dmh-entertainment.nl

Issued by R3

About this certificate

This digital certificate with serial number 04:cc:3c:87:ff:1f:25:b6:9e:50:bc:3f:93:63:77:07:76:a8 was issued on by Let's Encrypt.

With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=dmh-entertainment.nl

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:cc:3c:87:ff:1f:25:b6:9e:50:bc:3f:93:63:77:07:76:a8
Serial Number (int): 417947206393217623973732018710792962012840
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 0a:ed:91:e6:96:65:07:0d:78:54:ac:2d:9e:37:43:3d:9d:c6:1a:1e
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 74:ba:d5:2d:5c:f5:a9:ed:7a:3e:a8:34:ac:34:07:c1:b9:6e:da:b9
Fingerprint (sha256): 55:35:91:02:fc:74:02:2e:2e:0c:85:fa:c1:d7:03:d4:bf:93:22:10:22:fb:13:c8:66:ce:3f:36:42:75:9e:9a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate dmh-entertainment.nl

3

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for dmh-entertainment.nl

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

dmh-entertainment.nl
mail.dmh-entertainment.nl
www.dmh-entertainment.nl

Other certificates including the domain name dmh-entertainment.nl

(limited to 100 certificates)
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl
dmh-entertainment.nl

Certificate

The complete raw certificate details for dmh-entertainment.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgISBMw8h/8fJbaeULw/k2N3B3aoMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMTUyMjI1NTZaFw0yNDAzMTQyMjI1NTVaMB8xHTAbBgNVBAMT
FGRtaC1lbnRlcnRhaW5tZW50Lm5sMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
CgKCAgEAuVbpqt7Hi682xj2EWT538laaKQpOA+ZPTMOajmkNFnW9yqfzNsIgiIso
yMfmp7M4jb5VCGD6iImg1oq+PvyfPfZYnHIsq4znbrAQIAV2BapfT/+l98hKUhIl
wX2fofEWo364NBIPwVo0iXaPE3nZ6mgodnH9Yc83QXXQx9ACwJQbVDK+PHJ49CAe
1BxFnY1dlfoz9iIvVRQrpYxO1RecUb0zu4qrIY91P7OxacdCsiNonboY8cMLDqOm
SGnqQQsBTYb3hpTWTUpTPjfU6svrEIDe7EYgVtw5CNZD27Xc7R9GaE9PhjNb9Hnf
IyS4INWFsrYXgfrKp5BZngS7HMzw/qTxM4f2JKtRdPAl+AQfo5+ut7VUCa0D2yob
LZBkk5pVL1BmJIcYa1/i9ILZkReSDWLSZVRbFs9+2xAd5B9ExABstN5gnIxPvD2t
qCYtHTMwhLNH5tq0XAwgvMf5fAkwLiEOEQ7W7/ke0FJPfLMhoy/Fh0YMJ/O73kIO
eqlgdslF4DoIeq9cpZ9NV1KJmLmG/DHs+Lq2Vz1yCixR2KwVf2EoAhR1UyrZai0g
UfZz1L7kNORovZnJqMZI7YKTkdUpRzaLi1UJJzFYHI27hkV0U1ruQC7swXAl9cXr
WHIECBDkPff84h/geuCkZxlvycuuAv7aCzan4D7nDlmhAPvr8w0CAwEAAaOCAksw
ggJHMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUCu2R5pZlBw14VKwtnjdDPZ3GGh4w
HwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBH
MCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKG
Fmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wVAYDVR0RBE0wS4IUZG1oLWVudGVydGFp
bm1lbnQubmyCGW1haWwuZG1oLWVudGVydGFpbm1lbnQubmyCGHd3dy5kbWgtZW50
ZXJ0YWlubWVudC5ubDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkC
BAIEgfUEgfIA8AB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAAB
jG/NBxEAAAQDAEcwRQIhAK6P3qKnmII6I5XTudximBHs3e+zgfAk7IPAGHXGo/MK
AiBQdGr2QFUtCJRbs3h3+K99dcJb8diYS7Z7medQYgmbswB2ACnQOhu2dKpxHNMD
W2VXwU+Kp4tP6DiUSeykU/lEvSRoAAABjG/NB90AAAQDAEcwRQIhAMGTd/vWAfLU
DBh82uQqqmvCP0mXMfemSLBZePXTxL9BAiB28lUO3Vg/Q4fM4iZmKGtUJ1B/BdBi
DEfNacq2HCd+TTANBgkqhkiG9w0BAQsFAAOCAQEArdpTmb/Y/eBxe7tEI46oRWTs
9rC5F5IpYNv4x3u4l8bQfX2AmbK+izAsFhhSvWLWvoaXIueIpn6PCtHNVgYCZ/JN
XX1Q7FWqL7LUMhClJZfkabMdh6dN3sA6tE9rKUPlsJtoyGl1r9DhP2TEtgTJ5rbF
dLOjiSPF88ehCE1SdYslS96HhiWU5VsYybZ3QmwXTCN760YMm9E87P9RsS8Zzj48
nU+0tlXyXtsetYY27v9ornC+tHqhgr+lL547tIb1t2MrCppLLMWLj10qwIwtFiqU
sZ/f5kOoXDbny4VNp/SJfUFGrOTc+sgG2SObR9zmtKp4sSN4eT88zjwlHjDR3w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuVbpqt7Hi682xj2EWT53
8laaKQpOA+ZPTMOajmkNFnW9yqfzNsIgiIsoyMfmp7M4jb5VCGD6iImg1oq+Pvyf
