ASA-VIP
- U.S. Government U.S. Government -
Issued by DOD ID SW CA-37
About this certificate
This digital certificate with serial number 03:ae:2d was issued on by U.S. Government.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DNSNames must have a valid TLD. (BRs: 3.2.2.4)
- Subscriber Certificate: subject:localityName MUST appear if subject:organizationName, subject:givenName, or subject:surname fields are present but the subject:stateOrProvinceName field is absent. (BRs: 7.1.4.2.2)
- Subscriber Certificate: subject:stateOrProvinceName MUST appear if the subject:organizationName, subject:givenName, or subject:surname fields are present and subject:localityName is absent. (BRs: 7.1.4.2.2)
- Subscriber Certificates issued after 1 March 2018, but prior to 1 September 2020, MUST NOT have a Validity Period greater than 825 days. (BRs: 6.3.2)
- 1 DNS name(s) are bare public suffixes: ASA-VIP The domain SHOULD NOT have a bare public suffix (awslabs certlint)
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)
U.S. Government U.S. Government
Organization:
U.S. Government
Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Organization unit: USTRANSCOM
Organization unit: DoD
Organization: U.S. Government
Organization unit: DoD
Organization unit: PKI
Organization unit: USTRANSCOM
Organization unit: DoD
Country:
US
U.S. Government
Organization:
U.S. Government
Organization unit: DoD
Organization unit: PKI
Organization unit: DoD
Organization unit: PKI
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ae:2dSerial Number (int): 241197
Serial Number lenght: 18 bits, 3 octets
SubjectKeyId: 09:08:3f:80:76:b7:11:e3:08:4f:83:b9:ed:30:bd:82:ff:69:7a:a7
AuthorityKeyId: 16:24:7e:f7:2d:c1:ef:92:3f:be:44:e7:54:5e:e9:fe:17:ba:f3:a1
Fingerprint (sha1): f5:fd:c3:5a:da:1b:9a:0f:e3:3d:5e:ad:77:ec:47:72:e8:a8:47:e5
Fingerprint (sha256): 2f:82:cc:bc:14:73:00:8a:67:80:ea:b2:88:66:0e:e9:e5:50:9c:a8:d5:96:46:d4:55:e9:24:cb:be:c8:86:b5
Issuing Certificate URL: http://crl.disa.mil/sign/DODIDSWCA_37.cer
Revocation information
OCSP Server: http://ocsp.disa.milCRL Distribution Point: http://crl.disa.mil/crl/DODIDSWCA_37.crl
Check the revocation status for certificate ASA-VIP
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for ASA-VIP
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
ASA-VIP
ASA-VIP.ustranscom.mil
ASA-VIP.ustranscom.mil
Certificate
The complete raw certificate details for ASA-VIP in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIDA64tMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNVBAYTAlVT MRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UE CxMDUEtJMRgwFgYDVQQDEw9ET0QgSUQgU1cgQ0EtMzcwHhcNMTgwNzI0MTgwMjU0 WhcNMjEwNzI0MTgwMjU0WjCBkjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4g R292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxEzARBgNVBAsT ClVTVFJBTlNDT00xGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMD RG9EMRAwDgYDVQQDEwdBU0EtVklQMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA3ucaTmti/kzokHTTW1lekaFmgicIblZYPoog2VZnQxqhAP/LwTyE3KIe AxScAhQofD+2SevTHNvSVWmHxSiJvsoTXJ2IWbHCXrXJtc8aBup74u956pxxiQmh nO9I+mQzkHJXNrZwioQjcEu/E0sVZ7Gwn5e+oNuazeoJQDJoOK22AvH+aNvpxvmu R8eSyzBJeG3wutXyocDiB1hCPeBr8RG0ZGZ9J3MgMYqEjGHuJFA5ttzdstbV/Vhq iuurud1wIWsMQxxz8QAhrOQ4aROqZoL4ZKwaIFWhjLoLQJerzYhFtcIyz1M897nm /roFR09OvNZI4gDmAByQkDwnkHtWHQIDAQABo4IBZTCCAWEwHwYDVR0jBBgwFoAU FiR+9y3B75I/vkTnVF7p/he686EwHQYDVR0OBBYEFAkIP4B2txHjCE+Due0wvYL/ aXqnMGcGCCsGAQUFBwEBBFswWTA1BggrBgEFBQcwAoYpaHR0cDovL2NybC5kaXNh Lm1pbC9zaWduL0RPRElEU1dDQV8zNy5jZXIwIAYIKwYBBQUHMAGGFGh0dHA6Ly9v Y3NwLmRpc2EubWlsMA4GA1UdDwEB/wQEAwIFoDA5BgNVHR8EMjAwMC6gLKAqhiho