toastmasters.us
Issued by R3
About this certificate
This digital certificate with serial number 03:9f:3d:f1:ae:39:c3:8b:e8:ff:b9:31:fd:d2:1a:ed:6d:9c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=toastmasters.us
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:9f:3d:f1:ae:39:c3:8b:e8:ff:b9:31:fd:d2:1a:ed:6d:9cSerial Number (int): 315524091920711537408867967391855257939356
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 7c:0e:b5:3a:9a:d5:79:76:74:04:64:37:3c:fe:42:ee:3e:09:c5:4a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): f0:93:fe:60:a6:1a:38:90:98:84:b9:ef:3b:ba:33:85:82:c3:16:0b
Fingerprint (sha256): 4a:28:37:35:2e:44:e2:e3:ec:85:01:a9:5e:09:17:7e:75:20:18:a1:b3:42:fa:ea:98:b0:d9:68:00:ca:b5:a9
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate toastmasters.us
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for toastmasters.us
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
toastmasters.us
www.toastmasters.us
www.toastmasters.us
Other certificates including the domain name toastmasters.us
(limited to 100 certificates)
toastmasters.us
toastmasters.us
robertshambrook4id.toastmasters.us
robertshambrook4id.toastmasters.us
oviedo.toastmasters.us
toastmasters.us
oviedo.toastmasters.us
toastmasters.us
oviedo.toastmasters.us
toastmasters.us
toastmasters.us
robertshambrook4id.toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
oviedo.toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
oviedo.toastmasters.us
toastmasters.us
toastmasters.us
oviedo.toastmasters.us
oviedo.toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
robertshambrook4id.toastmasters.us
toastmasters.us
toastmasters.us
robertshambrook4id.toastmasters.us
toastmasters.us
toastmasters.us
robertshambrook4id.toastmasters.us
robertshambrook4id.toastmasters.us
oviedo.toastmasters.us
toastmasters.us
oviedo.toastmasters.us
toastmasters.us
oviedo.toastmasters.us
toastmasters.us
toastmasters.us
robertshambrook4id.toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
oviedo.toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
oviedo.toastmasters.us
toastmasters.us
toastmasters.us
oviedo.toastmasters.us
oviedo.toastmasters.us
toastmasters.us
toastmasters.us
toastmasters.us
robertshambrook4id.toastmasters.us
toastmasters.us
toastmasters.us
robertshambrook4id.toastmasters.us
toastmasters.us
Certificate
The complete raw certificate details for toastmasters.us in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGATCCBOmgAwIBAgISA5898a45w4vo/7kx/dIa7W2cMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMTQxNzAxMDZaFw0yNDA2MTIxNzAxMDVaMBoxGDAWBgNVBAMT D3RvYXN0bWFzdGVycy51czCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB AKiyI4Z7wTz1J2Y3J29TnDb6Ma00p0cpcgw4zFWuu+jxq7DWHHKR2Q0nQ2zpr5p7 /3V0Ya5Nvb2al75vvuYM5ZBKpzEE7A1hzpXjdKhUxsvJOMJgnocjzehlm3XjIJ2R +/j6xikNxFQL4YJgf52uBctmScM5DdpOyxVA10Hs+NByWAc22Nt8iwdbMOySeKK4 mC35QPsIcGNEYMyVTqpw6uwyrIksCWLtRP4tLCR9EVGE9Y3F/0UJSfbGl/foaMaI E8b832OAoNOmK27/xf+71WSjwbbRHwAZaxsCKn0ohtb1Cxh5cK+JcFvHyjuhnLLn h0CtO2ifbhJbKVN6wxON9vJB/sOpnA3CXtII2iES4vx1jyWM7RbZuhy1o7a2sLqV MJEs5ELUTtDexHP0+8UvsdD1Nib9d6OtmXZnKDV3GJ0v2ek0KW87Ej2yPNQyTUsX Bedr32CVISYJ2RM9GkhZvalXYDLNX5n/tivlHCU4o/22nrB/rVmsrk1jJiW/CgvL OfsUZ77eI+0O4ls3Lj2woYqOgLzot3c39p95ek29J1gbiVAj5mciTGklhqK3ocrT ELV2hKbWCsosKw6Xx8exWzxJlTGb7sQTNmx7b1ZIjBuKPOKXwnnFWGq+sModv3I+ 0Tfp5WWnq/bxbfwFcLN9moV953I3yAjY89oPgDiG5N2/AgMBAAGjggInMIICIzAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFHwOtTqa1Xl2dARkNzz+Qu4+CcVKMB8GA1Ud IwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggr BgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRw Oi8vcjMuaS5sZW5jci5vcmcvMC8GA1UdEQQoMCaCD3RvYXN0bWFzdGVycy51c4IT d3d3LnRvYXN0bWFzdGVycy51czATBgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisG AQQB1nkCBAIEgfYEgfMA8QB2ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h +tQXAAABjj4f+HUAAAQDAEcwRQIhAIhVpaQgjDvPkbpohK4NZuznvQ+JwmfgY/xJ JkgEhgVvAiAk/GtXXGdJhmAV15GEY/j79aSpCI9Fa3lnsUWA4N/HvAB3AHb/iD8K tvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABjj4f+LkAAAQDAEgwRgIhALBF 