alumni.dce.upstatement.dev

Issued by R3

About this certificate

This digital certificate with serial number 04:b4:d5:9c:40:6c:43:9e:fb:85:55:92:6b:a0:1c:63:32:f3 was issued on by Let's Encrypt.

With 12 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=alumni.dce.upstatement.dev

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:b4:d5:9c:40:6c:43:9e:fb:85:55:92:6b:a0:1c:63:32:f3
Serial Number (int): 409983906640873812402900144104116549006067
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 9a:fd:9c:5c:25:27:f7:3d:a7:63:fa:00:6a:0c:82:e1:98:41:d4:9a
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 21:80:3a:4b:63:d9:0c:06:a0:cb:53:9f:6f:a9:b4:6f:f7:cd:f5:a8
Fingerprint (sha256): 9b:66:c3:17:23:00:ee:30:3f:d6:40:bd:61:5a:99:fb:19:ca:a6:5a:78:81:12:e3:b3:8d:9b:e3:ab:82:f6:4a

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate alumni.dce.upstatement.dev

12

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for alumni.dce.upstatement.dev

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

alumni.dce.upstatement.dev
dce.upstatement.dev
dev.alumni.extension.harvard.edu
dev.dce.harvard.edu
dev.extension.harvard.edu
dev.hilr.dce.harvard.edu
dev.professional.dce.harvard.edu
dev.summer.harvard.edu
docs.dce.upstatement.dev
extension.dce.upstatement.dev
hilr.dce.upstatement.dev
pdp.dce.upstatement.dev

Other certificates including the domain name upstatement.dev

(limited to 100 certificates)
alumni.dce-test.upstatement.dev
alumni.extension.harvard.edu
alumni.extension.harvard.edu
alumni.extension.harvard.edu
alumni.dce.upstatement.dev
alumni.dce-test.upstatement.dev
alumni.extension.harvard.edu
alumni.extension.harvard.edu
alumni.dce-test.upstatement.dev
alumni.dce.upstatement.dev
alumni.extension.harvard.edu
alumni.extension.harvard.edu
alumni.extension.harvard.edu
alumni.dce.upstatement.dev

