mail.hemingwaysociety.org
Issued by R3
About this certificate
This digital certificate with serial number 03:76:0d:1d:b7:88:c8:a7:70:dd:0a:04:12:e9:9d:0a:a1:17 was issued on by Let's Encrypt.
With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mail.hemingwaysociety.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:76:0d:1d:b7:88:c8:a7:70:dd:0a:04:12:e9:9d:0a:a1:17Serial Number (int): 301507611355023667040653159456934854304023
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e2:3b:b4:21:76:f6:83:c5:93:9f:65:3d:1c:8c:16:52:b6:d4:10:76
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 8f:4d:e2:88:c7:12:8d:00:76:c9:d2:36:0c:23:7f:a0:15:df:d0:59
Fingerprint (sha256): 78:de:0f:c1:a2:90:a8:64:34:8a:21:66:35:98:10:e2:10:b9:d8:ff:4f:25:76:cb:41:c0:85:bd:50:4a:32:b5
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate mail.hemingwaysociety.org
10
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mail.hemingwaysociety.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.hemingway.nmsdev3.com
cpanel.hemingwaysociety.org
cpcalendars.hemingwaysociety.org
cpcontacts.hemingwaysociety.org
hemingway.nmsdev3.com
hemingwaysociety.org
mail.hemingwaysociety.org
webdisk.hemingwaysociety.org
webmail.hemingwaysociety.org
www.hemingwaysociety.org
cpanel.hemingwaysociety.org
cpcalendars.hemingwaysociety.org
cpcontacts.hemingwaysociety.org
hemingway.nmsdev3.com
hemingwaysociety.org
mail.hemingwaysociety.org
webdisk.hemingwaysociety.org
webmail.hemingwaysociety.org
www.hemingwaysociety.org
Other certificates including the domain name hemingwaysociety.org
(limited to 100 certificates)
hemingwaysociety.org
hemingwaysociety.org
webmail.hemingwaysociety.org
hemingwaysociety.org
cpcontacts.hemingwaysociety.org
www.hemingwaysociety.org
*.hemingwaysociety.org
hemingwaysociety.org
hemingwaysociety.org
mail.hemingwaysociety.org
hemingwaysociety.org
hemingwaysociety.org
hemingwaysociety.org
hemingwaysociety.org
hemingway.nmsdev7.com
hemingwaysociety.org
hemingwaysociety.org
webmail.hemingwaysociety.org
*.hemingwaysociety.org
www.hemingwaysociety.org
hemingwaysociety.org
webmail.hemingwaysociety.org
hemingwaysociety.org
cpcontacts.hemingwaysociety.org
www.hemingwaysociety.org
*.hemingwaysociety.org
hemingwaysociety.org
hemingwaysociety.org
mail.hemingwaysociety.org
hemingwaysociety.org
hemingwaysociety.org
hemingwaysociety.org
hemingwaysociety.org
hemingway.nmsdev7.com
hemingwaysociety.org
hemingwaysociety.org
webmail.hemingwaysociety.org
*.hemingwaysociety.org
www.hemingwaysociety.org
Certificate
The complete raw certificate details for mail.hemingwaysociety.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGADCCBOigAwIBAgISA3YNHbeIyKdw3QoEEumdCqEXMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzA5MjcxOTMzMTdaFw0yMzEyMjYxOTMzMTZaMCQxIjAgBgNVBAMT GW1haWwuaGVtaW5nd2F5c29jaWV0eS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtr9MZizcG/Qfjt0MfCC08dA08TjX772SWGYT6FQCZ10OE0XB6 uX+kiZn2OCRo3wFjNDzBZdKFDGhn8vxgOvhbz2vRlsvpMMr0qjD28pcMMkepbigO +883VoOZoT6CuscMI1CVgzuoGXlSLLCU7jy3qynkrf/em3qevMWRp2m+6MFqAWye pp7IzP3HdOdhdqmwXdTaMgCwC5YYxSkPPX/ro1St3QyoogVp2ZOXktcJLXzXfs2g ZBZAI7r/A5mg/VKvl7Y+OW7XaDUKu5Ypeks1jVo/63IUaRbDBtMlBGveg5kyTei/ psDpyIiJ8GACv8y2MpLkTu0FGj+TXZBv4czDAgMBAAGjggMcMIIDGDAOBgNVHQ8B Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB /wQCMAAwHQYDVR0OBBYEFOI7tCF29oPFk59lPRyMFlK21BB2MB8GA1UdIwQYMBaA FBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcw AYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMu aS5sZW5jci5vcmcvMIIBJAYDVR0RBIIBGzCCAReCFyouaGVtaW5nd2F5Lm5tc2Rl djMuY29tghtjcGFuZWwuaGVtaW5nd2F5c29jaWV0eS5vcmeCIGNwY2FsZW5kYXJz LmhlbWluZ3dheXNvY2lldHkub3Jngh9jcGNvbnRhY3RzLmhlbWluZ3dheXNvY2ll dHkub3JnghVoZW1pbmd3YXkubm1zZGV2My5jb22CFGhlbWluZ3dheXNvY2lldHku b3JnghltYWlsLmhlbWluZ3dheXNvY2lldHkub3Jnghx3ZWJkaXNrLmhlbWluZ3dh eXNvY2lldHkub3Jnghx3ZWJtYWlsLmhlbWluZ3dheXNvY2lldHkub3Jnghh3d3cu aGVtaW5nd2F5c29jaWV0eS5vcmcwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEDBgor