bestcartransporter.com.sa-rugby.co.za
Issued by R3
About this certificate
This digital certificate with serial number 03:54:8f:b1:02:73:66:a8:02:02:23:77:32:7a:48:61:d3:f8 was issued on by Let's Encrypt.
With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=bestcartransporter.com.sa-rugby.co.za
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:54:8f:b1:02:73:66:a8:02:02:23:77:32:7a:48:61:d3:f8Serial Number (int): 290111575306288602981578053985901259903992
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 95:8f:f3:3e:37:0e:f1:00:3e:d5:9c:f0:6d:66:82:a5:77:77:75:b7
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 05:e7:ac:28:c7:25:d1:52:df:b3:66:d2:1a:48:c7:e1:76:e0:04:3b
Fingerprint (sha256): 58:2f:9d:c7:84:93:1a:b5:35:00:08:9d:95:41:d1:4b:82:68:fd:95:82:54:53:fa:18:b3:d0:e3:6a:b9:74:25
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate bestcartransporter.com.sa-rugby.co.za
14
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for bestcartransporter.com.sa-rugby.co.za
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
bestcartransporter.com.sa-rugby.co.za
checindependentschool.org
chocolatebarsreimagined.com
cole.truffle.vc
continuumconcept.com.earnourvote.com
healthfine.org
hemphelmet.com.abolishpublicschools.com
illinoisfamilyalliance.com
inspection.bothell-living.com
oldchampagne.com
organization.vc
skatingstop.com
texasnewhomedirectory.com.religion.vote
thequest.bible.thequest.bible
checindependentschool.org
chocolatebarsreimagined.com
cole.truffle.vc
continuumconcept.com.earnourvote.com
healthfine.org
hemphelmet.com.abolishpublicschools.com
illinoisfamilyalliance.com
inspection.bothell-living.com
oldchampagne.com
organization.vc
skatingstop.com
texasnewhomedirectory.com.religion.vote
thequest.bible.thequest.bible
Other certificates including the domain name sa-rugby.co.za
(limited to 100 certificates)
Certificate
The complete raw certificate details for bestcartransporter.com.sa-rugby.co.za in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGfDCCBWSgAwIBAgISA1SPsQJzZqgCAiN3MnpIYdP4MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjgwNzE5MDdaFw0yNDAxMjYwNzE5MDZaMDAxLjAsBgNVBAMT JWJlc3RjYXJ0cmFuc3BvcnRlci5jb20uc2EtcnVnYnkuY28uemEwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEF4ZDdtb/+glbHgcG2mNSjUBYPfFeIddR 4FJHiHkkBaEwP4IU82VtfgGf73P1503/UsqxiiwDqwKGJvdMzZN8HxpRaOuFZeCl Rasn7LHeMTEc+BSoh+lGcER6YISZRsPbw3xMi7YKCrTDqrflPO4qDFLgWE7pm8iv TUPX+9W6LfTf9al/WcVm1PbyYvFneF2igQFosvc+/UcND94iF/L5f/NIk7xgOeio OxzhVQSH40QDfDBicgjHGjAos0GA7/CWbOX5QSGN9A4wtemOdWKi6VnbcfNZogbA K5IZWy7Zh4KuJdTO6UuxAkNUZziCVQKSzv70+Hh43IfHvnpO0brlAgMBAAGjggOM MIIDiDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF BwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJWP8z43DvEAPtWc8G1mgqV3d3W3 MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkw RzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAC hhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMIIBkwYDVR0RBIIBijCCAYaCJWJlc3Rj YXJ0cmFuc3BvcnRlci5jb20uc2EtcnVnYnkuY28uemGCGWNoZWNpbmRlcGVuZGVu dHNjaG9vbC5vcmeCG2Nob2NvbGF0ZWJhcnNyZWltYWdpbmVkLmNvbYIPY29sZS50 cnVmZmxlLnZjgiRjb250aW51dW1jb25jZXB0LmNvbS5lYXJub3Vydm90ZS5jb22C DmhlYWx0aGZpbmUub3JngidoZW1waGVsbWV0LmNvbS5hYm9saXNocHVibGljc2No b29scy5jb22CGmlsbGlub2lzZmFtaWx5YWxsaWFuY2UuY29tgh1pbnNwZWN0aW9u LmJvdGhlbGwtbGl2aW5nLmNvbYIQb2xkY2hhbXBhZ25lLmNvbYIPb3JnYW5pemF0 aW9uLnZjgg9za2F0aW5nc3RvcC5jb22CJ3RleGFzbmV3aG9tZWRpcmVjdG9yeS5j b20ucmVsaWdpb24udm90ZYIddGhlcXVlc3QuYmlibGUudGhlcXVlc3QuYmlibGUw EwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgDa tr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYt1XY6AAAAEAwBHMEUC IQCor/6GYoOtGcgE7px7xz2baws5yi/jgSdT3kvOOmibtAIgfelNhpgLT9DJW17s bz/0AOQqBgIl/iXsPuRuGWYHUBoAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIK n+ZnTFo6dAAAAYt1XY9NAAAEAwBHMEUCIQCfbSeGbqFrNc/MTJeS4nRPHmm4Y2Ui l6JqILw7k1HbHAIgChb7vkgtZMsjUkO0KriWJUF9LJXLkbw4fy0S9jDPUkIwDQYJ KoZIhvcNAQELBQADggEBAAJsNtZaXsJi424oSTUQqO3IfUlPmIS9Ds9p2eBcD5aN