christianallaire.com

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:d8:5f:49:7f:a9:9e:e2:47:e6:81:79:6c:a0:1b:37:85:c9 was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=christianallaire.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:d8:5f:49:7f:a9:9e:e2:47:e6:81:79:6c:a0:1b:37:85:c9
Serial Number (int): 422076793268538686061927180962249076868553
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 40:a5:33:b2:ca:7e:e5:ed:fb:4e:db:de:79:3e:77:45:45:a2:2a:8c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 21:aa:84:d5:ec:36:a2:c4:45:52:6f:42:06:8f:0a:b5:7f:95:61:58
Fingerprint (sha256): 78:86:7d:58:5a:38:85:0d:ed:8c:cc:9f:1a:4d:3b:94:25:e9:ee:b6:cc:e2:43:d5:90:05:b8:8e:b0:f3:5f:9e

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate christianallaire.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for christianallaire.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

christianallaire.com

Other certificates including the domain name christianallaire.com

(limited to 100 certificates)
gofr.org
christianallaire.com
www.christianallaire.com
www.christianallaire.com
www.christianallaire.com
christianallaire.com
christianallaire.com
tudoble.com
www.shoe.market
www.christianallaire.com
iberoprint.com

Certificate

The complete raw certificate details for christianallaire.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgISBNhfSX+pnuJH5oF5bKAbN4XJMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMDUyMjUwMjRaFw0y
MDA0MDQyMjUwMjRaMB8xHTAbBgNVBAMTFGNocmlzdGlhbmFsbGFpcmUuY29tMIIC
IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA10vJwzaWfgy+zBR8d+b688ED
pxc9a2VKRAU62dl6SvKUxGxwswKJwNB6PJ0L4yTxAYXsz168doY/gPSUNwgGHRJn
pJGRYtr4xC18c6+HnnslhlRGo5xpCrQ3X6HibpE3NhLBfl8Izgp9RZBvkk/luQ8I
2Ax7NCbSigf2BiJifHuqIiLvG4nxlfPW+kwetK2OHETIEt5ZQqYiMcUnJHKnB/Pj
oMaM5xVyPn0W9r62M9jFLMAvdCu1zhJossDftqzPBahsI4COUHYYRf9/VAt88E7x
EHz7YNHlcpZSHKtCSivYb6PtVWzSNASHOMnu1vLoUTZpCJ4neYL9gh08RqNWN7Az
xGfMCDRdu/2YcehGVBijsQwUSh+ET2cBMBE2hNli0UsyBUZQghFN/tjCjHbUyu5k
Adc+wlsr+IFV1HPB/YRNHemhLTGW9zMwIpYKd1QuijhWvxAzS86SEeiThfWssaH8
FR27zMp1Kk7nE5R0toCv6KhkQQIQsqMxrHGqcbGjpGC3ZLJGThOHBB6EqW0vESPT
oOc+PvZn9bgLBGNCYYDEQfGfRcTpksFgElKEqaKjOQslDaWSdgdeDC+8UDtkIW5u
LXz3u+1MmsnRPg8A8B+qpcCKSMpIwi+Y7/FvjnBNm4FuwcSj3Nu7oVrz7Q7H/VTC
WbIHZ+E4sawLwI9oW6sCAwEAAaOCAmkwggJlMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
FgQUQKUzssp+5e37TtveeT53RUWiKowwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3
pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2Nz
cC5pbnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2Vy
dC5pbnQteDMubGV0c2VuY3J5cHQub3JnLzAfBgNVHREEGDAWghRjaHJpc3RpYW5h
bGxhaXJlLmNvbTBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAo
MCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisG
AQQB1nkCBAIEgfUEgfIA8AB3AF6nc/nfVsDntTZIfdBJ4DJ6kZoMhKESEoQYdZaB
cUVYAAABb3gd6yAAAAQDAEgwRgIhAJZca33VoDlTVIP7iDjD1/9GBhwh5SIqE4OL
jW6XZfBsAiEA+LcJO2bmqjDTeq+Lzt4Ci80ZIn9KllsWHUZjD+p6nxYAdQAHt1wb
5X1o//Gwxh0jFce65ld8V5S3au68YToaadOiHAAAAW94HetRAAAEAwBGMEQCICEI
sUC+i2umOfjiJ1zH8HQRI7DEFjZ6CO8Tp4ZwO8rtAiBC/8q2hm5NCtZ/EZTgzmim
cmb880RNkja4SAow12YB5jANBgkqhkiG9w0BAQsFAAOCAQEADSjT0c1OaxNsYAFx
OqC3VAGrxnaCDw9uYehS+hVg114NGbXuBHcjKUkz1u8hGJsqh08mHSIiLXxIAojd
hBuKjFvYTRi+qJzh9SoRzXUJdHvLMfazzzygmyQuj4LI09bdc1cb+cOSLKSU9H9h
eRQ7gPw2n0+yP+f08Vxlf58QEtDZGzsi1kjnMvwLaUo3M4YNhI8aYvtqEoaB4g/G
P2MzqdYDe7eneKrcHDoiSnZ3WwyEAU2eKaaK0AZmX9qQLon+S3rrTKrjFqu04jxf
jkfVFLfjtjMhwJZ/FXC0SzEHk5BUo+i/H0wdRcC/ENIKKkBDvLjpsrvbj1u6LYt1
tvdYLg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA10vJwzaWfgy+zBR8d+b6
