www.canoa.co
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:66:4e:2d:62:68:bf:65:4a:ef:9b:b9:ed:13:df:7c:3a:0e was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.canoa.co
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:66:4e:2d:62:68:bf:65:4a:ef:9b:b9:ed:13:df:7c:3a:0eSerial Number (int): 296149574654221424870071652757493809691150
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 51:11:39:39:63:51:c7:11:47:de:10:c1:5c:6c:1f:7a:d0:57:38:8c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): e8:a2:5e:bf:3a:4a:2f:47:80:ea:69:f1:7b:c8:3e:77:81:b1:41:33
Fingerprint (sha256): 4f:80:2b:c1:cc:45:79:a8:41:ba:ee:9c:20:ae:9f:d9:36:82:94:31:8b:63:f4:16:60:e7:47:f6:e7:b6:92:70
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.canoa.co
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.canoa.co
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.canoa.co
Other certificates including the domain name canoa.co
(limited to 100 certificates)
www.battista.co
99451.com
www.designschool.co
canoa.co
treelovinggypsy.com
69383.com
www.faros.net
www.thepalmclub.co
www.canoa.co
www.oversizedsweaters.com
masteryogurt.com
irishexaminer.co
ooodirect.com
rosaria.co
newjerseyprobate.co
www.bayridgegenesis.net
canoa.co
canoa.co
santateresa.co
spoilers.top
www.neomholo.com
www.fashionsecrets.in
www.gaeta.co
marinella.co
www.canoa.co
99451.com
www.designschool.co
canoa.co
treelovinggypsy.com
69383.com
www.faros.net
www.thepalmclub.co
www.canoa.co
www.oversizedsweaters.com
masteryogurt.com
irishexaminer.co
ooodirect.com
rosaria.co
newjerseyprobate.co
www.bayridgegenesis.net
canoa.co
canoa.co
santateresa.co
spoilers.top
www.neomholo.com
www.fashionsecrets.in
www.gaeta.co
marinella.co
www.canoa.co
Certificate
The complete raw certificate details for www.canoa.co in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUDCCBTigAwIBAgISA2ZOLWJov2VK75u57RPffDoOMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjYwOTE4MzdaFw0x OTEwMjQwOTE4MzdaMBcxFTATBgNVBAMTDHd3dy5jYW5vYS5jbzCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAPa1wtrkL4F/9sTfpFVO4ZUJTFjzNZETtRsx nhBkHC7ODAJTNwVd/9J0HHaDzLisj28VPshR7RNxCVHF77Hi37r4g0UiJl8W/rkA 3VMNXkhcpwYMK1t7s0CIS4SYxCYx5Y08p/9xi+GnjzkAWHaQicj2Dujm1b6Wfix2 ExlekGd3AX3U0jyJFJAixfDKF7GnJ2l5ZYpmq4JFabfqepwcasdW+DSs94MNbH5D 0xYQnJZEz7+9nUZwUOub5sgYkduD3Eo8hPPaZYlMjHeyPoWdJJwZUW9P8QcxSFRd VN54qMpf1xLlVZm6FfgRlYFiOrCl1DqxdrV4PCzmCAa/AlDm4Pn1iuHIKwebuU+y 39SDo3tGpaHU1BbjcpZTGQ7b22V+MRQPHmcJC+9wR1sCM3eWW6GS/WEcpaZjc3cY eDhkPN6sPaBbbuBQuelKniBAV2ZrQe6f80aTqxnbERHDXLPtiH4ejJTIlqxX1LWZ pfEI9/qkegIs6bBwf8+I974S4OwduKPzQAOVLIqdEa41kpbUbOpj2yqpO9xPJDGG 9xB3kcpeP+mA7pT4cvl1mc6jkrK90tSlpr0YqmxqXwi1xOsk2MrvhWVgPPpPvkvb 8IdvdaRwrUsGM3w/yw2ql0C5SynnlirvPoAXdsjxlfLVIwMLpRM/nCmSUo/vMkJL FVa8aGuTAgMBAAGjggJhMIICXTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFEROTlj UccRR94QwVxsH3rQVziMMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMd3d3LmNhbm9hLmNvMEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw AHYAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7zFYAAAFsLcojOAAABAMA RzBFAiEAsc7siWz+NyAPuXeavsROPfic1gCuFBaqaamka95XXNsCIFtQC1jz3aBk 5DXqS+37MOCcykq3GhQjMi6RQAJjLB6+AHYAKTxRllTIOWW6qlD8WAfUt2+/WHop ctykwwz05UVH9HgAAAFsLcojJgAABAMARzBFAiBzUzmFIMrgwAge/7Q/cgIGUydC uDXh5V579ci87WYVKwIhAO3kQ/6oK0RIl7IZVS/+x5mUBzY9LB7FpUM4J0qR1Mz0 MA0GCSqGSIb3DQEBCwUAA4IBAQAExiGAmxp0qGtec1xSiE3TBSemdUTw4/KboDJ3 xsRgfmPKSmhFFv7NB0gYMD+V8bQkmkszDtYNahhOxwaU0AatFc4xDeF1NfonXo3F WNxvO2G1+Wjau3YCS3yXz6hMewhDc8j0FxLacSbxfKqIvkNmndoHtYrIUEMcYMwW 5SwYatH8GxKv74lrYtrQuOqtLX70jnkfwMdwTCrKltjz8H2JPwi/wikemcBqf3GK