www.nysampo.org

Issued by Trustwave Organization Validation SHA256 CA, Level 1

About this certificate


This digital certificate with serial number 06:6d:94:6c:fa:5f:48:ab:85:ea:0d:90:f0:8d:cf:c8:7f:f0:71 was issued on by Trustwave Holdings, Inc. .

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. While the certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates.

Cerificate errors/warnings *beta

  • ERROR: KeyUsage extension SHOULD be marked as critical when present

New York State Association Of Municipal Purchasing Officials Inc

Organization: New York State Association Of Municipal Purchasing Officials Inc
State / Province: New York
Locality: Albany
Country: US

Trustwave Holdings, Inc.

Organization: Trustwave Holdings, Inc.
State / Province: New York
Locality: Albany
Country: US

Time since certificate expired

This certificate has expire since

Certificate Details

Serial Number (hex): 06:6d:94:6c:fa:5f:48:ab:85:ea:0d:90:f0:8d:cf:c8:7f:f0:71
Serial Number (int): 143350217004680250454787108057354794333892721
Serial Number lenght: 147 bits, 19 octets

SubjectKeyId: ac:47:83:8a:9f:4c:c8:7f:4c:a1:d2:23:5f:8a:46:c3:94:a5:f9:f2
AuthorityKeyId: ca:ce:1d:18:03:77:1e:1c:f3:7c:58:b2:9a:70:a8:08:80:16:f4:ae

Fingerprint (sha1): 69:4d:45:cf:6e:0d:23:f2:3b:60:b7:37:86:11:56:bd:77:91:dd:57
Fingerprint (sha256): 07:6e:2b:4f:ec:fd:71:d2:76:f9:06:43:51:66:c5:c0:e5:80:ad:4d:09:78:57:d1:42:e5:ce:d0:96:a4:35:17

Issuing Certificate URL: http://ssl.trustwave.com/issuers/OVCA2_L1.crt

Revocation information

OCSP Server: http://ocsp.trustwave.com/
CRL Distribution Point: http://crl.trustwave.com/OVCA2_L1.crl

Check the revocation status for the current certificate on www.nysampo.org
2
DNS Names
0
Email Addresses
0
IP Addresses

