canibuild.site
Issued by R3
About this certificate
This digital certificate with serial number 03:e2:54:32:03:d4:0a:7c:ac:5f:e4:fa:c4:fd:d6:f9:63:9d was issued on by Let's Encrypt.
With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=canibuild.site
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:e2:54:32:03:d4:0a:7c:ac:5f:e4:fa:c4:fd:d6:f9:63:9dSerial Number (int): 338352587563548537192194578068796316672925
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: e5:83:d9:f2:d9:8b:60:9f:ce:c1:d1:67:4e:63:4a:08:bf:a1:12:59
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 5b:f1:28:8b:55:ab:5d:b3:d7:d6:9c:1d:be:3b:04:27:44:cf:aa:6a
Fingerprint (sha256): 87:9a:db:fd:50:fb:66:4a:65:e4:c2:93:76:03:26:30:17:b1:c2:d4:9f:e0:4f:06:a2:d8:be:9e:52:dc:72:2b
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate canibuild.site
12
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for canibuild.site
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
50statesgroup.com
bettiepardee.org
blog.cmcsmen.net
canibuild.site
freedomsfuture.com.literotika.net
freepirn.com
icandeclutter.com
negotiatingtactics.com
online-vorschule.com
privatelabelrightsclub.com.moniers.com
sasfoundation.org.thegreenafricaproject.org
texasnames.net.canibuild.site
bettiepardee.org
blog.cmcsmen.net
canibuild.site
freedomsfuture.com.literotika.net
freepirn.com
icandeclutter.com
negotiatingtactics.com
online-vorschule.com
privatelabelrightsclub.com.moniers.com
sasfoundation.org.thegreenafricaproject.org
texasnames.net.canibuild.site
Other certificates including the domain name canibuild.site
(limited to 100 certificates)
canibuild.site
rollupyoursleeves.ca.canibuild.site
www.canibuild.tech
canibuild.site
erin-gee.media
canibuild.site
trail50.club
www.shop.gutrad.de
windorontario.com.canibuild.site
arbitrageedge.com.boothlaw.llc
canibuild.site
bryancurran.com
shuswapsoundjourney.ca
canibuild.site
canibuild.site
www.oaklandsportsdoctor.com
pensionloansscheme.com
www.bikecomm.com
norwoodcastings.ca
canibuild.site
rollupyoursleeves.ca.canibuild.site
www.canibuild.tech
canibuild.site
erin-gee.media
canibuild.site
trail50.club
www.shop.gutrad.de
windorontario.com.canibuild.site
arbitrageedge.com.boothlaw.llc
canibuild.site
bryancurran.com
shuswapsoundjourney.ca
canibuild.site
canibuild.site
www.oaklandsportsdoctor.com
pensionloansscheme.com
www.bikecomm.com
norwoodcastings.ca
canibuild.site
Certificate
The complete raw certificate details for canibuild.site in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGDDCCBPSgAwIBAgISA+JUMgPUCnysX+T6xP3W+WOdMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAxMDQxMzIxNTdaFw0yNDA0MDMxMzIxNTZaMBkxFzAVBgNVBAMT DmNhbmlidWlsZC5zaXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA qHGfXG8PIOAQRTiW8aaN2BFitDYV6+y+J2hhtDwXlDhvrY038HWl6MKoaiN+WjBa FEL9LX37NUZbs604qRiJcpSsHAOfoNVZ7NagzDTHWpWYMv1vJTv3OuW6sHV6otBi v39NVF/BSs6aTgkeNtecWQCjGX3L0QpKNZ/vla1+v3vczjkyeJDuCJfiNEht7kja 7a+UUvRIKDNvAZXjdKKoy/gvaur1zd4eb3AMEJcOtymBEDny29ALsnOYUd+YWq68 bSVTZLYyt6r8IL+M9TJ3qxGE+OuVZur2ctlxVgUsaNofnR2WdDMYo7NzIfzMuMzz 3pwPRHrAXh1Vkbb110uQkwIDAQABo4IDMzCCAy8wDgYDVR0PAQH/BAQDAgWgMB0G A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1Ud DgQWBBTlg9ny2Ytgn87B0WdOY0oIv6ESWTAfBgNVHSMEGDAWgBQULrMXt1hWy65Q CUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9y My5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iub3Jn LzCCAToGA1UdEQSCATEwggEtghE1MHN0YXRlc2dyb3VwLmNvbYIQYmV0dGllcGFy ZGVlLm9yZ4IQYmxvZy5jbWNzbWVuLm5ldIIOY2FuaWJ1aWxkLnNpdGWCIWZyZWVk b21zZnV0dXJlLmNvbS5saXRlcm90aWthLm5ldIIMZnJlZXBpcm4uY29tghFpY2Fu ZGVjbHV0dGVyLmNvbYIWbmVnb3RpYXRpbmd0YWN0aWNzLmNvbYIUb25saW5lLXZv cnNjaHVsZS5jb22CJnByaXZhdGVsYWJlbHJpZ2h0c2NsdWIuY29tLm1vbmllcnMu Y29tgitzYXNmb3VuZGF0aW9uLm9yZy50aGVncmVlbmFmcmljYXByb2plY3Qub3Jn gh10ZXhhc25hbWVzLm5ldC5jYW5pYnVpbGQuc2l0ZTATBgNVHSAEDDAKMAgGBmeB DAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AEiw42vapkc0D+VqAvqdMOsc UgHLVt0sgdm7v6s52IRzAAABjNTaLWAAAAQDAEcwRQIhAIRkjD1MjW35aYCSkWGl