www.cainsurance.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:e5:2c:92:3d:92:3e:45:c5:52:51:a9:cf:30:ed:26:23:f8 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.cainsurance.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e5:2c:92:3d:92:3e:45:c5:52:51:a9:cf:30:ed:26:23:f8Serial Number (int): 339320765176145100424375697127264515138552
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e0:da:d3:23:27:2d:70:f6:ce:f2:cd:88:3f:5b:0a:b7:41:90:ac:c5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 81:bc:14:01:41:03:e0:9d:c4:00:32:44:93:15:8b:2a:ba:19:55:b1
Fingerprint (sha256): 4d:14:71:67:fd:cb:04:1c:74:f0:82:a7:3d:02:3b:94:b3:31:69:07:ed:5d:7c:9c:8c:e8:6c:14:9c:bc:f6:68
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.cainsurance.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cainsurance.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.cainsurance.org
Other certificates including the domain name cainsurance.org
(limited to 100 certificates)
cainsurance.org
cainsurance.org
impossible.ca
www.cainsurance.org
cainsurance.org
hugabee.ca
prodigy.vc
cainsurance.org
usc.mba
impossible.ca
cainsurance.org
www.hotelbookings.io
cainsurance.org
impossible.ca
cainsurance.org
usc.mba
cainsurance.org
usc.mba
impossible.ca
health.clinic
cainsurance.org
dancingriverassistedliving.com
cainsurance.org
cainsurance.org
impossible.ca
www.cainsurance.org
cainsurance.org
hugabee.ca
prodigy.vc
cainsurance.org
usc.mba
impossible.ca
cainsurance.org
www.hotelbookings.io
cainsurance.org
impossible.ca
cainsurance.org
usc.mba
cainsurance.org
usc.mba
impossible.ca
health.clinic
cainsurance.org
dancingriverassistedliving.com
cainsurance.org
Certificate
The complete raw certificate details for www.cainsurance.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGYDCCBUigAwIBAgISA+Uskj2SPkXFUlGpzzDtJiP4MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMTAyMTI1NDBaFw0y MDA0MDkyMTI1NDBaMB4xHDAaBgNVBAMTE3d3dy5jYWluc3VyYW5jZS5vcmcwggIi MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDW1SBmH3n7nVeV2wCIlg+yJPdh iivOap50afa7rrw5in1DsDXKndmtKV1oxTf+aEjMa+b25gNJSXeyyBz/x5dOGSqs lCmAwBJhH9lDmq6Q5AE6NaQIE/R9bBddHLYA3hB8eZnUDCPb65qhlEQTF0UPpQ4p e73Xp0hM8A+jyo7TnyGz3bZifO2QptrOxrROMUM8AWKCdDPidR6N5DfGRhp/uqLl yPiDw7JzAodarL2Q1waX9IPfz0oVh6+v5BxI2++AxFHQLX4vqPTpttTUFxvTVwsK PqYxIms5nNA+ud67wmwB7STViFQfIozCpZ/KTavJtUFvev7fDPyTL5PtePYAvjEk frfVxz72s58hIbNbLhSqD6s2xirgPe4VKAd3e3BuFnXjNXfVDe31ZDCFGFxH2Huc CkgQuuVuwbOvGwoNhxoemFHphPDL9iRkWQxZ2ibfxTKDoM2WfC57GYW1zveOgLJZ niUZoH0p288QXvj13BCOxNP09SS9N0cefvqSku4TCCYfpQ9RV2AoxEjC/sJVFx2Q 9cVmURkKShTlADVPqIPQO+10xbNofKA1ZUKszwwI5mU08ngsc5Py38YD5D4fcoD7 t8wPc14LvARbMVbZBUpykAayhekh3E6fOKPjkisHXG/M7prklP1ydpL0TTjzMBof Ckr7geCr8GUMTLqxlQIDAQABo4ICajCCAmYwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBTg2tMjJy1w9s7yzYg/Wwq3QZCsxTAfBgNVHSMEGDAWgBSoSmpjBH3duubRObem RWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw LmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0 LmludC14My5sZXRzZW5jcnlwdC5vcmcvMB4GA1UdEQQXMBWCE3d3dy5jYWluc3Vy YW5jZS5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEGBgorBgEE AdZ5AgQCBIH3BIH0APIAdwCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQ XgAAAW+RkCWKAAAEAwBIMEYCIQC05cR1TjdIYLbPZqnTlnDRwx2qpjCCWZJg0vX8 vHKOwgIhAMhFz1rS6RDe7/kLBAF4qYhTHP51w39WENw6T/dF3gZNAHcAb1N2rDHw MRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFvkZAl3gAABAMASDBGAiEAoQEK kAZcYm3yJrSP6k5ZiLJFHVN4DdPCQCTgSjvqqqcCIQCm7saGfTNIr1l4irAjmynL R5wBEPPgqURHbThLEGx3UjANBgkqhkiG9w0BAQsFAAOCAQEATPbY6+ZbrmDIbHAf +XYxiTcI56LroAQLNruKY2lxrZ4etPqfvAa/f3moJj0X0OGcAJCyrFVEGTpfJ8W/ IEIcGhwcd0nxcPtqjjYeFATdIXmORtfApVMrBxGsZJMMfaX9XD+BUjxElJyCTRF5 VyzN+USOnFeMAlhOuQ10e+ZoUHrdbfnLHzWQXx+QzgnO4rsLvnYv5xBd7KmepTzN 