Advanced Certificate Properties

Technical details about this certificate


Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA



Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

9 extensions
No unhandled critical extensions



CA Certificate

This is not a CA certificate

Subject Alternative Names

www.nysampo.org
nysampo.org

Certificate

The complete raw certificate details in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE----- MIIFeDCCBGCgAwIBAgITBm2UbPpfSKuF6g2Q8I3PyH/wcTANBgkqhkiG9w0BAQsF ADCBtTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdD aGljYWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xPTA7BgNV BAMTNFRydXN0d2F2ZSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTSEEyNTYgQ0Es IExldmVsIDExHzAdBgkqhkiG9w0BCQEWEGNhQHRydXN0d2F2ZS5jb20wHhcNMTUw NjA1MDUwMjQ5WhcNMTYwMjA0MTEwMjQ5WjCBljEYMBYGA1UEAwwPd3d3Lm55c2Ft cG8ub3JnMUkwRwYDVQQKDEBOZXcgWW9yayBTdGF0ZSBBc3NvY2lhdGlvbiBPZiBN dW5pY2lwYWwgUHVyY2hhc2luZyBPZmZpY2lhbHMgSW5jMQ8wDQYDVQQHDAZBbGJh bnkxETAPBgNVBAgMCE5ldyBZb3JrMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBALROubWmalg0Ih6PsNaoCk1akT5qwYTOMeo0c8+E QL1P+HukVsdlwLsoWwN20s/CwSCb/1stDJ3L2M1Z76h4SCOVu9iA88z05iP3sDn7 s61vQWUJ+6zFod+i/DeGU1uIaZHNgIj6kvedQ/q7ES8O+++8IcJM512nHSfBYKUP 3aVBC08ddsCygNVAbMSEBozoi1uNqnOjnIt5zYbz4Q3X4x3fzrsraUmtgvr1FlDb BrmEImscmB5uq2FORzqVW0ChPUOLIc/N/1GMw8OnkYUtcM7sM5Rp1XD45VH+CdZ8 bG5PcyY80T4KSM/m/2ARVyjCf+IOdnk33CaGcDKuD0tUcscCAwEAAaOCAZwwggGY MAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMC BggrBgEFBQcDATAdBgNVHQ4EFgQUrEeDip9MyH9ModIjX4pGw5Sl+fIwHwYDVR0j BBgwFoAUys4dGAN3HhzzfFiymnCoCIAW9K4wSAYDVR0gBEEwPzA9Bg8rBgEEAYHt GAMDAwMEBAMwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9zc2wudHJ1c3R3YXZlLmNv bS9DQTAnBgNVHREEIDAegg93d3cubnlzYW1wby5vcmeCC255c2FtcG8ub3JnMDYG A1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudHJ1c3R3YXZlLmNvbS9PVkNBMl9M MS5jcmwwcQYIKwYBBQUHAQEEZTBjMCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50 cnVzdHdhdmUuY29tLzA5BggrBgEFBQcwAoYtaHR0cDovL3NzbC50cnVzdHdhdmUu Y29tL2lzc3VlcnMvT1ZDQTJfTDEuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQDYnbB2 F7VFn8uQORxKNUYwA9AVE3mbr7ORhQhZig1wxLh+lUCKDAfLy9ZFMNnZpbdbVAq9 tqy2u61SEBrF390FIjQ920nEe62v5F6d1l9pI4AvChhQjCRFw6hVDDOA1LBHTv3G ldyiNoyLJ8jZvQzWGRRMrHer52o/mH//B3XJLAoZTBU4cgWPfdV98DSh3p1Bv7gT Z2saIXK4mzx29bYuZvnZALXLmh8gk/wdYqZ79mbegVvHrwskoBOweWJOwfkqUm47 ZYjsSMpEcsq242hd9iR+PjBh+j6ZeA2AzdR/IEEwp2Zq5Ptur04MtCC8kws/G1Oc PFLyBDVotuFbbqpz -----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE65taZqWDQiHo+w1qgK TVqRPmrBhM4x6jRzz4RAvU/4e6RWx2XAuyhbA3bSz8LBIJv/Wy0MncvYzVnvqHhI I5W72IDzzPTmI/ewOfuzrW9BZQn7rMWh36L8N4ZTW4hpkc2AiPqS951D+rsRLw77 77whwkznXacdJ8FgpQ/dpUELTx12wLKA1UBsxIQGjOiLW42qc6Oci3nNhvPhDdfj Hd/OuytpSa2C+vUWUNsGuYQiaxyYHm6rYU5HOpVbQKE9Q4shz83/UYzDw6eRhS1w zuwzlGnVcPjlUf4J1nxsbk9zJjzRPgpIz+b/YBFXKMJ/4g52eTfcJoZwMq4PS1Ry xwIDAQAB -----END PUBLIC KEY-----

ASN1 Decoded

[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 143350217004680250454787108057354794333892721 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trustwave Holdings, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Trustwave Organization Validation SHA256 CA, Level 1' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String '[email protected]' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-06-05 05:02:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-02-04 11:02:49 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'www.nysampo.org' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'New York State Association Of Municipal Purchasing Officials Inc' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Albany' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'New York' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22761715849319082341980222932055024032594449622099057190118726728679626204194062955958165760035892186695649155529127790841983883814412160950869783905437352584647968483651213727325813229058797220451627273829370803057039546106916712336594256519882279525182658677425495229356700513352769401247499843543890765523810694767636790708863689397080507751728692092669073343048250986884973052359069242068801252975701599182327103041272644243351716643021452570124977881922063384608543745319866610654034453646638479094951889693242319083405615118226115096916539897530248811485847651623043742089650077706569181223922103078255225762503 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) ac47838a9f4cc87f4ca1d2235f8a46c394a5f9f2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName cace1d1803771e1cf37c58b29a70a8088016f4ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (65 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.30360.3.3.3.3.4.4.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://ssl.trustwave.com/CA' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.nysampo.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nysampo.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (47 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.trustwave.com/OVCA2_L1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (101 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.trustwave.com/' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ssl.trustwave.com/issuers/OVCA2_L1.crt' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00d89db07617b5459fcb90391c4a35463003d01513799bafb3918508598a0d70c4b87e95408a0c07cbcbd64530d9d9a5b75b540abdb6acb6bbad52101ac5dfdd0522343ddb49c47badafe45e9dd65f6923802f0a18508c2445c3a8550c3380d4b0474efdc695dca2368c8b27c8d9bd0cd619144cac77abe76a3f987fff0775c92c0a194c153872058f7dd57df034a1de9d41bfb813676b1a2172b89b3c76f5b62e66f9d900b5cb9a1f2093fc1d62a67bf666de815bc7af0b24a013b079624ec1f92a526e3b6588ec48ca4472cab6e3685df6247e3e3061fa3e99780d80cdd47f204130a7666ae4fb6eaf4e0cb420bc930b3f1b539c3c52f2043568b6e15b6eaa73