xxsxOiu5v71HZ5YHpdV9ez3LhaOcYLUdouqZpIQnTyohRMXfXcqBm2qM+i/GP9kx r9Mm+KJdjs7Ew3zO0xWUpAbRW0LuMHEc5TiKKRqiTEaVyGnwPkZSjSwwpW4O3RUb 7iWpbx2s2xNBvWwE+u4qPbNClLMkU3qHMy2Iw0RB1dG5VFVG6XT0WU9TRxVrU5fH 2o4unOCE5o7MfRefIgxi41A73HNrQVlkriMvD8wqwBZ4Gt0JT4nAPTXTAzVH4frl C2ZbPRcOJGJFYqWa4ZMqn5wAGiTCHa5mxkQ8/XpipWA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBeGQ3bW//oJWx4HBtpj Uo1AWD3xXiHXUeBSR4h5JAWhMD+CFPNlbX4Bn+9z9edN/1LKsYosA6sChib3TM2T fB8aUWjrhWXgpUWrJ+yx3jExHPgUqIfpRnBEemCEmUbD28N8TIu2Cgq0w6q35Tzu KgxS4FhO6ZvIr01D1/vVui303/Wpf1nFZtT28mLxZ3hdooEBaLL3Pv1HDQ/eIhfy +X/zSJO8YDnoqDsc4VUEh+NEA3wwYnIIxxowKLNBgO/wlmzl+UEhjfQOMLXpjnVi oulZ23HzWaIGwCuSGVsu2YeCriXUzulLsQJDVGc4glUCks7+9Ph4eNyHx756TtG6 5QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 290111575306288602981578053985901259903992 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-28 07:19:07 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-26 07:19:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'bestcartransporter.com.sa-rugby.co.za' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24754308120337716383601497330456817376716334203210646572420087903887793073761596272896543223881892608337495911787430681828532847180949647427600854411093587673764304879110323014118671535515652047503258773301793812219109231596295883607391332755691567895476245703920599628599409346340772883407433376449507580426548402571711342464171024529969009840372610765807776908390916231583792456154155831292901932381764925708960364360043313997043280191589551184589149533557288948494783958804068099307196399261314712305835417738692952076051207434587254661480068042490585070100140702504932079105183411345956369392229588034361960282853 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 958ff33e370ef1003ed59cf06d6682a5777775b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (394 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bestcartransporter.com.sa-rugby.co.za' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'checindependentschool.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chocolatebarsreimagined.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cole.truffle.vc' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'continuumconcept.com.earnourvote.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'healthfine.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hemphelmet.com.abolishpublicschools.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'illinoisfamilyalliance.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'inspection.bothell-living.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'oldchampagne.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'organization.vc' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'skatingstop.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'texasnewhomedirectory.com.religion.vote' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thequest.bible.thequest.bible' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b755d8e800000040300473045022100a8affe866283ad19c804ee9c7bc73d9b6b0b39ca2fe3812753de4bce3a689bb402207de94d86980b4fd0c95b5eec6f3ff400e42a060225fe25ec3ee46e196607501a00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b755d8f4d00000403004730450221009f6d27866ea16b35cfcc4c9792e2744f1e69b863652297a26a20bc3b9351db1c02200a16fbbe482d64cb235243b42ab89625417d2c95cb91bc387f2d12f630cf5242 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00026c36d65a5ec262e36e28493510a8edc87d494f9884bd0ecf69d9e05c0f968dc71b313a2bb9bfbd47679607a5d57d7b3dcb85a39c60b51da2ea99a484274f2a2144c5df5dca819b6a8cfa2fc63fd931afd326f8a25d8ecec4c37cced31594a406d15b42ee30711ce5388a291aa24c4695c869f03e46528d2c30a56e0edd151bee25a96f1dacdb1341bd6c04faee2a3db34294b324537a87332d88c34441d5d1b9545546e974f4594f5347156b5397c7da8e2e9ce084e68ecc7d179f220c62e3503bdc736b415964ae232f0fcc2ac016781add094f89c03d35d3033547e1fae50b665b3d170e24624562a59ae1932a9f9c001a24c21dae66c6443cfd7a62a560