www.entrato.com

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 04:b9:6b:2a:a8:3f:7c:d7:90:49:81:e0:58:5c:36:92:81:dd was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.entrato.com

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:b9:6b:2a:a8:3f:7c:d7:90:49:81:e0:58:5c:36:92:81:dd
Serial Number (int): 411543830491906471181906098874417971102173
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 9d:8c:5e:dc:4a:53:7c:c2:ba:93:bb:3d:be:cf:ff:dc:56:48:f7:d4
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 2e:8d:98:94:0f:26:28:4b:f8:18:51:bc:61:cb:91:69:94:07:e5:79
Fingerprint (sha256): c0:c3:66:23:97:79:a6:30:ce:59:78:8c:b1:6b:f6:6e:d3:f1:49:98:ee:21:91:51:54:6d:98:82:53:07:23:d1

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.entrato.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.entrato.com

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.entrato.com

Other certificates including the domain name entrato.com

(limited to 100 certificates)
entrato.com
www.entrato.com
entrato.com
www.entrato.com
09640.com
www.entrato.com
entrato.com
entrato.com
deadhot.com
entrato.com
www.entrato.com
entrato.com
www.entrato.com
entrato.com
www.entrato.com

Certificate

The complete raw certificate details for www.entrato.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGVDCCBTygAwIBAgISBLlrKqg/fNeQSYHgWFw2koHdMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMjIyMDQ2MzVaFw0y
MDAxMjAyMDQ2MzVaMBoxGDAWBgNVBAMTD3d3dy5lbnRyYXRvLmNvbTCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBANXMKY97HlYK+YmsbK5/dO28XDcE9UAf
+H0VPo9WlBFseL4zuSckZJYmpOEtWf7O8Bf0QvwJCD9hEkbrrs2pevxAcL66imdf
o998ezKPfnT6RZ23MsumjCOpGU/GyzNvZjf3+GVUY6kY5XDNCBe1WGCcFyYcmJNJ
SvSl5I4zaTm8TLrUxaJUarZHuqfG7l/+7J74uxLOSehZ/qgKPKBjyJTP7GK3lqm0
bK4JYXhDxNvzaLd5xA78vH8twPKlmOonA7y9mey3Rq25upTHKj6BspjZvlOML7I0
KGQzFPMe0Kwce74PtXKfHCwwO3+rLmBhQOumpBb/40b0ApBxB7JsOun1VUeOg6YA
s1W5CaN0YEbwktldfILVyJFdNYfNCCcZyyDzxAIMESGZfJSNbCAZ2/WvHXry1cOc
U4ddkleEVt3mTvHfT8unKPhEztcbzkT/++rCD15Xxn56eDTQPjYpJ9hb/uhQj/oX
BFr0PWTJQf8ewys6sNDo5CTh2yn4z3GS+tapctmUM6wNvvHe0tueKiqCFABir6/O
8TOBg81SGbKIl8R7br28xeok5MVUAxwPFtJkHFB7uYNH4E0CABFx7XyxdspPBnRt
iywRLVUudx7K3cswLFZup0tS1YX+Dc2vVXiv3IHYb9ElgcMJtJAGEMDUMgTxYYWe
fMt+NdFbg9GDAgMBAAGjggJiMIICXjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJ2M
XtxKU3zCupO7Pb7P/9xWSPfUMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z
qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50
LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50
LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3LmVudHJhdG8uY29t
MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH
AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAgYKKwYBBAHWeQIEAgSB
8wSB8ADuAHUA8JWkWfIA0YJAEC0vk4iOrUv+HUfjmeHQNKawqKqOsnMAAAFt9W+c
0QAABAMARjBEAiBigQutnwTM+RQB0SPmg2xq5W6yPEii6C2HOAHRuIp+DwIgC7ga
UJ+qdI0on6ets7S8dyNsOOpDPzFfPeALX0b+zM8AdQAHt1wb5X1o//Gwxh0jFce6
5ld8V5S3au68YToaadOiHAAAAW31b5z7AAAEAwBGMEQCIH1RBfH5cfKP4sBMjJn8
GZHEjCgD11EkwuGfbTKMjhzNAiBQenxpmifoJyhblejOgCrGr+rydt+0oDW8K28l
ZTf5SjANBgkqhkiG9w0BAQsFAAOCAQEAAxGKZouEVtiDg9d+NfBINKvptZ+mYQhX
n5ozYNY1P5lPHqvHMVlUjzbKY1RNNIUT8VXuFp8YyoH5FW19BP2vLvyHFLPRN633
ojyxYJe66iByFiq9Npab18pdG72xePK891VLHK3+dGlp3ri4jC1reDwqzmj5vPO+
Jnt0BJTLyDYy9UXJertgaskeO5vlxazh+AHfcszJbA8ppa12RQ0IOAqWr47wgoDM
bNZRz1N208FogJYkHPiKLBbWHi0tKJkqM5BatCmOxEBv5k6I+93KyaGoFstnDZZS
p/c6bXfrQkyryFzneIg9UodMefTCWWpH8Z+DSP6Vi8bo3+h4xW/RiQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1cwpj3seVgr5iaxsrn90
