www.tractually.com

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:1b:9d:01:5d:72:89:5f:35:b2:a9:37:43:d8:38:50:d0:1d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.tractually.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:1b:9d:01:5d:72:89:5f:35:b2:a9:37:43:d8:38:50:d0:1d
Serial Number (int): 357845463516880033640991247553017567825949
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 56:93:51:12:77:7d:75:13:06:1d:34:51:02:31:89:f3:7f:c0:a2:3c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): cd:ff:c6:8f:98:f2:d3:e3:d4:dd:27:11:f3:b3:32:ef:d5:38:f4:8f
Fingerprint (sha256): 73:4b:c6:e8:30:3b:e7:66:2b:1f:a3:19:9c:56:6e:c5:e2:fe:04:f6:38:1d:dc:c3:a6:21:78:c8:6b:67:0c:8d

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.tractually.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.tractually.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.tractually.com

Other certificates including the domain name tractually.com

(limited to 100 certificates)
tractually.com
reelshemales.com
miningassociation.com
esportsmedan.com
www.odyssey-battery.com
www.tractually.com
www.massachusettssporttherapy.com
www.organicshiraz.com
www.foodstoragebuckets.com
tractually.com
omnispray.com
www.encodes.co

Certificate

The complete raw certificate details for www.tractually.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgISBBudAV1yiV81sqk3Q9g4UNAdMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEyMjEwOTA4MjFaFw0y
MDAzMjAwOTA4MjFaMB0xGzAZBgNVBAMTEnd3dy50cmFjdHVhbGx5LmNvbTCCAiIw
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM5w3aui1eUOcGNuYcwkowbTzVIg
kFWPv0c22u00GpvI3OCtph3NyqVjCMaKCq0xNTRrUaKMEE4LUQibSz7OinkVts6X
iDQKWsAur8DJGwr3Qn6iMfd8+dbPpEYycH87+dX6Bc/D/EssrNqFzVhLJsSyX6cf
pR9WqMOof3XjWbgq7ZqHgbp4BL3NS1PbviHCMci0NrkOrPuPDmNxw8034ELVtUD4
2tYBmH0lM1/8Lv/s13LpSTNdI2WMm4fQXFUp0rfJepVcWgpp/XAvG6OctlQy0Fny
1U9YcKpas3sFVaVC/Oc5TWPxmfnKjHfhxKH6CEbtPeSBxIHzX02LT2FjaxYErmGy
YVerk5LbK+s8FnLMTVFaTrNpuszZbHqmkYSBOz2EMNbhnl0qPijaXkxilisd8YZ5
WJtCB2nK9MtOPc8KY3qHD9mhRqesKDzXWkkZ/rE+HbMoDAmNbPlmPQi1toagz16/
mw8xAZk/v0NtM72OdCp8YEcyqmv+Z08Ad7aiXDOzHKtOAkPixMEb933NgKCDJCx4
zaf66IYCgSKoXV3BHFZCEQmrauh2D3lI72Ape9LsljvdvmCb36pxYUN3FkRPWsVr
TjqKogESXkkmp+Msc1qTAS9w74zaXFinxS9syvaQEocuKadJR4+YgEs8E0j4CYvN
C6G4ybo1dy7homu1AgMBAAGjggJmMIICYjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE
FFaTURJ3fXUTBh00UQIxifN/wKI8MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF
Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au
aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu
aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISd3d3LnRyYWN0dWFs
bHkuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI
KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHW
eQIEAgSB9ASB8QDvAHUAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMA
AAFvJ+3t5wAABAMARjBEAiBPkqZ9ya8ZXBYjVXkwsgdt63wNk/VCeEAaXMhQeN1N
/wIgF1X+gHgaWvty816ASoILQpgpllzuB+0RBqufGW15LsIAdgAHt1wb5X1o//Gw
xh0jFce65ld8V5S3au68YToaadOiHAAAAW8n7e37AAAEAwBHMEUCICXNPdCgQ6ob
i2E0kPG6ce5SN++hsJtNVx+cRuNgjWHWAiEA8Wm/xk8Sm7skXSY5iYzB7vwO/nkB
bs61B4QqJpCpcdwwDQYJKoZIhvcNAQELBQADggEBABJgllW94wwcOLBt4z3ysR2n
nuDbH/hL+yrviA7okExRYoVeO3NNYN94fEWD2OsoZMJMmDUDLCB4BkDkGryjRhNZ
gsOuxxWlEHH05YCXWP/2hgRs5e7jb9GELe+DL/dZN8PhU9AWM+MICMdu4oY6cRUI
jVoS5xu6tggCOjgjbRwhNlMx6tKf0vqQhsw/YGfmbxZZnYu8akKi7TpPYhZahacQ
qXR9ZiuHPfb2tzCa63/PMbAJdMxhJIHN/FZrJtj0XiWMuhgWK3pd9IjJ44JbZYE7
GheHzciYEAANWQEayht+kQnw6I+2q6M5qI3V/L3CNDnmH+OxUX2UtXnAz2GiqUk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAznDdq6LV5Q5wY25hzCSj
