*.claire.co.ke
Issued by R11
About this certificate
This digital certificate with serial number 04:3c:f5:c8:64:12:b8:93:4e:b4:a0:e3:c8:d8:0a:e3:fe:b6 was issued on by Let's Encrypt.
With 3 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.claire.co.ke
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:3c:f5:c8:64:12:b8:93:4e:b4:a0:e3:c8:d8:0a:e3:fe:b6Serial Number (int): 369192787090360496364688217527410279841462
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 5d:21:be:dc:7d:55:22:79:81:d2:97:59:a1:d4:bd:bc:79:86:af:f7
AuthorityKeyId: c5:cf:46:a4:ea:f4:c3:c0:7a:6c:95:c4:2d:b0:5e:92:2f:26:e3:b9
Fingerprint (sha1): 06:58:49:26:d5:e3:b1:95:26:6c:d3:ce:2f:81:6a:8b:51:78:70:0e
Fingerprint (sha256): cd:1b:d3:40:2a:44:99:a4:67:40:03:c5:8b:4b:c2:92:84:62:ad:23:c0:87:12:3a:61:dd:cf:7c:1d:b8:f6:49
Issuing Certificate URL: http://r11.i.lencr.org/
Revocation information
OCSP Server: http://r11.o.lencr.orgCheck the revocation status for certificate *.claire.co.ke
3
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.claire.co.ke
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.claire.co.ke
claire.co.ke
www.2019.claire.co.ke
claire.co.ke
www.2019.claire.co.ke
Other certificates including the domain name claire.co.ke
(limited to 100 certificates)
web.claire.co.ke
demo.claire.co.ke
web.claire.co.ke
billing.digitaloperationsgroup.com
web.claire.co.ke
*.claire.co.ke
claire.co.ke
billing.digitaloperationsgroup.com
books.getstitched.in
demo.claire.co.ke
billing.digitaloperationsgroup.com
claire.co.ke
web.claire.co.ke
buy.claire.co.ke
buy.claire.co.ke
web.claire.co.ke
*.claire.co.ke
claire.co.ke
books.getstitched.in
claire.co.ke
web.claire.co.ke
accounting.analizconsultancy.com
buy.claire.co.ke
*.claire.co.ke
claire.co.ke
buy.claire.co.ke
claire.co.ke
claire.co.ke
demo.claire.co.ke
billing.digitaloperationsgroup.com
web.claire.co.ke
web.claire.co.ke
claire.co.ke
buy.claire.co.ke
buy.claire.co.ke
claire.co.ke
acc.ka.printo.in
financeiro.derze.com.br
buy.claire.co.ke
claire.co.ke
claire.co.ke
billing.digitaloperationsgroup.com
billing.digitaloperationsgroup.com
*.claire.co.ke
demo.claire.co.ke
billing.digitaloperationsgroup.com
books.getstitched.in
claire.co.ke
claire.co.ke
claire.co.ke
claire.co.ke
claire.co.ke
buy.claire.co.ke
estimate.canaanspace.com
*.claire.co.ke
books.vantage42.com
billing.digitaloperationsgroup.com
claire.co.ke
claire.co.ke
books.getstitched.in
web.claire.co.ke
billing.digitaloperationsgroup.com
erp.claire.co.ke
financeiro.derze.com.br
books.getstitched.in
www.2019.claire.co.ke
claire.co.ke
customer.entireecoclean.com
invoice.jttech.org
claire.co.ke
web.claire.co.ke
web.claire.co.ke
demo.claire.co.ke
web.claire.co.ke
billing.digitaloperationsgroup.com
web.claire.co.ke
*.claire.co.ke
claire.co.ke
billing.digitaloperationsgroup.com
books.getstitched.in
demo.claire.co.ke
billing.digitaloperationsgroup.com
claire.co.ke
web.claire.co.ke
buy.claire.co.ke
buy.claire.co.ke
