www.hess-gruppe.de
Issued by R3
About this certificate
This digital certificate with serial number 04:4c:10:24:a0:19:b1:ca:c9:31:bc:a8:b9:e9:82:ae:ae:a3 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.hess-gruppe.de
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:4c:10:24:a0:19:b1:ca:c9:31:bc:a8:b9:e9:82:ae:ae:a3Serial Number (int): 374332061430873040364464120525731996282531
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 88:a9:da:f8:1b:93:cc:ad:36:ac:14:a0:6d:7a:1c:e4:d2:50:e8:4d
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): ef:a6:bd:47:7b:2a:51:e8:d2:8b:43:1a:37:67:69:ba:51:78:38:17
Fingerprint (sha256): 39:1f:4f:24:a6:4a:1d:19:34:ca:f8:2a:d3:be:33:f5:91:a5:74:6f:b0:28:57:27:5e:01:8a:cd:17:54:0e:6f
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.hess-gruppe.de
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.hess-gruppe.de
Public Key Algorithm
RSA
Key Size
3072
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
Other certificates including the domain name hess-gruppe.de
(limited to 100 certificates)
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
ssgd.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
vpn.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
ssgd.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
mailrz.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
*.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
www.hess-gruppe.de
vpn.hess-gruppe.de
www.hess-gruppe.de
hess-gruppe.de
Certificate
The complete raw certificate details for www.hess-gruppe.de in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFujCCBKKgAwIBAgISBEwQJKAZscrJMbyouemCrq6jMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMjEwMzEwNzA2MzdaFw0yMzAxMjkwNzA2MzZaMB0xGzAZBgNVBAMT End3dy5oZXNzLWdydXBwZS5kZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoC ggGBAIJ18iscLSmCxJWrw/72+hiMj21IEZoB96szdEMtY2kbdxKh5zOiV60zbn88 4gvAMTzky39sQNVNsCicCpTB4KE9mfn4Cnduo87SaYn0uELkv6oJl4NT4xcrAXwF iRVNICAnv5APkU5oFmSNgKtTaJshNnJK5+AKTVD6JFyFjI72gnQyhGwkip3D69Gg d/OpBJieD4Tehi64v2+SPnOfzpLMAyRJfrQtj3xxOpD13bS43Beo8oFi1IIEIua2 hlf3Rdj/BGYufAI5FJvz34QuV0MqfhisjilIGHeuTVBfCK2TCJmHCoczskKMKN4p J6kzb3sFIXaI5ExQYaAEnIou3NVdDMIbRIe9aoyKvKs05GXXRrpcaFsDps+SDP39 cJ/u58sUKrQ99jQLfdfeHVOIJUFOYMnFNm5RRbi3EosjfYAO/Ge/m6Bn7NI9roh+ SRUH0Wr1eWf6F6VAWw/KEDWM6Des6tpgSM8IprIfJ+wNDmHDHjbxez1MEpKSz4KM kom+2wIDAQABo4ICXTCCAlkwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSIqdr4G5PM rTasFKBtehzk0lDoTTAfBgNVHSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBV BggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9y ZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3JnLzAtBgNVHREEJjAk gg5oZXNzLWdydXBwZS5kZYISd3d3Lmhlc3MtZ3J1cHBlLmRlMEwGA1UdIARFMEMw CAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j cHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHUAtz77 JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkAAAGELRQDewAABAMARjBEAiAb I7OdJEfPvf2lGfbn1D8guVBUvIdS137VeZEdB9pw6wIgNZCQoDSbhDrqT2N2EOL+ 2+8N8W/SUQvPoHZCeEysA94AdwB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpX o1LrUgAAAYQtFAWCAAAEAwBIMEYCIQD3yI+OqqPKL2UZ22rfFthLjPdpO1G5nSHa YjubuDX3FAIhAP9yl2+dP4XysPAMDoIavnxP7kGQKgM/PZVAwh4XIsY8MA0GCSqG SIb3DQEBCwUAA4IBAQBAqddaOFMqRJDpm9KSkpPjGYv/4sxAiPhagNlahF0xOmgv s75mdLoCPwm9TVZ3sYFBJjWR2pEWj/6aAYcPGlUbFXOR6PGLCEKqKJtsaPSKv2Jc W3ZB9kxt56BmWgads6x0t3M3yZ3Ebzs0r0XbFpSA5Un0BD5jqsDY7xzWnqiaVqr0 