www.seeachange.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:0c:ec:90:cf:af:f7:68:bb:e1:4d:46:a7:20:99:a0:10:be was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.seeachange.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:0c:ec:90:cf:af:f7:68:bb:e1:4d:46:a7:20:99:a0:10:be
Serial Number (int): 265734695908485156471457767678793224294590
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: c8:7b:31:78:c8:2d:d7:f4:77:b6:34:db:56:ba:21:f1:e2:b4:99:a5
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 90:73:72:14:53:ee:50:68:f2:6a:8d:f7:21:36:06:d1:3b:ce:f2:73
Fingerprint (sha256): 52:87:19:ab:7b:31:80:a2:6e:8d:96:09:ba:36:96:83:6f:81:57:3b:a2:47:56:cc:ef:1a:dc:54:79:ee:05:66

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.seeachange.org

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.seeachange.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

seeachange.org
seeachange.thrivex.io
www.seeachange.org

Other certificates including the domain name seeachange.org

(limited to 100 certificates)
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org
www.seeachange.org

Certificate

The complete raw certificate details for www.seeachange.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAwzskM+v92i74U1GpyCZoBC+MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA1MzEyMjU2MzFaFw0x
ODA4MjkyMjU2MzFaMB0xGzAZBgNVBAMTEnd3dy5zZWVhY2hhbmdlLm9yZzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMFOSXpcecUkwdhojQ/LEtDyYTsk
PYIOjVrz5zQf3+7OfbPACTfiE3MKdvlw+yx69WaqfcgvZifpQ3nmriFu3i0aiKSP
1Jvjc7fbDmK9zYV2CPWqHQ3E6nCiXCcZK1TU05ZUdqBxDma74MejVxyXhSmWshlo
zKUN7cwrkvojfDBsTzJwkanZtbUKiy17b8X/KomtjyGrM9uB2cLVLHN2GMaN0uRb
46VpLEgkfrUTuaThvRnHj7u2Avoly1ZK7is3lYXQMGtZhz003klT9QIDekFLkNZD
a6G8mekEH+KfkGRoRjd6CSv4rNHN750ijZb5QrvjVknnbV6yqdapNRBot6ECAwEA
AaOCA0EwggM9MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUyHsxeMgt1/R3tjTbVroh
8eK0maUwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUH
AQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5
cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5
cHQub3JnLzBEBgNVHREEPTA7gg5zZWVhY2hhbmdlLm9yZ4IVc2VlYWNoYW5nZS50
aHJpdmV4LmlvghJ3d3cuc2VlYWNoYW5nZS5vcmcwgf4GA1UdIASB9jCB8zAIBgZn
gQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Bz
LmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmlj
YXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBh
bmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGlj
eSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzCC
AQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLc
pMMM9OVFR/R4AAABY7ihploAAAQDAEcwRQIgQyom6s5hU8npK45DdrnsAQFHAxPr
IAFuQVAxWJHSI3YCIQCqGPuRbu9qcp70ZXkp6AtuK7xB8i62tIyIR/6CB2pEPgB2
ANt0r+7LKeyx/so+cW0s5bmquzb3hHGDx12dTze2H79kAAABY7ihpjQAAAQDAEcw
RQIhAKeBvHgcktwjk/ZU4lOGxFa01GeQsUi+sKb99IXM4Tg7AiAJExIJAqA85EAe
k9EIrNEhKymoobR9M00hW7m3rU6u4TANBgkqhkiG9w0BAQsFAAOCAQEAjje/CvPA
zohsFQIY1+wdUAtAx8YFn6GtABGeRC6SwDDT7A0R6dE11Oz2NuRqUqujDjS2vbOj
DThdE3ypZ1/Ybnn9TGzZ7mBIMGe0xbVdz5BcATC9+WeO8CoVzIS0YsfvkYnu+fm5
YistJjFybmJ/oWxTXWHlXhcYBpR0t8S9KIAsoZQk7HD+iqa1mDoG36t8/OwBHCom
hwYL+b3qlH9396cILsPlHuDQanFqXxi26Uj1rVCl3L/mgHBCpy+Zh9gTmZv+45p1
aN4789ZSWEb8nH/UPXEQMYi7iiw3nkUBE3g6V09AEzba7Ct/5JX0JaTsq0HIZxSD
JvxcdMvBDWO0KQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwU5Jelx5xSTB2GiND8sS
0PJhOyQ9gg6NWvPnNB/f7s59s8AJN+ITcwp2+XD7LHr1Zqp9yC9mJ+lDeeauIW7e
LRqIpI/Um+Nzt9sOYr3NhXYI9aodDcTqcKJcJxkrVNTTllR2oHEOZrvgx6NXHJeF
KZayGWjMpQ3tzCuS+iN8MGxPMnCRqdm1tQqLLXtvxf8qia2PIasz24HZwtUsc3YY
xo3S5FvjpWksSCR+tRO5pOG9GcePu7YC+iXLVkruKzeVhdAwa1mHPTTeSVP1AgN6
QUuQ1kNrobyZ6QQf4p+QZGhGN3oJK/is0c3vnSKNlvlCu+NWSedtXrKp1qk1EGi3
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 265734695908485156471457767678793224294590
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-05-31 22:56:31 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-08-29 22:56:31 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.seeachange.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24402597628474913069197103172091414251943657329658467826822024915627887062441671902336405790621016071545373443893598374404200983027581310195404631843738320503473637118781581954309447570147894875673499767614047461169766434787311262444140392942542257490937673322682713505450710288797523516631821516283734608863332391053409322093017444738163238887964065047572914027487569216567969463386733643375579557130160369703365904301866147012030551512170297615234305166076355211238816933521684238361960195842914108333555873458053197824781853294950467780760711909197101493440279506885304635974122016865673650846154906630907358656417
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c87b3178c82dd7f477b634db56ba21f1e2b499a5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seeachange.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seeachange.thrivex.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.seeachange.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000163b8a1a65a00000403004730450220432a26eace6153c9e92b8e4376b9ec0101470313eb20016e4150315891d22376022100aa18fb916eef6a729ef4657929e80b6e2bbc41f22eb6b48c8847fe82076a443e007600db74afeecb29ecb1feca3e716d2ce5b9aabb36f7847183c75d9d4f37b61fbf6400000163b8a1a6340000040300473045022100a781bc781c92dc2393f654e25386c456b4d46790b148beb0a6fdf485cce1383b02200913120902a03ce4401e93d108acd1212b29a8a1b47d334d215bb9b7ad4eaee1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008e37bf0af3c0ce886c150218d7ec1d500b40c7c6059fa1ad00119e442e92c030d3ec0d11e9d135d4ecf636e46a52aba30e34b6bdb3a30d385d137ca9675fd86e79fd4c6cd9ee60483067b4c5b55dcf905c0130bdf9678ef02a15cc84b462c7ef9189eef9f9b9622b2d2631726e627fa16c535d61e55e1718069474b7c4bd28802ca19424ec70fe8aa6b5983a06dfab7cfcec011c2a2687060bf9bdea947f77f7a7082ec3e51ee0d06a716a5f18b6e948f5ad50a5dcbfe6807042a72f9987d813999bfee39a7568de3bf3d6525846fc9c7fd43d71103188bb8a2c379e450113783a574f401336daec2b7fe495f425a4ecab41c867148326fc5c74cbc10d63b429