www.kidney.ca
- Kidney Foundation of Canada -
Issued by GeoTrust SSL CA - G3
About this certificate
This digital certificate with serial number 4a:e2:3c:2e:4c:ab:61:98:78:cd:de:84:12:c9:2d:88 was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Kidney Foundation of Canada
Organization:
Kidney Foundation of Canada
Organization unit: Hosting
Organization unit: Hosting
State / Province:
Quebec
Locality: Montreal
Country: CA
Locality: Montreal
Country: CA
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4a:e2:3c:2e:4c:ab:61:98:78:cd:de:84:12:c9:2d:88Serial Number (int): 99537551390912388339049703454253067656
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: d2:6f:f7:96:f4:85:3f:72:3c:30:7d:23:da:85:78:9b:a3:7c:5a:7c
Fingerprint (sha1): de:5e:77:40:f5:b8:14:aa:10:dc:45:c7:9f:70:91:06:67:69:ef:e2
Fingerprint (sha256): 34:a0:60:73:72:51:50:18:f0:50:4e:f1:d8:0e:a5:6e:63:5b:d3:74:72:31:0f:1d:c7:99:d6:47:42:1b:d3:e5
Issuing Certificate URL: http://gn.symcb.com/gn.crt
Revocation information
OCSP Server: http://gn.symcd.comCRL Distribution Point: http://gn.symcb.com/gn.crl
Check the revocation status for certificate www.kidney.ca
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.kidney.ca
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.kidney.ca
kidney.ca
kidney.ca
Other certificates including the domain name kidney.ca
(limited to 100 certificates)
newsletter.qc.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
newsletter.qc.kidney.ca
kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
www.kidney.ca
www.kidney.ca
newsletter.qc.kidney.ca
kidney.ca
Certificate
The complete raw certificate details for www.kidney.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgIQSuI8LkyrYZh4zd6EEsktiDANBgkqhkiG9w0BAQsFADBE MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTUwMTE1MDAwMDAwWhcNMTcwNDE1MjM1 OTU5WjCBgTELMAkGA1UEBhMCQ0ExDzANBgNVBAgTBlF1ZWJlYzERMA8GA1UEBxQI TW9udHJlYWwxJDAiBgNVBAoUG0tpZG5leSBGb3VuZGF0aW9uIG9mIENhbmFkYTEQ MA4GA1UECxQHSG9zdGluZzEWMBQGA1UEAxQNd3d3LmtpZG5leS5jYTCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL2+6b9FkUkImkrmomPCsMvh/WyKRbMX j7V7PREhgzG4LTyxf7QLPrOIHsa+MGdnXXsmAi3RkVQaAg88kN+n87kiWcB0xXko GvetZQvC4QeMFkoY1axXkkr+OL/HMcopMlg3uiV4YD0U+lBz3jTdjMjx+2elaTne Xf0pEtM1RbXLEDsheaEamUe+wCibC39WtDeOWbH+WZkfZG9rzZ5FCSBBd2tBwVBV irjyPXdBZyr6dxkafmWW9PbzncbMnTFypXDI40q0tnYBxieHt04OLHuyxkbyye3Q Qif54YndNoUFWNPuxJsfNXenQYZcCOxoBU0VTjYz61oAJClNhdOmQYUCAwEAAaOC Aa4wggGqMCMGA1UdEQQcMBqCDXd3dy5raWRuZXkuY2GCCWtpZG5leS5jYTAJBgNV HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8v Z24uc3ltY2IuY29tL2duLmNybDCBoQYDVR0gBIGZMIGWMIGTBgpghkgBhvhFAQc2 MIGEMD8GCCsGAQUFBwIBFjNodHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3Vy Y2VzL3JlcG9zaXRvcnkvbGVnYWwwQQYIKwYBBQUHAgIwNQwzaHR0cHM6Ly93d3cu Z2VvdHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMB0GA1UdJQQW MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBTSb/eW9IU/cjwwfSPa hXibo3xafDBXBggrBgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nbi5z eW1jZC5jb20wJgYIKwYBBQUHMAKGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3J0 MA0GCSqGSIb3DQEBCwUAA4IBAQC/Zr4BhS91yjQeJcjVQ9Ik7+lbauoHiDXZQr5+ WvDXIPkeenVAfI8oNdZf4v8bmTyAyDQWg/IBZkabCVrql08JwWoJKq5bfL/SgEAC howofFFw0CCuHXyuG1Td8hZkXcjTC83rO/IFuZHc1b5hlp5hiB0BQYVRftSlsnDq sPkN/sM5+EnJN4mZPgLzllBH4U373hBQlsBAV0fGGxMRP9VHL8A1Hfg8FOE7mgEq om65Q19uOVI5JyjRZnjPrpu/haTJAtbMKiujDIWDeCcB5e0i+0dDJGMirYB6uIBL ByIoe35g24E/tKeQOopdcn+yIkPl9o/40WRCRpDg/1LoBOn0 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb7pv0WRSQiaSuaiY8Kw y+H9bIpFsxePtXs9ESGDMbgtPLF/tAs+s4gexr4wZ2ddeyYCLdGRVBoCDzyQ36fz uSJZwHTFeSga961lC8LhB4wWShjVrFeSSv44v8cxyikyWDe6JXhgPRT6UHPeNN2M yPH7Z6VpOd5d/SkS0zVFtcsQOyF5oRqZR77AKJsLf1a0N45Zsf5ZmR9kb2vNnkUJ IEF3a0HBUFWKuPI9d0FnKvp3GRp+ZZb09vOdxsydMXKlcMjjSrS2dgHGJ4e3Tg4s e7LGRvLJ7dBCJ/nhid02hQVY0+7Emx81d6dBhlwI7GgFTRVONjPrWgAkKU2F06ZB hQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 99537551390912388339049703454253067656 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust SSL CA - G3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-01-15 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-04-15 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Quebec' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Montreal' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Kidney Foundation of Canada' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Hosting' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'www.kidney.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23953182384529606661216109687113769914081619282649636886017129982959607540826217051461036453945307057474253036443456521601662831327850395043280719699861111383350169557924433343812329151867326418383600904780363479699759286380389065835517163375372722820715118323329778778840356677050393846566959414095767265799338108561682368267289565431104935582724075702774736058551120866525794325222775168565102309960097261100058813279757308590014515773894502840026848717109856346193802888077766175124736480977518131757073838677274657276409334921360708191666259820700934750586764943762311972986345777764080769859493420461769089237381 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kidney.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kidney.ca' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (153 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.geotrust.com/resources/repository/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d26ff796f4853f723c307d23da85789ba37c5a7c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gn.symcb.com/gn.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bf66be01852f75ca341e25c8d543d224efe95b6aea078835d942be7e5af0d720f91e7a75407c8f2835d65fe2ff1b993c80c8341683f20166469b095aea974f09c16a092aae5b7cbfd2804002868c287c5170d020ae1d7cae1b54ddf216645dc8d30bcdeb3bf205b991dcd5be61969e61881d014185517ed4a5b270eab0f90dfec339f849c93789993e02f3965047e14dfbde105096c0405747c61b13113fd5472fc0351df83c14e13b9a012aa26eb9435f6e3952392728d16678cfae9bbf85a4c902d6cc2a2ba30c8583782701e5ed22fb4743246322ad807ab8804b0722287b7e60db813fb4a7903a8a5d727fb22243e5f68ff8d164424690e0ff52e804e9f4