dupontphilatelie.fr
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:62:a1:80:59:20:fc:2a:5a:b7:ae:9f:ec:79:c8:94:99:9b was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=dupontphilatelie.fr
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:62:a1:80:59:20:fc:2a:5a:b7:ae:9f:ec:79:c8:94:99:9bSerial Number (int): 382011487814360017270596124344370576267675
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 42:38:ec:01:2b:1d:0c:f5:07:f1:4f:91:a0:d2:b8:0d:4f:d7:05:35
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): ad:a1:f5:f9:1e:e7:bc:14:b3:bb:ba:56:65:eb:72:11:36:d7:82:04
Fingerprint (sha256): 75:3b:e2:37:67:c7:f2:ef:e1:19:e5:b6:f6:4a:cb:1e:07:8d:13:fa:d1:57:0f:a6:38:bc:32:b6:66:f1:53:4c
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate dupontphilatelie.fr
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for dupontphilatelie.fr
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
dupontphilatelie.fr
www.dupontphilatelie.fr
www.dupontphilatelie.fr
Other certificates including the domain name dupontphilatelie.fr
(limited to 100 certificates)
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
dupontphilatelie.fr
Certificate
The complete raw certificate details for dupontphilatelie.fr in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGKjCCBRKgAwIBAgISBGKhgFkg/Cpat66f7HnIlJmbMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODA3MTMwODQwMDlaFw0x ODEwMTEwODQwMDlaMB4xHDAaBgNVBAMTE2R1cG9udHBoaWxhdGVsaWUuZnIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/RZlIOnNI5tCMkHsDw3n1LIVu 8zJYUjt2duuYbQZvQHYNpw3YXe7f0qOZG4IyHkkMlMvCJ8uWHNDWR/TYur20Ntl3 QPHK/B/9RCIoWrkPfcFER988tAgh7hU5UmRgksynmZTMLmtE3TcaYeL0ueDXCO7U hbvlbLnpqKJRvehdLyfcb5w9cQzBCsnWwuZqKc/mB6WocQ4SGdkkBaPNJ6RbIB38 X+VpBkD7rT5WsPWU9TK9w/mwbwHT5XX3G9EAqTUil6nBMe01c3YP+RhriJK1Wj1q x8w2CTT28fCi3B47s5VbUHOkqninoOz4t/3f/Vcd3S852OzhG3yc7gMVxJxVAgMB AAGjggM0MIIDMDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEI47AErHQz1B/FPkaDS uA1P1wU1MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUF BwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNy eXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNy eXB0Lm9yZy8wNwYDVR0RBDAwLoITZHVwb250cGhpbGF0ZWxpZS5mcoIXd3d3LmR1 cG9udHBoaWxhdGVsaWUuZnIwgf4GA1UdIASB9jCB8zAIBgZngQwBAgEwgeYGCysG AQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0 Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlzIENlcnRpZmljYXRlIG1heSBvbmx5 IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcgUGFydGllcyBhbmQgb25seSBpbiBh Y2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBo dHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQQGCisGAQQB1nkC BAIEgfUEgfIA8AB2ACk8UZZUyDlluqpQ/FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAAB ZJMDE+UAAAQDAEcwRQIgE+YDhJ+AXS8s+uWyQtbDNsVWUJ7RquN8ulR+xy5kXGAC IQDz0ABpTgyP895Zeb5weTrvfvLvP9L59kY6SqublZ4RNAB2AFWB1MIWkDYBSuoL m1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZJMDFzoAAAQDAEcwRQIhAJ6OZrZfrg4N ffKSxf0PtipySmv3/0/klOfS/kx8CE5FAiAQjifMhgZCW0qpc4VrvTGIDKh7k3zy F95q/oYZpkMTHDANBgkqhkiG9w0BAQsFAAOCAQEAmZNfojhjWQ+eV/117Ld2VfP1 gdXO8Jr224K0bvzkpJSjzh0LUK3neakIuCOdmp9DYLInjWQT3aAgmICtJ66OeKFd SUKBVt12izjoL0LP/4MwdikdabrVy1lnOKsD516lVnKR/Z0DtWVJHQJw3XlyOJ5T GF/TYCk8gLuyPEHtlRwVwdCtUJZFz001PFgLA2D3gvA0J9nEkjrpOfQF7SDMBLCE t4gA/K+IaU9T1CX9sIVS7C8DrFo5PTjvx47QHKciQi2va5zfzWlAB+bb5y5PZA6F uFHONvPG1jKP+zrAqTNXloFbVje5rn3Vi2V29jnm7JS6XO1ej18r2vOjWYoLIA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0WZSDpzSObQjJB7A8N5 9SyFbvMyWFI7dnbrmG0Gb0B2DacN2F3u39KjmRuCMh5JDJTLwifLlhzQ1kf02Lq9 tDbZd0Dxyvwf/UQiKFq5D33BREffPLQIIe4VOVJkYJLMp5mUzC5rRN03GmHi9Lng 1wju1IW75Wy56aiiUb3oXS8n3G+cPXEMwQrJ1sLmainP5gelqHEOEhnZJAWjzSek WyAd/F/laQZA+60+VrD1lPUyvcP5sG8B0+V19xvRAKk1IpepwTHtNXN2D/kYa4iS tVo9asfMNgk09vHwotweO7OVW1BzpKp4p6Ds+Lf93/1XHd0vOdjs4Rt8nO4DFcSc VQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 382011487814360017270596124344370576267675 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-07-13 08:40:09 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-10-11 08:40:09 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'dupontphilatelie.fr' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24145836675407655812850431889087957035569213386898852105024305223702539690733045121084272057256633977823867569151952750947859864415790892504747323666866040544327847504330086719766964923601147371755312792266574527703801434949636937071981200135584435942046974668982001517313748086604905798658326070909252728834750955729626673819730445256788576434853568160829406893286400410497893757251846785519832873278349752076554081179034662135409101328764210751301384628188014068320874479403908020203746067379278907852313678714170182855003768542219476713120982945880107278071984365395725626805450305887168734837826458378625842715733 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 4238ec012b1d0cf507f14f91a0d2b80d4fd70535 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dupontphilatelie.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.dupontphilatelie.fr' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f47800000164930313e50000040300473045022013e603849f805d2f2cfae5b242d6c336c556509ed1aae37cba547ec72e645c60022100f3d000694e0c8ff3de5979be70793aef7ef2ef3fd2f9f6463a4aab9b959e11340076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c000001649303173a00000403004730450221009e8e66b65fae0e0d7df292c5fd0fb62a724a6bf7ff4fe494e7d2fe4c7c084e450220108e27cc8606425b4aa973856bbd31880ca87b937cf217de6afe8619a643131c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0099935fa23863590f9e57fd75ecb77655f3f581d5cef09af6db82b46efce4a494a3ce1d0b50ade779a908b8239d9a9f4360b2278d6413dda0209880ad27ae8e78a15d49428156dd768b38e82f42cfff833076291d69bad5cb596738ab03e75ea5567291fd9d03b565491d0270dd7972389e53185fd360293c80bbb23c41ed951c15c1d0ad509645cf4d353c580b0360f782f03427d9c4923ae939f405ed20cc04b084b78800fcaf88694f53d425fdb08552ec2f03ac5a393d38efc78ed01ca722422daf6b9cdfcd694007e6dbe72e4f640e85b851ce36f3c6d6328ffb3ac0a9335796815b5637b9ae7dd58b6576f639e6ec94ba5ced5e8f5f2bdaf3a3598a0b20