blumm.aca.ee

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:b9:b8:07:11:b2:24:ca:87:17:98:6b:50:98:90:bc:20:13 was issued on by Let's Encrypt.

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=blumm.aca.ee

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:b9:b8:07:11:b2:24:ca:87:17:98:6b:50:98:90:bc:20:13
Serial Number (int): 324533710331871752435945014233192361369619
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: 99:19:29:4a:1a:c6:b7:c5:54:ff:f0:82:aa:a3:8f:19:8c:62:dd:8b
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): d5:88:d3:06:53:6f:ba:41:2f:55:33:ec:e3:58:29:94:27:fa:3f:fd
Fingerprint (sha256): 82:77:03:3b:09:33:ed:62:c4:1a:04:f2:da:a1:a6:31:ea:72:f4:d7:6d:7e:3e:d9:91:a0:3b:6d:90:6d:3f:a8

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate blumm.aca.ee

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for blumm.aca.ee

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

blumm.aca.ee
blumm.digital
blumm.ee
growthouse.ee
www.blumm.digital
www.blumm.ee
www.growthouse.ee

Other certificates including the domain name aca.ee

(limited to 100 certificates)
publictv.aca.ee
aca.ee
aca.ee
publictv.aca.ee
1market.aca.ee
aca.ee
blumm.aca.ee
blumm.aca.ee
blumm.aca.ee
aca.ee
aca.ee
publictv.aca.ee
blumm.aca.ee
blumm.aca.ee
1market.aca.ee
1market.aca.ee
blumm.aca.ee
publictv.aca.ee
blumm.aca.ee
1market.aca.ee
1market.aca.ee
aca.ee
1market.aca.ee
1market.aca.ee
aca.ee
aca.ee
publictv.aca.ee
aca.ee
publictv.aca.ee
1market.aca.ee
blumm.aca.ee
publictv.aca.ee
blumm.aca.ee
publictv.aca.ee
1market.aca.ee
1market.aca.ee
1market.aca.ee
aca.ee
blumm.aca.ee
blumm.aca.ee
blumm.aca.ee
aca.ee
publictv.aca.ee
aca.ee
aca.ee
blumm.aca.ee
aca.ee
1market.aca.ee
publictv.aca.ee
blumm.aca.ee
publictv.aca.ee
1market.aca.ee
1market.aca.ee
publictv.aca.ee
aca.ee
1market.aca.ee
1market.aca.ee
publictv.aca.ee