i/oZ8adk0rWrP6kI/BoXLWQAPCME6bA95lU8syopuUs6QqwsvVB7JD+wDVjs1Jtk WzVFQgKcUyLvsjIhVzDv5kAlc7XkDJof236+T8R1Qyn7f2o5Y1+YhFEpw3B4T1y3 xTKD5HgTnGOXNjDhIe1PuBs1zO/CBg7NSr8Cge/4 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAgnXyKxwtKYLElavD/vb6 GIyPbUgRmgH3qzN0Qy1jaRt3EqHnM6JXrTNufzziC8AxPOTLf2xA1U2wKJwKlMHg oT2Z+fgKd26jztJpifS4QuS/qgmXg1PjFysBfAWJFU0gICe/kA+RTmgWZI2Aq1No myE2ckrn4ApNUPokXIWMjvaCdDKEbCSKncPr0aB386kEmJ4PhN6GLri/b5I+c5/O kswDJEl+tC2PfHE6kPXdtLjcF6jygWLUggQi5raGV/dF2P8EZi58AjkUm/PfhC5X Qyp+GKyOKUgYd65NUF8IrZMImYcKhzOyQowo3iknqTNvewUhdojkTFBhoAScii7c 1V0MwhtEh71qjIq8qzTkZddGulxoWwOmz5IM/f1wn+7nyxQqtD32NAt9194dU4gl QU5gycU2blFFuLcSiyN9gA78Z7+boGfs0j2uiH5JFQfRavV5Z/oXpUBbD8oQNYzo N6zq2mBIzwimsh8n7A0OYcMeNvF7PUwSkpLPgoySib7bAgMBAAE= -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 374332061430873040364464120525731996282531 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-10-31 07:06:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-29 07:06:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.hess-gruppe.de' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3184 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2960646166109308722772079643128863033280454765397412303796029080558478290519695764700057033092123288229538109599902862366004208293240730978239277652892357632786467233162426929833195100404699818326334099895644024850738712416110056110415388092462375616950991990173901538045705447044212744598241755181489678421906273055074817616297213956166728360492578109556353645799693304122238147988837180919696173017691268147625842061409987243151783970755017026501425880589531066133539288917226961986840711257762196315940771239151905102686962356477940397106682199312179126903345781499895276725436361238164511581596188147629216724211615135541229885717439273601478583402494547192480165984266344226372891923266950730549366212840331714393617842128028855921509907446430165994965728057527636225533094053700766581532538618514696231484118619936580171679484662461705533075855447296816090272497871274002539074492856487387226737859776708103634919472859 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 88a9daf81b93ccad36ac14a06d7a1ce4d250e84d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hess-gruppe.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hess-gruppe.de' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007500b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001842d14037b000004030046304402201b23b39d2447cfbdfda519f6e7d43f20b95054bc8752d77ed579911d07da70eb0220359090a0349b843aea4f637610e2fedbef0df16fd2510bcfa07642784cac03de0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb52000001842d1405820000040300483046022100f7c88f8eaaa3ca2f6519db6adf16d84b8cf7693b51b99d21da623b9bb835f714022100ff72976f9d3f85f2b0f00c0e821abe7c4fee41902a033f3d9540c21e1722c63c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0040a9d75a38532a4490e99bd2929293e3198bffe2cc4088f85a80d95a845d313a682fb3be6674ba023f09bd4d5677b18141263591da91168ffe9a01870f1a551b157391e8f18b0842aa289b6c68f48abf625c5b7641f64c6de7a0665a069db3ac74b77337c99dc46f3b34af45db169480e549f4043e63aac0d8ef1cd69ea89a56aaf48bfa19f1a764d2b5ab3fa908fc1a172d64003c2304e9b03de6553cb32a29b94b3a42ac2cbd507b243fb00d58ecd49b645b354542029c5322efb232215730efe6402573b5e40c9a1fdb7ebe4fc4754329fb7f6a39635f98845129c370784f5cb7c53283e478139c63973630e121ed4fb81b35ccefc2060ecd4abf0281eff8