kraanservice.nl

Issued by Sectigo RSA Domain Validation Secure Server CA

About this certificate

This digital certificate with serial number cb:76:12:5e:91:df:ce:25:b9:df:4e:9d:d6:41:9a:36 was issued on by Sectigo Limited.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=kraanservice.nl

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate has expire since

Certificate Details

Serial Number (hex): cb:76:12:5e:91:df:ce:25:b9:df:4e:9d:d6:41:9a:36
Serial Number (int): 270446346749611064315842406049267161654
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: c9:9e:62:8b:ba:b1:d5:c1:3c:f1:b1:f8:02:1a:25:ed:39:51:ce:1b
AuthorityKeyId: 8d:8c:5e:c4:54:ad:8a:e1:77:e9:9b:f9:9b:05:e1:b8:01:8d:61:e1

Fingerprint (sha1): 35:27:d8:51:7d:61:30:a1:39:68:16:c8:85:e5:2d:21:3d:56:4f:a8
Fingerprint (sha256): 66:9d:c7:f0:68:8f:3f:fb:c8:34:66:b7:12:c1:9c:53:a0:74:bd:d6:00:02:3b:8c:9a:aa:7d:0a:be:9b:f1:10

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate kraanservice.nl

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for kraanservice.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

kraanservice.nl
www.kraanservice.nl

Other certificates including the domain name kraanservice.nl

(limited to 100 certificates)
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl
kraanservice.nl

Certificate

The complete raw certificate details for kraanservice.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgIRAMt2El6R384lud9OndZBmjYwDQYJKoZIhvcNAQELBQAw
gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE
AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0yMTEyMTcwMDAwMDBaFw0yMzAxMTcyMzU5NTlaMBoxGDAWBgNVBAMTD2ty
YWFuc2VydmljZS5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALfN
kXfWGU7BN+NQRUQf4MuRDONa89bpDsSwA9IWibJKYqgOWAHCo4Alfap3oFuNxeIP
xX6tUh1Jsj9ee2uk3tOktIhwKW5P1IALWXHGC5lF/2WGuKX47Gosa54XV33hZqjq
qnqa3V4X+3qHddNztnbTzl6gc80mqGkJeGu136Ca/CCSWC4rB3nMr5RllE/fZipg
TuETGWT9Fo07veOghAHLINNAPShL4p47FVLY+g02tlOQxlzZDDmayxjwY99CG8G4
+Rbte81LC/Xvd1HwjrUiC5Ky9JZ4eFpRCGuz8gBMx+dwLUAyYhFFXZx/eDeo4fpR
ICm7BADAsoFnvL0uqRcCAwEAAaOCAZkwggGVMB8GA1UdIwQYMBaAFI2MXsRUrYrh
d+mb+ZsF4bgBjWHhMB0GA1UdDgQWBBTJnmKLurHVwTzxsfgCGiXtOVHOGzAOBgNV
HQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIB
FhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEB
BHgwdjBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdv
UlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcw
AYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wLwYDVR0RBCgwJoIPa3JhYW5zZXJ2
aWNlLm5sghN3d3cua3JhYW5zZXJ2aWNlLm5sMBMGCisGAQQB1nkCBAMBAf8EAgUA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4ebP2YgSUrHeENhCsWzvjklsI2ctqcNg5a1qL
jZPsetEoUCFo/a0Kg0CHXEjYQCpCG9i5KhEEUN/uqptQV652SuCfc+Y+9AzF45+n
+b63320cwESrjI3+oiqJc2x4R8af6RWzdCl+ajeEvghjjDRPVH4JR36Ik2FGw8lR
M3miMJrALLJhsOCyuSAj/mo1ahnOhuPAqDfAMoOu8QvDooJR94MfYQ69YOh/ZeZ2
Giyty24w40FpyV07JDhwAlbR795RTE3ZFCVFFwXZtnAeaAtEVco+qIAxfejJe7KM
j0cmQ4zHzyUT24I5VVl3148DNEd419AmEeinneZooT6tT/Ef
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt82Rd9YZTsE341BFRB/g
y5EM41rz1ukOxLAD0haJskpiqA5YAcKjgCV9qnegW43F4g/Ffq1SHUmyP157a6Te
06S0iHApbk/UgAtZccYLmUX/ZYa4pfjsaixrnhdXfeFmqOqqeprdXhf7eod103O2
dtPOXqBzzSaoaQl4a7XfoJr8IJJYLisHecyvlGWUT99mKmBO4RMZZP0WjTu946CE
Acsg00A9KEvinjsVUtj6DTa2U5DGXNkMOZrLGPBj30Ibwbj5Fu17zUsL9e93UfCO
tSILkrL0lnh4WlEIa7PyAEzH53AtQDJiEUVdnH94N6jh+lEgKbsEAMCygWe8vS6p
FwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 270446346749611064315842406049267161654
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Domain Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-01-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'kraanservice.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23202979283464211247980714750149851014841130747146815726969963751348861645789307185485584400969864670960228081590654065065677355802075437698013178968931652788301208770934207541257347856748861367877388133557360897565126083365666954844966878557520065584218839356002953749972321447683237134198223899721408669193867699985752241909001411884646388096280756588642599286545238045092941312191385858378304219617920231852487507693824895805750694664686167584289676582506289114382087256713878897981372219976618926058228639044986138820501500010849618357745742957678544654973727846734099056619996352654974292371292437071653248084247
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 8d8c5ec454ad8ae177e99bf99b05e1b8018d61e1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c99e628bbab1d5c13cf1b1f8021a25ed3951ce1b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.7
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (120 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kraanservice.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.kraanservice.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003879b3f6620494ac77843610ac5b3be3925b08d9cb6a70d8396b5a8b8d93ec7ad128502168fdad0a8340875c48d8402a421bd8b92a110450dfeeaa9b5057ae764ae09f73e63ef40cc5e39fa7f9beb7df6d1cc044ab8c8dfea22a89736c7847c69fe915b374297e6a3784be08638c344f547e09477e88936146c3c9513379a2309ac02cb261b0e0b2b92023fe6a356a19ce86e3c0a837c03283aef10bc3a28251f7831f610ebd60e87f65e6761a2cadcb6e30e34169c95d3b2438700256d1efde514c4dd91425451705d9b6701e680b4455ca3ea880317de8c97bb28c8f4726438cc7cf2513db8239555977d78f03344778d7d02611e8a79de668a13ead4ff11f