portal.lantal.ch
- Lantal Textiles AG -
Issued by Thawte SSL CA
About this certificate
This digital certificate with serial number 30:aa:ce:36:3f:88:fa:2d:0c:31:2a:c5:ee:b4:20:fc was issued on by Thawte, Inc..
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Lantal Textiles AG
Organization:
Lantal Textiles AG
Organization unit: Business Engineering
Organization unit: Business Engineering
State / Province:
Bern
Locality: Langenthal
Country: CH
Locality: Langenthal
Country: CH
Thawte, Inc.
Organization:
Thawte, Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 30:aa:ce:36:3f:88:fa:2d:0c:31:2a:c5:ee:b4:20:fcSerial Number (int): 64689816737989161563429546512132350204
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: a7:a2:83:bb:34:45:40:3d:fc:d5:30:4f:12:b9:3e:a1:01:9f:f6:db
Fingerprint (sha1): 90:d4:f8:bb:9f:55:aa:43:6e:cf:6c:a6:47:7b:de:f1:6a:b5:67:2a
Fingerprint (sha256): 6e:a2:ed:d5:73:f2:1f:0f:a5:d3:fd:5f:4b:67:7d:c3:52:29:5e:ae:b1:be:3e:06:8c:61:33:fe:56:dd:81:9b
Issuing Certificate URL: http://svr-ov-aia.thawte.com/ThawteOV.cer
Revocation information
OCSP Server: http://ocsp.thawte.comCRL Distribution Point: http://svr-ov-crl.thawte.com/ThawteOV.crl
Check the revocation status for certificate portal.lantal.ch
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for portal.lantal.ch
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA1 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
8 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
portal.lantal.ch
Other certificates including the domain name lantal.ch
(limited to 100 certificates)
sap.lantal.ch
portal.lantal.ch
*.lantal.ch
portal.lantal.ch
*.lantal.ch
sap.lantal.ch
sap.lantal.ch
sap.lantal.ch
portal.lantal.ch
*.lantal.ch
ftp.lantal.ch
portal.lantal.ch
cps.lantal.ch
portal.lantal.ch
*.lantal.ch
*.lantal.ch
connect.lantal.ch
portal.lantal.ch
sap.lantal.ch
connect.lantal.ch
sap.lantal.ch
webmail.lantal.ch
connect.lantal.ch
portal.lantal.ch
ftp.lantal.ch
sap.lantal.ch
*.lantal.ch
ftp.lantal.ch
portal.lantal.ch
portal.lantal.ch
*.lantal.ch
sap.lantal.ch
meeting.lantal.ch
mobile.lantal.ch
connect.lantal.ch
portal.lantal.ch
webmail.lantal.ch
webchat.lantal.ch
portal.lantal.ch
sap.lantal.ch
ftp.lantal.ch
webmail.lantal.ch
portal.lantal.ch
portal.lantal.ch
*.lantal.ch
portal.lantal.ch
*.lantal.ch
sap.lantal.ch
sap.lantal.ch
sap.lantal.ch
portal.lantal.ch
*.lantal.ch
ftp.lantal.ch
portal.lantal.ch
cps.lantal.ch
portal.lantal.ch
*.lantal.ch
*.lantal.ch
connect.lantal.ch
portal.lantal.ch
sap.lantal.ch
connect.lantal.ch
sap.lantal.ch
webmail.lantal.ch
connect.lantal.ch
portal.lantal.ch
ftp.lantal.ch
sap.lantal.ch
*.lantal.ch
ftp.lantal.ch
portal.lantal.ch
portal.lantal.ch
*.lantal.ch
sap.lantal.ch
meeting.lantal.ch
mobile.lantal.ch
connect.lantal.ch
portal.lantal.ch
webmail.lantal.ch
webchat.lantal.ch
portal.lantal.ch
sap.lantal.ch
ftp.lantal.ch
webmail.lantal.ch
portal.lantal.ch
Certificate
The complete raw certificate details for portal.lantal.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEuDCCA6CgAwIBAgIQMKrONj+I+i0MMSrF7rQg/DANBgkqhkiG9w0BAQUFADA8 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U aGF3dGUgU1NMIENBMB4XDTEzMDgxOTAwMDAwMFoXDTE2MDgxNzIzNTk1OVowgYgx CzAJBgNVBAYTAkNIMQ0wCwYDVQQIEwRCZXJuMRMwEQYDVQQHFApMYW5nZW50aGFs MRswGQYDVQQKFBJMYW50YWwgVGV4dGlsZXMgQUcxHTAbBgNVBAsUFEJ1c2luZXNz IEVuZ2luZWVyaW5nMRkwFwYDVQQDFBBwb3J0YWwubGFudGFsLmNoMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA299wMyxFbfMaZrIAiBOI2k6BFUhOq+20 TzA+TRMBEtsC5BfclmueGLj4CVfXsjdkBlcNCVZLS3gYHm1cXQGxzXQu6g5ARi2U iAxhWNKPK8dpFS411V0DZVj085vNfyjL+7K9mEetVmVZaVooFcSjToFmpTBhRqje bwS0ZvsYnqqbC96KdDTxN5CWhhbvk55CKtM9lbx/dJfbaLMtrQ0E21FYvsJpXUAn 2Pf6WSCCtdKwTyZp4bio8nfdNmln//W6fB4XHpOX8oYQdGyfUiwuGgaskac4t3gH VsCZcSFIr2T+vCyCHCM08aYSfX6JeRM9UDAY6tyTBivpO5gyq7xCBQIDAQABo4IB