7bxcNwT1QB/4fRU+j1aUEWx4vjO5JyRkliak4S1Z/s7wF/RC/AkIP2ESRuuuzal6
/EBwvrqKZ1+j33x7Mo9+dPpFnbcyy6aMI6kZT8bLM29mN/f4ZVRjqRjlcM0IF7VY
YJwXJhyYk0lK9KXkjjNpObxMutTFolRqtke6p8buX/7snvi7Es5J6Fn+qAo8oGPI
lM/sYreWqbRsrglheEPE2/Not3nEDvy8fy3A8qWY6icDvL2Z7LdGrbm6lMcqPoGy
mNm+U4wvsjQoZDMU8x7QrBx7vg+1cp8cLDA7f6suYGFA66akFv/jRvQCkHEHsmw6
6fVVR46DpgCzVbkJo3RgRvCS2V18gtXIkV01h80IJxnLIPPEAgwRIZl8lI1sIBnb
9a8devLVw5xTh12SV4RW3eZO8d9Py6co+ETO1xvORP/76sIPXlfGfnp4NNA+Nikn
2Fv+6FCP+hcEWvQ9ZMlB/x7DKzqw0OjkJOHbKfjPcZL61qly2ZQzrA2+8d7S254q
KoIUAGKvr87xM4GDzVIZsoiXxHtuvbzF6iTkxVQDHA8W0mQcUHu5g0fgTQIAEXHt
fLF2yk8GdG2LLBEtVS53HsrdyzAsVm6nS1LVhf4Nza9VeK/cgdhv0SWBwwm0kAYQ
wNQyBPFhhZ58y3410VuD0YMCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 411543830491906471181906098874417971102173
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-22 20:46:35 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-20 20:46:35 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.entrato.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 872217740012196499973807930775225992612506394578008226289898903699689517106970021580514197467648416864530229825242927229421440844722369746411959024025992135956339254766585226646298322718412512746165506429898424010490419765225365407060809034158481074681764663969616669652821248306914072119228689448718755999464699918031501871601040862716569335028114663195316184824445548339077714138223095612012087367156426114839814322820552053295774377088114557589744749743518478997907010261538030726950819234191545701169182272851453749246849575608202246213172077863661202607655555980529469840733193596217034313798978212543670793098272710261412441874635045675186414303168806825500702018087531340952640382542743313482248182310981563271534002754914992362308556243564932419159247344801276509107685368318152204613784602076186576075284509581306090757809024125579416555346178230096999190933152158956818438789827966122480144124782713934603889297933429900747879242309856446359803155044096259500165919258168060975853070838613866176185618630006451619187034486787338906944174040709983423768762384403449152786963509800757633460829939641556655074106905926530024992100473696479009463417817782182212685578392758709292184104210526158257518620487608331151752518947203
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9d8c5edc4a537cc2ba93bb3dbecfffdc5648f7d4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.entrato.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (240 bytes)
							00ee007500f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016df56f9cd10000040300463044022062810bad9f04ccf91401d123e6836c6ae56eb23c48a2e82d873801d1b88a7e0f02200bb81a509faa748d289fa7adb3b4bc77236c38ea433f315f3de00b5f46fecccf00750007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016df56f9cfb000004030046304402207d5105f1f971f28fe2c04c8c99fc1991c48c2803d75124c2e19f6d328c8e1ccd0220507a7c699a27e827285b95e8ce802ac6afeaf276dfb4a035bc2b6f256537f94a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0003118a668b8456d88383d77e35f04834abe9b59fa66108579f9a3360d6353f994f1eabc73159548f36ca63544d348513f155ee169f18ca81f9156d7d04fdaf2efc8714b3d137adf7a23cb16097baea2072162abd36969bd7ca5d1bbdb178f2bcf7554b1cadfe746969deb8b88c2d6b783c2ace68f9bcf3be267b740494cbc83632f545c97abb606ac91e3b9be5c5ace1f801df72ccc96c0f29a5ad76450d08380a96af8ef08280cc6cd651cf5376d3c1688096241cf88a2c16d61e2d2d28992a33905ab4298ec4406fe64e88fbddcac9a1a816cb670d9652a7f73a6d77eb424cabc85ce778883d52874c79f4c2596a47f19f8348fe958bc6e8dfe878c56fd189