stk.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:ef:d8:02:18:3d:16:36:78:7f:71:c8:51:b3:85:f5:5c:cd was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=stk.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:ef:d8:02:18:3d:16:36:78:7f:71:c8:51:b3:85:f5:5c:cdSerial Number (int): 342951467612685914528076165953903048088781
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e6:c5:df:24:fb:d7:5e:37:48:37:92:18:da:13:44:0a:27:bd:e4:b5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 51:3d:ac:76:39:17:24:ab:8d:e7:07:99:6c:89:be:d0:11:bb:39:bd
Fingerprint (sha256): 3a:7c:09:02:85:f7:4d:6b:f7:84:3d:b9:0f:15:87:cd:5a:da:a9:ef:65:f1:ab:a0:00:fd:0f:35:cb:4e:a9:95
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.org/Check the revocation status for certificate stk.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for stk.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
stk.cz
www.stk.cz
www.stk.cz
Other certificates including the domain name stk.cz
(limited to 100 certificates)
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
stk.cz
stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
*.ezproxy.techlib.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
stk.cz
stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
stk.cz
stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
*.ezproxy.techlib.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
stk.cz
stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
old.stk.cz
Certificate
The complete raw certificate details for stk.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgISA+/YAhg9FjZ4f3HIUbOF9VzNMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjExMDcwOTExMDBaFw0x NzAyMDUwOTExMDBaMBExDzANBgNVBAMTBnN0ay5jejCCAiIwDQYJKoZIhvcNAQEB BQADggIPADCCAgoCggIBAMTaJdmIjBIlq9lo+Ga5CVnVreVJaSZho4mrOmydUOYZ Ig85w9UcSq9mQQi5Sdhju9Jv06xh5qVyYlrSGn6Us3FtM1HbHTgopgVLnLZalpSB CXb0j3PfFS3ZI+I7qJADsCFtRorTjaM75xMP1Z2rFV/JOqFmEZUIr6xijBCLlIOE YvOpdpdzs5lKtlot1Bx8e4noTFhWHXX0J2RaBkdWrqo4j4dxLpWB5kZRfJcgsWgc 0wy21oO3Pcq2Jrs52M4jMSVPBGweK6uSJ8C5EEpeAraWvGeo9VpBxwpRuaiUpb/l QtxmcfNh7WIP21eiqQi/cvqsct569SbsDBhamQc35GIUjLszjOIv45CApmgy/fZC If3v0NESKFb6HkzIAJlCWDeXH68wZjLT9iwioMxcYAt9hC3JXORV4MAR/DSPE4eM E8OS9OVq50Ch6Q5O4YKZQ8CELCPdD8uCXr7wu+U5nviJGiKz0JYTUnFvCHLRoEF2 6E9PvlbH3vTOM2X/6ICMNz56tJcKFjX3b8du/H0I0aaAxO0heXRX6rPlYZebjL0l JjVz5e8y0+wocH7/Fg4yUlIUnw5O5ok7R/tfMFEOKRZqyxr5eKdFerSm5SJkZLvr nDSFZEUeTqRfcs5PcPQzaHXzqkz0UEsVBmXLJDoacoVGfaY21bglJ+BVtyN4FBTZ AgMBAAGjggITMIICDzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFObF3yT71143SDeS GNoTRAonveS1MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAGCCsG AQUFBwEBBGQwYjAvBggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxldHNl bmNyeXB0Lm9yZy8wLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRz ZW5jcnlwdC5vcmcvMB0GA1UdEQQWMBSCBnN0ay5jeoIKd3d3LnN0ay5jejCB/gYD VR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyB m1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVs eWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2Vy dGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3Jn L3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAKEDWGDqNpL8gJkccZ5w0j 4eiTUUctiwEXwfWqxJSf7CVqrVR6102SS7JwdMQwIGBDrScqTXmwU2x0ac63I2cx XSdekCwbvkuc4wTMt2IrHB6qQzUc3d3xiLz1X9MiPIz8MVeilhzimJRe3qlB+vxz