soglianocavour.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:a3:95:ec:99:3a:c3:69:7c:eb:72:86:60:ad:9b:1c:d5:62 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=soglianocavour.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a3:95:ec:99:3a:c3:69:7c:eb:72:86:60:ad:9b:1c:d5:62Serial Number (int): 317002167064688656057360569359735046591842
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 69:f0:55:34:2c:8d:fd:9e:19:30:c1:42:02:15:f6:f2:a1:2b:24:6c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 0f:13:7f:c6:4b:89:7e:e9:51:66:75:7a:5c:8d:f1:b2:5d:08:2e:e4
Fingerprint (sha256): 85:9e:a4:0f:23:99:3c:3e:70:98:e4:79:43:cb:c3:17:23:d5:13:d2:58:99:00:f2:6c:b6:ba:b9:c4:2a:e9:f2
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate soglianocavour.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for soglianocavour.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
soglianocavour.org
Other certificates including the domain name soglianocavour.org
(limited to 100 certificates)
soglianocavour.org
motor.clinic
liveandblog.com
soglianocavour.org
soglianocavour.org
gravinainpuglia.org
www.tipkissersofgab.com
curacarpignano.org
soglianocavour.org
soglianocavour.org
alabamasportsmedicine.org
soglianocavour.org
www.redfordtownship.com
soglianocavour.org
montesanosalentino.org
soglianocavour.org
motor.clinic
liveandblog.com
soglianocavour.org
soglianocavour.org
gravinainpuglia.org
www.tipkissersofgab.com
curacarpignano.org
soglianocavour.org
soglianocavour.org
alabamasportsmedicine.org
soglianocavour.org
www.redfordtownship.com
soglianocavour.org
montesanosalentino.org
soglianocavour.org
Certificate
The complete raw certificate details for soglianocavour.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGWjCCBUKgAwIBAgISA6OV7Jk6w2l863KGYK2bHNViMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA3MjgxMDIxMDZaFw0x OTEwMjYxMDIxMDZaMB0xGzAZBgNVBAMTEnNvZ2xpYW5vY2F2b3VyLm9yZzCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOnG0v3Ds2WfbIdcYT4Gdy+XeIIC SHcuX/nAECFJxzc0TaEUVIpeTET0E0PQOusuStVsIVCjf3sfslAWfSDLNkB2qpcO LjuQ1/LJdKk0F9kRjlc2lUlLRbEC2O3yM5hFVkdIKi+ys0kKm0HdM1IAQMjtbyiC kvNRCO1Q/E49Kro/evddh+bit/gE3i3IFXRKMAdwhIQ2ISy0+1dmYx6BHd6P1nBt JNjur6zXY36MluIHBl0GtdkyeJjJAy0FGgrNLuYzQTUP033UeoMl8iOPSye5A1LX ykX9l1BzNk8+v8vPb6AYrjOTwstA+shqc7nev2QV6BGLdQf5c/xUfVsGbKvsOn/I 11+Iw7eS9bD87FBTvo4x/vpn4gRmlMozK7icO1KugtfeYM+eYTbGxvREJ7tY9fo+ 9hYW8kRNxBgl+TRweKnXi4SOeHCgHFhRXKUmjtxsncqo1hMS1gIFkM7sdBr4tTQs NiOnA6Rn2nKXY2GVbp+6St1QtCrGp81U/nsvuXVFE81iRMvPyWkIIkvLmhAX8Is2 Wp5QzmdwY0R6UfPK9kBMIG2PxUn63VdavhdI2Pmizoq88OK3z50cQD/it7FNpxh5 4g9v2CNUqbwTxIC/wVPjKLMIlc28B4jMuHvZJG60/+2EirrjEtzYaaHpCTN+3GVZ dwc5I4zjbKk+3uB9AgMBAAGjggJlMIICYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FGnwVTQsjf2eGTDBQgIV9vKhKyRsMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wHQYDVR0RBBYwFIISc29nbGlhbm9jYXZv dXIub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAgYKKwYBBAHW eQIEAgSB8wSB8ADuAHQAdH7agzGtMxCRIZzOJU9CcMK//V5CIAjGNzV55hB7zFYA AAFsOFAOTgAABAMARTBDAiAP1a5DXg/iMoL3XxHGWR+drQ60x4mWNEhofs4/jTsN KgIfIgispEUDHM9Be00cUKZMlOoK5+33P+rH8Mqg2C9M6AB2ACk8UZZUyDlluqpQ /FgH1Ldvv1h6KXLcpMMM9OVFR/R4AAABbDhQDmkAAAQDAEcwRQIhAPPA/M0CgyCT MA52a2/JVGhyYrx4FenDAqH3vR3RSgOeAiBDsOk25lEGG3xsv3srSW//05xhU/HY wnZtyMvbzvvN4jANBgkqhkiG9w0BAQsFAAOCAQEAYeg3lwjwOE9PkZdwVC0yg0vN YQsbAVxWiZZpNeyz6Q+Hee/YHHfYzZ540wfb4ZLRmnDYCMOowIWw41n7Czjw25fm x8r+NRTVdNyYCZ8aPDe/Cdp1N+8oPc03kWCzPE3ZmZJZfDqBMSr8Kmn611BBYRvY 5Db1Xrbh80XfJ2/5KVdsKSsn3mW5VscmcK6oVUw0thc6rsPHdndLKpwRMzTPjYux KsIb4EIySvpVWkneJX5HF85lLKCiky1puGX0q4gsr7qwDnvX0ZkxQPXm3+FJdGf7 