www.sandonatomilanese.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:6e:b5:6c:d6:6d:62:f4:fd:0c:41:b3:46:b5:2e:82:fb:ff was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.sandonatomilanese.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:6e:b5:6c:d6:6d:62:f4:fd:0c:41:b3:46:b5:2e:82:fb:ffSerial Number (int): 299009073540983913054581952305550544010239
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 88:a9:ed:c8:42:57:75:7e:05:0a:06:70:f4:f0:c8:29:26:3c:e6:f9
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): bc:3f:e7:a9:0d:bc:2e:85:9b:6c:ff:49:d9:fb:d8:25:14:11:fc:1d
Fingerprint (sha256): 67:5f:58:c6:cf:43:6b:5c:24:4b:81:8c:c3:c3:6a:67:d4:8e:88:3c:7f:80:26:c5:2b:39:10:c3:63:8c:e2:34
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.sandonatomilanese.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.sandonatomilanese.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.sandonatomilanese.org
Other certificates including the domain name sandonatomilanese.org
(limited to 100 certificates)
www.sandonatomilanese.org
www.sandonatomilanese.org
394.me
www.89395.com
sandonatomilanese.org
sandonatomilanese.org
sandonatomilanese.org
www.sandonatomilanese.org
sandonatomilanese.org
sandonatomilanese.org
www.sandonatomilanese.org
sandonatomilanese.org
736.me
sandonatomilanese.org
www.sandonatomilanese.org
706.me
www.sandonatomilanese.org
394.me
www.89395.com
sandonatomilanese.org
sandonatomilanese.org
sandonatomilanese.org
www.sandonatomilanese.org
sandonatomilanese.org
sandonatomilanese.org
www.sandonatomilanese.org
sandonatomilanese.org
736.me
sandonatomilanese.org
www.sandonatomilanese.org
706.me
Certificate
The complete raw certificate details for www.sandonatomilanese.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGajCCBVKgAwIBAgISA261bNZtYvT9DEGzRrUugvv/MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDcxNDIzMDhaFw0y MDA1MDcxNDIzMDhaMCQxIjAgBgNVBAMTGXd3dy5zYW5kb25hdG9taWxhbmVzZS5v cmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDkEbR1NH9+onpI4vQU doTZ5TB83TBzWdqiNJHUXzDTcjbCYV8Ihy+QX7tIzcWW4TtUAEPUqvZRwFeSGFWw XAQk8QrhnB4EH43HIRRXLmNapAR0/jXN1TwegnrY16uBshPy9sYuwN1chokN2HFY 8KJV4x9K2d4FyxYnXAfoLQ3xyTf35Azzhzam0rYdwQ1KGuNeTtVheNIpXlx0fzMs jCGKqzklaLynwjrv7gjqbVSBbSa+3w2JwYpTYBIyPvzcSEDvlMAWYJ7s984uSXLQ lSwxCxk5YcGldkWuFnTGCV5o4Qfpbc/I0+MZCSNnuhM/nbz5Js0byCKTeowDj+cs yOpf/Qz0/xIqcZ1oqDIw/iwKnsnrft+WYHt60rY7bS6lvW+9PmIQq76qdQQ80sx4 eUkBsU5IaWncminqPfpwKWbdxXwK4QR0LPsB/z9W+c+klh/4TAIGNMo7O5upjF70 J9xu0MSdE1MFAZ1PkxaDaJX6hIF1gOAeF2mIKT+m8KmWfrgXb3GGIcfORDk2WDN6 ZPCpN+OcsiMsYTUhwl0YTlwPmsu7IyNBN55vW6ZnDzUs48cqzYF8w2tMjdmty+ss L4V1l1CmPcCUy49UCSF/suQbJI27/3aGGkzo4qI85PtOI2/uVO2IL1BPCXfWXM5r 2vgub50HwQunADCKe5KQuwTA3wIDAQABo4ICbjCCAmowDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBSIqe3IQld1fgUKBnD08MgpJjzm+TAfBgNVHSMEGDAWgBSoSmpjBH3d uubRObemRWXv86jsoTBvBggrBgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6 Ly9vY3NwLmludC14My5sZXRzZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6 Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMCQGA1UdEQQdMBuCGXd3dy5z YW5kb25hdG9taWxhbmVzZS5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYB BAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5v cmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgAHt1wb5X1o//Gwxh0jFce65ld8 V5S3au68YToaadOiHAAAAXAgP1yUAAAEAwBHMEUCIHGOt/QW6jV52edTf1mvpjPo psYTUJfcLMbrU0EPydI2AiEArrrbclvWLCiTDXTYManwCJVxyzhu4yQoRE04QUVY 4ZIAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXAgP1z6AAAE AwBHMEUCIDjdZ0Mfx+fCTqULLl4vh+LufmpuHuRl/qiJ8YLTNtgQAiEApHGiW8+9 /bTvMvbYRV8ql9UY3zq2XeT8WXB6gpkjTpYwDQYJKoZIhvcNAQELBQADggEBABET yPDCCRs0cEJsXKwK8r9iOq9TyQSeqcGA4LwYBPXa1RMd2WPd4ICa85gb/c+u86Sv FQ3Z0ogD9h2wUMibF9vjIPwTubYNUpCWAOph+z/ThLYYZ7s3LZ7fOM5K/WW4HRXB