staging.care.ca

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:07:f5:26:15:44:cf:68:78:ef:cd:5a:e0:cf:a4:4b:2d:04 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=staging.care.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:07:f5:26:15:44:cf:68:78:ef:cd:5a:e0:cf:a4:4b:2d:04
Serial Number (int): 264044692961357544320507497022845130321156
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: aa:49:ea:cc:58:95:58:95:7e:60:92:2e:53:f1:7d:5f:75:c1:81:63
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 4a:14:ab:46:34:ea:1d:dc:ca:17:1f:97:b5:31:97:e6:a5:d7:70:85
Fingerprint (sha256): 3d:80:5b:fe:53:ea:c0:55:c6:f4:55:4f:cd:2f:7d:37:49:7d:c1:e0:33:00:61:d2:4e:e6:2c:f9:45:93:49:72

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate staging.care.ca

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for staging.care.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

staging.care.ca

Other certificates including the domain name care.ca

(limited to 100 certificates)
covenanthousetorontoevents.ca
bearstatus.oostwestsl.com
power.care.ca
bearstatus.oostwestsl.com
care.ca
dev.care.ca
blog.care.ca
bearstatus.oostwestsl.com
care.ca
webmail.care.ca
care.ca
power.care.ca
power.care.ca
minerva.care.ca
bearstatus.oostwestsl.com
blog.care.ca
staging.care.ca
care.ca
power.care.ca
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
staging.care.ca
power.care.ca
minerva.care.ca
bearstatus.oostwestsl.com
blog.care.ca
bearstatus.oostwestsl.com
care.ca
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
care.ca
covenanthousetorontoevents.ca
bearstatus.oostwestsl.com
care.ca
care.ca
care.ca
minerva.care.ca
care.ca
blog.care.ca
power.care.ca
minerva.care.ca
blog.care.ca
bearstatus.oostwestsl.com
www.care.ca
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
minerva.care.ca
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
staging.care.ca
power.care.ca
care.ca
care.ca
bearstatus.oostwestsl.com
blog.care.ca
webmail.care.ca
care.ca
bearstatus.oostwestsl.com
power.care.ca
bearstatus.oostwestsl.com
care.ca
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
care.ca
bearstatus.oostwestsl.com
care.ca
minerva.care.ca
bearstatus.oostwestsl.com
care.ca
care.ca
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com
minerva.care.ca
power.care.ca
care2.wowsite.dev
power.care.ca
care.ca
care.ca
staging.care.ca
blog.care.ca
blog.care.ca
webmail.care.ca
power.care.ca
webmail.care.ca
minerva.care.ca
blog.care.ca
power.care.ca
power.care.ca
care.ca
care.ca
bearstatus.oostwestsl.com
minerva.care.ca
bearstatus.oostwestsl.com
bearstatus.oostwestsl.com

