www.cmacan.org
Issued by RapidSSL SHA256 CA
About this certificate
This digital certificate with serial number 19:87:0b:d1:b3:20:5c:10:7b:ac:70:b4:47:3c:c3:23 was issued on by GeoTrust Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.cmacan.org
GeoTrust Inc.
Organization:
GeoTrust Inc.
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 19:87:0b:d1:b3:20:5c:10:7b:ac:70:b4:47:3c:c3:23Serial Number (int): 33931899691153641348092400286192943907
Serial Number lenght: 125 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 97:c2:27:50:9e:c2:c9:ec:0c:88:32:c8:7c:ad:e2:a6:01:4f:da:6f
Fingerprint (sha1): fe:80:a9:44:b6:bb:c1:96:74:62:1e:c6:a0:a0:8b:e1:2b:ab:72:88
Fingerprint (sha256): 7a:e7:4a:79:03:ef:6e:2e:d5:8c:41:7d:d6:e7:bf:5a:03:df:c2:d4:d1:33:cc:af:f8:d5:0f:92:a9:18:5a:ef
Issuing Certificate URL: http://gp.symcb.com/gp.crt
Revocation information
OCSP Server: http://gp.symcd.comCRL Distribution Point: http://gp.symcb.com/gp.crl
Check the revocation status for certificate www.cmacan.org
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.cmacan.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.cmacan.org
cmacan.org
cmacan.org
Other certificates including the domain name cmacan.org
(limited to 100 certificates)
extraordinarystories.ca
mail.cmacan.org
testlab.cmacan.org
ssotest.cmacan.org
cmacan.org
extraordinarystories.ca
cmacan.org
cmacan.org
defenddignity.ca
extraordinarystories.ca
cmacan.org
mail.cmacan.org
extraordinarystories.ca
cmacan.org
defenddignity.ca
extraordinarystories.ca
cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
reportal.cmacan.org
cmacan.org
cmacan.org
cmacan.org
www.cmacan.org
extraordinarystories.ca
sni.cloudflaressl.com
mail.cmacan.org
mail.cmacan.org
mail.cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
*.cmacan.org
cmacan.org
cmacan.org
churchfinder.cmacan.org
mail.cmacan.org
vpn.cmacan.org
defenddignity.ca
mail.cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
mail.cmacan.org
testlab.cmacan.org
ssotest.cmacan.org
cmacan.org
extraordinarystories.ca
cmacan.org
cmacan.org
defenddignity.ca
extraordinarystories.ca
cmacan.org
mail.cmacan.org
extraordinarystories.ca
cmacan.org
defenddignity.ca
extraordinarystories.ca
cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
reportal.cmacan.org
cmacan.org
cmacan.org
cmacan.org
www.cmacan.org
extraordinarystories.ca
sni.cloudflaressl.com
mail.cmacan.org
mail.cmacan.org
mail.cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
*.cmacan.org
cmacan.org
cmacan.org
churchfinder.cmacan.org
mail.cmacan.org
vpn.cmacan.org
defenddignity.ca
mail.cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
cmacan.org
Certificate
The complete raw certificate details for www.cmacan.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFbDCCBFSgAwIBAgIQGYcL0bMgXBB7rHC0RzzDIzANBgkqhkiG9w0BAQsFADBC MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE2MTEwMTAwMDAwMFoXDTE3MTEwMTIzNTk1 OVowGTEXMBUGA1UEAwwOd3d3LmNtYWNhbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC4f9Iq6ObVWp8PmpioLaqrTbsPw0PnQoEE3kb3gnUVM1mI pDwy7pTktXVHMmMGnfMzuKTZT8axoN4foBbjuBoFJcJvj+Pdev185LVkyW1uqpuM 2OvwB2LDl2nDlm7mpZyBkNAuJ0UfSiJBZjvP51ifYiLU2wKFhjVjfJmOwxRiAhUK qJqzocOW3JRI7tge7Bhp25Oc34uQU7lVRT6kyuuDU7BFip4vkWKXs5OIuwcnv5+h AdqGHrP4+B+kmXpnMNcWOzVvPk6zoFqtkZ/cf/oNOKRJr3crjftxBgJdA4hxNis1 dWtePg+mG8P5M1yWy5wecHIV5L+cbMySgJ/+IzpZAgMBAAGjggKFMIICgTAlBgNV HREEHjAcgg53d3cuY21hY2FuLm9yZ4IKY21hY2FuLm9yZzAJBgNVHRMEAjAAMCsG A1UdHwQkMCIwIKAeoByGGmh0dHA6Ly9ncC5zeW1jYi5jb20vZ3AuY3JsMG8GA1Ud IARoMGYwZAYGZ4EMAQIBMFowKgYIKwYBBQUHAgEWHmh0dHBzOi8vd3d3LnJhcGlk c3NsLmNvbS9sZWdhbDAsBggrBgEFBQcCAjAgDB5odHRwczovL3d3dy5yYXBpZHNz bC5jb20vbGVnYWwwHwYDVR0jBBgwFoAUl8InUJ7CyewMiDLIfK3ipgFP2m8wDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBXBggr BgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9ncC5zeW1jZC5jb20wJgYI KwYBBQUHMAKGGmh0dHA6Ly9ncC5zeW1jYi5jb20vZ3AuY3J0MIIBBAYKKwYBBAHW eQIEAgSB9QSB8gDwAHYA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswA AAFYIfBS/gAABAMARzBFAiAlcmwzm3AURuOQUuT0cqTjGN/Cy+62xftfl1MQBjDN NQIhAJLo7c44m4PS+jI36xQEAQdW3dRLM6xMLw5txzkqKBmGAHYAaPaY+B9kgr46 jO65KB1M/HFRXWeT1ETRCmesu09P+8QAAAFYIfBTGgAABAMARzBFAiEAqz6Fb93p gtf2ggUmLKP02lDni8kCjFwjM5dmlESAVFMCIG3dLyxZ+wSjYhEIuGbT0LXS4Ubf 15vK3cITyqAkWKgPMA0GCSqGSIb3DQEBCwUAA4IBAQBEBE2a0ERIX2hm4Jxgtv1Z HTmfY+Kw+2NqHM5W00FEcHbiB0adI9mBq3n7OavyAu7kRSpAnLxQQyVA2HEvsjoe OzLnhKBhVsUoEyqbETkulOplP9lk++V9x4CSTXOFmwSbKz4KANaGsObGjbDUQvIW LOqZ2Mpwq5rck0pvGYNxfhtrUy/43EswodPKQaw6CCDPrGELBErY817X1nuzBqwZ jMTu24WfvlVOvKBGJROEjKqhI/QpBnqPw2aAJeG333sGvVaFkIPKFIHo3il6qOgE vAjLM6fzH66grpaykxCOcHWPPIBFk2x56jR4lmRqIX8ezrmlgjbvU3pi3WIWym4u -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH/SKujm1VqfD5qYqC2q q027D8ND50KBBN5G94J1FTNZiKQ8Mu6U5LV1RzJjBp3zM7ik2U/GsaDeH6AW47ga BSXCb4/j3Xr9fOS1ZMltbqqbjNjr8Adiw5dpw5Zu5qWcgZDQLidFH0oiQWY7z+dY n2Ii1NsChYY1Y3yZjsMUYgIVCqias6HDltyUSO7YHuwYaduTnN+LkFO5VUU+pMrr g1OwRYqeL5Fil7OTiLsHJ7+foQHahh6z+PgfpJl6ZzDXFjs1bz5Os6BarZGf3H/6 DTikSa93K437cQYCXQOIcTYrNXVrXj4PphvD+TNclsucHnByFeS/nGzMkoCf/iM6 WQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 33931899691153641348092400286192943907 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'RapidSSL SHA256 CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-11-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-11-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.cmacan.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23290878981898962064584098829654882843140037909396366434918551878203395418045395538823323829098648309924623625803444264551526533239942997547943736493639807667798274803316209078543361766643991363397067341787847179566173013234497678924423694984393978630829277551699709630193847760347695809443061386047355240944590359956799929219822959134584688020812002125904448747889735917871444276915908798050808575258081888030355528353384529132578425668851132210778984544804784226093777349145224102968548091648143801242872661229271214976456874542057896687209458248183450863655626869210361587849583472435528405576130159142450258721369 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.cmacan.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cmacan.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcb.com/gp.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.rapidssl.com/legal' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.rapidssl.com/legal' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 97c227509ec2c9ec0c8832c87cade2a6014fda6f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gp.symcb.com/gp.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc0000015821f052fe0000040300473045022025726c339b701446e39052e4f472a4e318dfc2cbeeb6c5fb5f9753100630cd3502210092e8edce389b83d2fa3237eb1404010756ddd44b33ac4c2f0e6dc7392a28198600760068f698f81f6482be3a8ceeb9281d4cfc71515d6793d444d10a67acbb4f4ffbc40000015821f0531a0000040300473045022100ab3e856fdde982d7f68205262ca3f4da50e78bc9028c5c23339766944480545302206ddd2f2c59fb04a3621108b866d3d0b5d2e146dfd79bcaddc213caa02458a80f . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0044044d9ad044485f6866e09c60b6fd591d399f63e2b0fb636a1cce56d341447076e207469d23d981ab79fb39abf202eee4452a409cbc50432540d8712fb23a1e3b32e784a06156c528132a9b11392e94ea653fd964fbe57dc780924d73859b049b2b3e0a00d686b0e6c68db0d442f2162cea99d8ca70ab9adc934a6f1983717e1b6b532ff8dc4b30a1d3ca41ac3a0820cfac610b044ad8f35ed7d67bb306ac198cc4eedb859fbe554ebca0462513848caaa123f429067a8fc3668025e1b7df7b06bd56859083ca1481e8de297aa8e804bc08cb33a7f31faea0ae96b293108e70758f3c8045936c79ea347896646a217f1eceb9a58236ef537a62dd6216ca6e2e