sumex.ch

Issued by Gandi RSA Domain Validation Secure Server CA 3

About this certificate

This digital certificate with serial number 37:90:b1:14:2f:22:e5:d8:89:0c:e2:da:2d:e1:98:6d was issued on by Gandi.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=sumex.ch

Gandi

Organization: Gandi
Country: FR

This certificate will expire on

Certificate Details

Serial Number (hex): 37:90:b1:14:2f:22:e5:d8:89:0c:e2:da:2d:e1:98:6d
Serial Number (int): 73858822101450469174936500522822244461
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: d2:76:8a:20:8b:b4:4b:86:b4:c2:9f:13:6f:3f:53:6a:6b:96:84:15
AuthorityKeyId: 81:11:92:de:66:32:a5:b0:5b:33:3d:65:43:85:fc:d4:04:2d:f1:ae

Fingerprint (sha1): c2:f1:03:65:0d:a6:cd:c8:28:c8:f7:cf:ed:00:f2:81:16:1e:a2:f1
Fingerprint (sha256): 82:a9:75:96:38:e9:ba:18:aa:90:a1:b3:1d:0d:f3:c6:57:18:46:15:26:4d:30:20:fe:2a:2f:e4:85:42:20:41

Issuing Certificate URL: http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com

Check the revocation status for certificate sumex.ch

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for sumex.ch

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA384 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

sumex.ch
www.sumex.ch

Other certificates including the domain name sumex.ch

(limited to 100 certificates)
status.greenewx.com
sumex.ch
status.greenewx.com
cinc-status.tkelevator.com
status.h2.tc
status.greenewx.com
status.ioneaccess.ch
sumex.ch
status.sumex.ch
status.greenewx.com
cinc-status.tkelevator.com
cinc-status.tkelevator.com
cinc-status.tkelevator.com