Certificate

The complete raw certificate details for staging.care.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAwf1JhVEz2h4781a4M+kSy0EMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA5MjExNDU5MDhaFw0x
OTEyMjAxNDU5MDhaMBoxGDAWBgNVBAMTD3N0YWdpbmcuY2FyZS5jYTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6YspI7kvXGkkgiqsYoRvahhDuS8/ID
TI/UzdObfsYhlGbuE07uWlc65CnW1edHEkZH9iwn6A+rmIozw6TLRoSCiQ4BM9C9
IefH2pfYbsDmNjbkoPOIUCGQy90rSWkf4eV7/eQVt4oJVqJ9Vb4Y9r2jtoAlTzce
mv2Vcbe9xbL08vrZisVMvMbwOa7rxlHmPOYxSFu3YrkgHGs26uYfE1BCdfT367JJ
pyixzc0m+nuJbkQjgfCI13QMLWhsY9oiOotSlUMJjNzl0jc4lZfvufP4fMwciDzf
QOHk271s8vuwaGO89HfHofdls05M6acCVYmjDXnFIg7ffv+3Kjv0+UkCAwEAAaOC
AmQwggJgMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUqknqzFiVWJV+YJIuU/F9X3XB
gWMwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE
YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnLzAaBgNVHREEEzARgg9zdGFnaW5nLmNhcmUuY2EwTAYDVR0gBEUwQzAIBgZn
gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBvU3asMfAx
GdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAW1UjGF8AAAEAwBHMEUCIAZ6DZ9F
TP1r2ZEhxrIz3sGjw44XgFzKxiJ2yK3us3lTAiEA+KiQ1scJP6gv2a2SVNItyDXU
XQYlGf6TrcA//n/cF8AAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvY
jQAAAW1UjGDRAAAEAwBHMEUCIQCwde8oVmXo1PShrVpnQBsh8xQlg72Rtjv0HifB
rsCajAIgGAOWMqWKFunA5Q5bJiDOhVoiwI6lDACpM6LrTCcj4MEwDQYJKoZIhvcN
AQELBQADggEBAI7HJ/2p7+NcXk5tXq/Wol0BmIQTHDe4/GM90FZxNdVXW9/NRg99
p7jtDdHdi8g3NIS+fWvxTMjcr+1lB9vzEEjqK9GAJ5sg6l7RBM4ojznm6/gcnBM7
q0yKsmWtg4Tta0ELp+jQTIZ/udTnCnZ9dT9nrpDNRt4UMEeuOzg4bNekuRwK8Q2u
Cz2KYlIoZfR0nTntgcGQcQAIXVQvoNHxE99crqySc8jh83OCbhN+2ENo0wzQbYfF
n57nNLfz8rauNDkQFV22Dzpz8dP6wyFi5vbiUgy0j9g2CcydLL+H89qYuNVjzack
UgftA2YqwnD1kF2p96o5WevWFyx8A34R7DM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpiykjuS9caSSCKqxihG
9qGEO5Lz8gNMj9TN05t+xiGUZu4TTu5aVzrkKdbV50cSRkf2LCfoD6uYijPDpMtG
hIKJDgEz0L0h58fal9huwOY2NuSg84hQIZDL3StJaR/h5Xv95BW3iglWon1Vvhj2
vaO2gCVPNx6a/ZVxt73FsvTy+tmKxUy8xvA5ruvGUeY85jFIW7diuSAcazbq5h8T
UEJ19PfrskmnKLHNzSb6e4luRCOB8IjXdAwtaGxj2iI6i1KVQwmM3OXSNziVl++5
8/h8zByIPN9A4eTbvWzy+7BoY7z0d8eh92WzTkzppwJViaMNecUiDt9+/7cqO/T5
SQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 264044692961357544320507497022845130321156
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-09-21 14:59:08 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-20 14:59:08 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'staging.care.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24060575908809327525028136282978016805940132773065837071933052417779200399891590185868429370948882536994239782026167133833395452968136816015245113142373599948740778914217903874440577800902705687450427969440901868117069463358723738815651061299423330133735055417119685048978200441257947683746345964756488954906647099659549045668315148036995062303602356959038059439563856083618941147593764085849369012053325468453580532198073295784654114143553064731145728469788260061141839287341021402593665389789612697737669145016222845290954380607144697710350757336970792047906224179548037280488457131408023908597008884473305199081801
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							aa49eacc589558957e60922e53f17d5f75c18163
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'staging.care.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016d548c617c00000403004730450220067a0d9f454cfd6bd99121c6b233dec1a3c38e17805ccac62276c8adeeb37953022100f8a890d6c7093fa82fd9ad9254d22dc835d45d062519fe93adc03ffe7fdc17c000760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d0000016d548c60d10000040300473045022100b075ef285665e8d4f4a1ad5a67401b21f3142583bd91b63bf41e27c1aec09a8c022018039632a58a16e9c0e50e5b2620ce855a22c08ea50c00a933a2eb4c2723e0c1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008ec727fda9efe35c5e4e6d5eafd6a25d019884131c37b8fc633dd0567135d5575bdfcd460f7da7b8ed0dd1dd8bc8373484be7d6bf14cc8dcafed6507dbf31048ea2bd180279b20ea5ed104ce288f39e6ebf81c9c133bab4c8ab265ad8384ed6b410ba7e8d04c867fb9d4e70a767d753f67ae90cd46de143047ae3b38386cd7a4b91c0af10dae0b3d8a62522865f4749d39ed81c1907100085d542fa0d1f113df5caeac9273c8e1f373826e137ed84368d30cd06d87c59f9ee734b7f3f2b6ae343910155db60f3a73f1d3fac32162e6f6e2520cb48fd83609cc9d2cbf87f3da98b8d563cda7245207ed03662ac270f5905da9f7aa3959ebd6172c7c037e11ec33