xKNw25DUjqXBmsWc7Ta6zhIbHemkM2Z2S5yEGwin8B0/EfCWzneipuVSUdcHKg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6cbS/cOzZZ9sh1xhPgZ3 L5d4ggJIdy5f+cAQIUnHNzRNoRRUil5MRPQTQ9A66y5K1WwhUKN/ex+yUBZ9IMs2 QHaqlw4uO5DX8sl0qTQX2RGOVzaVSUtFsQLY7fIzmEVWR0gqL7KzSQqbQd0zUgBA yO1vKIKS81EI7VD8Tj0quj96912H5uK3+ATeLcgVdEowB3CEhDYhLLT7V2ZjHoEd 3o/WcG0k2O6vrNdjfoyW4gcGXQa12TJ4mMkDLQUaCs0u5jNBNQ/TfdR6gyXyI49L J7kDUtfKRf2XUHM2Tz6/y89voBiuM5PCy0D6yGpzud6/ZBXoEYt1B/lz/FR9WwZs q+w6f8jXX4jDt5L1sPzsUFO+jjH++mfiBGaUyjMruJw7Uq6C195gz55hNsbG9EQn u1j1+j72FhbyRE3EGCX5NHB4qdeLhI54cKAcWFFcpSaO3GydyqjWExLWAgWQzux0 Gvi1NCw2I6cDpGfacpdjYZVun7pK3VC0KsanzVT+ey+5dUUTzWJEy8/JaQgiS8ua EBfwizZanlDOZ3BjRHpR88r2QEwgbY/FSfrdV1q+F0jY+aLOirzw4rfPnRxAP+K3 sU2nGHniD2/YI1SpvBPEgL/BU+MoswiVzbwHiMy4e9kkbrT/7YSKuuMS3NhpoekJ M37cZVl3BzkjjONsqT7e4H0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 317002167064688656057360569359735046591842 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-07-28 10:21:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-26 10:21:06 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'soglianocavour.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 953725551854309157565281865302640042932907712631839811973188836560908834112862414347698110175056235189286336251766503793490815729317908914372481146979250641664555324478908572055533380417222774050997171716168585938237962264230751482467700753777897834403800913619797352073026159566289867976433404517524178290403503898027663532727985216731280347813395651914495939852516874063769611883374622160254599670603210011817517988633407094808312598829975740764660816197794427499669428998673604044312131367221528566192186112469278830449273518035985591788291477209191023297242825862099912536778308765356890442256339540213589970080200782074887726757238090831526237821498624512583008116513469298045101542902177579612636320578218120685059982818413856714784158476333363402534201312160006729621898938323016316369850782694661289602607693018245130871860871084977647972131911255470859985923369616612002726049335784202324540654079073175836516878209994237732297669248061621512858001218668193923860191677465260370584189375724573188658110671584135760270981719356257012335494085466943210695762268377791475329801939885111271730899301322120940260011243318946285006879260377624096908895734863145715117019669757900072041221971616065080299174991525899096899266207869 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 69f055342c8dfd9e1930c1420215f6f2a12b246c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'soglianocavour.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes) 00ee007400747eda8331ad331091219cce254f4270c2bffd5e422008c6373579e6107bcc560000016c38500e4e000004030045304302200fd5ae435e0fe23282f75f11c6591f9dad0eb4c789963448687ece3f8d3b0d2a021f2208aca445031ccf417b4d1c50a64c94ea0ae7edf73feac7f0caa0d82f4ce8007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c38500e690000040300473045022100f3c0fccd02832093300e766b6fc954687262bc7815e9c302a1f7bd1dd14a039e022043b0e936e651061b7c6cbf7b2b496fffd39c6153f1d8c2766dc8cbdbcefbcde2 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0061e8379708f0384f4f919770542d32834bcd610b1b015c5689966935ecb3e90f8779efd81c77d8cd9e78d307dbe192d19a70d808c3a8c085b0e359fb0b38f0db97e6c7cafe3514d574dc98099f1a3c37bf09da7537ef283dcd379160b33c4dd99992597c3a81312afc2a69fad75041611bd8e436f55eb6e1f345df276ff929576c292b27de65b956c72670aea8554c34b6173aaec3c776774b2a9c113334cf8d8bb12ac21be042324afa555a49de257e4717ce652ca0a2932d69b865f4ab882cafbab00e7bd7d1993140f5e6dfe1497467fbc4a370db90d48ea5c19ac59ced36bace121b1de9a43366764b9c841b08a7f01d3f11f096ce77a2a6e55251d7072a