*.private.geicoddc.net
- GEICO -
Issued by Trustwave OV SHA256 Pre-Certificate CA
About this certificate
This digital certificate with serial number 07:17:9c:de:92:93:b3:70:1c:0e:a1:92:7b:e9:76:e6:01:f3:51 was issued on by Trustwave Holdings, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
GEICO
Organization:
GEICO
State / Province:
Maryland
Locality: Chevy Chase
Country: US
Locality: Chevy Chase
Country: US
Trustwave Holdings, Inc.
Organization:
Trustwave Holdings, Inc.
State / Province:
Illinois
Locality: Chicago
Country: US
Locality: Chicago
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 07:17:9c:de:92:93:b3:70:1c:0e:a1:92:7b:e9:76:e6:01:f3:51Serial Number (int): 158162178865070650410398247866925679105930065
Serial Number lenght: 147 bits, 19 octets
SubjectKeyId: 39:a7:eb:d9:17:0e:5b:20:85:4d:3e:8e:b7:1f:14:48:02:e8:7d:a2
AuthorityKeyId: c0:ce:4c:b0:06:48:21:0b:4d:f4:a5:ac:f7:6b:f7:ba:dd:4e:04:4f
Fingerprint (sha1): 43:d5:68:2b:4c:81:51:77:05:ba:da:1e:5b:dc:45:4f:86:cd:07:08
Fingerprint (sha256): 4b:e3:d9:a6:0d:2b:42:54:5f:96:0a:77:a5:a3:24:6b:3c:13:20:76:a8:66:0d:c5:9b:3d:81:d0:62:48:33:77
Issuing Certificate URL: http://ssl.trustwave.com/issuers/OVCA2_L1.crt
Revocation information
OCSP Server: http://ocsp.trustwave.com/CRL Distribution Point: http://crl.trustwave.com/OVCA2_L1.crl
Check the revocation status for certificate *.private.geicoddc.net
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.private.geicoddc.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.private.geicoddc.net
Other certificates including the domain name geicoddc.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.private.geicoddc.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgITBxec3pKTs3AcDqGSe+l25gHzUTANBgkqhkiG9w0BAQsF ADCBhjEvMC0GA1UEAxMmVHJ1c3R3YXZlIE9WIFNIQTI1NiBQcmUtQ2VydGlmaWNh dGUgQ0ExITAfBgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjEQMA4GA1UE BxMHQ2hpY2FnbzERMA8GA1UECBMISWxsaW5vaXMxCzAJBgNVBAYTAlVTMB4XDTIw MDIxMzEzMjMwOFoXDTIyMDIxNDE5MjMwOFowZzEfMB0GA1UEAwwWKi5wcml2YXRl LmdlaWNvZGRjLm5ldDEOMAwGA1UEChMFR0VJQ08xFDASBgNVBAcTC0NoZXZ5IENo YXNlMREwDwYDVQQIEwhNYXJ5bGFuZDELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCxTKG6CskAcKb3c+G8cmakrY5eb6c4uwQ7rQKw 7cUhE95BWhzSvnPo56jT/Ay92PHKKbWJi/fe3AzhhRnwjHhcvxnUZ1AVvcU4O+HU ekDaO8/g8wez09cLtDTurs+6UM/R0bmoxyCP5i2v6GZhgAO7WCFS/TXT3YxdS0Iw BN0d/BWbk6SSq6M3wEsNfpB8RkBXCv+eeQ/TkclCmI6hSAvmxiGWDRoLaYlMTklp 4Aj244cWzue1s8X8KsXYjjy2TYwBOSYi5+AQ3/MMCq6D2o3Ysj0zIAjcw85wwph3 rTBzqR6nlDPdlp+y1xpoc7PpZ/LzQGOt0OI4i92BNCq8+OBvAgMBAAGjggGlMIIB oTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFDmn69kXDlsghU0+jrcfFEgC6H2iMB8G A1UdIwQYMBaAFMDOTLAGSCELTfSlrPdr97rdTgRPMD8GA1UdIAQ4MDYwNAYGZ4EM AQICMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vc3NsLnRydXN0d2F2ZS5jb20vQ0Ew IQYDVR0RBBowGIIWKi5wcml2YXRlLmdlaWNvZGRjLm5ldDA2BgNVHR8ELzAtMCug KaAnhiVodHRwOi8vY3JsLnRydXN0d2F2ZS5jb20vT1ZDQTJfTDEuY3JsMHEGCCsG AQUFBwEBBGUwYzAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudHJ1c3R3YXZlLmNv bS8wOQYIKwYBBQUHMAKGLWh0dHA6Ly9zc2wudHJ1c3R3YXZlLmNvbS9pc3N1ZXJz L09WQ0EyX0wxLmNydDATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsF AAOCAQEAeel9UOaTTSEjpakR35gDpImHZJVAfk4RXwO4CF7yfvlEJxxng7jNNLdh