*.schritt-macher.com
Issued by Encryption Everywhere DV TLS CA - G2
About this certificate
This digital certificate with serial number 0f:88:4e:9a:bd:2d:da:32:b9:90:1e:1a:c7:8d:2f:9f was issued on by DigiCert Inc.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.schritt-macher.com
DigiCert Inc
Organization:
DigiCert Inc
Organization unit: www.digicert.com
Organization unit: www.digicert.com
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0f:88:4e:9a:bd:2d:da:32:b9:90:1e:1a:c7:8d:2f:9fSerial Number (int): 20646166597168685607756876660356231071
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 5b:b3:b3:1c:80:af:91:72:65:09:8b:1c:40:1c:2a:00:dc:d4:cb:09
AuthorityKeyId: 78:df:91:90:5f:ee:de:ac:f6:c5:75:eb:d5:4c:55:53:ef:24:4a:b6
Fingerprint (sha1): 26:31:1b:ee:5e:28:d8:4a:90:c1:81:2a:4d:f6:87:3e:32:b5:5a:50
Fingerprint (sha256): 90:4b:d4:44:fa:67:07:d5:e5:99:f0:16:7e:c5:92:b2:b9:f8:db:25:b7:e1:42:c7:6d:e0:b0:3b:e6:9f:86:65
Issuing Certificate URL: http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt
Revocation information
OCSP Server: http://ocsp.digicert.comCheck the revocation status for certificate *.schritt-macher.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.schritt-macher.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.schritt-macher.com
schritt-macher.com
schritt-macher.com
Other certificates including the domain name schritt-macher.com
(limited to 100 certificates)
areacliente.rbkgardens.com
billing.acbo.co.uk
books.kinderstaff.com
books.dasgoetheanum.com
billing.acbo.co.uk
books.kinderstaff.com
books.dasgoetheanum.com
books.schritt-macher.com
areacliente.rbkgardens.com
*.schritt-macher.com
areacliente.rbkgardens.com
books.schritt-macher.com
accounting.omega-dguv.de
*.schritt-macher.com
billing.acbo.co.uk
books.kinderstaff.com
accounting.omega-dguv.de
areacliente.rbkgardens.com
books.kinderstaff.com
accounting.omega-dguv.de
books.schritt-macher.com
billing.acbo.co.uk
books.kinderstaff.com
books.dasgoetheanum.com
billing.acbo.co.uk
books.kinderstaff.com
books.dasgoetheanum.com
books.schritt-macher.com
areacliente.rbkgardens.com
*.schritt-macher.com
areacliente.rbkgardens.com
books.schritt-macher.com
accounting.omega-dguv.de
*.schritt-macher.com
billing.acbo.co.uk
books.kinderstaff.com
accounting.omega-dguv.de
areacliente.rbkgardens.com
books.kinderstaff.com
accounting.omega-dguv.de
books.schritt-macher.com
Certificate
The complete raw certificate details for *.schritt-macher.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGFTCCBP2gAwIBAgIQD4hOmr0t2jK5kB4ax40vnzANBgkqhkiG9w0BAQsFADBu MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg RFYgVExTIENBIC0gRzIwHhcNMjQwNDAxMDAwMDAwWhcNMjUwNDE2MjM1OTU5WjAf MR0wGwYDVQQDDBQqLnNjaHJpdHQtbWFjaGVyLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAJNg7yxGsXmvDoYmPnTviT4d1tMzN2NX7+dLGLru5PEH Vv43841jCKubZWiwh+0p9IhFmpB1M4+NqkJch1vOukFdVeKoK1JGnvMV2azefxZn t4hF85r966ST0NoLzPGV/VO+rHUxHr0dNe9glK8ZBUdK7fW8oM6EOuv0Lt2TxK6C S9/7KtmJF8jZ/JCYazVHSpyIioWREFv8nUltDsnL8UE+zF25vXCRqRglwP25E8dE BbqQ6xPUahFi9x2lo++YpM17kGOG5O6CNfRmBNxt5AnopDy8IlGP6q2MeU3LnJcf DvFvfIiNLANYqTZYYYF1rpm71YvFq+dwWGX9ZnHQM5kCAwEAAaOCAvwwggL4MB8G A1UdIwQYMBaAFHjfkZBf7t6s9sV169VMVVPvJEq2MB0GA1UdDgQWBBRbs7McgK+R cmUJixxAHCoA3NTLCTAzBgNVHREELDAqghQqLnNjaHJpdHQtbWFjaGVyLmNvbYIS c2Nocml0dC1tYWNoZXIuY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYB BQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMC BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGABggrBgEFBQcBAQR0 MHIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBKBggrBgEF BQcwAoY+aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0VuY3J5cHRpb25FdmVy eXdoZXJlRFZUTFNDQS1HMi5jcnQwDAYDVR0TAQH/BAIwADCCAX8GCisGAQQB1nkC BAIEggFvBIIBawFpAHcATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8A AAGOlyKjhgAABAMASDBGAiEAkFuw+0T8qCiOCfWlFTRkvu5dIsrdYUXFacNbmciE Hs8CIQCdGCKoun1UY+na4j91JaKdBkPdqRBzPjbc1npvgsUyIQB2AObSMWNAd4zB EEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABjpcio4UAAAQDAEcwRQIhALp5M+Mk QWiEXreKdheUdzpdnmPo7j3+MBDtYoc70BZyAiB3kIQv9HIochV6aZOBFCLo1mFs 0gIUVEP6AHhf2ameIwB2AKLjCuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfn AAABjpcipCUAAAQDAEcwRQIgQdaqwKG1hzEe+I7c6l7jzVA75gBD8rr0O6ueS5Jh vkwCIQCxKMrXXz2d8WZm912HTL4urRx96D9obYCKSBikBVac5DANBgkqhkiG9w0B AQsFAAOCAQEALXOvp2SXg2h0AmyTi2hhlYcm4l7araHQzhIzbLX+dl7EGxzXmHHS cX3W82tbikrNjHdyu4gIE/9GfoyPwRGuy6tS0AcGdubOuF45PwqIDn/paFmA7Qoh qV7JYnzw+mvRWQFhhGBwKE68c2ogB1GrYCu1rW+R461VdWRlCoBj+NByLT6EQjRV qGi0xnIJV/NtXpj8GjDj3el7ma6Ir9ehUNqnIbXvGdnEEYUa9Oea9dJK4ewGwygU WPMFBdHlNB4Wwcj5Zhj19lxZr+t/KWyhPgoX/uvTtcbn8ZiZIks2g9V0mORP6MCV SC1/4YrmLn3GqTKR+IJTOkQXpLgE2y1HBA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2DvLEaxea8OhiY+dO+J Ph3W0zM3Y1fv50sYuu7k8QdW/jfzjWMIq5tlaLCH7Sn0iEWakHUzj42qQlyHW866 QV1V4qgrUkae8xXZrN5/Fme3iEXzmv3rpJPQ2gvM8ZX9U76sdTEevR0172CUrxkF R0rt9bygzoQ66/Qu3ZPEroJL3/sq2YkXyNn8kJhrNUdKnIiKhZEQW/ydSW0Oycvx QT7MXbm9cJGpGCXA/bkTx0QFupDrE9RqEWL3HaWj75ikzXuQY4bk7oI19GYE3G3k CeikPLwiUY/qrYx5Tcuclx8O8W98iI0sA1ipNlhhgXWumbvVi8Wr53BYZf1mcdAz mQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 20646166597168685607756876660356231071 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Encryption Everywhere DV TLS CA - G2' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-01 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-16 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.schritt-macher.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18604830899760279657718369985520986123275729392498741910494840399315439790298321349450715737986017420661736871112068750565909388132271219334198492920632981853461390050825516339385520719188876004629419164729023350209250891521281795415970265547652109307544362530492991582635304108049082483711156043599905137643024423009495938715976625225409414232647741312823269037432358705682626443862584932307059604175847097500847250769649138214984997814606675092953801184807522751926157105812713627779698590639147192816954923656723922960402372674448941101890262996395794667156900896749251351392266417601595420916425845433042109215641 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 78df91905feedeacf6c575ebd54c5553ef244ab6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5bb3b31c80af917265098b1c401c2a00dcd4cb09 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.schritt-macher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'schritt-macher.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.digicert.com/CPS' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (116 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G2.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 01690077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018e9722a3860000040300483046022100905bb0fb44fca8288e09f5a5153464beee5d22cadd6145c569c35b99c8841ecf0221009d1822a8ba7d5463e9dae23f7525a29d0643dda910733e36dcd67a6f82c53221007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018e9722a3850000040300473045022100ba7933e3244168845eb78a761794773a5d9e63e8ee3dfe3010ed62873bd0167202207790842ff4722872157a6993811422e8d6616cd202145443fa00785fd9a99e23007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018e9722a4250000040300473045022041d6aac0a1b587311ef88edcea5ee3cd503be60043f2baf43bab9e4b9261be4c022100b128cad75f3d9df16666f75d874cbe2ead1c7de83f686d808a4818a405569ce4 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 002d73afa76497836874026c938b6861958726e25edaada1d0ce12336cb5fe765ec41b1cd79871d2717dd6f36b5b8a4acd8c7772bb880813ff467e8c8fc111aecbab52d0070676e6ceb85e393f0a880e7fe9685980ed0a21a95ec9627cf0fa6bd1590161846070284ebc736a200751ab602bb5ad6f91e3ad557564650a8063f8d0722d3e84423455a868b4c6720957f36d5e98fc1a30e3dde97b99ae88afd7a150daa721b5ef19d9c411851af4e79af5d24ae1ec06c3281458f30505d1e5341e16c1c8f96618f5f65c59afeb7f296ca13e0a17feebd3b5c6e7f19899224b3683d57498e44fe8c095482d7fe18ae62e7dc6a93291f882533a4417a4b804db2d4704