JgADhwOEG+EjGg1uAs70FtbTpvfVbk+ba8aj+WVRv7nSfaraXoMQD63MulALewaV YAaTj/JMZtvPDr4/N+r186IxbqEAQGgLXDylW7Lum3oP7PRP -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9rXC2uQvgX/2xN+kVU7h lQlMWPM1kRO1GzGeEGQcLs4MAlM3BV3/0nQcdoPMuKyPbxU+yFHtE3EJUcXvseLf uviDRSImXxb+uQDdUw1eSFynBgwrW3uzQIhLhJjEJjHljTyn/3GL4aePOQBYdpCJ yPYO6ObVvpZ+LHYTGV6QZ3cBfdTSPIkUkCLF8MoXsacnaXllimargkVpt+p6nBxq x1b4NKz3gw1sfkPTFhCclkTPv72dRnBQ65vmyBiR24PcSjyE89pliUyMd7I+hZ0k nBlRb0/xBzFIVF1U3nioyl/XEuVVmboV+BGVgWI6sKXUOrF2tXg8LOYIBr8CUObg +fWK4cgrB5u5T7Lf1IOje0alodTUFuNyllMZDtvbZX4xFA8eZwkL73BHWwIzd5Zb oZL9YRylpmNzdxh4OGQ83qw9oFtu4FC56UqeIEBXZmtB7p/zRpOrGdsREcNcs+2I fh6MlMiWrFfUtZml8Qj3+qR6AizpsHB/z4j3vhLg7B24o/NAA5Usip0RrjWSltRs 6mPbKqk73E8kMYb3EHeRyl4/6YDulPhy+XWZzqOSsr3S1KWmvRiqbGpfCLXE6yTY yu+FZWA8+k++S9vwh291pHCtSwYzfD/LDaqXQLlLKeeWKu8+gBd2yPGV8tUjAwul Ez+cKZJSj+8yQksVVrxoa5MCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 296149574654221424870071652757493809691150 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-26 09:18:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-24 09:18:37 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.canoa.co' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 1006489006387881773208724878527908493554263365366939197250699682846152766291505471614845935826436531116264398190990004118136999375111904239500693026287209445567286902667968027743523073015478785782410212894062730997202883163374810902039867431576528450698036419468987811901928761551789641900347085424725443746348573074896766677487799525321481737318601446071197729259912076379181875846412175558409919467251563600734917364767732536969749993433693148839263608694317761279627641765345105078683274197475681123065754410669403209497985704038813777840160242720313292681370661629426066789679521866423788068472675958122123600210955994530370604931304652135602035244294701231649169339548773782153015732251318304974609619697882868803732336610103701153937863786895221065963007968353612964670155385406439536568477050628125456625145993695197094884720605382363949878032559278461843048544422985266244241735590361670499313875895669268245684195707898446998650620341343150828272165076381048878212381380441289690834696884669688707316023316054472697901255694860760650827795338670201426140200714731470412696343742392831337938758561138188829674146314856763626203206769278805273350221525945177817479173063112511318923609808874140879244766003123229073580036221843 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 511139396351c71147de10c15c6c1f7ad057388c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canoa.co' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c2dca23380000040300473045022100b1ceec896cfe37200fb9779abec44e3df89cd600ae1416aa69a9a46bde575cdb02205b500b58f3dda064e435ea4bedfb30e09cca4ab71a1423322e914002632c1ebe007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c2dca2326000004030047304502207353398520cae0c0081effb43f720206532742b835e1e55e7bf5c8bced66152b022100ede443fea82b444897b219552ffec7999407363d2c1ec5a54338274a91d4ccf4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0004c621809b1a74a86b5e735c52884dd30527a67544f0e3f29ba03277c6c4607e63ca4a684516fecd074818303f95f1b4249a4b330ed60d6a184ec70694d006ad15ce310de17535fa275e8dc558dc6f3b61b5f968dabb76024b7c97cfa84c7b084373c8f41712da7126f17caa88be43669dda07b58ac850431c60cc16e52c186ad1fc1b12afef896b62dad0b8eaad2d7ef48e791fc0c7704c2aca96d8f3f07d893f08bfc2291e99c06a7f718a2600038703841be1231a0d6e02cef416d6d3a6f7d56e4f9b6bc6a3f96551bfb9d27daada5e83100fadccba500b7b06956006938ff24c66dbcf0ebe3f37eaf5f3a2316ea10040680b5c3ca55bb2ee9b7a0fecf44f