hX+MJgYQb4ebwXMVXPKFIBC+AiBE9f0n8bjrBcJCsG1Sugzip4QKMwAjb+QhTgkY dDY+5wB2ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABjNTaLVsA AAQDAEcwRQIgLsPc5b05t8Bh4GyPIg8IJ3+vO/iWazYaoDWPdVe7g3wCIQDkkG+q Vv2BK65kNpANUkaBaf0fXNWX/KUr0hznc8o5ezANBgkqhkiG9w0BAQsFAAOCAQEA pkjzJqasH+Z5x02i+BGzGGLzN4KrjtargIajYxJh1V8hnnowh+jyqcT/j5F4j0R1 OhvkRTr70DJDmMMwSNjteF3iHA3PvMxgoe+MgCyi5TRbkCefc+UeFDpNp9hD2Rkg gfiUWqy9QX0UUy4TCcmxB23L3kojqoGtV1Z2jzQW7I7Nh6RvZzC/6vfNPZnhl6Fz nzvr518+ZNeRCTC/mimhes5DcvcE7gyIDfOJz25RBsXETkMsnmg3xr7TQBPVyc7e agAwJfQVhHo3UulKBjd0rF0bMcuetMp/u8p2wFTPXOg0nXRzwtQx6rywyoHsW6ha Vd7CEYxfjTeeRKFWFQDmaA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHGfXG8PIOAQRTiW8aaN 2BFitDYV6+y+J2hhtDwXlDhvrY038HWl6MKoaiN+WjBaFEL9LX37NUZbs604qRiJ cpSsHAOfoNVZ7NagzDTHWpWYMv1vJTv3OuW6sHV6otBiv39NVF/BSs6aTgkeNtec WQCjGX3L0QpKNZ/vla1+v3vczjkyeJDuCJfiNEht7kja7a+UUvRIKDNvAZXjdKKo y/gvaur1zd4eb3AMEJcOtymBEDny29ALsnOYUd+YWq68bSVTZLYyt6r8IL+M9TJ3 qxGE+OuVZur2ctlxVgUsaNofnR2WdDMYo7NzIfzMuMzz3pwPRHrAXh1Vkbb110uQ kwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 338352587563548537192194578068796316672925 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-04 13:21:57 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-03 13:21:56 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'canibuild.site' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21264064579350422294200701580150488573396704609633820835002363520107808676282021365912079287396545275784612095386971548378996723166475938549873360793133210601047473047484734770530912713078806142704236912203330407312616292954606308670474502548419711931001417156122156191680855729180684413666972735487407596904714351651852624865112822845224349047597848281520624742852242364292531471884035853949655947550191616178937235380591969172895065625028979384607075217979039237551027622954058432226895878035608325542087704789011635128930941387532094653831254667376080066902130658602031813847340165769007127442386275220987241533587 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) e583d9f2d98b609fcec1d1674e634a08bfa11259 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (305 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '50statesgroup.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bettiepardee.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'blog.cmcsmen.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'canibuild.site' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'freedomsfuture.com.literotika.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'freepirn.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'icandeclutter.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'negotiatingtactics.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'online-vorschule.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privatelabelrightsclub.com.moniers.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sasfoundation.org.thegreenafricaproject.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'texasnames.net.canibuild.site' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cd4da2d60000004030047304502210084648c3d4c8d6df96980929161a5857f8c2606106f879bc173155cf2852010be022044f5fd27f1b8eb05c242b06d52ba0ce2a7840a3300236fe4214e091874363ee70076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cd4da2d5b000004030047304502202ec3dce5bd39b7c061e06c8f220f08277faf3bf8966b361aa0358f7557bb837c022100e4906faa56fd812bae6436900d52468169fd1f5cd597fca52bd21ce773ca397b . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00a648f326a6ac1fe679c74da2f811b31862f33782ab8ed6ab8086a3631261d55f219e7a3087e8f2a9c4ff8f91788f44753a1be4453afbd0324398c33048d8ed785de21c0dcfbccc60a1ef8c802ca2e5345b90279f73e51e143a4da7d843d9192081f8945aacbd417d14532e1309c9b1076dcbde4a23aa81ad5756768f3416ec8ecd87a46f6730bfeaf7cd3d99e197a1739f3bebe75f3e64d7910930bf9a29a17ace4372f704ee0c880df389cf6e5106c5c44e432c9e6837c6bed34013d5c9cede6a003025f415847a3752e94a063774ac5d1b31cb9eb4ca7fbbca76c054cf5ce8349d7473c2d431eabcb0ca81ec5ba85a55dec2118c5f8d379e44a1561500e668