88EDpxc9a2VKRAU62dl6SvKUxGxwswKJwNB6PJ0L4yTxAYXsz168doY/gPSUNwgG
HRJnpJGRYtr4xC18c6+HnnslhlRGo5xpCrQ3X6HibpE3NhLBfl8Izgp9RZBvkk/l
uQ8I2Ax7NCbSigf2BiJifHuqIiLvG4nxlfPW+kwetK2OHETIEt5ZQqYiMcUnJHKn
B/PjoMaM5xVyPn0W9r62M9jFLMAvdCu1zhJossDftqzPBahsI4COUHYYRf9/VAt8
8E7xEHz7YNHlcpZSHKtCSivYb6PtVWzSNASHOMnu1vLoUTZpCJ4neYL9gh08RqNW
N7AzxGfMCDRdu/2YcehGVBijsQwUSh+ET2cBMBE2hNli0UsyBUZQghFN/tjCjHbU
yu5kAdc+wlsr+IFV1HPB/YRNHemhLTGW9zMwIpYKd1QuijhWvxAzS86SEeiThfWs
saH8FR27zMp1Kk7nE5R0toCv6KhkQQIQsqMxrHGqcbGjpGC3ZLJGThOHBB6EqW0v
ESPToOc+PvZn9bgLBGNCYYDEQfGfRcTpksFgElKEqaKjOQslDaWSdgdeDC+8UDtk
IW5uLXz3u+1MmsnRPg8A8B+qpcCKSMpIwi+Y7/FvjnBNm4FuwcSj3Nu7oVrz7Q7H
/VTCWbIHZ+E4sawLwI9oW6sCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 422076793268538686061927180962249076868553
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-05 22:50:24 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-04 22:50:24 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'christianallaire.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 878331242652634736742084398416448384990115750573721127132228466234902672534618919940594694922788060450078447540204359606281752105345918660948294732224958226769956316872752818282628187944922830791311031694300813602534205893129331639975485345719914513746498226965563486473630279607176776970252644334017782864378742816490162558388550701748955655482387688491596319032251903037201830946062286274680300812583376785379676725905095886683933235093402514853345408948645204332950652621671608590375777794940227182343026661149741496316555884032932907896111633382054431384520644211644966401704051827699229528788885229282952145790434392597425983812618443634831037826788721028021439604891504084112967242526985932448417679172751212970132478399897580065313492948848550111851356826247910070741033374194414728604904430134702587169483415731760929240568280192411371376720130766592577138916317574412267594154870813516384306432847530811873723788198491057729191987412920755955792772173598288027060583380768751898631887767132317545972185746872422953752367391160882210236508373625450635878359758078320205289105557118332867132261889505746558458201891672595688492776611030327834836068454903476821836578970439666569359795954007656544522943103638211238224172964779
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							40a533b2ca7ee5edfb4edbde793e774545a22a8c
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'christianallaire.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00077005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016f781deb200000040300483046022100965c6b7dd5a039535483fb8838c3d7ff46061c21e5222a13838b8d6e9765f06c022100f8b7093b66e6aa30d37aaf8bcede028bcd19227f4a965b161d46630fea7a9f1600750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016f781deb51000004030046304402202108b140be8b6ba639f8e2275cc7f0741123b0c416367a08ef13a786703bcaed022042ffcab6866e4d0ad67f1194e0ce68a67266fcf3444d9236b8480a30d76601e6
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000d28d3d1cd4e6b136c6001713aa0b75401abc676820f0f6e61e852fa1560d75e0d19b5ee047723294933d6ef21189b2a874f261d22222d7c480288dd841b8a8c5bd84d18bea89ce1f52a11cd7509747bcb31f6b3cf3ca09b242e8f82c8d3d6dd73571bf9c3922ca494f47f6179143b80fc369f4fb23fe7f4f15c657f9f1012d0d91b3b22d648e732fc0b694a3733860d848f1a62fb6a128681e20fc63f6333a9d6037bb7a778aadc1c3a224a76775b0c84014d9e29a68ad006665fda902e89fe4b7aeb4caae316abb4e23c5f8e47d514b7e3b63321c0967f1570b44b3107939054a3e8bf1f4c1d45c0bf10d20a2a4043bcb8e9b2bbdb8f5bba2d8b75b6f7582e