hempiria.com
Issued by R3
About this certificate
This digital certificate with serial number 03:4f:91:8d:d5:ba:55:68:37:4d:36:7c:45:eb:32:43:bc:e1 was issued on by Let's Encrypt.
With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=hempiria.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 03:4f:91:8d:d5:ba:55:68:37:4d:36:7c:45:eb:32:43:bc:e1Serial Number (int): 288412639290196860786478470605227965005025
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 67:44:2b:c4:e2:78:66:99:d4:5c:07:d1:85:f4:a9:5c:4e:c5:c1:a3
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): fe:10:4c:9f:14:da:88:c0:85:c5:75:2b:3b:5d:36:d5:83:2c:6a:87
Fingerprint (sha256): a4:a0:71:24:2f:4c:04:80:f6:a9:59:09:c0:b7:92:49:09:dd:c7:b3:12:f0:a2:70:3d:09:38:87:00:1d:e3:20
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate hempiria.com
18
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for hempiria.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
amorousfurniture.com
basseda.net
decriminalizehomeschooling.com
fruitz.in
generationhemp.com
getmyseven.com
growthequityreport.net
hempiria.com
hkbolag.com
homeschooldualcredit.com
marketclubfree.com
muslimdonation.com
pandararoad.com
texvape.com
thevillageswindowcleaners.com
ungarsargon.com
waterburybankruptcyattorney.com
weddingtonpointe.com
basseda.net
decriminalizehomeschooling.com
fruitz.in
generationhemp.com
getmyseven.com
growthequityreport.net
hempiria.com
hkbolag.com
homeschooldualcredit.com
marketclubfree.com
muslimdonation.com
pandararoad.com
texvape.com
thevillageswindowcleaners.com
ungarsargon.com
waterburybankruptcyattorney.com
weddingtonpointe.com
Other certificates including the domain name hempiria.com
(limited to 100 certificates)
Certificate
The complete raw certificate details for hempiria.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGSTCCBTGgAwIBAgISA0+RjdW6VWg3TTZ8ResyQ7zhMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDA0MTYwNzQ5NThaFw0yNDA3MTUwNzQ5NTdaMBcxFTATBgNVBAMT DGhlbXBpcmlhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrT lZLnYsw1oTgx4rTri3dVFaXtO2+odQO0oo6tB60/feeKH4Pdsjs7zmwa/Bff2P1m UJynoSExW3uqg61/si9vaq455hobc1A2s5lwFC1iA++qYyU3ApGIKeRFtxaaT+Uq tXiIS/AqqmXtdzu87m1So0rhHbHWZS7Kx3OamNVhNwM6a4iYCgq4/GM2Dytr/FMN hmfnJJeecC+ueivXTgJmKQhA/V8aEVcfbjAesjqVsLSQ1VrLUhkCeuN97B/NS+Xy MLAw69tuJqA66xxzBJjmb2JPFjBsYQEXDAfPemzD78zIE6rBxzKOe6dNOqaxX85c uixLDVXMz+j1uOULtrECAwEAAaOCA3IwggNuMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E FgQUZ0QrxOJ4ZpnUXAfRhfSpXE7FwaMwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA 5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w ggF5BgNVHREEggFwMIIBbIIUYW1vcm91c2Z1cm5pdHVyZS5jb22CC2Jhc3NlZGEu bmV0gh5kZWNyaW1pbmFsaXplaG9tZXNjaG9vbGluZy5jb22CCWZydWl0ei5pboIS Z2VuZXJhdGlvbmhlbXAuY29tgg5nZXRteXNldmVuLmNvbYIWZ3Jvd3RoZXF1aXR5 cmVwb3J0Lm5ldIIMaGVtcGlyaWEuY29tggtoa2JvbGFnLmNvbYIYaG9tZXNjaG9v bGR1YWxjcmVkaXQuY29tghJtYXJrZXRjbHViZnJlZS5jb22CEm11c2xpbWRvbmF0 aW9uLmNvbYIPcGFuZGFyYXJvYWQuY29tggt0ZXh2YXBlLmNvbYIddGhldmlsbGFn ZXN3aW5kb3djbGVhbmVycy5jb22CD3VuZ2Fyc2FyZ29uLmNvbYIfd2F0ZXJidXJ5 YmFua3J1cHRjeWF0dG9ybmV5LmNvbYIUd2VkZGluZ3RvbnBvaW50ZS5jb20wEwYD VR0gBAwwCjAIBgZngQwBAgEwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgBIsONr 2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAY7mGUBWAAAEAwBHMEUCIQCB OU0bEFNUMI0KsnPsj7/Ok/c4phMYFIsIUTfbf9LEGQIgP1mHwjArNT0Fd7c9QAmD lVs7ahqZgqmlJYEYCLv3ZVUAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG cR+1mwAAAY7mGUBcAAAEAwBHMEUCIQC8Fh3bCV47dx4Q/4rWkBqCvKyJKqrytyMq qrnoPHhyFwIgCbG6PQyF9gvYqolUoB/0+I4eyYudB0NKiBAWrUtPSdgwDQYJKoZI hvcNAQELBQADggEBABKrYjwmxUlkqD9l3/dzSy40f+jOeM1anARXwx3rVMXD5OMz urwOJCpw14uL0m8nuTZYpQ+rpWyOjsO5U9IycCgVktttvp11VmEco6gA4C8GIzGO pBRWxMC7t3rRjPK0B9r4xbQ/BjByQfTUNXofMQ+QSKGzPrXh88+qWhVXZClLKz/W nidPDUW58cEgOay1eOriwp2uiODjM4zCXH82vre+rIhc09Goeo1tKXUTooJPmv2n