museumofthe.bible
Issued by R3
About this certificate
This digital certificate with serial number 03:8b:4b:0c:65:38:0b:6b:f4:95:d9:26:6c:cf:74:de:fe:0d was issued on by Let's Encrypt.
With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=museumofthe.bible
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:8b:4b:0c:65:38:0b:6b:f4:95:d9:26:6c:cf:74:de:fe:0dSerial Number (int): 308735863257501039384489980121849027034637
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 95:c9:54:ba:b4:43:47:4c:fd:b7:85:e3:bc:fd:e2:5f:4a:a6:a7:7a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): c7:70:fb:01:fc:d0:19:cb:1d:b6:07:f2:45:34:fd:4e:2e:a8:48:00
Fingerprint (sha256): 49:04:ef:0a:4a:d9:6f:e0:85:e9:ec:75:7b:6b:03:42:e8:26:fe:62:3a:bb:e0:54:70:f0:79:11:cc:1f:8e:16
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate museumofthe.bible
11
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for museumofthe.bible
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
1800dwilaws.com
americanscbd.com
beautyceutics.com
buyerconsultation.realbrilliance.net
buyerdesign.com
creationvolunteer.org
kerapeaptide.com
museumofthe.bible
themythologicallandscape.com
whocontrolswho.org
worldpridebooking.com
americanscbd.com
beautyceutics.com
buyerconsultation.realbrilliance.net
buyerdesign.com
creationvolunteer.org
kerapeaptide.com
museumofthe.bible
themythologicallandscape.com
whocontrolswho.org
worldpridebooking.com
Other certificates including the domain name museumofthe.bible
(limited to 100 certificates)
usc.mba
playgolf.club
goldenoldies.ca
goldenoldies.ca
usc.mba
dumptruck.ca
5272653.ca
usc.mba
goldenoldies.ca
dumptruck.ca
playgolf.club
goldenoldies.ca
museumofthe.bible
usc.mba
museumofthe.bible
museumofthe.bible
museumofthe.bible
usc.mba
radiantresults.world
playgolf.club
usc.mba
allanblock.on.ca
diamantes.ca
dumptruck.ca
goldenoldies.ca
usc.mba
dyehardcustom.com.museumofthe.bible
lng.world
usc.mba
goldenoldies.ca
allanblock.on.ca
slt.co.za
usc.mba
goldenoldies.ca
usc.mba
goldenoldies.ca
playgolf.club
goldenoldies.ca
goldenoldies.ca
usc.mba
dumptruck.ca
5272653.ca
usc.mba
goldenoldies.ca
dumptruck.ca
playgolf.club
goldenoldies.ca
museumofthe.bible
usc.mba
museumofthe.bible
museumofthe.bible
museumofthe.bible
usc.mba
radiantresults.world
playgolf.club
usc.mba
allanblock.on.ca
diamantes.ca
dumptruck.ca
goldenoldies.ca
usc.mba
dyehardcustom.com.museumofthe.bible
lng.world
usc.mba
goldenoldies.ca
allanblock.on.ca
slt.co.za
usc.mba
goldenoldies.ca
usc.mba
goldenoldies.ca
Certificate
The complete raw certificate details for museumofthe.bible in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF0jCCBLqgAwIBAgISA4tLDGU4C2v0ldkmbM903v4NMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MjcxNjM2MjBaFw0yNDA3MjYxNjM2MTlaMBwxGjAYBgNVBAMT EW11c2V1bW9mdGhlLmJpYmxlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1j8I46TRJmiKarVwa12bThXDm1z5pqHPovz2dNVxDhFwbrIlzJ/HYKejihuk +W748DO+nXcs5lE+AyMq28UGQbXLUGXcM+oFqj1nM06NLN1cndimH5zKn54e1f39 eRH2gv5Yapo7k8Ndys63G40S5MS/ch2zRNzjDva92UJNo/7dpeMn9BCuFzO3B7oO hq6acYtOhEd1OLw8xDiGViitVeMBDKjH53b3uuTTvUuLzXxbsBz0syB3wZgQ0xIN IpcG6xwNSzgciLdoXfy6SwCZmARA4PSpXFl1yeqSI77a8h2+e3Wd6kXqlU9yTgmH e/tz4haNptRAuPfDiwoOkHbAtwIDAQABo4IC9jCCAvIwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBSVyVS6tENHTP23heO8/eJfSqanejAfBgNVHSMEGDAWgBQULrMXt1hW y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu b3JnLzCB/QYDVR0RBIH1MIHygg8xODAwZHdpbGF3cy5jb22CEGFtZXJpY2Fuc2Ni ZC5jb22CEWJlYXV0eWNldXRpY3MuY29tgiRidXllcmNvbnN1bHRhdGlvbi5yZWFs YnJpbGxpYW5jZS5uZXSCD2J1eWVyZGVzaWduLmNvbYIVY3JlYXRpb252b2x1bnRl ZXIub3JnghBrZXJhcGVhcHRpZGUuY29tghFtdXNldW1vZnRoZS5iaWJsZYIcdGhl bXl0aG9sb2dpY2FsbGFuZHNjYXBlLmNvbYISd2hvY29udHJvbHN3aG8ub3JnghV3 b3JsZHByaWRlYm9va2luZy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwggEFBgor BgEEAdZ5AgQCBIH2BIHzAPEAdgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF 7PhkbgAAAY8goRtQAAAEAwBHMEUCIQCaoKMU5qYe0FQ1N+GgmYXWJAL73W/xqhkO FeAF0CX0ywIgcRQWvY+ZNKAoumEwNNgqCJyUtC8jCgL6fXO66Y4Ybc4AdwAZmBBx CfDWUi4wgNKeP2S7g24ozPkPUo7u385KPxa0ygAAAY8goRtpAAAEAwBIMEYCIQD4 eVnigxIAin5nzc5Jz1Ri+2stOVBkaZAsvms2KjfuBAIhAOPfeIBhLUx39bMZxXJd JmE1WxRPklAZhe+Nd2IdRsYgMA0GCSqGSIb3DQEBCwUAA4IBAQAIY2TcTH17vj93 LSeQW74IDZdQn+ZIF5Kk+lLKB7tgU/I+4a85E1/FYQsHsq1Esl/3P+Btw5/VjVGo QXO7oe9ulGCeblUi1w1IMV7R8uYYRX0W1QvR2gha1JUwZUOzTogYmxgQEMLPIqm4 fAVqLKK62McSQz7TNOIb9tiUdm9fZrxEwsy57MM50Yz/Iv86LPzL8/T6FzSvHOUI MBOAYEHz20HIDrcqf/8iu9EbDWqb8c30mc1fRZdAVtFXsAqA22Bh6qRtjPpRpNSf AR2Pz+MUscTZcpuqyZWR1Z9nMRZv5zeeMmtEEHQPAo+oO4eAYmmlsTKIjrPgHKZN UPqbFCuo -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j8I46TRJmiKarVwa12b ThXDm1z5pqHPovz2dNVxDhFwbrIlzJ/HYKejihuk+W748DO+nXcs5lE+AyMq28UG QbXLUGXcM+oFqj1nM06NLN1cndimH5zKn54e1f39eRH2gv5Yapo7k8Ndys63G40S 5MS/ch2zRNzjDva92UJNo/7dpeMn9BCuFzO3B7oOhq6acYtOhEd1OLw8xDiGViit VeMBDKjH53b3uuTTvUuLzXxbsBz0syB3wZgQ0xINIpcG6xwNSzgciLdoXfy6SwCZ mARA4PSpXFl1yeqSI77a8h2+e3Wd6kXqlU9yTgmHe/tz4haNptRAuPfDiwoOkHbA twIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 308735863257501039384489980121849027034637 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-27 16:36:20 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-26 16:36:19 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'museumofthe.bible' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27046080843429324572577969724362790255271651299761055362601335454443880746904428679547096080831947571356107138451087137196123354578562262544346406401876627220666104070359473678094792002673125491025347938720005513581813897764819055254463141502723542591996039711168973164623244781529295133895790960110344562552623348983254941623391896502250495521811255506897792962615161570272787150950407457539680982766871810208148349632539176812044381202317832247467516172517812441240448431504856494468147415387433424024899855832322651154296609126695699019185445566109679548120268686832775246112671467277369674114143956869258650501303 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 95c954bab443474cfdb785e3bcfde25f4aa6a77a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '1800dwilaws.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'americanscbd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'beautyceutics.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buyerconsultation.realbrilliance.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'buyerdesign.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'creationvolunteer.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kerapeaptide.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'museumofthe.bible' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'themythologicallandscape.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'whocontrolswho.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worldpridebooking.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f20a11b5000000403004730450221009aa0a314e6a61ed0543537e1a09985d62402fbdd6ff1aa190e15e005d025f4cb0220711416bd8f9934a028ba613034d82a089c94b42f230a02fa7d73bae98e186dce0077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca0000018f20a11b690000040300483046022100f87959e28312008a7e67cdce49cf5462fb6b2d39506469902cbe6b362a37ee04022100e3df7880612d4c77f5b319c5725d2661355b144f92501985ef8d77621d46c620 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00086364dc4c7d7bbe3f772d27905bbe080d97509fe6481792a4fa52ca07bb6053f23ee1af39135fc5610b07b2ad44b25ff73fe06dc39fd58d51a84173bba1ef6e94609e6e5522d70d48315ed1f2e618457d16d50bd1da085ad495306543b34e88189b181010c2cf22a9b87c056a2ca2bad8c712433ed334e21bf6d894766f5f66bc44c2ccb9ecc339d18cff22ff3a2cfccbf3f4fa1734af1ce5083013806041f3db41c80eb72a7fff22bbd11b0d6a9bf1cdf499cd5f45974056d157b00a80db6061eaa46d8cfa51a4d49f011d8fcfe314b1c4d9729baac99591d59f6731166fe7379e326b4410740f028fa83b87806269a5b132888eb3e01ca64d50fa9b142ba8