demo.goldbooks.co.il
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:05:c6:eb:94:c1:be:a0:13:1f:7b:e9:3d:67:d1:56:4a:5d was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=demo.goldbooks.co.il
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:05:c6:eb:94:c1:be:a0:13:1f:7b:e9:3d:67:d1:56:4a:5dSerial Number (int): 350414965911719500307143304291395795569245
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 3f:68:db:6c:0e:36:94:4d:d5:c1:62:1d:79:92:07:3d:e3:43:cc:f8
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 24:fb:27:49:ba:26:cc:ba:d2:c3:00:3e:e4:81:14:e3:9c:d9:0d:76
Fingerprint (sha256): 58:dc:51:68:a3:b4:6b:ae:70:a6:46:43:70:b5:92:2e:95:37:cb:f0:5c:5c:75:b0:04:df:c0:19:c6:5e:1e:f3
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate demo.goldbooks.co.il
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for demo.goldbooks.co.il
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
demo.goldbooks.co.il
www.demo.goldbooks.co.il
www.demo.goldbooks.co.il
Other certificates including the domain name goldbooks.co.il
(limited to 100 certificates)
goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
demo.goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
m.goldbooks.co.il
chanut.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
m.goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
chanut.goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
chanut.goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
demo.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
demo.goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
m.goldbooks.co.il
chanut.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
m.goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
chanut.goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
demo.goldbooks.co.il
chanut.goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
demo.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
goldbooks.co.il
goldbooks.co.il
m.goldbooks.co.il
Certificate
The complete raw certificate details for demo.goldbooks.co.il in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgISBAXG65TBvqATH3vpPWfRVkpdMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMDIyMTAzMDlaFw0y MDA0MDEyMTAzMDlaMB8xHTAbBgNVBAMTFGRlbW8uZ29sZGJvb2tzLmNvLmlsMIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRJbp9hrHqIMi7mogW28n+hC WRtaeSyiUYqBFdJshvTx9v5k1rCnbaj8EH1xlIxDlwbsaqvhS32J6T0EVdy+yo8h 0Y7TJkNtD72b6uaMLMaJ7A0hbFR9MvN7a8/2qOS7LlKDsSiFgeXO/CTjL0roMcqC tQw3bwc8Afvrhe9rS1F2ORLig0RevOqvMCImGJSb/BGqh2KAovhbSFkVnF4uf8lP b/cUWAoHw9yIPml8wor1TnReNqA2WgiCbhXBMxDNg2uw9dZkYskvFBkx1sPt6zGd EIstX4Lc+rM43sgs9SQojXQIWCvGCQ6B6P81SZqteSrOyB3EMc0YRP0pKK/g0QID AQABo4IChDCCAoAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ/aNtsDjaUTdXBYh15 kgc940PM+DAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggrBgEF BQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRzZW5j cnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5j cnlwdC5vcmcvMDkGA1UdEQQyMDCCFGRlbW8uZ29sZGJvb2tzLmNvLmlsghh3d3cu ZGVtby5nb2xkYm9va3MuY28uaWwwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYB BAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5v cmcwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgBep3P531bA57U2SH3QSeAyepGa DIShEhKEGHWWgXFFWAAAAW9oSKZYAAAEAwBHMEUCIGLKqiS9PSvSrcvMAkwvOLBh ccFSe5DBFaTyLZwdK7mHAiEAztUN9df2kAKNYmVyLacgncT5/Pk8KhH0G7ZnRsAy w2UAdwCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOeySVMt74uQXgAAAW9oSKY1AAAE AwBIMEYCIQDRntZn8zX0c1o6W5nTxpHN+Mr9RpxC+PS2AOipI+2bKwIhAIsT1/EV Hyfi03GIIv+3gQdOc4Pjq2ewN4ILX+G78kxoMA0GCSqGSIb3DQEBCwUAA4IBAQBr pcd5F5vqQGccUxdHlUBDhh+aeWgxNRmSdLgMBNBOqsVixjUB2bXlA8TrCSx/fZ6X 1EQzfJrfMv1yk4vYgzS83DGFR4T8ayuTDQusPDf0/OqrnkYz202HYCpCQ+3sra3j uDjK/ACwQUs01TX3gwq8nho/sQAGzNbTkfIyIYiBMuNNdtQrrvIcbcDGFZvQftVO A8HxWP40oshZkV8DJJf6VpC/6c4Zb0G7viCd2vc1woaioGAd5EGiIqLBN7e/GsWy DHp3acbM+MA1bDcHTh9/MK/tRLh/kHfNGZDtj1/PrNFZALZwVB+4Vi0+bGaDHegf E81V9r4ahgAKESaDr1v+ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRJbp9hrHqIMi7mogW28 n+hCWRtaeSyiUYqBFdJshvTx9v5k1rCnbaj8EH1xlIxDlwbsaqvhS32J6T0EVdy+ yo8h0Y7TJkNtD72b6uaMLMaJ7A0hbFR9MvN7a8/2qOS7LlKDsSiFgeXO/CTjL0ro McqCtQw3bwc8Afvrhe9rS1F2ORLig0RevOqvMCImGJSb/BGqh2KAovhbSFkVnF4u f8lPb/cUWAoHw9yIPml8wor1TnReNqA2WgiCbhXBMxDNg2uw9dZkYskvFBkx1sPt 6zGdEIstX4Lc+rM43sgs9SQojXQIWCvGCQ6B6P81SZqteSrOyB3EMc0YRP0pKK/g 0QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 350414965911719500307143304291395795569245 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-02 21:03:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-01 21:03:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'demo.goldbooks.co.il' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21343326221189557291323819829449640265550373587882554360587473941622683965167185524925069932772719117688747676942821926739275018616350575949172129993551373673599502718312482650899381612084826204457952445394443917357704044377652538045626831105359530745173090519907190599474501795031647114694720177381711335205560055284325742207619701291821338553520758046507417165655950059132292241085631666718063883976858394290280539696024672360960495291573976227091460298352219914651146755116380678794659689155202127355649249901917297210504490899998846478846700954920315634956246542534894598192162444437537954638904009337041381744849 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3f68db6c0e36944dd5c1621d7992073de343ccf8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (50 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'demo.goldbooks.co.il' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.demo.goldbooks.co.il' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f10076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f6848a6580000040300473045022062caaa24bd3d2bd2adcbcc024c2f38b06171c1527b90c115a4f22d9c1d2bb987022100ced50df5d7f690028d6265722da7209dc4f9fcf93c2a11f41bb66746c032c365007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016f6848a6350000040300483046022100d19ed667f335f4735a3a5b99d3c691cdf8cafd469c42f8f4b600e8a923ed9b2b0221008b13d7f1151f27e2d3718822ffb781074e7383e3ab67b037820b5fe1bbf24c68 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006ba5c779179bea40671c531747954043861f9a79683135199274b80c04d04eaac562c63501d9b5e503c4eb092c7f7d9e97d444337c9adf32fd72938bd88334bcdc31854784fc6b2b930d0bac3c37f4fceaab9e4633db4d87602a4243edecadade3b838cafc00b0414b34d535f7830abc9e1a3fb10006ccd6d391f23221888132e34d76d42baef21c6dc0c6159bd07ed54e03c1f158fe34a2c859915f032497fa5690bfe9ce196f41bbbe209ddaf735c286a2a0601de441a222a2c137b7bf1ac5b20c7a7769c6ccf8c0356c37074e1f7f30afed44b87f9077cd1990ed8f5fcfacd15900b670541fb8562d3e6c66831de81f13cd55f6be1a86000a112683af5bfe