Certificate

The complete raw certificate details for alumni.dce.upstatement.dev in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgISBLTVnEBsQ577hVWSa6AcYzLzMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMDkxMzI0MjZaFw0yNDA0MDgxMzI0MjVaMCUxIzAhBgNVBAMT
GmFsdW1uaS5kY2UudXBzdGF0ZW1lbnQuZGV2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwHSnemv0wZzcXAgMkBQXztwjNHFrHpIs5axrzzrdlw7T+GZA
QLPiUvSZmF3ScRQ1Ni77M7wvvj8WKgEm6kmkIGsqEr1NwVO/9M+bfL4ePy1ywV87
Wx7ZOVVK4JWJMqctOtWZynJz3jX67Nda0+9B++4/N4TAaLpUnxu83mMaTL+l/8yY
in0iItxxZ3YRMvL8oMO9BWqFighCSszfIpRufGHjpEeodJZe7aLi7DcePvwyXZWi
/al1YQeCdFkrpkcgk8myhP/APzQjk3bdKAlwKQDdvQR4Y3b+bMJVibDWVrVqjLz+
ybpaAJiOjKOmp9NDC6LZPJujVsE+mvYR8y2ZVQIDAQABo4IDSTCCA0UwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBSa/ZxcJSf3Padj+gBqDILhmEHUmjAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzCCAVAGA1UdEQSCAUcwggFDghphbHVtbmkuZGNlLnVwc3Rh
dGVtZW50LmRldoITZGNlLnVwc3RhdGVtZW50LmRldoIgZGV2LmFsdW1uaS5leHRl
bnNpb24uaGFydmFyZC5lZHWCE2Rldi5kY2UuaGFydmFyZC5lZHWCGWRldi5leHRl
bnNpb24uaGFydmFyZC5lZHWCGGRldi5oaWxyLmRjZS5oYXJ2YXJkLmVkdYIgZGV2
LnByb2Zlc3Npb25hbC5kY2UuaGFydmFyZC5lZHWCFmRldi5zdW1tZXIuaGFydmFy
ZC5lZHWCGGRvY3MuZGNlLnVwc3RhdGVtZW50LmRldoIdZXh0ZW5zaW9uLmRjZS51
cHN0YXRlbWVudC5kZXaCGGhpbHIuZGNlLnVwc3RhdGVtZW50LmRldoIXcGRwLmRj
ZS51cHN0YXRlbWVudC5kZXYwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEE
AdZ5AgQCBIH1BIHyAPAAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE
cwAAAYzunEDSAAAEAwBHMEUCIQCkmYiTSzM1F8WCs0uFhj6ECQ7OWC3XecG52M2U
a7hO3AIgcG17XveYyOwztILMhFL+VIcgBJAZxDB9LfhSlm87mpYAdgAp0DobtnSq
cRzTA1tlV8FPiqeLT+g4lEnspFP5RL0kaAAAAYzunEGlAAAEAwBHMEUCIF+Mq5Y7
QkLkYb/281wQQSFzVs3MBOZmq9BTdTUk9BL0AiEA5/h3gIY5yncWqRiFzY4JRYnW
YZ82YIr7p19smuSEjoUwDQYJKoZIhvcNAQELBQADggEBAHQq00nVHj6vLy/wA2n1
Sr2fWRa10s5rnktHUNK+eAd15mPllj9MtzbAQNH9wfEpADCSK9mRjaK6RyhQDs30
BioCHIckR/BzMm56ZSPzgL0G6a7Y2W/p+wpB8hFJPUQL0PFljBVEro1QqsuTDKMK
dlt8OyLIIJILLYq+lg5diDG3i1H/LifIDTdgptin9F+zC1AmZfe74gkafK+6Zm5H
f7iwAaXlhbMh6XE9ue0fKbuqBnnE9Qh5Aoy3pC1+CtwK5Q9XADFZPcOifY/GD0xi
eOqJuvDpvnWGxxS1n2cDUkI3wwtqd0tyCpklBOEnAplKrtG59752Dy7PWvLd02BA
5F8=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHSnemv0wZzcXAgMkBQX
ztwjNHFrHpIs5axrzzrdlw7T+GZAQLPiUvSZmF3ScRQ1Ni77M7wvvj8WKgEm6kmk
IGsqEr1NwVO/9M+bfL4ePy1ywV87Wx7ZOVVK4JWJMqctOtWZynJz3jX67Nda0+9B
++4/N4TAaLpUnxu83mMaTL+l/8yYin0iItxxZ3YRMvL8oMO9BWqFighCSszfIpRu
fGHjpEeodJZe7aLi7DcePvwyXZWi/al1YQeCdFkrpkcgk8myhP/APzQjk3bdKAlw
KQDdvQR4Y3b+bMJVibDWVrVqjLz+ybpaAJiOjKOmp9NDC6LZPJujVsE+mvYR8y2Z
VQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 409983906640873812402900144104116549006067
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-09 13:24:26 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-08 13:24:25 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'alumni.dce.upstatement.dev'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24295278889261962340330570593076765092564594026629510040566849443941721212705222905469227342749655760761925628146467776896918161669177237506061638055976839317974540229085566909601290432792766688540743857041618507082302908209321494362376641574366690514136936988276436757394515726000349835912320682069511736058985263380188984941851626522348036976567257123937402752130277851931257557691396509910741392947845349707974538616547869499133806197294376341097227039876415788275764051935080580783290065738507278734728703160147978353048962982659390140744073959855669537306275821116832669307766091573181749448001568724078979553621
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9afd9c5c2527f73da763fa006a0c82e19841d49a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (327 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alumni.dce.upstatement.dev'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dce.upstatement.dev'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.alumni.extension.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.dce.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.extension.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.hilr.dce.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.professional.dce.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dev.summer.harvard.edu'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'docs.dce.upstatement.dev'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extension.dce.upstatement.dev'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hilr.dce.upstatement.dev'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pdp.dce.upstatement.dev'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018cee9c40d20000040300473045022100a49988934b333517c582b34b85863e84090ece582dd779c1b9d8cd946bb84edc0220706d7b5ef798c8ec33b482cc8452fe548720049019c4307d2df852966f3b9a9600760029d03a1bb674aa711cd3035b6557c14f8aa78b4fe8389449eca453f944bd24680000018cee9c41a5000004030047304502205f8cab963b4242e461bff6f35c1041217356cdcc04e666abd053753524f412f4022100e7f877808639ca7716a91885cd8e094589d6619f36608afba75f6c9ae4848e85
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00742ad349d51e3eaf2f2ff00369f54abd9f5916b5d2ce6b9e4b4750d2be780775e663e5963f4cb736c040d1fdc1f1290030922bd9918da2ba4728500ecdf4062a021c872447f073326e7a6523f380bd06e9aed8d96fe9fb0a41f211493d440bd0f1658c1544ae8d50aacb930ca30a765b7c3b22c820920b2d8abe960e5d8831b78b51ff2e27c80d3760a6d8a7f45fb30b502665f7bbe2091a7cafba666e477fb8b001a5e585b321e9713db9ed1f29bbaa0679c4f50879028cb7a42d7e0adc0ae50f570031593dc3a27d8fc60f4c6278ea89baf0e9be7586c714b59f6703524237c30b6a774b720a992504e12702994aaed1b9f7be760f2ecf5af2ddd36040e45f