Certificate

The complete raw certificate details for blumm.aca.ee in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISA7m4BxGyJMqHF5hrUJiQvCATMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjExMjQ2NDFaFw0x
OTEwMTkxMjQ2NDFaMBcxFTATBgNVBAMTDGJsdW1tLmFjYS5lZTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAPmfNROIwYfEOuuz+4FL3NCDZCcxHxH0l9Lt
QANNIwaLb5c8WEQSNF6nWBKRRI10JiJfvZM0E0ivf1M7lkv0K/6PckWARJhxh1n8
7EDYFvxa7GyRdMp1kMLozA+OyY+OFl44Pfhc0F0Om3FZXZCmcLu/PLFxdc49jnXK
cXPOqqn6jb1LDaCz8+yKc/jXqrGjmfMD8zcbRNmuFfZwFH9YgU83puXrculGBps+
B98MCTHAxwOEUMBh8miCMwgLeFwoH89Eq+/FIH1MAbRI82xUXr/ACW2//Yz0awR4
eaxhSuq7MjgKgTbT0YugMjoD/6CFve7be1+DY3m998yxX07as30CAwEAAaOCAr4w
ggK6MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUmRkpShrGt8VU//CCqqOPGYxi3Ysw
HwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEEYzBh
MC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3Jn
MC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQub3Jn
LzBzBgNVHREEbDBqggxibHVtbS5hY2EuZWWCDWJsdW1tLmRpZ2l0YWyCCGJsdW1t
LmVlgg1ncm93dGhvdXNlLmVlghF3d3cuYmx1bW0uZGlnaXRhbIIMd3d3LmJsdW1t
LmVlghF3d3cuZ3Jvd3Rob3VzZS5lZTBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr
BgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0
Lm9yZzCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB2ACk8UZZUyDlluqpQ/FgH1Ldv
v1h6KXLcpMMM9OVFR/R4AAABbBTI1aAAAAQDAEcwRQIgYthmCshGjRWJpyyZufxj
jd38RvW+kRrG79Ro7HaCPdYCIQC4ZaAL/fIwUyzNtHyNBMd7Q5TvalKS7ovpaFfh
gbE3lgB3AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABbBTI1ncA
AAQDAEgwRgIhAPPNPsUi/9n83Ss4vdUh/et/Y9C7d2+h+Cdxdh1ES9bcAiEAiaw9
4ZTiOM/Ug7nYC3DU36QXB6ElTL68vPsw5JGOqLEwDQYJKoZIhvcNAQELBQADggEB
AGR0ag40POgK5lRup30vCu8U+r97p+9jyvCMjUzXFYulJxnct0hjtLHqkOW0iH78
DpV57atNLEh50R/D+8uVh8X5AuiQsNUc/sB1rnHxW5ivCnisCLM4mrqPkr1VfpaO
Qmw3bGCkvOAM8dZgo9PGPFNZNLmtbGFn/b3uJ8boI3lnN/kXOjZHtFbaRPXiLquD
6xGLYlqJwIKxzeT8skRsKLYCS+I6Edh9Nku3P+ZgsBUfktA/cSiMorQLowiXFRQr
szsWj+MzxhBUR4rrMes8IpAa2iFyjwKTQo1HD1Ic/LvucybRHtJMPSo01pROLmgV
7oyu55iwmfABTgKYdGi6RXQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Z81E4jBh8Q667P7gUvc
0INkJzEfEfSX0u1AA00jBotvlzxYRBI0XqdYEpFEjXQmIl+9kzQTSK9/UzuWS/Qr
/o9yRYBEmHGHWfzsQNgW/FrsbJF0ynWQwujMD47Jj44WXjg9+FzQXQ6bcVldkKZw
u788sXF1zj2Odcpxc86qqfqNvUsNoLPz7Ipz+NeqsaOZ8wPzNxtE2a4V9nAUf1iB
Tzem5ety6UYGmz4H3wwJMcDHA4RQwGHyaIIzCAt4XCgfz0Sr78UgfUwBtEjzbFRe
v8AJbb/9jPRrBHh5rGFK6rsyOAqBNtPRi6AyOgP/oIW97tt7X4Njeb33zLFfTtqz
fQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 324533710331871752435945014233192361369619
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-21 12:46:41 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-19 12:46:41 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'blumm.aca.ee'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 31511845996670914210156928619659363021458317086188367434394322967416198577129727725973016167372291033067579387227842082252140722059129558324202683650644778090933927674270311962861529948431154668875054450187962603497086298884391450207045348184345048794925062169638135757325217300488009094950916245628996482029936512501773163333964975795537334634512719439004725938089052372104424366847763265715575798028974844584540241101930440382634697784160401394789753702120810715663854436106557864811424613115079332247950754453650464176452813721337137284713465152793820018439675883148621036531111507307608117194343205702463555023741
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9919294a1ac6b7c554fff082aaa38f198c62dd8b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blumm.aca.ee'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blumm.digital'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blumm.ee'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'growthouse.ee'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.blumm.digital'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.blumm.ee'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.growthouse.ee'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c14c8d5a00000040300473045022062d8660ac8468d1589a72c99b9fc638dddfc46f5be911ac6efd468ec76823dd6022100b865a00bfdf230532ccdb47c8d04c77b4394ef6a5292ee8be96857e181b137960077006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016c14c8d6770000040300483046022100f3cd3ec522ffd9fcdd2b38bdd521fdeb7f63d0bb776fa1f82771761d444bd6dc02210089ac3de194e238cfd483b9d80b70d4dfa41707a1254cbebcbcfb30e4918ea8b1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0064746a0e343ce80ae6546ea77d2f0aef14fabf7ba7ef63caf08c8d4cd7158ba52719dcb74863b4b1ea90e5b4887efc0e9579edab4d2c4879d11fc3fbcb9587c5f902e890b0d51cfec075ae71f15b98af0a78ac08b3389aba8f92bd557e968e426c376c60a4bce00cf1d660a3d3c63c535934b9ad6c6167fdbdee27c6e823796737f9173a3647b456da44f5e22eab83eb118b625a89c082b1cde4fcb2446c28b6024be23a11d87d364bb73fe660b0151f92d03f71288ca2b40ba3089715142bb33b168fe333c61054478aeb31eb3c22901ada21728f0293428d470f521cfcbbee7326d11ed24c3d2a34d6944e2e6815ee8caee798b099f0014e02987468ba4574