typesense.org

Issued by Amazon

About this certificate

This digital certificate with serial number 02:a1:e8:85:4d:42:1b:23:38:22:2b:ca:8b:68:08:6f was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=typesense.org

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 02:a1:e8:85:4d:42:1b:23:38:22:2b:ca:8b:68:08:6f
Serial Number (int): 3499131866077863592610339175057066095
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: d9:58:84:b4:80:d9:57:56:eb:6c:31:17:67:65:e1:22:17:1a:c0:1f
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): d2:80:61:a9:65:c3:d7:9a:79:2b:07:e6:c1:5f:04:8d:8b:9f:57:4c
Fingerprint (sha256): ad:ae:12:78:f1:20:3d:d2:45:35:53:57:91:0e:46:8d:80:59:d1:fe:a9:03:c0:94:10:2b:bd:f2:b1:64:a5:b3

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate typesense.org

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for typesense.org

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

typesense.org
*.typesense.org

Other certificates including the domain name typesense.org

(limited to 100 certificates)
cloud-status.typesense.org
*.typesense.org
*.typesense.org
t1m.typesense.org
cloud-status.typesense.org
typesense.org
t1m.typesense.org
t1r.typesense.org
t1m.typesense.org
t1r.typesense.org
t1m.typesense.org
cloud-status.typesense.org
cloud-status.typesense.org
*.typesense.org
typesense.org
typesense.org
t1m.typesense.org
typesense.org
typesense.org
t1.typesense.org
t1.typesense.org
typesense.org
cloud-status.typesense.org
cloud-status.typesense.org
airbnb-geosearch.typesense.org
t1m.typesense.org
typesense.org
t1r.typesense.org
cloud-status.typesense.org
typesense.org
cloud-status.typesense.org
t1m.typesense.org
t1r.typesense.org
email.mg.typesense.org
t1r.typesense.org
cloud-status.typesense.org
cloud.typesense.org
typesense.org
t1r.typesense.org
cloud-status.typesense.org
cloud-status.typesense.org
typesense.org
typesense.org
*.typesense.org
threads.typesense.org
email.mg.typesense.org

