www.okzo.com

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:60:e0:d9:be:65:5c:77:06:82:a9:a1:37:50:6f:76:12:9c was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.okzo.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:60:e0:d9:be:65:5c:77:06:82:a9:a1:37:50:6f:76:12:9c
Serial Number (int): 294302842680853441267060179992856506012316
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 63:a2:23:34:9f:60:fa:33:12:27:d1:f2:c4:f9:0b:6d:6d:f0:e7:75
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 41:06:39:7c:c8:57:23:ca:87:d1:5b:e8:2e:cb:ad:37:b2:ad:26:40
Fingerprint (sha256): 6c:ac:c0:9d:8f:02:80:e4:68:e0:90:a9:22:12:0b:b6:14:0a:98:44:55:51:7b:24:2b:a7:ec:28:b1:d8:44:01

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.okzo.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.okzo.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.okzo.com

Other certificates including the domain name okzo.com

(limited to 100 certificates)
vinylco.com
www.propagador.com
www.okzo.com
okzo.com
www.okzo.com
salafism.exposed
stemcellsmanchester.com
58179.com
www.okzo.com
osservatori.com
okzo.com
okzo.com
okzo.com
www.mountaineeringexpeditions.com
okzo.com
www.levelsofcare.com

Certificate

The complete raw certificate details for www.okzo.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGUDCCBTigAwIBAgISA2Dg2b5lXHcGgqmhN1BvdhKcMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMjMxODQyMjVaFw0y
MDA1MjMxODQyMjVaMBcxFTATBgNVBAMTDHd3dy5va3pvLmNvbTCCAiIwDQYJKoZI
hvcNAQEBBQADggIPADCCAgoCggIBAOQWNeUeLoGUT2itPsAtI79t0EnNDkKaGFfZ
z1NVMsFK4pSXi1lHD0CtaQ0OsLFMQsPYPVSfVd+SyIJFULtb4+BJJPBMZTwHubu3
J4gU1IfvdDnQp0t+ap564ylhUZYO/McUt4ppn5/JVyb1tnB9zjFcNSb4Wi4zwkFb
a8wBL4uZ1LiBtsXS/nvvPbKg7C2DMeW6ZQe7ji8N7eiG3Wut5GP2Kk53vDLNbq9X
EACLlLyM0hecel70xu8wgeeiTea4l+D03aiwIWxPNsHKVbVCRkjrGsGag/QJ0I18
5StySyL13fxpguVH+hbvpw7uMzUwrbfP6Ym6H31i3iC2u3F4m2CdMBItyc0ALdsY
bIF+8R/Z6cOimKc/kLDwlaF9zJaaKcdgi/NCeAAaOln9JCMZuIwW64oSsA+Bsnth
fnO+HWYwKXd1YWhI3XH09RddDRGqtanw61cFqf1264z+V5VMrgh1AFVB7pPgJUHr
+nz+trVpgdTZZgxuQ2YibGjw/OLP+eMldD23HkeUzLmYArobwaVC/mQIutBIwngd
Ef7u+cqxWLjtjuPLdw04LHd2pg644ZH4DR9IwXB7Bm4WwpTCtQzMHZUZUPl04hUh
IMEO3GwQ+m81/jVWzbjJv/2P7O3/pNTRKY2hgFWiD7MedMn1dtmuoYJP3GR6tI29
RF8v0Z0PAgMBAAGjggJhMIICXTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFGOiIzSf
YPozEifR8sT5C21t8Od1MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh
MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz
LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz
LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMd3d3Lm9rem8uY29tMEwGA1Ud
IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0
dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw
AHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFwc5J/SwAABAMA
RzBFAiBteN3rGr8Y2wsm6q6DVO83jDJTida8Rutc0S+bhvJabQIhAJ2P3H+2SSnP
ifohp8I/UbHfuqyL6RrzzYwLlTutlTMJAHYAsh4FzIuizYogTodm+Su5iiUgZ2va
+nDnsklTLe+LkF4AAAFwc5J/OAAABAMARzBFAiEA8UDKi/EfiRbepRdDJ8zIuoKI
E7FmKHnSGdMys/4S/mICIB9nB9Mm9G7IMXAn3jZ8lwqbSIHC/MO4qr4+VUEMZCRr
MA0GCSqGSIb3DQEBCwUAA4IBAQBTE0gG0560yL5cbNZ3oQqJEj6P3L/IYkvoCtYY
3+ETm5OIZTFCDIk9IkON09zZt560iETiK4O/xGndIbqimSRYbg1g4lqcAOqdObnt
Ngd/KC5lvTtj2u/P9rU8cLtU78QLS9DW22pNZWETwpiR4upCNWjU9Uxu8TPnkGPA
ZtpHFP0/tp4hKoap7vB5M16lHecl+Cv8BCv/li3g5hvDmWwShFT1Tc+Jx4veCc/u
3crAHTZDbhlU+KYTWdAyruk9U5JOSgotUb80p4RZkg2GT72b/IU7BAuz+YRS+7lw
SfV6Pj8B0yItKm67+k4JDAIgfeDtsNghOq6Oqi6rwhxw3yhR
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5BY15R4ugZRPaK0+wC0j
