northern.qho.ca

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:3b:bb:b5:8b:4c:e4:3d:a7:a5:ce:5f:b0:73:75:0b:b9:a2 was issued on by Let's Encrypt.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=northern.qho.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:3b:bb:b5:8b:4c:e4:3d:a7:a5:ce:5f:b0:73:75:0b:b9:a2
Serial Number (int): 368775311641666442379942803752436521220514
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: da:48:1a:fc:93:89:7a:d1:26:5a:00:a5:18:20:44:99:59:09:2a:99
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 40:f6:88:7c:d3:41:b2:32:e0:a7:4c:80:22:63:7c:51:3f:15:34:83
Fingerprint (sha256): 67:ab:1a:47:40:2b:ef:a1:3e:24:7a:1f:85:de:2f:75:57:e8:11:4d:d1:74:10:d1:73:d5:c3:a0:f5:e6:69:9c

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate northern.qho.ca

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for northern.qho.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

northern.qho.ca
www.northern.qho.ca

Other certificates including the domain name qho.ca

(limited to 100 certificates)
belize.qho.ca
belize.qho.ca
kenya.qho.ca
kenya.qho.ca
kingston.qho.ca
qho.ca
guyana.qho.ca
belize.qho.ca
guyana.qho.ca
kenya.qho.ca
kenya.qho.ca
qho.ca
northern.qho.ca
kenya.qho.ca
northern.qho.ca
kenya.qho.ca
kenya.qho.ca
kingston.qho.ca
belize.qho.ca
northern.qho.ca
northern.qho.ca
northern.qho.ca
guyana.qho.ca
guyana.qho.ca
belize.qho.ca
qho.ca
qho.ca
kenya.qho.ca
qho.ca
northern.qho.ca
belize.qho.ca
northern.qho.ca
qho.ca
belize.qho.ca
guyana.qho.ca
belize.qho.ca
kingston.qho.ca
guyana.qho.ca
guyana.qho.ca
kingston.qho.ca
belize.qho.ca
kingston.qho.ca
belize.qho.ca
northern.qho.ca
northern.qho.ca
northern.qho.ca
belize.qho.ca
northern.qho.ca
kingston.qho.ca
belize.qho.ca
kenya.qho.ca
guyana.qho.ca
northern.qho.ca
guyana.qho.ca
guyana.qho.ca
guyana.qho.ca
qho.ca
kingston.qho.ca
kingston.qho.ca
kingston.qho.ca
qho.ca
belize.qho.ca
kingston.qho.ca
northern.qho.ca
northern.qho.ca
guyana.qho.ca
northern.qho.ca
qho.ca
qho.ca
kenya.qho.ca
kingston.qho.ca
qho.ca
kingston.qho.ca
kingston.qho.ca
northern.qho.ca
guyana.qho.ca
belize.qho.ca
kenya.qho.ca
northern.qho.ca
kenya.qho.ca
kenya.qho.ca
kenya.qho.ca
belize.qho.ca
qho.ca
kenya.qho.ca
northern.qho.ca
guyana.qho.ca
belize.qho.ca
kenya.qho.ca
guyana.qho.ca
kenya.qho.ca
kingston.qho.ca
guyana.qho.ca
kenya.qho.ca
kingston.qho.ca
belize.qho.ca
guyana.qho.ca
kenya.qho.ca
belize.qho.ca
guyana.qho.ca