Certificate

The complete raw certificate details for typesense.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgIQAqHohU1CGyM4IivKi2gIbzANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjA3MTkwMDAwMDBaFw0yMzA4MTcy
MzU5NTlaMBgxFjAUBgNVBAMTDXR5cGVzZW5zZS5vcmcwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCrYwTq8NxVPpX2O6Ww/8IkgkY37pftn3vnuWdZx9yG
ynEWUsUQ//7N58zUnaeeFwGBeJzN3GgNE8fyU1y1RH4+KK8nfS9SC38ppilC1c6s
TDHwfHNPFMJXGL/MNlgEDc/x7cG6ZbAXJevBs9PLkMtfVtu8wlfZQ9HjFrOWlenF
ELm5Tq6FDuC7KXqSVcgKVdU6Dkdu7FV0z8c/52vpY/tY2O5BYcyYW0CCUsXbwDeh
kVqUQvRggXI7sJd0wdNDv5zdPdGsg2TmwxisqswMkhscDS2uFdKrHJj8mJmOx7/7
s4tM2fpwf9aDk4y45bEVJDY4x4Zgvd36jyXWpmJ+eah/AgMBAAGjggL5MIIC9TAf
BgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU2ViEtIDZ
V1brbDEXZ2XhIhcawB8wKQYDVR0RBCIwIIINdHlwZXNlbnNlLm9yZ4IPKi50eXBl
c2Vuc2Uub3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5zY2ExYi5hbWF6
b250cnVzdC5jb20vc2NhMWItMS5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYI
KwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5zY2ExYi5hbWF6
b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQuc2NhMWIuYW1hem9u
dHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIE
AgSCAW4EggFqAWgAdgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAA
AYIUfExMAAAEAwBHMEUCIQDHL04PBi4Tsf5r5nxqRzyQHaOGJ+v5IyTUYWUQWlPQ
iQIgaZUuVyj8M4ucUsVAY0wyJqRQiPft98dfrYCK6w2JNxQAdgA1zxkbv7FsV78P
rUxtQsu7ticgJlHqP+Eq76gDwzvWTAAAAYIUfEuCAAAEAwBHMEUCIQD9qwT84gPm
DxSZcr/E6tzCc+GxDy1/f3RlaKxTPWxFqQIgIFkohcpvYVzIYwSVGartr8sf2Dkn
uQ1u/u67SePlHEYAdgCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAA
AYIUfEu6AAAEAwBHMEUCIG4qW2dTvxE03+w/suMZGORE6JYdsm4ekHNPVO3K4V/q
AiEAkMnru09h8ogJuma33SEINfjrJ6NhXcm3WGidZjRamsswDQYJKoZIhvcNAQEL
BQADggEBAH6sDjt7CB55j2/y7wLjR+rGr85ac6kSMSQSTWZZaPJ0SN1ZUqIbBZ7X
d47GPAxA/jDBRkBz0wDTTC5XDap3RMbb1CDw0yIX85FGpLvYjjQmAoinOyex8GwA
6OPPLIr3Uisi6jtoEs/eOoxWl7cNh735aTpZRwsucuvTEVRMhpC/TfzINmyYoeMr
sAklrv/ar5RvUTclZm35UR5eBLk8CarkqzS2dQY1P8CuF6penGcBlHJkR3rldYpP
vzRrXdXa4cwJ2KwWGkk6CiE4PzPi+/A1bOfeVMAZzVikEzNr4fmT/8CFiYkShnBC
rkouEYfZ5eg8bPqq33C2MD0gnDGG73Q=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2ME6vDcVT6V9julsP/C
JIJGN+6X7Z9757lnWcfchspxFlLFEP/+zefM1J2nnhcBgXiczdxoDRPH8lNctUR+
PiivJ30vUgt/KaYpQtXOrEwx8HxzTxTCVxi/zDZYBA3P8e3BumWwFyXrwbPTy5DL
X1bbvMJX2UPR4xazlpXpxRC5uU6uhQ7guyl6klXIClXVOg5HbuxVdM/HP+dr6WP7
WNjuQWHMmFtAglLF28A3oZFalEL0YIFyO7CXdMHTQ7+c3T3RrINk5sMYrKrMDJIb
HA0trhXSqxyY/JiZjse/+7OLTNn6cH/Wg5OMuOWxFSQ2OMeGYL3d+o8l1qZifnmo
fwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3499131866077863592610339175057066095
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-07-19 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-08-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'typesense.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21635578341455799772050267036563370726454031756024182434956062820585286099892987887818835444584472783582549915951211945936124225040633949555425168266158965353787963391306069943487430477137220964273729467647040962614284172803034489785826157432805082235263863394852886772314104159976740435398776512332098028376690002020452952007485950549077379630204885478564208315507821760613076203349656881367841472321005465920937655841815084771967564079346953067693879758643290500732844293792123487916375067540964224277084259505245302768533167535938978873941435887155465570995900194271271864773390304646258751553478379951805441878143
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d95884b480d95756eb6c31176765e122171ac01f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'typesense.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.typesense.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e00000182147c4c4c0000040300473045022100c72f4e0f062e13b1fe6be67c6a473c901da38627ebf92324d46165105a53d089022069952e5728fc338b9c52c540634c3226a45088f7edf7c75fad808aeb0d89371400760035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c00000182147c4b820000040300473045022100fdab04fce203e60f149972bfc4eadcc273e1b10f2d7f7f746568ac533d6c45a9022020592885ca6f615cc863049519aaedafcb1fd83927b90d6efeeebb49e3e51c46007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a00000182147c4bba000004030047304502206e2a5b6753bf1134dfec3fb2e31918e444e8961db26e1e90734f54edcae15fea02210090c9ebbb4f61f28809ba66b7dd210835f8eb27a3615dc9b758689d66345a9acb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		007eac0e3b7b081e798f6ff2ef02e347eac6afce5a73a9123124124d665968f27448dd5952a21b059ed7778ec63c0c40fe30c1464073d300d34c2e570daa7744c6dbd420f0d32217f39146a4bbd88e34260288a73b27b1f06c00e8e3cf2c8af7522b22ea3b6812cfde3a8c5697b70d87bdf9693a59470b2e72ebd311544c8690bf4dfcc8366c98a1e32bb00925aeffdaaf946f513725666df9511e5e04b93c09aae4ab34b67506353fc0ae17aa5e9c6701947264477ae5758a4fbf346b5dd5dae1cc09d8ac161a493a0a21383f33e2fbf0356ce7de54c019cd58a413336be1f993ffc085898912867042ae4a2e1187d9e5e83c6cfaaadf70b6303d209c3186ef74