bBYB5w7yRhMRrjvSAKwKeFOjnfM7lkVkSdsC8D5F7UsJABweT8iTqfToEby60bc8 MS3isfHApQCqug/soPF8MwYycOautWJLGZ+0ysc= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutOVkudizDWhODHitOuL d1UVpe07b6h1A7Sijq0HrT9954ofg92yOzvObBr8F9/Y/WZQnKehITFbe6qDrX+y L29qrjnmGhtzUDazmXAULWID76pjJTcCkYgp5EW3FppP5Sq1eIhL8CqqZe13O7zu bVKjSuEdsdZlLsrHc5qY1WE3AzpriJgKCrj8YzYPK2v8Uw2GZ+ckl55wL656K9dO AmYpCED9XxoRVx9uMB6yOpWwtJDVWstSGQJ6433sH81L5fIwsDDr224moDrrHHME mOZvYk8WMGxhARcMB896bMPvzMgTqsHHMo57p006prFfzly6LEsNVczP6PW45Qu2 sQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 288412639290196860786478470605227965005025 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-16 07:49:58 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-15 07:49:57 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'hempiria.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23584660817276313312787073761425826427441963315978742999604365097295873290114239739878438958467800126497698691598810575519774407910684776005685256953786252612143983079146717457487535501660818399046232458452976142221101858302230096901715014430307701368855873836081938637970764004317992717873668012298258304006039616275102405704789185751140683140593415506929710687376649470530973378839373788654050388552980758064344662561762597087012447001841921711925818210477018464495119702878491281264385911478952582918850926384029538393105171586418790985177006654699990188436222024587280018006669063812514265679112578357133740586673 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 67442bc4e2786699d45c07d185f4a95c4ec5c1a3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'amorousfurniture.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'basseda.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'decriminalizehomeschooling.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fruitz.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'generationhemp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'getmyseven.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'growthequityreport.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hempiria.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'hkbolag.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homeschooldualcredit.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'marketclubfree.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'muslimdonation.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pandararoad.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'texvape.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thevillageswindowcleaners.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ungarsargon.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'waterburybankruptcyattorney.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'weddingtonpointe.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ee6194056000004030047304502210081394d1b105354308d0ab273ec8fbfce93f738a61318148b085137db7fd2c41902203f5987c2302b353d0577b73d400983955b3b6a1a9982a9a525811808bbf76555007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ee619405c0000040300473045022100bc161ddb095e3b771e10ff8ad6901a82bcac892aaaf2b7232aaab9e83c787217022009b1ba3d0c85f60bd8aa8954a01ff4f88e1ec98b9d07434a881016ad4b4f49d8 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0012ab623c26c54964a83f65dff7734b2e347fe8ce78cd5a9c0457c31deb54c5c3e4e333babc0e242a70d78b8bd26f27b93658a50faba56c8e8ec3b953d23270281592db6dbe9d7556611ca3a800e02f0623318ea41456c4c0bbb77ad18cf2b407daf8c5b43f06307241f4d4357a1f310f9048a1b33eb5e1f3cfaa5a155764294b2b3fd69e274f0d45b9f1c12039acb578eae2c29dae88e0e3338cc25c7f36beb7beac885cd3d1a87a8d6d297513a2824f9afda76c1601e70ef2461311ae3bd200ac0a7853a39df33b96456449db02f03e45ed4b09001c1e4fc893a9f4e811bcbad1b73c312de2b1f1c0a500aaba0feca0f17c33063270e6aeb5624b199fb4cac7