www.testimonedigeova.org
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:83:5d:82:08:be:5f:0c:17:d0:09:42:c7:01:dc:41:09:a6 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.testimonedigeova.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:83:5d:82:08:be:5f:0c:17:d0:09:42:c7:01:dc:41:09:a6Serial Number (int): 306038141241465328759764004981557839333798
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: ea:82:7a:9a:8e:42:71:cb:1b:b0:a9:f1:93:39:44:18:b2:9a:30:56
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): aa:08:70:5d:29:58:bc:f0:2d:b9:4f:d4:93:db:c4:bc:46:1f:87:ca
Fingerprint (sha256): 8c:5a:fd:5f:d4:f7:a9:5d:92:53:96:0c:d2:31:0f:cd:84:12:6a:57:70:03:9a:b1:82:22:c3:32:4c:29:27:00
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.testimonedigeova.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.testimonedigeova.org
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.testimonedigeova.org
Other certificates including the domain name testimonedigeova.org
(limited to 100 certificates)
testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
www.testimonedigeova.org
testimonedigeova.org
www.testimonedigeova.org
www.testimonedigeova.org
testimonedigeova.org
www.testimonedigeova.org
www.testimonedigeova.org
www.testimonedigeova.org
www.testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
www.testimonedigeova.org
testimonedigeova.org
www.testimonedigeova.org
www.testimonedigeova.org
testimonedigeova.org
www.testimonedigeova.org
www.testimonedigeova.org
www.testimonedigeova.org
www.testimonedigeova.org
testimonedigeova.org
testimonedigeova.org
Certificate
The complete raw certificate details for www.testimonedigeova.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGaDCCBVCgAwIBAgISA4Ndggi+XwwX0AlCxwHcQQmmMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA4MTcwMzIyMzdaFw0x OTExMTUwMzIyMzdaMCMxITAfBgNVBAMTGHd3dy50ZXN0aW1vbmVkaWdlb3ZhLm9y ZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK7NvFxBxU2LYfs7TZhJ HKTbqmv5HF6BDJ9UY4BSRIRl/AAcmUgcwfv1ppaF9sNlZ4nokYpi0+UptDA37Tbk B3FYlntAWp3sioWAucmQD+tmMRTjp63OctM+bEfK770+yGCUI6WkBbyKWzWeNW8d 8WD1aMu9dsX++UT0KH9CNmaIQ76XWBmjAxS2/25qwEs6XRiWe5Wq6IEefvNHmZ6E TbO7IPclU0BlhFTs12qPlXS+MF+/Id4hBlXfF+U3xz6+o3bIM/Edv4C8xhQZF7ww vksi9ROvTl4Uq9xMRDzyuS3qH2QiuJQQZr0G4OkizywTqZpDdSoVxYQajxLDhN74 D5dq2GM1X8rApSTyF/WPaZtLZNnTIxffaSgD/46NPa9vqyCBhOQpiOQ0Qgm9QADp dAtov21ezvW+I2t2uhvprAwRbpHMoxvahvw1mAB+y7Yekd9upRHr32aP+XxQlzOQ fscYYXDWIY587YfDH7j3anuFaQoK5zGlJNG+51i66iErSoGd76UKQFvoyB7w4TAG vFIjImEHKSFav8h9ZPcuA+UsX+wED3CACKZNYKCmImFKFfQ+niTwuWZXVYV6Qj3n SA3Y0nYHOWQTPb/x4YbavK9WeBla5rwrGipnX1vqDQkg0btcSfdsKtw2zPpZNQxP 2dFpKG5hNrvli/MyppYNNBRpAgMBAAGjggJtMIICaTAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYD VR0OBBYEFOqCepqOQnHLG7Cp8ZM5RBiymjBWMB8GA1UdIwQYMBaAFKhKamMEfd26 5tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDov L29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDov L2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIwYDVR0RBBwwGoIYd3d3LnRl c3RpbW9uZWRpZ2VvdmEub3JnMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQB gt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3Jn MIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkC wQApBo2yCJo32RMAAAFsndAdkAAABAMARzBFAiEAltixFpQStDFJAwCNEFoLVATC Mr/GFhMQ17SKijtz7U4CIBMuhJugs8Y1hkyhmoKa8eRa44IR98U6mVkVWDoZ3cLa AHYAKTxRllTIOWW6qlD8WAfUt2+/WHopctykwwz05UVH9HgAAAFsndAdBQAABAMA RzBFAiAQh80/zg2x2pJXfxz4XKuHKWntm0HjB33oicjmRDBmKgIhAJKWzEBbTiYP kkqZFT7K/UAZKYIeDFDS1+3ttTc93KpKMA0GCSqGSIb3DQEBCwUAA4IBAQCBGBKf GebjGigqqetBTw3TBkDHWpr7dRpqOa/6dWG5Y8jpxGRh6T74crlpLMlGdQFVYJBu GoffT53zFztrLhpIrMaVAWBIaiwJuhxLIo8a1ZZ7cz5ftgLc822bpXQ+WNnyWoYo atMvxj19FtIpeiq0IsAfoMSsSIfjmBGPxNsMV7VS0ttKLD+4xj4U1EDRw5NM4YK5 