www.duvallwa.gov

Issued by R3

About this certificate

This digital certificate with serial number 03:14:a2:f9:30:f9:cf:06:6d:58:16:a9:b3:52:ac:6e:b8:89 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.duvallwa.gov

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:14:a2:f9:30:f9:cf:06:6d:58:16:a9:b3:52:ac:6e:b8:89
Serial Number (int): 268359133944281985360911941165631654508681
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: a0:2d:2a:cc:ce:b6:98:ce:fd:ab:ed:ab:45:e6:90:34:7d:0a:e5:bb
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): ff:2a:52:5f:c3:56:67:d6:51:ef:7a:53:9c:fe:06:20:24:1e:37:56
Fingerprint (sha256): 61:38:12:65:e1:f0:59:75:59:22:dd:1c:e3:ab:1c:27:c9:b1:c7:ce:47:5f:78:0f:00:62:1a:ca:4b:42:f5:9c

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate www.duvallwa.gov

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.duvallwa.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

duvallwa.gov
www.duvallwa.gov

Other certificates including the domain name duvallwa.gov

(limited to 100 certificates)
helpdesk.almeera.com.qa
servicedesk.orn.net
helpdesk.almeera.com.qa
www.duvallwa.gov
servicedesk.orn.net
helpdesk.almeera.com.qa
servicedesk.orn.net
helpdesk.almeera.com.qa
technologyservicedesk.expocitydubai.ae
ithelpdesk.cdmig.com
servicedesk.orn.net
helpdesk.almeera.com.qa
helpdesk.almeera.com.qa
helpdesk.almeera.com.qa
www.duvallwa.gov
technologyservicedesk.expocitydubai.ae
support.alsafygroup.com
helpdesk.vitalcareinc.com
www.duvallwa.gov
it-helpdesk.aspirafp.co.uk
servicedesk.orn.net
servicedesk.orn.net
servicedesk.orn.net
servicedesk.scscourt.org
itsupport.agencybloc.com
helpdesk.almeera.com.qa
helpdesk.aeainvestors.com
servicedesk.orn.net
helpdesk.foodspecialities.com
eedesk.hayden-homes.com
servicedesk.orn.net
servicedesk.orn.net
it-helpdesk.aspirafp.co.uk
helpdesk.almeera.com.qa
helpdesk.vitalcareinc.com
servicedesk.orn.net
service.aramtec.com
servicedesk.orn.net
helpdesk.almeera.com.qa
it-helpdesk.aspirafp.co.uk
helpdesk.duvallwa.gov
it.ziahomesep.com
helpdesk.almeera.com.qa
servicedesk.scscourt.org
servicedesk.asrc.com
servicedesk.orn.net
support.alsafygroup.com
servicedesk.orn.net
www.duvallwa.gov
helpdesk.almeera.com.qa
www.duvallwa.gov
servicedesk.orn.net
helpdesk.almeera.com.qa
servicedesk.sarcos.com
ithelpdesk.cdmig.com
helpdesk.vitalcareinc.com
servicedesk.orn.net
www.duvallwa.gov
duvallwa.gov
servicedesk.orn.net
servicedesk.orn.net
servicedesk.orn.net
support.alsafygroup.com
servicedesk.orn.net
helpdesk.foodspecialities.com
servicedesk.orn.net
eedesk.hayden-homes.com
www.duvallwa.gov
servicedesk.orn.net
support.eltizam.com
service.aramtec.com
servicedesk.orn.net
helpdesk.almeera.com.qa
www.duvallwa.gov
eedesk.hayden-homes.com
it-helpdesk.aspirafp.co.uk
helpdesk.almeera.com.qa
servicedesk.orn.net
www.duvallwa.gov
servicedesk.orn.net
helpdesk.almeera.com.qa
eedesk.hayden-homes.com
helpdesk.almeera.com.qa
helpdesk.almeera.com.qa
servicedesk.orn.net
ithelpdesk.cdmig.com
www.duvallwa.gov
servicedesk.orn.net
www.duvallwa.gov
helpdesk.almeera.com.qa
helpdesk.duvallwa.gov
it.ziahomesep.com
service.aramtec.com
helpdesk.almeera.com.qa
helpdesk.almeera.com.qa
helpdesk.almeera.com.qa
technologyservicedesk.expocitydubai.ae
www.duvallwa.gov
it.ziahomesep.com
servicedesk.sarcos.com