R4vIlXLGLJAq65SCACD+YpnV6gWxur+46/scYMXufIDaWymnbSMRaGdhE0xfTtjK s6khu58AHQoW4xj5oL0Rrq3JaSX7NcMMXFrodoMeIGH63QmifAhR3OZpYzY5HR6c eMw55shhQdpNFXHlGq07bTaA6bdtsAtI09jWGjU1Dc5h9GLKRB0pzlE9KAKLIXns -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxNol2YiMEiWr2Wj4ZrkJ WdWt5UlpJmGjias6bJ1Q5hkiDznD1RxKr2ZBCLlJ2GO70m/TrGHmpXJiWtIafpSz cW0zUdsdOCimBUuctlqWlIEJdvSPc98VLdkj4juokAOwIW1GitONozvnEw/VnasV X8k6oWYRlQivrGKMEIuUg4Ri86l2l3OzmUq2Wi3UHHx7iehMWFYddfQnZFoGR1au qjiPh3EulYHmRlF8lyCxaBzTDLbWg7c9yrYmuznYziMxJU8EbB4rq5InwLkQSl4C tpa8Z6j1WkHHClG5qJSlv+VC3GZx82HtYg/bV6KpCL9y+qxy3nr1JuwMGFqZBzfk YhSMuzOM4i/jkICmaDL99kIh/e/Q0RIoVvoeTMgAmUJYN5cfrzBmMtP2LCKgzFxg C32ELclc5FXgwBH8NI8Th4wTw5L05WrnQKHpDk7hgplDwIQsI90Py4JevvC75Tme +IkaIrPQlhNScW8IctGgQXboT0++Vsfe9M4zZf/ogIw3Pnq0lwoWNfdvx278fQjR poDE7SF5dFfqs+Vhl5uMvSUmNXPl7zLT7Chwfv8WDjJSUhSfDk7miTtH+18wUQ4p FmrLGvl4p0V6tKblImRku+ucNIVkRR5OpF9yzk9w9DNodfOqTPRQSxUGZcskOhpy hUZ9pjbVuCUn4FW3I3gUFNkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 342951467612685914528076165953903048088781 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-07 09:11:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-02-05 09:11:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stk.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 803086665396130903420511747637561463293198041233351934199905112905082361910557548932851887811810315473202604531669141121207778206529544574347618515010286545474522185726161428394981385680443479392902146768725222186727781113042538055269632052769359943219942090622988188506041187105441497100957590659756027622236059182927906599938127766396762190676959679709105882799043212938217291467124423708110832508046689627167497582311336356867994017316697367208972120231450846167812302891652177867355583305208829016636601315494102322057326333354249978690012277051076679282546129809901376927230392386467751222345794860351746819148032477177706724301147255802153569536466671336861488325247104692722981978425569475730447636421494614856985572134192347374133873644105396200511370321296911693318533325928254377139472006506551258488275329654865003201145229207107947125385360825880613997696095705812957523790934875037892951994699328854318707014748787921432404222081851605384539077351556502297295355277357338561047729481501754730059649033147923821023087337506931420471790937405958085791054567675542781176950082402072304472443800848074120953327438619679762616579484862393055298679677771569400770717438661773256262383258961456544875491682387645801253706142937 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e6c5df24fbd75e3748379218da13440a27bde4b5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stk.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.stk.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000a1035860ea3692fc80991c719e70d23e1e89351472d8b0117c1f5aac4949fec256aad547ad74d924bb27074c430206043ad272a4d79b0536c7469ceb72367315d275e902c1bbe4b9ce304ccb7622b1c1eaa43351cddddf188bcf55fd3223c8cfc3157a2961ce298945edea941fafc73478bc89572c62c902aeb94820020fe6299d5ea05b1babfb8ebfb1c60c5ee7c80da5b29a76d2311686761134c5f4ed8cab3a921bb9f001d0a16e318f9a0bd11aeadc96925fb35c30c5c5ae876831e2061fadd09a27c0851dce6696336391d1e9c78cc39e6c86141da4d1571e51aad3b6d3680e9b76db00b48d3d8d61a35350dce61f462ca441d29ce513d28028b2179ec