*.sinprosp.org.br
Issued by Thawte TLS RSA CA G1
About this certificate
This digital certificate with serial number 07:d3:7a:13:22:8e:ef:f0:e0:25:ba:a1:d1:9e:dc:54 was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.sinprosp.org.br
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 07:d3:7a:13:22:8e:ef:f0:e0:25:ba:a1:d1:9e:dc:54Serial Number (int): 10402646577647283904031234047172598868
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 9d:f8:13:1b:63:e3:cb:e3:92:4f:f7:a2:1c:31:71:55:ff:a4:c8:75
AuthorityKeyId: a5:8c:fe:32:cc:eb:0f:2c:d4:19:c6:08:b8:00:24:88:5d:c3:c5:b7
Fingerprint (sha1): 7c:0a:1f:94:60:60:30:d1:36:9e:41:77:12:0a:fb:84:d9:0b:1c:5e
Fingerprint (sha256): 81:4b:f1:88:c7:dc:54:62:be:3b:7e:ce:42:20:5b:a8:e9:2e:3c:b6:85:28:07:7d:4e:df:c3:57:47:a2:a4:dd
Issuing Certificate URL: http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
Revocation information
OCSP Server: http://status.thawte.comCRL Distribution Point: http://cdp.thawte.com/ThawteTLSRSACAG1.crl
Check the revocation status for certificate *.sinprosp.org.br
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.sinprosp.org.br
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.sinprosp.org.br
sinprosp.org.br
sinprosp.org.br
Other certificates including the domain name sinprosp.org.br
(limited to 100 certificates)
Certificate
The complete raw certificate details for *.sinprosp.org.br in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJjCCBQ6gAwIBAgIQB9N6EyKO7/DgJbqh0Z7cVDANBgkqhkiG9w0BAQsFADBe MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRUaGF3dGUgVExTIFJTQSBDQSBHMTAe Fw0yNDAyMDUwMDAwMDBaFw0yNTAzMDcyMzU5NTlaMBwxGjAYBgNVBAMMESouc2lu cHJvc3Aub3JnLmJyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzl2R +Z7AhE5BZsReK3t/83GcyXb/3KeN7KCfM71eedScjDnTSmSnZDQ88eW4jb4Qg4Cn uWJqXHId3DuEDna1rlVcNGEQ3WTbom4LaP6Q2YW9/SLQ7t+ZsLqDp4lC9uKQ8qPQ cG/CkBZo4SeViaFb5A7YyS39B5dHN8uVkYuDGLCTXEPQFJBiaPLPr6wPEEa5am3p RrjDoL6hFdkdGjY/pqwrNY3TkR8y8EErSwzaCFUnu3ifQ9VGaokMpwLHjOL7Tsm6 moZdbe1czAa6ftPFzWMfUmjiGvYMicADeiL12+PMRz0JlU0g5RrdUXl1S2xZX+w+ dgb/ZlS0d437EUU+FQIDAQABo4IDIDCCAxwwHwYDVR0jBBgwFoAUpYz+MszrDyzU GcYIuAAkiF3DxbcwHQYDVR0OBBYEFJ34Extj48vjkk/3ohwxcVX/pMh1MC0GA1Ud EQQmMCSCESouc2lucHJvc3Aub3JnLmJygg9zaW5wcm9zcC5vcmcuYnIwPgYDVR0g BDcwNTAzBgZngQwBAgEwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2Vy dC5jb20vQ1BTMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI KwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NkcC50aGF3dGUuY29t L1RoYXd0ZVRMU1JTQUNBRzEuY3JsMHAGCCsGAQUFBwEBBGQwYjAkBggrBgEFBQcw AYYYaHR0cDovL3N0YXR1cy50aGF3dGUuY29tMDoGCCsGAQUFBzAChi5odHRwOi8v Y2FjZXJ0cy50aGF3dGUuY29tL1RoYXd0ZVRMU1JTQUNBRzEuY3J0MAwGA1UdEwEB /wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AE51oydcmhDDOFts1N8/ Uusd8OCOG41pwLH6ZLFimjnfAAABjXrvcg4AAAQDAEcwRQIgMz6SDg0CzHErKtUx 9k0hunOqb/63k44ztgx7cGDawhoCIQDjNgBmR5QMTXeNHXqluJI5VX4+Bie4/ecm DOL5Mlru/gB1AH1ZHhLheCp7HGFnfF79+NCHXBSgTpWeuQMv2Q6MLnm4AAABjXrv cjQAAAQDAEYwRAIgXMuCRqve1zZiISYgTWSD0iqJdZJDJFzQ1gGaGiw/Mq0CICR3 L3zF5KLZF46LJou9y3RQwJF/8tJLKvggf5qYlW5mAHYA5tIxY0B3jMEQQQbXcbnO wdJA9paEhvu6hzId/R43jlAAAAGNeu9yWwAABAMARzBFAiEAo1cqYj3GCA4RenIo 0rWOMB3BLE4ajsn2aLr5jbMvRwsCIAlaH7JkHe2Pg1cm7kvRwSAgcNTVK7x+HeL0 7tXRtz9dMA0GCSqGSIb3DQEBCwUAA4IBAQAZ8UV9DrZMaoV1bdPjHYflch5gATl9 WFWrCEpAgXbhd0vvTKfdZO6Srl8X4YNwUo5Zbc4UxOn1R83+7g8onzkRbNxWoROi R+rRvVnH4TS8t5E6EFNyhDtD+WbOrZHjCOUguYGDue7yHvNobPUeceT+Y8dcYnPc