4WYQJIgcRdUZ8qTAYULUth/oo8NZ9MOHX4s+pmCFfqR86tA6wPb+5kXgWMBZA+KV 6/zHcLqyePBeSSaFYAe/gjzbvbBQZ1qzQOAuuK/kp7WbMQPAOLeyvDSCwz7EOFix MGcFs29Bbd+hzu02 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArs28XEHFTYth+ztNmEkc pNuqa/kcXoEMn1RjgFJEhGX8AByZSBzB+/WmloX2w2VnieiRimLT5Sm0MDftNuQH cViWe0BaneyKhYC5yZAP62YxFOOnrc5y0z5sR8rvvT7IYJQjpaQFvIpbNZ41bx3x YPVoy712xf75RPQof0I2ZohDvpdYGaMDFLb/bmrASzpdGJZ7larogR5+80eZnoRN s7sg9yVTQGWEVOzXao+VdL4wX78h3iEGVd8X5TfHPr6jdsgz8R2/gLzGFBkXvDC+ SyL1E69OXhSr3ExEPPK5LeofZCK4lBBmvQbg6SLPLBOpmkN1KhXFhBqPEsOE3vgP l2rYYzVfysClJPIX9Y9pm0tk2dMjF99pKAP/jo09r2+rIIGE5CmI5DRCCb1AAOl0 C2i/bV7O9b4ja3a6G+msDBFukcyjG9qG/DWYAH7Lth6R326lEevfZo/5fFCXM5B+ xxhhcNYhjnzth8MfuPdqe4VpCgrnMaUk0b7nWLrqIStKgZ3vpQpAW+jIHvDhMAa8 UiMiYQcpIVq/yH1k9y4D5Sxf7AQPcIAIpk1goKYiYUoV9D6eJPC5ZldVhXpCPedI DdjSdgc5ZBM9v/Hhhtq8r1Z4GVrmvCsaKmdfW+oNCSDRu1xJ92wq3DbM+lk1DE/Z 0WkobmE2u+WL8zKmlg00FGkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 306038141241465328759764004981557839333798 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-17 03:22:37 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-15 03:22:37 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.testimonedigeova.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 713136695826084768612158801686227090121005336850479025966622465376669404226701186869624285416107360164654401404789224165161256125567802636608005014817542984242210075707620650858081137000751650711513373759940874316512228509039335983249162727723133346043108487679289498785040454509395591215333653295749076186785525458955053696784376009822330646406511800049352702497980153203147262275121639465308686986013405860114648058923640194475911225833811293962987678735536573985428060710574974372987848617973222191002885575035506781155185071780059205317040987714432617918948782248792479211410400811656956576088625971515880056276181818300491658856724884901161929923419756236137936049047875024183317341166784041560664839564244727251887049255843178398597397832114344182355514489172310261735757276459015584248726436895494409060140576262921549242486373128067610308104793236769345328058324540430391190844377921187897089880589073455114764248112142649874761835956555772955986637110614704773115825252177888087470486191033312509284405138988357243057569992770096540686489184757108722587295931258104847030931492505968014247245114567950408036293997970384850201170793415650558908933423095888866971154139453966065651666537860916161585070394145534643890612868201 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ea827a9a8e4271cb1bb0a9f193394418b29a3056 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.testimonedigeova.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016c9dd01d90000004030047304502210096d8b1169412b4314903008d105a0b5404c232bfc6161310d7b48a8a3b73ed4e0220132e849ba0b3c635864ca19a829af1e45ae38211f7c53a995915583a19ddc2da007600293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016c9dd01d05000004030047304502201087cd3fce0db1da92577f1cf85cab872969ed9b41e3077de889c8e64430662a0221009296cc405b4e260f924a99153ecafd401929821e0c50d2d7ededb5373ddcaa4a . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008118129f19e6e31a282aa9eb414f0dd30640c75a9afb751a6a39affa7561b963c8e9c46461e93ef872b9692cc94675015560906e1a87df4f9df3173b6b2e1a48acc6950160486a2c09ba1c4b228f1ad5967b733e5fb602dcf36d9ba5743e58d9f25a86286ad32fc63d7d16d2297a2ab422c01fa0c4ac4887e398118fc4db0c57b552d2db4a2c3fb8c63e14d440d1c3934ce182b9e1661024881c45d519f2a4c06142d4b61fe8a3c359f4c3875f8b3ea660857ea47cead03ac0f6fee645e058c05903e295ebfcc770bab278f05e4926856007bf823cdbbdb050675ab340e02eb8afe4a7b59b3103c038b7b2bc3482c33ec43858b1306705b36f416ddfa1ceed36