dHRwOi8vY3JsLmRpc2EubWlsL2NybC9ET0RJRFNXQ0FfMzcuY3JsMCoGA1UdEQQj MCGCB0FTQS1WSVCCFkFTQS1WSVAudXN0cmFuc2NvbS5taWwwFgYDVR0gBA8wDTAL BglghkgBZQIBCycwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEF BQgCAjANBgkqhkiG9w0BAQsFAAOCAQEAHbk0NPiVYUJVM2dwLw09++Vqy3+qpSNt EuT6MqidgIKkOLluEBeEjPvObDhD/qiMaWjDR5tOX4wpd3aS18hXXv4IDxYZDkrt KgL2XZEdiZLonQJURYWuOWjLOKnzIg3PMc10Bf9plWDGpIKfaZT5opUJSaUkSk5Z FIaiKXpH18X7knEHmHkZAIZwcZG/Bl9HO/JNLSyeuZWeP6BwOXbmplxXFTqj0rLE 1VMvQ/8e2Py6yNU2tQeZ4cv3QLpFWroh9h7TeBhg3fSaxf6szgiA2zWT1MmAfZS2 Hk8hqmAIaKr9uaQy2KNha2eMp7WjtCq4y0IRFxCFiY/F5KY0GzQlkQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ucaTmti/kzokHTTW1le kaFmgicIblZYPoog2VZnQxqhAP/LwTyE3KIeAxScAhQofD+2SevTHNvSVWmHxSiJ vsoTXJ2IWbHCXrXJtc8aBup74u956pxxiQmhnO9I+mQzkHJXNrZwioQjcEu/E0sV Z7Gwn5e+oNuazeoJQDJoOK22AvH+aNvpxvmuR8eSyzBJeG3wutXyocDiB1hCPeBr 8RG0ZGZ9J3MgMYqEjGHuJFA5ttzdstbV/Vhqiuurud1wIWsMQxxz8QAhrOQ4aROq ZoL4ZKwaIFWhjLoLQJerzYhFtcIyz1M897nm/roFR09OvNZI4gDmAByQkDwnkHtW HQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 241197 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DOD ID SW CA-37' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-24 18:02:54 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-07-24 18:02:54 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'PKI' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'USTRANSCOM' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'U.S. Government' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DoD' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ASA-VIP' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28138864720355767951016981010897411804914240225912464909154680350024479533744478335832874866469181638871117267077767585091275784012827024899354119927716201757636341000214436875908320026960392049032142898143439910617439468336613201630243879888603111433408222893266161776418412321006715518532238333957838761131201449169844700481679489197587859255217464168166734448858754405920958993541257937779268610518532946333677084112569611453142056304413703885992201653378863892931339584743101641517451805748854326617602114730534883419157972034367147195668400755053881797578136399399479342946613546505370442699065075213431438267933 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 16247ef72dc1ef923fbe44e7545ee9fe17baf3a1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 09083f8076b711e3084f83b9ed30bd82ff697aa7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/sign/DODIDSWCA_37.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.disa.mil' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.disa.mil/crl/DODIDSWCA_37.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (35 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ASA-VIP' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ASA-VIP.ustranscom.mil' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (15 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.101.2.1.11.39 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.8.2.2 (iKEIntermediate) . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001db93434f8956142553367702f0d3dfbe56acb7faaa5236d12e4fa32a89d8082a438b96e1017848cfbce6c3843fea88c6968c3479b4e5f8c29777692d7c8575efe080f16190e4aed2a02f65d911d8992e89d02544585ae3968cb38a9f3220dcf31cd7405ff699560c6a4829f6994f9a2950949a5244a4e591486a2297a47d7c5fb9271079879190086707191bf065f473bf24d2d2c9eb9959e3fa0703976e6a65c57153aa3d2b2c4d5532f43ff1ed8fcbac8d536b50799e1cbf740ba455aba21f61ed3781860ddf49ac5feacce0880db3593d4c9807d94b61e4f21aa600868aafdb9a432d8a3616b678ca7b5a3b42ab8cb4211171085898fc5e4a6341b342591