PfZYnHIsq4znbrAQIAV2BapfT/+l98hKUhIlwX2fofEWo364NBIPwVo0iXaPE3nZ
6mgodnH9Yc83QXXQx9ACwJQbVDK+PHJ49CAe1BxFnY1dlfoz9iIvVRQrpYxO1Rec
Ub0zu4qrIY91P7OxacdCsiNonboY8cMLDqOmSGnqQQsBTYb3hpTWTUpTPjfU6svr
EIDe7EYgVtw5CNZD27Xc7R9GaE9PhjNb9HnfIyS4INWFsrYXgfrKp5BZngS7HMzw
/qTxM4f2JKtRdPAl+AQfo5+ut7VUCa0D2yobLZBkk5pVL1BmJIcYa1/i9ILZkReS
DWLSZVRbFs9+2xAd5B9ExABstN5gnIxPvD2tqCYtHTMwhLNH5tq0XAwgvMf5fAkw
LiEOEQ7W7/ke0FJPfLMhoy/Fh0YMJ/O73kIOeqlgdslF4DoIeq9cpZ9NV1KJmLmG
/DHs+Lq2Vz1yCixR2KwVf2EoAhR1UyrZai0gUfZz1L7kNORovZnJqMZI7YKTkdUp
RzaLi1UJJzFYHI27hkV0U1ruQC7swXAl9cXrWHIECBDkPff84h/geuCkZxlvycuu
Av7aCzan4D7nDlmhAPvr8w0CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 417947206393217623973732018710792962012840
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-15 22:25:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-14 22:25:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dmh-entertainment.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 756119203912399889886773607948766293226417549343447338133127126266911301659777212605070660889273171644397743395259693381853910735481856459295561942750452004431058685777881976636636505388667697192346564499198135202684321525920128620633314342926916528412421260870220836324407054354828918649883557846496230610469973510094840958119218861994522150338160958927026631907678767277628097084878994041180844151152950684736098158996360636012158026271123037347080531086140258105164246060712138166208115247496547218818644269713246646829236537910314252323643927566979768202977527613296134696937720458791003177904440227504542420623449721017100055942727162001647228355688718882815807271509699157085815692236770844284730867904707861461113308362824793648672267389291120801843291358499995929279922102257633277232562151987718657528285746321730837253258877146558160072504374331958576648559548621803162841093112249419596121220377439042874441354494848699697560176067163934478273494356501905451445459997578662548636248356302449386382241548969534233147005626364534295141573724055156438851045771780309810120677611708413741759907445577239002760936896659181101823833109932659109776962523616662193567667289427278073076659364812900484517529401067722929132477870861
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							0aed91e69665070d7854ac2d9e37433d9dc61a1e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (77 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dmh-entertainment.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.dmh-entertainment.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dmh-entertainment.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018c6fcd07110000040300473045022100ae8fdea2a798823a2395d3b9dc629811ecddefb381f024ec83c01875c6a3f30a022050746af640552d08945bb37877f8af7d75c25bf1d8984bb67b99e75062099bb300760029d03a1bb674aa711cd3035b6557c14f8aa78b4fe8389449eca453f944bd24680000018c6fcd07dd0000040300473045022100c19377fbd601f2d40c187cdae42aaa6bc23f499731f7a648b05978f5d3c4bf41022076f2550edd583f4387cce22666286b5427507f05d0620c47cd69cab61c277e4d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00adda5399bfd8fde0717bbb44238ea84564ecf6b0b917922960dbf8c77bb897c6d07d7d8099b2be8b302c161852bd62d6be869722e788a67e8f0ad1cd56060267f24d5d7d50ec55aa2fb2d43210a52597e469b31d87a74ddec03ab44f6b2943e5b09b68c86975afd0e13f64c4b604c9e6b6c574b3a38923c5f3c7a1084d52758b254bde87862594e55b18c9b677426c174c237beb460c9bd13cecff51b12f19ce3e3c9d4fb4b655f25edb1eb58636eeff68ae70beb47aa182bfa52f9e3bb486f5b7632b0a9a4b2cc58b8f5d2ac08c2d162a94b19fdfe643a85c36e7cb854da7f4897d4146ace4dcfac806d9239b47dce6b4aa78b12378793f3cce3c251e30d1df