ZzCCAWMwGwYDVR0RBBQwEoIQcG9ydGFsLmxhbnRhbC5jaDAJBgNVHRMEAjAAMEIG A1UdIAQ7MDkwNwYKYIZIAYb4RQEHNjApMCcGCCsGAQUFBwIBFhtodHRwczovL3d3 dy50aGF3dGUuY29tL2Nwcy8wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFKei g7s0RUA9/NUwTxK5PqEBn/bbMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9zdnIt b3YtY3JsLnRoYXd0ZS5jb20vVGhhd3RlT1YuY3JsMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjBpBggrBgEFBQcBAQRdMFswIgYIKwYBBQUHMAGGFmh0dHA6 Ly9vY3NwLnRoYXd0ZS5jb20wNQYIKwYBBQUHMAKGKWh0dHA6Ly9zdnItb3YtYWlh LnRoYXd0ZS5jb20vVGhhd3RlT1YuY2VyMA0GCSqGSIb3DQEBBQUAA4IBAQBfkDNY bTJKB8q1+oCCTznrL0sEtiFFUA5vNPRw1wCQAbdh+yuxInKdRoDQ+Zb60q5vDB0E aoRIHBwRL6YBI1vfsXpY8XNNWd4znAdQRq69OBOPdUsJqIldu/nEfL2QaloU+6Ym CvArAMSMH9ymqn4EjeBhWyt70a+Y6A3A0uIOP/qKJ5LAROXGzV58at+tpTfnLs1Q k5T3EHAF4uCiTy5DjH9CBcX0uqsCRFD0KEYiFYO9ozgJC64w+7h69pxloSZQ3wcU cxsqaJIa/7PQMkZ899M6VPvjcUfqAJ6Kd5pOe3PNuXs1FYb+cWtjQkrMvLUrQpCP DICQpNelwZO3BmWk -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA299wMyxFbfMaZrIAiBOI 2k6BFUhOq+20TzA+TRMBEtsC5BfclmueGLj4CVfXsjdkBlcNCVZLS3gYHm1cXQGx zXQu6g5ARi2UiAxhWNKPK8dpFS411V0DZVj085vNfyjL+7K9mEetVmVZaVooFcSj ToFmpTBhRqjebwS0ZvsYnqqbC96KdDTxN5CWhhbvk55CKtM9lbx/dJfbaLMtrQ0E 21FYvsJpXUAn2Pf6WSCCtdKwTyZp4bio8nfdNmln//W6fB4XHpOX8oYQdGyfUiwu Ggaskac4t3gHVsCZcSFIr2T+vCyCHCM08aYSfX6JeRM9UDAY6tyTBivpO5gyq7xC BQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 64689816737989161563429546512132350204 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte SSL CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-08-19 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-08-17 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CH' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bern' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Langenthal' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Lantal Textiles AG' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Business Engineering' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'portal.lantal.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27756370310369160763983916009000993653949649776562670375966734903503949654046494129134063850219623410809344845075083525085020501788478069865417583491122782913767373726980093472945896562668091822198002785985695647400823457979969273003819390711032870205261036150813959926861468290619435237522489253736208731090948681095397634792416377027281126355381131661406664375439007991341986159823420984979452711325998665682045815644742987290332688536416328530317339471642465859542328596646738776546828186099013190919980038895060616538556966117770933053432283084696746668233161324730272540225024966469891881830619217462094137672197 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.lantal.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (59 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.54 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a7a283bb3445403dfcd5304f12b93ea1019ff6db . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (51 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-ov-crl.thawte.com/ThawteOV.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (93 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://svr-ov-aia.thawte.com/ThawteOV.cer' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005f9033586d324a07cab5fa80824f39eb2f4b04b62145500e6f34f470d7009001b761fb2bb122729d4680d0f996fad2ae6f0c1d046a84481c1c112fa601235bdfb17a58f1734d59de339c075046aebd38138f754b09a8895dbbf9c47cbd906a5a14fba6260af02b00c48c1fdca6aa7e048de0615b2b7bd1af98e80dc0d2e20e3ffa8a2792c044e5c6cd5e7c6adfada537e72ecd509394f7107005e2e0a24f2e438c7f4205c5f4baab024450f42846221583bda338090bae30fbb87af69c65a12650df0714731b2a68921affb3d032467cf7d33a54fbe37147ea009e8a779a4e7b73cdb97b351586fe716b63424accbcb52b42908f0c8090a4d7a5c193b70665a4