DTlfnhgj/VqBDn7HaZJ/1oY2pLhtYBtTrZmlP+DWiLYPbkS6382mnQPUxtZRCMyA ibtW1GhhMiH21uVqkOIrqbkX7UtsyI9vX+cbvJ4aYytVOM/uYMO0/GfI7bZTfhC8 SswL9IBFV71WHkaFd0flWeVu6rNML1cRQ/D+j4xp2Agke03ygGlcHw2J -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzl2R+Z7AhE5BZsReK3t/ 83GcyXb/3KeN7KCfM71eedScjDnTSmSnZDQ88eW4jb4Qg4CnuWJqXHId3DuEDna1 rlVcNGEQ3WTbom4LaP6Q2YW9/SLQ7t+ZsLqDp4lC9uKQ8qPQcG/CkBZo4SeViaFb 5A7YyS39B5dHN8uVkYuDGLCTXEPQFJBiaPLPr6wPEEa5am3pRrjDoL6hFdkdGjY/ pqwrNY3TkR8y8EErSwzaCFUnu3ifQ9VGaokMpwLHjOL7Tsm6moZdbe1czAa6ftPF zWMfUmjiGvYMicADeiL12+PMRz0JlU0g5RrdUXl1S2xZX+w+dgb/ZlS0d437EUU+ FQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10402646577647283904031234047172598868 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Thawte TLS RSA CA G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-07 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.sinprosp.org.br' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26051232015804758739171362458039616645329071439074405057901860836694318450830027100272519982821300132767801462361882187466982224804226343893185570744160356800411978643302139617034812421073690166767157970357561035556300571353774549163983867554478034391870115628477725268570044739677717251676442386078843718895293306599612847059270333811023037356332121867265158238498244435972603781570469275713680237625454611674588576597831309913624544239417163209185417338185456831891830968255866353421295700230778926749070947088530632476922931224478348301626403696144082624071753091649755149019290705170185556302032928326754140241429 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a58cfe32cceb0f2cd419c608b80024885dc3c5b7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9df8131b63e3cbe3924ff7a21c317155ffa4c875 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sinprosp.org.br' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sinprosp.org.br' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.thawte.com/ThawteTLSRSACAG1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (100 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.thawte.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.thawte.com/ThawteTLSRSACAG1.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d7aef720e00000403004730450220333e920e0d02cc712b2ad531f64d21ba73aa6ffeb7938e33b60c7b7060dac21a022100e336006647940c4d778d1d7aa5b89239557e3e0627b8fde7260ce2f9325aeefe0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018d7aef7234000004030046304402205ccb8246abded736622126204d6483d22a89759243245cd0d6019a1a2c3f32ad022024772f7cc5e4a2d9178e8b268bbdcb7450c0917ff2d24b2af8207f9a98956e66007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018d7aef725b0000040300473045022100a3572a623dc6080e117a7228d2b58e301dc12c4e1a8ec9f668baf98db32f470b0220095a1fb2641ded8f835726ee4bd1c1202070d4d52bbc7e1de2f4eed5d1b73f5d . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0019f1457d0eb64c6a85756dd3e31d87e5721e6001397d5855ab084a408176e1774bef4ca7dd64ee92ae5f17e18370528e596dce14c4e9f547cdfeee0f289f39116cdc56a113a247ead1bd59c7e134bcb7913a105372843b43f966cead91e308e520b98183b9eef21ef3686cf51e71e4fe63c75c6273dc0d395f9e1823fd5a810e7ec769927fd68636a4b86d601b53ad99a53fe0d688b60f6e44badfcda69d03d4c6d65108cc8089bb56d468613221f6d6e56a90e22ba9b917ed4b6cc88f6f5fe71bbc9e1a632b5538cfee60c3b4fc67c8edb6537e10bc4acc0bf4804557bd561e46857747e559e56eeab34c2f571143f0fe8f8c69d808247b4df280695c1f0d89