BgEEAdZ5AgQCBIH0BIHxAO8AdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9IrwTpX o1LrUgAAAYrYWJHIAAAEAwBHMEUCIA2wHGhFnutncjoibbjRwbu9eiZlhnLpa7pz hVDF2CVmAiEApJy0PrRSZwMHYpCGkGjfBtIrn4oApRbeVq3zLjLnqu8AdQCt9776 fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yCigAAAYrYWJK5AAAEAwBGMEQCIErY ky/UUP9iz4TF8Q0J8QClNjchCh8yyedxRqULaXqQAiAvk6FJJOmQ9Fb9AlQ6HUdW CuXwsOKloeVZ02Tqib0DiDANBgkqhkiG9w0BAQsFAAOCAQEAHTXBcxhLld0uqoCz cwa5Y/xd0lJwgscDpcCcOjthGBKeNrahVfhVN56d5TbHKNGUWcCxeSKm4eh3F5uS iTUIKx0rzJ7JyTBTGjQbHOhywLFWYxEtypKT9pWBGoBvW0q6VF+cLGRRHl02NXfq 8ajEkdGipfcLLPK/MkeQuOuKCIJJXP823B0mH2hD2Hy6D/mUbLa7OH2OLvlTeI1m jNfR7y1LtIuYTNKTJVzctk3Up7W+ekgPsGsKnTbngqi2r7G2LQFW2xV/uecWfcRW nbp5UHEwIJO7oVoZQ46Ofb9h3blVRUdc9m5cnElDOoi5EBqZrEPXoNvUK87pxu+D rdolDQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra/TGYs3Bv0H47dDHwgt PHQNPE41++9klhmE+hUAmddDhNFwerl/pImZ9jgkaN8BYzQ8wWXShQxoZ/L8YDr4 W89r0ZbL6TDK9Kow9vKXDDJHqW4oDvvPN1aDmaE+grrHDCNQlYM7qBl5UiywlO48 t6sp5K3/3pt6nrzFkadpvujBagFsnqaeyMz9x3TnYXapsF3U2jIAsAuWGMUpDz1/ 66NUrd0MqKIFadmTl5LXCS18137NoGQWQCO6/wOZoP1Sr5e2Pjlu12g1CruWKXpL NY1aP+tyFGkWwwbTJQRr3oOZMk3ov6bA6ciIifBgAr/MtjKS5E7tBRo/k12Qb+HM wwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 301507611355023667040653159456934854304023 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-27 19:33:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 19:33:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mail.hemingwaysociety.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21925929105028847379522410800480464117319344291438498072999202385525113540893977750813483762580029325309881403454397604171997119741020335713239730737222127801571852616276805354824771287790366617111370786640593180123435688878297146274780866527134196137537125928999056223682574287890704154108009719760676368730716842871014265426341690468067720206277566665242658415952239818734222662222952245683407119017161393040371472235188824136920475071949764245171044582875860123576900668135406278948776324030180434791398487624909025492678309813730424685235106377433641573374558799365499876912462296704964363398999848633797038951619 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e23bb42176f683c5939f653d1c8c1652b6d41076 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (283 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.hemingway.nmsdev3.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpanel.hemingwaysociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpcalendars.hemingwaysociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cpcontacts.hemingwaysociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hemingway.nmsdev3.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hemingwaysociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.hemingwaysociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webdisk.hemingwaysociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'webmail.hemingwaysociety.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.hemingwaysociety.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018ad85891c8000004030047304502200db01c68459eeb67723a226db8d1c1bbbd7a26658672e96bba738550c5d82566022100a49cb43eb4526703076290869068df06d22b9f8a00a516de56adf32e32e7aaef007500adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a0000018ad85892b9000004030046304402204ad8932fd450ff62cf84c5f10d09f100a53637210a1f32c9e77146a50b697a9002202f93a14924e990f456fd02543a1d47560ae5f0b0e2a5a1e559d364ea89bd0388 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001d35c173184b95dd2eaa80b37306b963fc5dd2527082c703a5c09c3a3b6118129e36b6a155f855379e9de536c728d19459c0b17922a6e1e877179b928935082b1d2bcc9ec9c930531a341b1ce872c0b15663112dca9293f695811a806f5b4aba545f9c2c64511e5d363577eaf1a8c491d1a2a5f70b2cf2bf324790b8eb8a0882495cff36dc1d261f6843d87cba0ff9946cb6bb387d8e2ef953788d668cd7d1ef2d4bb48b984cd293255cdcb64dd4a7b5be7a480fb06b0a9d36e782a8b6afb1b62d0156db157fb9e7167dc4569dba795071302093bba15a19438e8e7dbf61ddb95545475cf66e5c9c49433a88b9101a99ac43d7a0dbd42bcee9c6ef83adda250d