v23QSc0OQpoYV9nPU1UywUrilJeLWUcPQK1pDQ6wsUxCw9g9VJ9V35LIgkVQu1vj
4Ekk8ExlPAe5u7cniBTUh+90OdCnS35qnnrjKWFRlg78xxS3immfn8lXJvW2cH3O
MVw1JvhaLjPCQVtrzAEvi5nUuIG2xdL+e+89sqDsLYMx5bplB7uOLw3t6Ibda63k
Y/YqTne8Ms1ur1cQAIuUvIzSF5x6XvTG7zCB56JN5riX4PTdqLAhbE82wcpVtUJG
SOsawZqD9AnQjXzlK3JLIvXd/GmC5Uf6Fu+nDu4zNTCtt8/piboffWLeILa7cXib
YJ0wEi3JzQAt2xhsgX7xH9npw6KYpz+QsPCVoX3Mlpopx2CL80J4ABo6Wf0kIxm4
jBbrihKwD4Gye2F+c74dZjApd3VhaEjdcfT1F10NEaq1qfDrVwWp/XbrjP5XlUyu
CHUAVUHuk+AlQev6fP62tWmB1NlmDG5DZiJsaPD84s/54yV0PbceR5TMuZgCuhvB
pUL+ZAi60EjCeB0R/u75yrFYuO2O48t3DTgsd3amDrjhkfgNH0jBcHsGbhbClMK1
DMwdlRlQ+XTiFSEgwQ7cbBD6bzX+NVbNuMm//Y/s7f+k1NEpjaGAVaIPsx50yfV2
2a6hgk/cZHq0jb1EXy/RnQ8CAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 294302842680853441267060179992856506012316
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-23 18:42:25 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-05-23 18:42:25 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.okzo.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 930512796907005450576309117656029217831278836413484317039500927470894600396398328213124435820091808632406223332573404792511454597595452886084761354234536680916906026693651081694653240401649186546718613460595145451366912678715589010785422763718815548885346904525469187074898872606011245227208498400479317947658210837267254569958946576773105019876698138428574280165549888670791301393737097496441094174952374852418521913550923208178738209372749846035972157328055850431375600610887422313652227687542300489095667793698761368376508719338472367261817978088163965018281585121844466494554832823191760240624658685295869753867384090462172992838225689564838265370021223295968793263367827641076830033417972221517361353316029115886543381559736955848770350891383419767672797711148325746880057094775963497267975719478227272350040532313809158540079136222993506085019488828889755713969846762561336883313111176820234006257527600009737678325748832622929375902811412947636405481120728890143444220839226466020270801073054405937667404442474049561741955045278247080691785732989880390530390118407818716944973197533396058504696680166879083337756089006812561765303782766643034556079169980019259789645579997102361213695987220155033160554714371231403582348696847
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							63a223349f60fa331227d1f2c4f90b6d6df0e775
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.okzo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000017073927f4b000004030047304502206d78ddeb1abf18db0b26eaae8354ef378c325389d6bc46eb5cd12f9b86f25a6d0221009d8fdc7fb64929cf89fa21a7c23f51b1dfbaac8be91af3cd8c0b953bad953309007600b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000017073927f380000040300473045022100f140ca8bf11f8916dea5174327ccc8ba828813b1662879d219d332b3fe12fe6202201f6707d326f46ec8317027de367c970a9b4881c2fcc3b8aabe3e55410c64246b
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0053134806d39eb4c8be5c6cd677a10a89123e8fdcbfc8624be80ad618dfe1139b93886531420c893d22438dd3dcd9b79eb48844e22b83bfc469dd21baa29924586e0d60e25a9c00ea9d39b9ed36077f282e65bd3b63daefcff6b53c70bb54efc40b4bd0d6db6a4d656113c29891e2ea423568d4f54c6ef133e79063c066da4714fd3fb69e212a86a9eef079335ea51de725f82bfc042bff962de0e61bc3996c128454f54dcf89c78bde09cfeeddcac01d36436e1954f8a61359d032aee93d53924e4a0a2d51bf34a78459920d864fbd9bfc853b040bb3f98452fbb97049f57a3e3f01d3222d2a6ebbfa4e090c02207de0edb0d8213aae8eaa2eabc21c70df2851