UvHMVeERMO8Zan6TD5fO2SB2gbVZue0lYYdpqsv3ktYJ3+Cbp5A9uGYudegjRRoG f2xgza+VkkOO5HUVFH+ZXNGICMvLNnh5lNlTh0YcSf0LMvrihfp3r7AIh6HyoD6R mYsl4YC77i5ePMStNrAWk88R7eezBN4nmzor2bQxXXckBNv8lwKi3/6upyLHtocT /lBcmaiCFAb7vBr2of0= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5BG0dTR/fqJ6SOL0FHaE 2eUwfN0wc1naojSR1F8w03I2wmFfCIcvkF+7SM3FluE7VABD1Kr2UcBXkhhVsFwE JPEK4ZweBB+NxyEUVy5jWqQEdP41zdU8HoJ62NergbIT8vbGLsDdXIaJDdhxWPCi VeMfStneBcsWJ1wH6C0N8ck39+QM84c2ptK2HcENShrjXk7VYXjSKV5cdH8zLIwh iqs5JWi8p8I67+4I6m1UgW0mvt8NicGKU2ASMj783EhA75TAFmCe7PfOLkly0JUs MQsZOWHBpXZFrhZ0xgleaOEH6W3PyNPjGQkjZ7oTP528+SbNG8gik3qMA4/nLMjq X/0M9P8SKnGdaKgyMP4sCp7J637flmB7etK2O20upb1vvT5iEKu+qnUEPNLMeHlJ AbFOSGlp3Jop6j36cClm3cV8CuEEdCz7Af8/VvnPpJYf+EwCBjTKOzubqYxe9Cfc btDEnRNTBQGdT5MWg2iV+oSBdYDgHhdpiCk/pvCpln64F29xhiHHzkQ5NlgzemTw qTfjnLIjLGE1IcJdGE5cD5rLuyMjQTeeb1umZw81LOPHKs2BfMNrTI3ZrcvrLC+F dZdQpj3AlMuPVAkhf7LkGySNu/92hhpM6OKiPOT7TiNv7lTtiC9QTwl31lzOa9r4 Lm+dB8ELpwAwinuSkLsEwN8CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 299009073540983913054581952305550544010239 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-07 14:23:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-07 14:23:08 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.sandonatomilanese.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 930440994949829182335622048334025110365416433980846366148233669812249805565564675351490333141455261827107875874062877248340304648089973645187727972154927483811321956656350904821345672270988620254014721744449396475422265088616668583094726260164579787650903105214062579277483653555173613421214192078568437134551694281392884525786134870990688119552752929438153788408748398028536825918677323792217738840278954101626842652129688899390246633444697261704256463111183905405838733327880287005598039615174202756473225535625724064812432481235937474744957582575638962326414247186697952920226698949195159622093015490945190604125782204386852156037863694592439307915964490871149253360661937341999893330274723908062282585739107144643779665184365823460681521554544476062725698406255326863199404167953194733795721608214342082239212119565353837961449365541383528381063276197418997172515640798095707867965805918071646289496816130222320937645463831190434342189184234763704380130881256019362199438055723013734950537456647178715840405233453741355637721581446799625977369124364412824688284018331631366512063974996907012491779753948913278557223497384666097142279780679395680756216702944407554597695179581591069881474993292748107052145939960031734368173342943 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 88a9edc84257757e050a0670f4f0c829263ce6f9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (29 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sandonatomilanese.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c00000170203f5c9400000403004730450220718eb7f416ea3579d9e7537f59afa633e8a6c6135097dc2cc6eb53410fc9d236022100aebadb725bd62c28930d74d831a9f0089571cb386ee32428444d38414558e1920076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d91300000170203f5cfa0000040300473045022038dd67431fc7e7c24ea50b2e5e2f87e2ee7e6a6e1ee465fea889f182d336d810022100a471a25bcfbdfdb4ef32f6d8455f2a97d518df3ab65de4fc59707a8299234e96 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001113c8f0c2091b3470426c5cac0af2bf623aaf53c9049ea9c180e0bc1804f5dad5131dd963dde0809af3981bfdcfaef3a4af150dd9d28803f61db050c89b17dbe320fc13b9b60d52909600ea61fb3fd384b61867bb372d9edf38ce4afd65b81d15c152f1cc55e11130ef196a7e930f97ced9207681b559b9ed25618769aacbf792d609dfe09ba7903db8662e75e823451a067f6c60cdaf9592438ee47515147f995cd18808cbcb36787994d95387461c49fd0b32fae285fa77afb00887a1f2a03e91998b25e180bbee2e5e3cc4ad36b01693cf11ede7b304de279b3a2bd9b4315d772404dbfc9702a2dffeaea722c7b68713fe505c99a8821406fbbc1af6a1fd