Certificate

The complete raw certificate details for www.duvallwa.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAxSi+TD5zwZtWBaps1KsbriJMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMTgwMDAzMzVaFw0yNDAzMTcwMDAzMzRaMBsxGTAXBgNVBAMT
EHd3dy5kdXZhbGx3YS5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCDzWUvkQlg8hf4U5w89li/Tc5+kmspdYGlISJ+p6tA5LAhbo5k1WLbltu1ycZr
ZoNibQOtnoqmaDbCdNnmP+AcGZobMJdt6ijF77GNhAExT5QBfIvHgJvZ9q/5LOWW
bzUniTSIT+N/8F4fLP17xAWlYVvtnhwnzkbw/IVvd9nswFzLL6d1STIZDIbt+vze
tbsGOscvUGNn4KknVwZ0jg3TonirplJO1uYt52LdIjFcTZTXk3yjMlUsGjSr5P2m
BYE6GpYOuB/GEyz32NuaLdGS/CuyluSZytX1UMiW4PKLsOyYUKyieJQtpa+0nHhU
6uncuQm8YCkq0q9DM4VNO2OTAgMBAAGjggIhMIICHTAOBgNVHQ8BAf8EBAMCBaAw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD
VR0OBBYEFKAtKszOtpjO/avtq0XmkDR9CuW7MB8GA1UdIwQYMBaAFBQusxe3WFbL
rlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDov
L3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5v
cmcvMCkGA1UdEQQiMCCCDGR1dmFsbHdhLmdvdoIQd3d3LmR1dmFsbHdhLmdvdjAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3ADtT
d3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjHpzJQEAAAQDAEgwRgIh
AMWYJiwaF7qW8iLwMSkRnarLWFB9hK8lWYLRfBM3MYbHAiEAr0tWZV3Yvz5zFRah
oETgecuXrPYI5IB3uKwM08jdD48AdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZ
u7+rOdiEcwAAAYx6cyUBAAAEAwBHMEUCIQC0MUzMcbFilFhCatDWk7hQpWpxrxoe
+A8VNQsXpXIphAIgG//7f9aJhqUYKncCjQm4ooaIqgJ30GBi2cQbXp+4q/kwDQYJ
KoZIhvcNAQELBQADggEBAFBJ4t+x+YZQg3Yd11SCqM0cE/wQq1HvTptqoMeabl7K
yGHJd6pp13ComTZdTNMHcVaUQ7mLR+sQivtvbit3K891hPu7EvpPSejJSGUwzl2h
o7jRfKwlzYzKoRcZKXpQX/U+ZqscvgEpFPQJlscCCJH6XE6u7Jf0QosixbpUgWV1
A3vJVxr4dGbVHvwA1nyuE1Npa/EyCaL1DVpLH42Pn4Rk69eDowUvKSb2O/t2cS+2
jXiL6I5rs53+If9IlLh7dHQyn1qpnNZvKwjETYq9hRwsMk2eHow/QtFsFYlpOFPx
sZKjRsMiiXiSdnMxrTG7mMTGx3DC1o22cmMcI+XbSzw=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg81lL5EJYPIX+FOcPPZY
v03OfpJrKXWBpSEifqerQOSwIW6OZNVi25bbtcnGa2aDYm0DrZ6Kpmg2wnTZ5j/g
HBmaGzCXbeooxe+xjYQBMU+UAXyLx4Cb2fav+Szllm81J4k0iE/jf/BeHyz9e8QF
pWFb7Z4cJ85G8PyFb3fZ7MBcyy+ndUkyGQyG7fr83rW7BjrHL1BjZ+CpJ1cGdI4N
06J4q6ZSTtbmLedi3SIxXE2U15N8ozJVLBo0q+T9pgWBOhqWDrgfxhMs99jbmi3R
kvwrspbkmcrV9VDIluDyi7DsmFCsoniULaWvtJx4VOrp3LkJvGApKtKvQzOFTTtj
kwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 268359133944281985360911941165631654508681
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-18 00:03:35 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-17 00:03:34 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.duvallwa.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16638502126721892887715114468525644475542097626268941601443730912048393559372541784109105334569912253069240946215640011578624001985061351828822418075652617655385141635247396190608080857912412496772510364804798371667499324815021039131583453058221606795758729338863733871006433267178646606660494071986859302186331467100310673771482736537777206147111164089875103680900378700942522024509873289020922586034728815416492081747711526586780307211628781811950102212944183983750473327112615021853323337547245924955408279800038180355782653351306202897566519303310181525154597628560874653488741291300849084095013377031131188913043
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a02d2accceb698cefdabedab45e690347d0ae5bb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'duvallwa.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.duvallwa.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018c7a7325010000040300483046022100c598262c1a17ba96f222f03129119daacb58507d84af255982d17c13373186c7022100af4b56655dd8bf3e731516a1a044e079cb97acf608e48077b8ac0cd3c8dd0f8f00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018c7a7325010000040300473045022100b4314ccc71b1629458426ad0d693b850a56a71af1a1ef80f15350b17a572298402201bfffb7fd68986a5182a77028d09b8a28688aa0277d06062d9c41b5e9fb8abf9
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		005049e2dfb1f9865083761dd75482a8cd1c13fc10ab51ef4e9b6aa0c79a6e5ecac861c977aa69d770a899365d4cd30771569443b98b47eb108afb6f6e2b772bcf7584fbbb12fa4f49e8c9486530ce5da1a3b8d17cac25cd8ccaa11719297a505ff53e66ab1cbe012914f40996c7020891fa5c4eaeec97f4428b22c5ba54816575037bc9571af87466d51efc00d67cae1353696bf13209a2f50d5a4b1f8d8f9f8464ebd783a3052f2926f63bfb76712fb68d788be88e6bb39dfe21ff4894b87b7474329f5aa99cd66f2b08c44d8abd851c2c324d9e1e8c3f42d16c1589693853f1b192a346c322897892767331ad31bb98c4c6c770c2d68db672631c23e5db4b3c