web.claire.co.ke
*.claire.co.ke
claire.co.ke
books.getstitched.in
claire.co.ke
web.claire.co.ke
accounting.analizconsultancy.com
buy.claire.co.ke
*.claire.co.ke
claire.co.ke
buy.claire.co.ke
claire.co.ke
claire.co.ke
demo.claire.co.ke
billing.digitaloperationsgroup.com
web.claire.co.ke
web.claire.co.ke
claire.co.ke
buy.claire.co.ke
buy.claire.co.ke
claire.co.ke
acc.ka.printo.in
financeiro.derze.com.br
buy.claire.co.ke
claire.co.ke
claire.co.ke
billing.digitaloperationsgroup.com
billing.digitaloperationsgroup.com
*.claire.co.ke
demo.claire.co.ke
billing.digitaloperationsgroup.com
books.getstitched.in
claire.co.ke
claire.co.ke
claire.co.ke
claire.co.ke
claire.co.ke
buy.claire.co.ke
estimate.canaanspace.com
*.claire.co.ke
books.vantage42.com
billing.digitaloperationsgroup.com
claire.co.ke
claire.co.ke
books.getstitched.in
web.claire.co.ke
billing.digitaloperationsgroup.com
erp.claire.co.ke
financeiro.derze.com.br
books.getstitched.in
www.2019.claire.co.ke
claire.co.ke
customer.entireecoclean.com
invoice.jttech.org
claire.co.ke
web.claire.co.ke
web.claire.co.ke
Certificate
The complete raw certificate details for *.claire.co.ke in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISBDz1yGQSuJNOtKDjyNgK4/62MA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTEwHhcNMjQwNjIzMDIwNDE3WhcNMjQwOTIxMDIwNDE2WjAZMRcwFQYDVQQD DA4qLmNsYWlyZS5jby5rZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKuJPz6wiXWt2euxXHrLe1bIhzYACbxqZHeKw2/57SRp4IbbFYlApJX6A2H58If4 X1GaJcp00gdAIZsMYwX7igOTgWK/e7DqAbvEuDiHftMqqHHqYU/VmYQGxPIr1U5a fNp9Lw54FPDUmGybUCJBegiWxlXwJOo7/2KEWNHnanXnyUJDeS7nucgKkM7PmQe/ gn8FGqMW+rcbYdir/QnhBqd1UvLYuBaOA0wXNW3IY/v7/uGu1YvVsCqYBHtndrDN VXgiuBWX6buiccivfjgmVrwl/W20tVrmEOMPkLJvuPtY9rv/KW8vfEoo+FCwe9SZ xYfgoeLCn0srqQ7gwo0SzR8CAwEAAaOCAjcwggIzMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQUXSG+3H1VInmB0pdZodS9vHmGr/cwHwYDVR0jBBgwFoAUxc9GpOr0w8B6 bJXELbBeki8m47kwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZodHRwOi8v cjExLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmkubGVuY3Iu b3JnLzA+BgNVHREENzA1gg4qLmNsYWlyZS5jby5rZYIMY2xhaXJlLmNvLmtlghV3 d3cuMjAxOS5jbGFpcmUuY28ua2UwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEEBgor BgEEAdZ5AgQCBIH1BIHyAPAAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+r OdiEcwAAAZBDDTZYAAAEAwBGMEQCIGVZFLsK2rKxeRh2CxVXOTVEK3VB8O0VpXfM PxE41RI4AiBwnlRcjeCayrGrM5kDO0xj52bwSEpPB9ig0iqwMhtYSAB3ABmYEHEJ 8NZSLjCA0p4/ZLuDbijM+Q9Sju7fzko/FrTKAAABkEMNNmUAAAQDAEgwRgIhAP9w bbcWv9x/roSs5bLrpH0xJMEfQvyKRGW6JabmHg5SAiEAxfHDpNzFXeNgd3sFntlA ckhENllUkX7udM7vYrdxGuswDQYJKoZIhvcNAQELBQADggEBAFc2W6KyU8jfrDw5 eO5atLvHoGe0AGiStOjvDTsp4Wv2obG3cF0xwLgZ6xDoe0A8tO0MAvg8tnCyGFlT bWdPHN1w73oqxWRmCxAt0kXQTBwPgUY+BuXzJqGPPVTq1yEVNHzRgX4UhOI0Kscc TQPx300dkiVq/QUtxpFKPZEYXZ2h9dUrT1iKFeO82zT4Y7TcXsZ8D8eH0SAGRI3B HaPgznz8mWfkRgsv8oa2XSFIbjfPl5v/BbqloaGAv31Y8GTs0EeZw7U0oaUBtOYe ltOUXMyp1aZEvMI0irnikLta3M419+1nNWU8hseYZQiZzxrLq2zbR3Pqx/NkEWoR