goldenoldies.ca

Issued by R3

About this certificate

This digital certificate with serial number 04:22:84:d7:ea:3c:59:13:7f:f9:36:5a:f4:60:08:68:cc:30 was issued on by Let's Encrypt.

With 17 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=goldenoldies.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:22:84:d7:ea:3c:59:13:7f:f9:36:5a:f4:60:08:68:cc:30
Serial Number (int): 360195323392486192972562882410136686087216
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 01:1f:16:dc:64:a0:b8:35:a8:3a:22:0f:23:48:28:b1:cf:f7:d8:41
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 11:82:88:e8:93:df:01:4e:9b:69:34:06:33:48:9c:60:f1:79:28:44
Fingerprint (sha256): 66:d2:12:b3:04:0d:e5:03:6c:39:5d:99:a7:1f:31:a1:aa:0f:8b:af:3a:bd:77:08:16:4f:77:fe:c4:ee:cd:fe

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate goldenoldies.ca

17

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for goldenoldies.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

arbitragebot.ca
arduinoenigma.net
asj.co.in
certified-training.com
donedealauction.com
essex.in
goldenoldies.ca
hugswalk.com
powellcounty.com
seekingshalom.com
sweeney-aerospace.net
tepintasks.co
tomconte.com
visitsymi.com
wetruckit.com
winnebagofund.com
www.sgdietzcomedy.com

Other certificates including the domain name goldenoldies.ca

(limited to 100 certificates)