1nqA8SqVQuT0bv80lVIWPjtIoXd3LoxOnuPTFS6aAiEAr+aAsuVyVk7jo3AxALC9 OwpUi07gAqzWJLweFk94ufowDQYJKoZIhvcNAQELBQADggEBADFqHEBMu2V+jRaQ OJosTClRWLqUZz9hGZ5HUP2yNKLcAqZ58LKyjGbGq2JYOk56FR5hPRN99hzPIDGc Djg6zsfbVmsex4aDxJO7NCmh1Us746w1zjWt4WKDEhrlGQv/2yDtBzyVFblekx8f AItzVm49nPa7TqfWwxsFFcGw9FU9MlmsAYIvUK0mJflpacweqe+9XWqoQVzD2z3q DHFVRejEWHF8RceP1ksvmzVUvQdbvAj2WrxfBax8eMNiHJ8JJfig36C3k6P3Re5v JRb2m/6QDF3XC/SIJEOyal9ZLgd323Znz4Ke6XBqxb19VCt7e0H22hmibVagwW30 pyXJlkA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqLIjhnvBPPUnZjcnb1Oc NvoxrTSnRylyDDjMVa676PGrsNYccpHZDSdDbOmvmnv/dXRhrk29vZqXvm++5gzl kEqnMQTsDWHOleN0qFTGy8k4wmCehyPN6GWbdeMgnZH7+PrGKQ3EVAvhgmB/na4F y2ZJwzkN2k7LFUDXQez40HJYBzbY23yLB1sw7JJ4oriYLflA+whwY0RgzJVOqnDq 7DKsiSwJYu1E/i0sJH0RUYT1jcX/RQlJ9saX9+hoxogTxvzfY4Cg06Yrbv/F/7vV ZKPBttEfABlrGwIqfSiG1vULGHlwr4lwW8fKO6GcsueHQK07aJ9uElspU3rDE432 8kH+w6mcDcJe0gjaIRLi/HWPJYztFtm6HLWjtrawupUwkSzkQtRO0N7Ec/T7xS+x 0PU2Jv13o62ZdmcoNXcYnS/Z6TQpbzsSPbI81DJNSxcF52vfYJUhJgnZEz0aSFm9 qVdgMs1fmf+2K+UcJTij/baesH+tWayuTWMmJb8KC8s5+xRnvt4j7Q7iWzcuPbCh io6AvOi3dzf2n3l6Tb0nWBuJUCPmZyJMaSWGorehytMQtXaEptYKyiwrDpfHx7Fb PEmVMZvuxBM2bHtvVkiMG4o84pfCecVYar6wyh2/cj7RN+nlZaer9vFt/AVws32a hX3ncjfICNjz2g+AOIbk3b8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 315524091920711537408867967391855257939356 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-14 17:01:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-12 17:01:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'toastmasters.us' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 688219042410175602419917546578044939130901480278522526188480442193492862963649784940431325670321459217381148082466850160541363984053142809418474235230155471134397941247434033600889134229328665938011202434353555989934017743409529306548452665238234860860501355507089879454884792212284476622224429832535621855163125167245700743907411653417080328653215014769756248706776165709797722256440302721831480938225832010534027546238779295044031538630542585723221367437228149404027605876160299937661569062736717912849854522705718347896114931645016941355786709201545783411457639769454194778535704280124690881686609632183963812659546762004516862182193627148271340575660237519723063941534390431563111670507926192327796478198352076664029505003587805065839270800461991069133840818924840119651191847826508363430444609122662919794722931959405530911911030239088822824020490395625298300260303507385207070168510636712563360093343220170843522697604251091801320335903994586582600403710362521831255262402073659542234176158365833726540203817388671875542028759152327166693288317176009475081750621976241838909935854637122499915150266290643760595196388446717705922831560938710994721390058628173929520489214754120553430035070496131048397614679783921677150273723839 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7c0eb53a9ad57976740464373cfe42ee3e09c54a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'toastmasters.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.toastmasters.us' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018e3e1ff87500000403004730450221008855a5a4208c3bcf91ba6884ae0d66ece7bd0f89c267e063fc4926480486056f022024fc6b575c6749866015d7918463f8fbf5a4a9088f456b7967b14580e0dfc7bc00770076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e3e1ff8b90000040300483046022100b045d67a80f12a9542e4f46eff349552163e3b48a177772e8c4e9ee3d3152e9a022100afe680b2e572564ee3a3703100b0bd3b0a548b4ee002acd624bc1e164f78b9fa . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00316a1c404cbb657e8d1690389a2c4c295158ba94673f61199e4750fdb234a2dc02a679f0b2b28c66c6ab62583a4e7a151e613d137df61ccf20319c0e383acec7db566b1ec78683c493bb3429a1d54b3be3ac35ce35ade16283121ae5190bffdb20ed073c9515b95e931f1f008b73566e3d9cf6bb4ea7d6c31b0515c1b0f4553d3259ac01822f50ad2625f96969cc1ea9efbd5d6aa8415cc3db3dea0c715545e8c458717c45c78fd64b2f9b3554bd075bbc08f65abc5f05ac7c78c3621c9f0925f8a0dfa0b793a3f745ee6f2516f69bfe900c5dd70bf4882443b26a5f592e0777db7667cf829ee9706ac5bd7d542b7b7b41f6da19a26d56a0c16df4a725c99640