abGP0HwS+LmDe5IK7j61JqfiHZ7n3CZrexsho7IYSsrvT0AqJ3Rz1rl1r60lKrVO 8284lhvFrDEe6TnZhJc9Utl68BQgUtc/2EFF0YeYr9YQCQZI6VdKbiO7DarA5nnx z0kfI0jq3+9xqMh3+Y1G6q7ZsHLcxMoZxW+8iRgtEfk6tHGKU/TjP/X01J3/E67O 61gy76v8o/b8c+JjfgnCUSa7AOl91gbdSR38nJtaaEnF4FhrrzwuWTn06M638WQe UQ/++ZqjNn6nxuMZZVhIHyrA/yOS4Q== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUyhugrJAHCm93PhvHJm pK2OXm+nOLsEO60CsO3FIRPeQVoc0r5z6Oeo0/wMvdjxyim1iYv33twM4YUZ8Ix4 XL8Z1GdQFb3FODvh1HpA2jvP4PMHs9PXC7Q07q7PulDP0dG5qMcgj+Ytr+hmYYAD u1ghUv01092MXUtCMATdHfwVm5OkkqujN8BLDX6QfEZAVwr/nnkP05HJQpiOoUgL 5sYhlg0aC2mJTE5JaeAI9uOHFs7ntbPF/CrF2I48tk2MATkmIufgEN/zDAqug9qN 2LI9MyAI3MPOcMKYd60wc6kep5Qz3ZafstcaaHOz6Wfy80BjrdDiOIvdgTQqvPjg bwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 158162178865070650410398247866925679105930065 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trustwave OV SHA256 Pre-Certificate CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trustwave Holdings, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-13 13:23:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-14 19:23:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.private.geicoddc.net' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GEICO' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chevy Chase' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Maryland' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22381968500862988869690352617482207695964540560176410005988714455103834961101698778132805893518651672828842637454418481341932564071386181707410540323189710790691574294326535117307941980032130921785238079458278448554596117607184816866519747577390865031032425267042890148061893358670979526747202542772505340199385888389385328098824509172439597490155045428326697682712615296409585939458167705233292049924981094043905117290947595278386725977409481179331774182828793270421276407243677341435561857947428899288606064110948002896784664771717305607681221108116953846808218702990667809821894066033730121512169119934380783493231 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 39a7ebd9170e5b20854d3e8eb71f144802e87da2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c0ce4cb00648210b4df4a5acf76bf7badd4e044f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (56 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://ssl.trustwave.com/CA' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.private.geicoddc.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.trustwave.com/OVCA2_L1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (101 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.trustwave.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ssl.trustwave.com/issuers/OVCA2_L1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0079e97d50e6934d2123a5a911df9803a489876495407e4e115f03b8085ef27ef944271c6783b8cd34b76169b18fd07c12f8b9837b920aee3eb526a7e21d9ee7dc266b7b1b21a3b2184acaef4f402a277473d6b975afad252ab54ef36f38961bc5ac311ee939d984973d52d97af0142052d73fd84145d18798afd610090648e9574a6e23bb0daac0e679f1cf491f2348eadfef71a8c877f98d46eaaed9b072dcc4ca19c56fbc89182d11f93ab4718a53f4e33ff5f4d49dff13aeceeb5832efabfca3f6fc73e2637e09c25126bb00e97dd606dd491dfc9c9b5a6849c5e0586baf3c2e5939f4e8ceb7f1641e510ffef99aa3367ea7c6e3196558481f2ac0ff2392e1