BtPNUiCQVY+/Rzba7TQam8jc4K2mHc3KpWMIxooKrTE1NGtRoowQTgtRCJtLPs6K
eRW2zpeINApawC6vwMkbCvdCfqIx93z51s+kRjJwfzv51foFz8P8Syys2oXNWEsm
xLJfpx+lH1aow6h/deNZuCrtmoeBungEvc1LU9u+IcIxyLQ2uQ6s+48OY3HDzTfg
QtW1QPja1gGYfSUzX/wu/+zXculJM10jZYybh9BcVSnSt8l6lVxaCmn9cC8bo5y2
VDLQWfLVT1hwqlqzewVVpUL85zlNY/GZ+cqMd+HEofoIRu095IHEgfNfTYtPYWNr
FgSuYbJhV6uTktsr6zwWcsxNUVpOs2m6zNlseqaRhIE7PYQw1uGeXSo+KNpeTGKW
Kx3xhnlYm0IHacr0y049zwpjeocP2aFGp6woPNdaSRn+sT4dsygMCY1s+WY9CLW2
hqDPXr+bDzEBmT+/Q20zvY50KnxgRzKqa/5nTwB3tqJcM7Mcq04CQ+LEwRv3fc2A
oIMkLHjNp/rohgKBIqhdXcEcVkIRCatq6HYPeUjvYCl70uyWO92+YJvfqnFhQ3cW
RE9axWtOOoqiARJeSSan4yxzWpMBL3DvjNpcWKfFL2zK9pAShy4pp0lHj5iASzwT
SPgJi80LobjJujV3LuGia7UCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 357845463516880033640991247553017567825949
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-21 09:08:21 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-03-20 09:08:21 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.tractually.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 842205321372568449991109465155258919956658781810228673875735171155776351542808439238303026367620356115501910901111447808842073322109563901808340333994405314416761679245861798317570198304690208896034516122678040462503670820311254289967781953259789110536556031417920804758708267091777829138881402501537146748496702937817995445980926268075108629234920280063730142804953592727861354194146489490752971827736500686883409622417072453329626594893149833566462426409312018030149121699561605032203668450254420301954986665610945040937819426915475130271861557767439357374849784435608507908576860886542758207381828631400817347900823115437210044651417928736866828498252270005597064914280980053217438400864537615507890263625398369057879534712432411365866375312368019998443134614148948545164793427588711052379506548506483629546467022887001688988180079709259062837770399955209935592222482623986894898729386476311064686878828689945585586830922107040695479442410694163234313860239389677518061687245375288596412747270798360467172870509103476710817572298584866287713680696862642016355974574870389501500498283865136887329108262874445904784339993406942101582789343335992931121795710050902053824186055126614013592368085063451472864935898196050692029123029941
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							56935112777d7513061d3451023189f37fc0a23c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tractually.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes)
							00ef0075006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016f27edede7000004030046304402204f92a67dc9af195c1623557930b2076deb7c0d93f54278401a5cc85078dd4dff02201755fe80781a5afb72f35e804a820b429829965cee07ed1106ab9f196d792ec200760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f27ededfb0000040300473045022025cd3dd0a043aa1b8b613490f1ba71ee5237efa1b09b4d571f9c46e3608d61d6022100f169bfc64f129bbb245d2639898cc1eefc0efe79016eceb507842a2690a971dc
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0012609655bde30c1c38b06de33df2b11da79ee0db1ff84bfb2aef880ee8904c5162855e3b734d60df787c4583d8eb2864c24c9835032c20780640e41abca346135982c3aec715a51071f4e5809758fff686046ce5eee36fd1842def832ff75937c3e153d01633e30808c76ee2863a7115088d5a12e71bbab608023a38236d1c21365331ead29fd2fa9086cc3f6067e66f16599d8bbc6a42a2ed3a4f62165a85a710a9747d662b873df6f6b7309aeb7fcf31b00974cc612481cdfc566b26d8f45e258cba18162b7a5df488c9e3825b65813b1a1787cdc89810000d59011aca1b7e9109f0e88fb6aba339a88dd5fcbdc23439e61fe3b1517d94b579c0cf61a2a949