFY7MVxGj3H/2L0/Eanu+p/pWKdJpxcSim9q
xwlmZr8t9mrE6T04KJkcfNW/YFaOZgW2dKeFEQkL90BWHhVdEf8xP+SVXBxx1xsy
aiTHZd3OIRzKZ/ZRNw1j9kdHvNzIOc/ZoPg7D0U5qUelUr3QoWkqwfiybaDv2F+u
NYjVqad22xlNcf6GzlonfLxhrO8Kcu4E9g4wqSWFhZ6qYXFmFGB1oMvNDXRniYcr
l9tNWkLa7bI8KYL/Ssr+CXBw6wIfoQue90uIMVb0rxoGmVkDZvuV1z34qumlWi7z
9l6V6WRefDcQRcgBzmMn6pq/EXhL4yglYNy9jn7TPWTS16qq7VVOI3v2MnP4rZWI
nVFoMekucl5EiA4AlLfLaG1wiJUx7vT0R47WBdOwu3Ohstr7lAxM/HzTZpqlsUxu
T4TLcrSgSuI+hYUIMpM0yuk0bLMRS7qiBbHp4apdJALJHNJRZ4WcdGZ+2PhHjEtD
KfBVH166uKXltEpE52YisFOSzSUtynHoA0+v0xGEPziTiSWmHFLbN0Zr6bpXsmwV
U76qTEpZOGJzBfxncXnHbWwfLcV18Y8m1UhRrQMeIA4g6Z8zM6ALoi9OwXC/X6Z3
6BIHM8BTRByiesBdeevwzSsCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 321416144557497302278681794433184457096856
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-03 08:28:44 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-02 08:28:44 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.theneweko.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 685150366717762583418634602462904070321669285388729032346435097735750589935909498944994521326059059410280755515238689576962486322977721701307056792850249375603299336923564250477997834344422260124448178156256053930085288477840379542171233384624314986598016529069113663106304047969596385550735919062175253770411072320057898753854982683560264912729276391035866510671100727418881484912568754786879956625079542528170100147906189055049167726990477276890150635520272667077320897756749015103040568897456979746695433298491795182681148715444695185981548333235576231775436354170308013274897251581069814811508982742743708386766071004474614338938748544249359687458280326326490666115884053975712173663702652850982975426658450989562522358658883433485178860111958655368275168508407968106122702777758665626316835092152353729176360441274332517301175307403274210011082886697634657803337867725913859672950320868883410864957030494179314229334978733593503815601463366245445671844811442839088876538962876448482821470710371107945269368074288545619584648324740782645227145404304001269899069207189166000633343088011112853153912113587731421548639205051013156071696822238159967970692470573234533700370802206729508767117695576937209430635971324814741974631370027
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							765b392b0a4a17859c4d48204e7a44e3795c1f77
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.theneweko.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f6abc5467000004030047304502202afd3f463b0c99dfe5c811ef487244415bdc4a71e721304e03d30ecf3d7d1a4c022100cb10253a95098647f91cadab521db36a51451e4b5f698a3937b34a283e973ffc007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f6abc5466000004030047304502205e7e5ef1b1a113c25ad7cc07138522f3ea87556ce18c7c5f9c1e57b9cde83243022100da2b4c827c769eee7e8a9b04926a1599b0e9467c4ac8818cb33a790f1f947baa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004cd078d022e58cb9c970417fabebc77e66033c7dbfe45a4a66bfeb82defda6b81a9b157a36c6eaeed950a9d7082304273cad860ae9754c04f9f5118e178065257730b9c4138c7c6b9cd2141e26c02525eed9d216ba3b01280d0ab473dba023bdc95c57687d4586e77acda436723234388752b75adbb5442454ce0240be09e2b0ba398e2d2cfcfe22ec291da247da63a733f0c04e5daa2fee564e82c4a4889168cb2bd7bfa7f7ed2a917d3acce52358cc29bef6a3c4aac442eff955cc9eb08cdafc7648e33e14a73d32209a351362a7849c7666f1c575664f37908f0b2540fae75fbfb3420c08c881b4e02e31469fc2df562a85f563824ce589c21f0b1c3594fe