www.zirconiadiamonds.com
Issued by R3
About this certificate
This digital certificate with serial number 04:9b:c7:a6:fb:57:ba:9d:25:1f:3e:a1:2f:45:fc:65:21:76 was issued on by Let's Encrypt.
With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.zirconiadiamonds.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:9b:c7:a6:fb:57:ba:9d:25:1f:3e:a1:2f:45:fc:65:21:76Serial Number (int): 401458293990061578307207501163143899718006
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: b3:a1:6c:f8:3e:93:78:0d:bd:94:85:6c:8b:c6:9f:9b:b6:e8:3a:b2
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 62:32:de:02:5b:dd:2a:2e:9a:d7:e0:ba:22:30:8d:5f:ca:45:72:19
Fingerprint (sha256): a3:a4:2f:d2:43:2b:ae:6d:92:d7:56:75:7b:36:22:48:7b:94:8c:7a:ad:20:f2:41:c9:ca:47:28:1d:5d:61:e9
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate www.zirconiadiamonds.com
16
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.zirconiadiamonds.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
agilisholdings.com
modernlto.com
sanfranciscojointpain.com
showsponsorships.com
tinyapi.com
trumpseniors.com
voteforalexjones.com
www.agilisholdings.com
www.modernlto.com
www.sanfranciscojointpain.com
www.showsponsorships.com
www.tinyapi.com
www.trumpseniors.com
www.voteforalexjones.com
www.zirconiadiamonds.com
zirconiadiamonds.com
modernlto.com
sanfranciscojointpain.com
showsponsorships.com
tinyapi.com
trumpseniors.com
voteforalexjones.com
www.agilisholdings.com
www.modernlto.com
www.sanfranciscojointpain.com
www.showsponsorships.com
www.tinyapi.com
www.trumpseniors.com
www.voteforalexjones.com
www.zirconiadiamonds.com
zirconiadiamonds.com
Other certificates including the domain name zirconiadiamonds.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.zirconiadiamonds.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGRzCCBS+gAwIBAgISBJvHpvtXup0lHz6hL0X8ZSF2MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA1MTcwNzE3MjNaFw0yNDA4MTUwNzE3MjJaMCMxITAfBgNVBAMT GHd3dy56aXJjb25pYWRpYW1vbmRzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALjo5FJ2I2P0kDpHmj7WPkIwUkkOrga+/xVCzKqPonKB6E4h/tPc Jcao3LF0iYbUvMy1jwXRFc1Auwm79JCdTwbumQT/KmSptxz46drKRLGLz2ME7ONq 1L7/Tg6/DpVAEOYyUuj31TNGKuNRtA1CXmMGuqZnDloNg/C9alc3sgFUOaJEgEbs xgOI6NFM/SJBPWMMfS+Bi7/PCVNuToyM4r/N4O2WXo4/HeIRzARyRGsIDdZ0zFRO J0OVq/PmthOuIBaawpvKiSpmGml/hgw9FtYqidTkC9a4HRcq/RRYCtd/ZlHPeY9m W+d1+tD4ZmQDgZTkM8k/OZNBhpjy3shXX40CAwEAAaOCA2QwggNgMA4GA1UdDwEB /wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQUs6Fs+D6TeA29lIVsi8afm7boOrIwHwYDVR0jBBgwFoAU FC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzAB hhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5p LmxlbmNyLm9yZy8wggFrBgNVHREEggFiMIIBXoISYWdpbGlzaG9sZGluZ3MuY29t gg1tb2Rlcm5sdG8uY29tghlzYW5mcmFuY2lzY29qb2ludHBhaW4uY29tghRzaG93 c3BvbnNvcnNoaXBzLmNvbYILdGlueWFwaS5jb22CEHRydW1wc2VuaW9ycy5jb22C FHZvdGVmb3JhbGV4am9uZXMuY29tghZ3d3cuYWdpbGlzaG9sZGluZ3MuY29tghF3 d3cubW9kZXJubHRvLmNvbYIdd3d3LnNhbmZyYW5jaXNjb2pvaW50cGFpbi5jb22C GHd3dy5zaG93c3BvbnNvcnNoaXBzLmNvbYIPd3d3LnRpbnlhcGkuY29tghR3d3cu dHJ1bXBzZW5pb3JzLmNvbYIYd3d3LnZvdGVmb3JhbGV4am9uZXMuY29tghh3d3cu emlyY29uaWFkaWFtb25kcy5jb22CFHppcmNvbmlhZGlhbW9uZHMuY29tMBMGA1Ud IAQMMAowCAYGZ4EMAQIBMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAPxdLT9ci R1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGPhaCSvQAABAMARzBFAiEAkLI4 tcFdD1pwXANFKqq50PUBBZn9Ii4gsgTPCuk7SAwCIEsvjbZ+rmn3y3iwwBumr496 e7D7UbkUHe6T/yHHK4GdAHYA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEf tZsAAAGPhaCSwQAABAMARzBFAiEAot+ZcTthmwQOuyD0yyQEuV7tEpO5+3lk7eIz CbLBW2MCIGAxYbzmNP4uq8a5w/RCPy38+aPaEUOeKcjIvSFZHhTfMA0GCSqGSIb3 DQEBCwUAA4IBAQA1HXvKLNbB/jDSTTSnQMhKVBapwOcvOFd2u/xC1wPDPorC7PEa ztaLzMwZ4UMP9ynwCgQkCABjxUMFCeSQzyWfrZ7nbR3hP/OEPJfK0ez+YZbbbT+W gdtDrYSF4byVtzw5wBlLK6eTPIY0xTtPsAu0sChATT0uxjfQaB/HkWkkocqHCJtQ JVi9Me0CGfR2bo7y/nLqUqM068Y6ewYmUvp13KqrSjXbspyA+Rt/t6a8MFDDhfb1 P9eoEFeVIJgO+OlcHiFV1Z8wf5MVhQk5KjVCTGt2x+q+Iwi1Ngps8E0W/dDwQk+7 ShUH5ky0jEwCMvf3yYa8Ri8WilUeC7DGDTH/ -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOjkUnYjY/SQOkeaPtY+ QjBSSQ6uBr7/FULMqo+icoHoTiH+09wlxqjcsXSJhtS8zLWPBdEVzUC7Cbv0kJ1P Bu6ZBP8qZKm3HPjp2spEsYvPYwTs42rUvv9ODr8OlUAQ5jJS6PfVM0Yq41G0DUJe Ywa6pmcOWg2D8L1qVzeyAVQ5okSARuzGA4jo0Uz9IkE9Ywx9L4GLv88JU25OjIzi v83g7ZZejj8d4hHMBHJEawgN1nTMVE4nQ5Wr8+a2E64gFprCm8qJKmYaaX+GDD0W 1iqJ1OQL1rgdFyr9FFgK139mUc95j2Zb53X60PhmZAOBlOQzyT85k0GGmPLeyFdf jQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 401458293990061578307207501163143899718006 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-17 07:17:23 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-15 07:17:22 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.zirconiadiamonds.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23342691381658633524124491793360505558319073144841550415375709329670646589994366755447491328546150047648876218288174573400397715230625145116483325286932690837335376234978232075105019339353630531886493007690213925316290394511994292493785979731453109415100640475859085571021022171421538605498386543075938479938636768733061945270577543940817920591441178275016888599540506988726531571599558648041754777759910995044040590360510148601245602456173937512182093991632414853624450164528602427239249584376011564679292909899195179879938539681312938758361301234225394448078096008374171287591461526521755310410371836161701759639437 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b3a16cf83e93780dbd94856c8bc69f9bb6e83ab2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (354 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agilisholdings.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'modernlto.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sanfranciscojointpain.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'showsponsorships.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tinyapi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'trumpseniors.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'voteforalexjones.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.agilisholdings.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.modernlto.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.sanfranciscojointpain.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.showsponsorships.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tinyapi.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.trumpseniors.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.voteforalexjones.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.zirconiadiamonds.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'zirconiadiamonds.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018f85a092bd000004030047304502210090b238b5c15d0f5a705c03452aaab9d0f5010599fd222e20b204cf0ae93b480c02204b2f8db67eae69f7cb78b0c01ba6af8f7a7bb0fb51b9141dee93ff21c72b819d007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018f85a092c10000040300473045022100a2df99713b619b040ebb20f4cb2404b95eed1293b9fb7964ede23309b2c15b630220603161bce634fe2eabc6b9c3f4423f2dfcf9a3da11439e29c8c8bd21591e14df . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00351d7bca2cd6c1fe30d24d34a740c84a5416a9c0e72f385776bbfc42d703c33e8ac2ecf11aced68bcccc19e1430ff729f00a0424080063c5430509e490cf259fad9ee76d1de13ff3843c97cad1ecfe6196db6d3f9681db43ad8485e1bc95b73c39c0194b2ba7933c8634c53b4fb00bb4b028404d3d2ec637d0681fc7916924a1ca87089b502558bd31ed0219f4766e8ef2fe72ea52a334ebc63a7b062652fa75dcaaab4a35dbb29c80f91b7fb7a6bc3050c385f6f53fd7a810579520980ef8e95c1e2155d59f307f93158509392a35424c6b76c7eabe2308b5360a6cf04d16fdd0f0424fbb4a1507e64cb48c4c0232f7f7c986bc462f168a551e0bb0c60d31ff