Certificate

The complete raw certificate details for goldenoldies.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISBCKE1+o8WRN/+TZa9GAIaMwwMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDA1MjAwMTMyMTFaFw0yNDA4MTgwMTMyMTBaMBoxGDAWBgNVBAMT
D2dvbGRlbm9sZGllcy5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALVKs+PqbDENBr5X4SWbV7tI52jpELyvdkzNwshhjhOp6+EqC/kHrgJ53K8IfYLT
ipYvuD/XyCjen51buBwDYuw70j4WYXj7FqKroTBUyg/tGUfBG7RQj+1SZMMjiy8f
bF91CWnJcE/lG6rVivGkUyJNsjp84dqQDO8F/BNAsK5H3H2o+t/IHmhXN4mZ+ngB
0uWXAo1898q2P5xBca8aS1YZq8vEll5jDq8PGTpUuyjUdGRqc8JEoeW22wwGPm1R
F+ivf7vdljvngNimjXb/I8e2IMJaT2TtcHTLYH22x+1Wr8PYrVAJYh0h/M0LfWO5
7tb3w+ob+hZiuYYTzw9meOcCAwEAAaOCAy0wggMpMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUAR8W3GSguDWoOiIPI0gosc/32EEwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wggEzBgNVHREEggEqMIIBJoIPYXJiaXRyYWdlYm90LmNhghFhcmR1aW5vZW5p
Z21hLm5ldIIJYXNqLmNvLmlughZjZXJ0aWZpZWQtdHJhaW5pbmcuY29tghNkb25l
ZGVhbGF1Y3Rpb24uY29tgghlc3NleC5pboIPZ29sZGVub2xkaWVzLmNhggxodWdz
d2Fsay5jb22CEHBvd2VsbGNvdW50eS5jb22CEXNlZWtpbmdzaGFsb20uY29tghVz
d2VlbmV5LWFlcm9zcGFjZS5uZXSCDXRlcGludGFza3MuY2+CDHRvbWNvbnRlLmNv
bYINdmlzaXRzeW1pLmNvbYINd2V0cnVja2l0LmNvbYIRd2lubmViYWdvZnVuZC5j
b22CFXd3dy5zZ2RpZXR6Y29tZWR5LmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCC
AQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq
68G/KIXs+GRuAAABj5PXmvEAAAQDAEgwRgIhALp+Zj9xssLJQrPte/DVElRyayke
mX6CryTgKKgLHQGYAiEAoz4CS2OhpOXBK87XFKInC7/r6sx3Cb0WsuF9KsrGiDIA
dgDf4VbrqgWvtZwPhnGNqMAyTq5W2W6n9aVqAdHBO75SXAAAAY+T15uoAAAEAwBH
MEUCICalhOTqE9nDqmrWvnTSY5BSWSE1ykI6b9M1oKmUstJfAiEAuHjhRncXR1J5
leDexVDQAiQKnjDiRzbKD5pr83fUPkgwDQYJKoZIhvcNAQELBQADggEBAJeiX242
0o1BZIyFn1jnRZRY3OVsju63o+KXgH6k4Zll7Uys89cP6yyGFNjHLdduzC/RpZeX
Z0bt8GKpbcuG/o6j9L2pD7FZMlJIF0HAyMbLi8BXE/4TI85rUS77ot/maKkR5CSR
l+YeC6nRbCLCWlIe34lja1JWytE2RNSUXrgypNK9q+OgVfYv9NQKdXy8DDZYDgAt
QG6G/razYwfE9MW/W8JI9wnEUirUZB5YzdZVxBmbZhdjmbRE3ul+JJ4ZPzr2crFp
/CB1jweL1VuyEOU/MKc/1OYcqTfLs/1KHei4ZvYQjQd7A/SR49te0ZwddPB2SO4K
kptwim9t7O4nW1s=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUqz4+psMQ0GvlfhJZtX
u0jnaOkQvK92TM3CyGGOE6nr4SoL+QeuAnncrwh9gtOKli+4P9fIKN6fnVu4HANi
7DvSPhZhePsWoquhMFTKD+0ZR8EbtFCP7VJkwyOLLx9sX3UJaclwT+UbqtWK8aRT
Ik2yOnzh2pAM7wX8E0Cwrkfcfaj638geaFc3iZn6eAHS5ZcCjXz3yrY/nEFxrxpL
Vhmry8SWXmMOrw8ZOlS7KNR0ZGpzwkSh5bbbDAY+bVEX6K9/u92WO+eA2KaNdv8j
x7YgwlpPZO1wdMtgfbbH7Vavw9itUAliHSH8zQt9Y7nu1vfD6hv6FmK5hhPPD2Z4
5wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 360195323392486192972562882410136686087216
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-20 01:32:11 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-18 01:32:10 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'goldenoldies.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22885970471428830700644710523511223074020798454425105346973544420851362527264341856773112005295104233704359559538525476629429093976867665055067688747890221874131748875753673243991671515125288432244778228998878352393230716614306354071754984491877756174622547827748115692190461191758404881859473706394190354863779560854832579949267245112808208270303792802268506449762417963102118861788965012523931529391863341721132228578383066399359696589039106063751306771471681917066036352990633776722596285676865807443710281697111564906752809895385249428772026816909282951485156740906607854419640467852734836744544958934661237995751
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							011f16dc64a0b835a83a220f234828b1cff7d841
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (298 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arbitragebot.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arduinoenigma.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asj.co.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'certified-training.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'donedealauction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'essex.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'goldenoldies.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hugswalk.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'powellcounty.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seekingshalom.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sweeney-aerospace.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tepintasks.co'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tomconte.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'visitsymi.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wetruckit.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'winnebagofund.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sgdietzcomedy.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f93d79af10000040300483046022100ba7e663f71b2c2c942b3ed7bf0d51254726b291e997e82af24e028a80b1d0198022100a33e024b63a1a4e5c12bced714a2270bbfebeacc7709bd16b2e17d2acac68832007600dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018f93d79ba80000040300473045022026a584e4ea13d9c3aa6ad6be74d2639052592135ca423a6fd335a0a994b2d25f022100b878e146771747527995e0dec550d002240a9e30e24736ca0f9a6bf377d43e48
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0097a25f6e36d28d41648c859f58e7459458dce56c8eeeb7a3e297807ea4e19965ed4cacf3d70feb2c8614d8c72dd76ecc2fd1a597976746edf062a96dcb86fe8ea3f4bda90fb1593252481741c0c8c6cb8bc05713fe1323ce6b512efba2dfe668a911e4249197e61e0ba9d16c22c25a521edf89636b5256cad13644d4945eb832a4d2bdabe3a055f62ff4d40a757cbc0c36580e002d406e86feb6b36307c4f4c5bf5bc248f709c4522ad4641e58cdd655c4199b66176399b444dee97e249e193f3af672b169fc20758f078bd55bb210e53f30a73fd4e61ca937cbb3fd4a1de8b866f6108d077b03f491e3db5ed19c1d74f07648ee0a929b708a6f6decee275b5b