Certificate

The complete raw certificate details for sumex.ch in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGazCCBNOgAwIBAgIQN5CxFC8i5diJDOLaLeGYbTANBgkqhkiG9w0BAQwFADBW
MQswCQYDVQQGEwJGUjEOMAwGA1UEChMFR2FuZGkxNzA1BgNVBAMTLkdhbmRpIFJT
QSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBIDMwHhcNMjMxMDMw
MDAwMDAwWhcNMjQxMDMwMjM1OTU5WjATMREwDwYDVQQDEwhzdW1leC5jaDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMKlmUPjWS9tl5h9oyEuwocwRkck
VYBu/0bIwk+KzYJ6YOkPkHLClhhnNrUl3fGzIEKCoSOp2ozpEJS2nVKkgjjt8o+j
DUMDLv82+DT5WaQzqksWRvwFREB8sP9eyDNBjL9lAspytpDTOgcNrDhnVka3DsQA
ilqAbp7mkG3NX+k76UFZ0p2jK42grhNVJYMLD+l+Fu2egARYC6yI7GZJ7gzV5rz/
ykRNklNlEPn2wcuRJOmB+8bXunZWW7hQJ1DHnKugdvSaY9JX9pkTnLbK6pbcnRCh
/wMkZGQud1dIaRxkBAXbj3L4sj1Y1AuGANeu97pKYSZR8qxLdNAJZ0MCZ30CAwEA
AaOCAvYwggLyMB8GA1UdIwQYMBaAFIERkt5mMqWwWzM9ZUOF/NQELfGuMB0GA1Ud
DgQWBBTSdoogi7RLhrTCnxNvP1Nqa5aEFTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIw
QDA0BgsrBgEEAbIxAQICGjAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28u
Y29tL0NQUzAIBgZngQwBAgEwgYMGCCsGAQUFBwEBBHcwdTBOBggrBgEFBQcwAoZC
aHR0cDovL2NydC5zZWN0aWdvLmNvbS9HYW5kaVJTQURvbWFpblZhbGlkYXRpb25T
ZWN1cmVTZXJ2ZXJDQTMuY3J0MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5zZWN0
aWdvLmNvbTAhBgNVHREEGjAYgghzdW1leC5jaIIMd3d3LnN1bWV4LmNoMIIBfQYK
KwYBBAHWeQIEAgSCAW0EggFpAWcAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIK
n+ZnTFo6dAAAAYuBEN37AAAEAwBHMEUCIQCKGt3IMJDYuUVBenn89Wnfq/gCLoTN
h/FBI0MaP2B+mgIgF0kqqDBx7hDQcmQP3DSctorzxQqt4AbelHTRo51+0GQAdQDa
tr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYuBEN5GAAAEAwBGMEQC
IDs6A+Nusu3BtARhD8HBPm8+f+iN6v7FZmUwWOgwxw77AiAO8BSEFzjdi1cN5rX3
cDmwdf9/2ho6NiMnWZHGzguXYQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI
WUZxH7WbAAABi4EQ3iUAAAQDAEcwRQIhAIkQ1fhgY2CW3G+BtgP+b5nca894vh20
vFqgOiFJr+sgAiBed/6xHUG/YHR3xZpSVtDIiwoBg8+iaVOhwZ09inmlRDANBgkq
hkiG9w0BAQwFAAOCAYEAIkRYDCn53r6IypHz6p3/ve46UZlPfsgES8f7rpHsF9Nn
azvDlGgY64gcebdSF1Cxw2ett552ShzOES5AS4DAt2DAdfzOM03rYSRAUVdK7q6f
KrjFI2uomNiShUDlnKbP1CGCYKUDbT+RPyOsGYMPbS2AByJwerbVCPsc175QACVv
BCw0xrrFO9+vODdsPlSgAX2+CblcVjouX+FFM0PszQA/juks4OZ0dPc5uGPcDBbE
jNcTbPD2MIXRUFfKX+zT7EIiliW/domBvautT3Q1QS0DTGbZV8nOvz8b+JP6zbvi
ZvLy952+WHhYO6Yjr8Hd6NCkJythscI1kKcAJIlSVqvmEFUnPzPIHp65/hYCF6oI
Ig3DOOSJpto5+ftos8KoA0df0rqQreAIYY9Mkr1C0RSvE8ELp99bD5zdhXkWwmO7
S7BYNHK0AkGFhpXtBXz88xdlhzl8Z49kLrjv8QgZ6Om/1lj5r6Kzs1c9eCmgn1eQ
bBzTih0weAN7FqugVzwO
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqWZQ+NZL22XmH2jIS7C
hzBGRyRVgG7/RsjCT4rNgnpg6Q+QcsKWGGc2tSXd8bMgQoKhI6najOkQlLadUqSC
OO3yj6MNQwMu/zb4NPlZpDOqSxZG/AVEQHyw/17IM0GMv2UCynK2kNM6Bw2sOGdW
RrcOxACKWoBunuaQbc1f6TvpQVnSnaMrjaCuE1UlgwsP6X4W7Z6ABFgLrIjsZknu
DNXmvP/KRE2SU2UQ+fbBy5Ek6YH7xte6dlZbuFAnUMecq6B29Jpj0lf2mROctsrq
ltydEKH/AyRkZC53V0hpHGQEBduPcviyPVjUC4YA1673ukphJlHyrEt00AlnQwJn
fQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 73858822101450469174936500522822244461
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi RSA Domain Validation Secure Server CA 3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-30 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'sumex.ch'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24571890922010433115901897237661055244806029055066459684180892722758396463245581816338772401948409900875891320547146404178980237259550939766000831108216869722836165841437143384890180905416386890758312041460288798472679915352749918548492195779513005041219738895649352617376597679648206182310225760377012487582058340122870165571385571506310476104928651674778426096554073887488380734127895349635047335603700261693259808772627900756141738841886448691597416605676831519590137416739292785406863852165131677657511513413701898648795957105546697986151715776677527318722245093739941260911615216655646124995047867239616351463293
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 811192de6632a5b05b333d654385fcd4042df1ae
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d2768a208bb44b86b4c29f136f3f536a6b968415
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (26 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sumex.ch'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sumex.ch'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b8110ddfb00000403004730450221008a1addc83090d8b945417a79fcf569dfabf8022e84cd87f14123431a3f607e9a022017492aa83071ee10d072640fdc349cb68af3c50aade006de9474d1a39d7ed064007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b8110de46000004030046304402203b3a03e36eb2edc1b404610fc1c13e6f3e7fe88deafec566653058e830c70efb02200ef014841738dd8b570de6b5f77039b075ff7fda1a3a3623275991c6ce0b9761007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b8110de2500000403004730450221008910d5f860636096dc6f81b603fe6f99dc6bcf78be1db4bc5aa03a2149afeb2002205e77feb11d41bf607477c59a5256d0c88b0a0183cfa26953a1c19d3d8a79a544
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (3072 bits)
		002244580c29f9debe88ca91f3ea9dffbdee3a51994f7ec8044bc7fbae91ec17d3676b3bc3946818eb881c79b7521750b1c367adb79e764a1cce112e404b80c0b760c075fcce334deb61244051574aeeae9f2ab8c5236ba898d8928540e59ca6cfd4218260a5036d3f913f23ac19830f6d2d800722707ab6d508fb1cd7be5000256f042c34c6bac53bdfaf38376c3e54a0017dbe09b95c563a2e5fe1453343eccd003f8ee92ce0e67474f739b863dc0c16c48cd7136cf0f63085d15057ca5fecd3ec42229625bf768981bdabad4f7435412d034c66d957c9cebf3f1bf893facdbbe266f2f2f79dbe5878583ba623afc1dde8d0a4272b61b1c23590a70024895256abe61055273f33c81e9eb9fe160217aa08220dc338e489a6da39f9fb68b3c2a803475fd2ba90ade008618f4c92bd42d114af13c10ba7df5b0f9cdd857916c263bb4bb0583472b40241858695ed057cfcf3176587397c678f642eb8eff10819e8e9bfd658f9afa2b3b3573d7829a09f57906c1cd38a1d3078037b16aba0573c0e