aEu9y+Y= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4k/PrCJda3Z67Fcest7 VsiHNgAJvGpkd4rDb/ntJGnghtsViUCklfoDYfnwh/hfUZolynTSB0AhmwxjBfuK A5OBYr97sOoBu8S4OId+0yqocephT9WZhAbE8ivVTlp82n0vDngU8NSYbJtQIkF6 CJbGVfAk6jv/YoRY0edqdefJQkN5Lue5yAqQzs+ZB7+CfwUaoxb6txth2Kv9CeEG p3VS8ti4Fo4DTBc1bchj+/v+4a7Vi9WwKpgEe2d2sM1VeCK4FZfpu6JxyK9+OCZW vCX9bbS1WuYQ4w+Qsm+4+1j2u/8pby98Sij4ULB71JnFh+Ch4sKfSyupDuDCjRLN HwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 369192787090360496364688217527410279841462 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R11' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-23 02:04:17 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-09-21 02:04:16 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.claire.co.ke' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21654429192139981000406361213839829547730550081872030020424224969127443691406733280197754397910637869204770325533780314059190086874499703713963835477579140937934412620354421585368164714747829674700945866816081774935303567744158743708251715899547715121462311133546359263332471130982818579983757890778640125888584340327563159893505695556500507723679543435973573211003837724432239752297516392123534987694510789397428962545052182138645389898585944073488594459022317982811501007844941829540103375676812633007902066608222650139189808629494982782372640204789960133927351180969117744514763315666604783606332203155067650624799 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 5d21bedc7d55227981d29759a1d4bdbc7986aff7 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c5cf46a4eaf4c3c07a6c95c42db05e922f26e3b9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r11.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.claire.co.ke' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'claire.co.ke' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.2019.claire.co.ke' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f000750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000190430d365800000403004630440220655914bb0adab2b17918760b15573935442b7541f0ed15a577cc3f1138d512380220709e545c8de09acab1ab3399033b4c63e766f0484a4f07d8a0d22ab0321b58480077001998107109f0d6522e3080d29e3f64bb836e28ccf90f528eeedfce4a3f16b4ca00000190430d36650000040300483046022100ff706db716bfdc7fae84ace5b2eba47d3124c11f42fc8a4465ba25a6e61e0e52022100c5f1c3a4dcc55de360777b059ed940724844365954917eee74ceef62b7711aeb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0057365ba2b253c8dfac3c3978ee5ab4bbc7a067b4006892b4e8ef0d3b29e16bf6a1b1b7705d31c0b819eb10e87b403cb4ed0c02f83cb670b21859536d674f1cdd70ef7a2ac564660b102dd245d04c1c0f81463e06e5f326a18f3d54ead72115347cd1817e1484e2342ac71c4d03f1df4d1d92256afd052dc6914a3d91185d9da1f5d52b4f588a15e3bcdb34f863b4dc5ec67c0fc787d12006448dc11da3e0ce7cfc9967e4460b2ff286b65d21486e37cf979bff05baa5a1a180bf7d58f064ecd04799c3b534a1a501b4e61e96d3945ccca9d5a644bcc2348ab9e290bb5adcce35f7ed6735653c86c798650899cf1acbab6cdb4773eac7f364116a11684bbdcbe6