2L/0qJjmtkeUwWI4LPWeQ9M/qshJQm5ps4eN8v+CFkTwW9oFPrMEB49VZDbJonKz pcRpFTPMnRLt37Uds9woWBrRyXK1mhmOAc8LAnU20DHIi1x6tCssNN6RO76kMy9c 9CsG7g== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1tUgZh95+51XldsAiJYP siT3YYorzmqedGn2u668OYp9Q7A1yp3ZrSldaMU3/mhIzGvm9uYDSUl3ssgc/8eX ThkqrJQpgMASYR/ZQ5qukOQBOjWkCBP0fWwXXRy2AN4QfHmZ1Awj2+uaoZREExdF D6UOKXu916dITPAPo8qO058hs922YnztkKbazsa0TjFDPAFignQz4nUejeQ3xkYa f7qi5cj4g8OycwKHWqy9kNcGl/SD389KFYevr+QcSNvvgMRR0C1+L6j06bbU1Bcb 01cLCj6mMSJrOZzQPrneu8JsAe0k1YhUHyKMwqWfyk2rybVBb3r+3wz8ky+T7Xj2 AL4xJH631cc+9rOfISGzWy4Uqg+rNsYq4D3uFSgHd3twbhZ14zV31Q3t9WQwhRhc R9h7nApIELrlbsGzrxsKDYcaHphR6YTwy/YkZFkMWdom38Uyg6DNlnwuexmFtc73 joCyWZ4lGaB9KdvPEF749dwQjsTT9PUkvTdHHn76kpLuEwgmH6UPUVdgKMRIwv7C VRcdkPXFZlEZCkoU5QA1T6iD0DvtdMWzaHygNWVCrM8MCOZlNPJ4LHOT8t/GA+Q+ H3KA+7fMD3NeC7wEWzFW2QVKcpAGsoXpIdxOnzij45IrB1xvzO6a5JT9cnaS9E04 8zAaHwpK+4Hgq/BlDEy6sZUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 339320765176145100424375697127264515138552 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-10 21:25:40 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-09 21:25:40 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.cainsurance.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 876440238756285610006192436105483912402180705833838636828131856394773664074362261948952034474265304223933456055691092417168839203125381662316202398697295328802160450214798907452493834143993933012111527870526581273517926411914737298640468808610882928076061327271784297646215036762466586060206517524268258232774785621900392211386602795586161459012491878564123421136939037043522346697723800843846678305065641739910380263909178686578886444429427350066440532467681319529839114740655278699119427605896953906758473612986396379925434385311343527196093460960040834273467395387034124921642077283416465769572745523794490079165496596327290054115138581981907172674283796639538324745363884105173089081240938151755602028476649393461177161710617622016189547501279432500752312256719583707586944100075346177985105451696754617694769038616770584414209820926694103067870486250770217755540802483679204508220225443028461667126775214236218951464429255019438842592462756324848664460143680320122747938273823175786131819258311263085058053793445464220699210145406181668540497552093659470548124348340617167682858297273677444120325059409771491341514706240318230926544636291644132217415113424145612042907332964323831012895376668151803414093569141468660293795754389 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e0dad323272d70f6cef2cd883f5b0ab74190acc5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (23 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cainsurance.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f2007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f9190258a0000040300483046022100b4e5c4754e374860b6cf66a9d39670d1c31daaa63082599260d2f5fcbc728ec2022100c845cf5ad2e910deeff90b040178a988531cfe75c37f5610dc3a4ff745de064d0077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016f919025de0000040300483046022100a1010a90065c626df226b48fea4e5988b2451d53780dd3c24024e04a3beaaaa7022100a6eec6867d3348af59788ab0239b29cb479c0110f3e0a944476d384b106c7752 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004cf6d8ebe65bae60c86c701ff97631893708e7a2eba0040b36bb8a636971ad9e1eb4fa9fbc06bf7f79a8263d17d0e19c0090b2ac5544193a5f27c5bf20421c1a1c1c7749f170fb6a8e361e1404dd21798e46d7c0a5532b0711ac64930c7da5fd5c3f81523c44949c824d1179572ccdf9448e9c578c02584eb90d747be668507add6df9cb1f35905f1f90ce09cee2bb0bbe762fe7105deca99ea53ccdd8bff4a898e6b64794c162382cf59e43d33faac849426e69b3878df2ff821644f05bda053eb304078f556436c9a272b3a5c4691533cc9d12eddfb51db3dc28581ad1c972b59a198e01cf0b027536d031c88b5c7ab42b2c34de913bbea4332f5cf42b06ee