Certificate

The complete raw certificate details for northern.qho.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISBDu7tYtM5D2npc5fsHN1C7miMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA0MDUxMjMwNTBaFw0x
OTA3MDQxMjMwNTBaMBoxGDAWBgNVBAMTD25vcnRoZXJuLnFoby5jYTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBALLSDesHjnjlCVHthwYAsOO16cu0bumd
xRbAZuwxsTtyIhI5PA85crBsZmuzh+4aUCaS7TdpBfukKDHAVcuWPr9ZuUg07a17
Sn5XOiqwJcix8bX51E/Zfrupmn0MgQNU02rnvlGQt1aiuro9mPakzxeaLS0mkF4u
ESPI8zpmMF9xowSKq3YX7eW4BKqAMoxd2CuotsqInedWe3DWD1elPi7ymjh2XaQ2
rj0Wj5wUUME0o7l2p1Bw5b/H2KdynCXyPfHpByz2cywjIemS+Y++SZjeP/vg7YxJ
L8hRA0DbgdNGsgt8pMgUS5Jtpo7evt9YxtEWu8hMG8mt5yUOqDJ4TRMCAwEAAaOC
AnowggJ2MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU2kga/JOJetEmWgClGCBEmVkJ
KpkwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE
YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnLzAvBgNVHREEKDAmgg9ub3J0aGVybi5xaG8uY2GCE3d3dy5ub3J0aGVybi5x
aG8uY2EwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggr
BgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEFBgorBgEEAdZ5
AgQCBIH2BIHzAPEAdwDiaUuuJujpQAnohhu2O4PUPuf+dIj7pI8okwGd3fHb/gAA
AWntsd1uAAAEAwBIMEYCIQCsD1AIBd9aoeZQ27hlM+ZpgBGgMONBIkZlKCZqK//4
fwIhAOtlY4ejcCKSWSaIFcnQdbcTOxMvAJKUdTzdR4+kyt1FAHYAY/Lbzeg7zCzP
C3KEJ1drM6SNYXePvXWmOLHHaFRL2I0AAAFp7bHbdQAABAMARzBFAiAlVjzrnyQm
LoHuDKox8RLlxgVycjDYBP7qk6gwUmsWQgIhAKy3SO2K55uN8RZSH7gXIhf+9YNk
uoGrDdl546xtuk/jMA0GCSqGSIb3DQEBCwUAA4IBAQAKDnhntrh3AjRytSWb90pY
1aDO9iVnOSf+0Af3CAwtcmdneAF/EVcWGErmio8Y//tW7WzaJEGoApcNp4MJUHBx
xig3J47h8xNa2n9Msg2aXrZzWBzb7Gf8D+fqC4XYEhdkiFBsk4vV7enMzPbXas/w
xbRqKNZU9JiQ2o91di10U9bDsP6e0KCNOFd2Kv7MhgFeNoPJ4KjcFHsjrC+k9oiA
gnWkCXio9KvJtE5FOyAzljKbF7z2fBJ4S7M9BMZq8f/Vt10s35YmXwmkoZW9VKST
ZR+hUkB+09UKDmyK/hLkkaJEjnWFPVq8smavidzv6aD1aLa2BcHNVgcbqZHwKzb8
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstIN6weOeOUJUe2HBgCw
47Xpy7Ru6Z3FFsBm7DGxO3IiEjk8DzlysGxma7OH7hpQJpLtN2kF+6QoMcBVy5Y+
v1m5SDTtrXtKflc6KrAlyLHxtfnUT9l+u6mafQyBA1TTaue+UZC3VqK6uj2Y9qTP
F5otLSaQXi4RI8jzOmYwX3GjBIqrdhft5bgEqoAyjF3YK6i2yoid51Z7cNYPV6U+
LvKaOHZdpDauPRaPnBRQwTSjuXanUHDlv8fYp3KcJfI98ekHLPZzLCMh6ZL5j75J
mN4/++DtjEkvyFEDQNuB00ayC3ykyBRLkm2mjt6+31jG0Ra7yEwbya3nJQ6oMnhN
EwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 368775311641666442379942803752436521220514
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-04-05 12:30:50 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-04 12:30:50 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'northern.qho.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22573999953122170793050967526083848142137312464350994548728129247434125306112645600582453350437226800964599781235133462866691758679725036913999133459222447414482671763246433868064707552669165932735455844145989760411011217667914174858031937061307669324751908717531102034817089002541085397020120227525156109650624657783179395419802922447866211693490273988134384741664349836694383414301172015994455373113653231063096355931475190683510821575852266948302508230324411822173146296618517222997883668776927075855102463860948383352978667725660841110192338460456001428336065083902101727654633103402130753718311585946370418691347
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							da481afc93897ad1265a00a51820449959092a99
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (40 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'northern.qho.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.northern.qho.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700e2694bae26e8e94009e8861bb63b83d43ee7fe7488fba48f2893019dddf1dbfe00000169edb1dd6e0000040300483046022100ac0f500805df5aa1e650dbb86533e6698011a030e34122466528266a2bfff87f022100eb656387a370229259268815c9d075b7133b132f009294753cdd478fa4cadd4500760063f2dbcde83bcc2ccf0b728427576b33a48d61778fbd75a638b1c768544bd88d00000169edb1db750000040300473045022025563ceb9f24262e81ee0caa31f112e5c605727230d804feea93a830526b1642022100acb748ed8ae79b8df116521fb8172217fef58364ba81ab0dd979e3ac6dba4fe3
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000a0e7867b6b877023472b5259bf74a58d5a0cef625673927fed007f7080c2d72676778017f115716184ae68a8f18fffb56ed6cda2441a802970da78309507071c62837278ee1f3135ada7f4cb20d9a5eb673581cdbec67fc0fe7ea0b85d812176488506c938bd5ede9ccccf6d76acff0c5b46a28d654f49890da8f75762d7453d6c3b0fe9ed0a08d3857762afecc86015e3683c9e0a8dc147b23ac2fa4f688808275a40978a8f4abc9b44e453b203396329b17bcf67c12784bb33d04c66af1ffd5b75d2cdf96265f09a4a195bd54a493651fa152407ed3d50a0e6c8afe12e491a2448e75853d5abcb266af89dcefe9a0f568b6b605c1cd56071ba991f02b36fc