firstforlions.org
Issued by R3
About this certificate
This digital certificate with serial number 03:a9:59:68:26:4f:1f:4f:12:d9:77:00:d1:37:49:e1:17:2c was issued on by Let's Encrypt.
With 20 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=firstforlions.org
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a9:59:68:26:4f:1f:4f:12:d9:77:00:d1:37:49:e1:17:2cSerial Number (int): 318963419872417764806792498435645287503660
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: cd:4f:1e:9a:fd:16:28:55:ef:90:c8:71:d0:88:8b:ab:1b:39:9f:eb
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 7a:d1:bd:dc:93:d7:0b:92:b6:7d:6e:82:67:e5:e6:2d:f9:a6:f0:55
Fingerprint (sha256): cd:8e:94:92:0c:be:5f:67:b9:ce:f6:53:55:1c:33:74:06:09:68:79:0c:50:36:37:b3:49:cd:d0:c7:3d:f9:08
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate firstforlions.org
20
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for firstforlions.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
0allulose.com
acebre.com
agradentist.in
chauch.com
collegelistmaker.com
firstforlions.org
greenchilly.in
insulinextinguisher.com
job-look.com
kickingcamp.com
peoplefriendlyhomes.com
premieredomains.com
rategoldiras.com
resumeworkshop.com
slotsgamesfree.com
smootherroads.com
theultimaterunnerstudio.com
thewar.us
transfers.epik.support
www.ccplumb.com
acebre.com
agradentist.in
chauch.com
collegelistmaker.com
firstforlions.org
greenchilly.in
insulinextinguisher.com
job-look.com
kickingcamp.com
peoplefriendlyhomes.com
premieredomains.com
rategoldiras.com
resumeworkshop.com
slotsgamesfree.com
smootherroads.com
theultimaterunnerstudio.com
thewar.us
transfers.epik.support
www.ccplumb.com
Other certificates including the domain name firstforlions.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for firstforlions.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVTCCBT2gAwIBAgISA6lZaCZPH08S2XcA0TdJ4RcsMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yNDAzMjUwNzIxMDZaFw0yNDA2MjMwNzIxMDVaMBwxGjAYBgNVBAMT EWZpcnN0Zm9ybGlvbnMub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAskEMeCcIxiKlhHXsWd/deRj0aSjM1fee9cqVIJWYv7qi1bH/jWEBPeGCRfxV IJuwtsN5vE62j9oh8j/TmWnMMu7i09/3uA2Z8CCruZOM7onRDid7aLC2QT4RV2Ws j9cXlCBq9DCy8svXPQa79Y8Lhnv95PdHjiNxvcV9bpxgtUJIVKVaxE2giWlyUUdu Chcyog8PsVtTUUVeHApBLZEdNOxBzm4BNrfQkKrDpVNf2DBClsACUvtz3bFRLFCW yWMJ8yvVS4mwOi1mQkfFZnN6SniJuyHl/fMcgTQBDAWZXZGZOjxDActnGlX1Wv8R LpaRDGuGEHUDJcCfehU9MimCoQIDAQABo4IDeTCCA3UwDgYDVR0PAQH/BAQDAgWg MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBTNTx6a/RYoVe+QyHHQiIurGzmf6zAfBgNVHSMEGDAWgBQULrMXt1hW y65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6 Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVuY3Iu b3JnLzCCAYEGA1UdEQSCAXgwggF0gg0wYWxsdWxvc2UuY29tggphY2VicmUuY29t gg5hZ3JhZGVudGlzdC5pboIKY2hhdWNoLmNvbYIUY29sbGVnZWxpc3RtYWtlci5j b22CEWZpcnN0Zm9ybGlvbnMub3Jngg5ncmVlbmNoaWxseS5pboIXaW5zdWxpbmV4 dGluZ3Vpc2hlci5jb22CDGpvYi1sb29rLmNvbYIPa2lja2luZ2NhbXAuY29tghdw ZW9wbGVmcmllbmRseWhvbWVzLmNvbYITcHJlbWllcmVkb21haW5zLmNvbYIQcmF0 ZWdvbGRpcmFzLmNvbYIScmVzdW1ld29ya3Nob3AuY29tghJzbG90c2dhbWVzZnJl ZS5jb22CEXNtb290aGVycm9hZHMuY29tght0aGV1bHRpbWF0ZXJ1bm5lcnN0dWRp by5jb22CCXRoZXdhci51c4IWdHJhbnNmZXJzLmVwaWsuc3VwcG9ydIIPd3d3LmNj cGx1bWIuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMIIBAwYKKwYBBAHWeQIEAgSB 9ASB8QDvAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGOdLLs KAAABAMARzBFAiEA+LkvOlB5n12lXEgI0bx4VdafxeUK8eA///uK8m/j+voCIBoY ZyK13rATl0liwlkUYbax1VykD44jQgbjSW4I0SECAHUAouK/1h7eLy8HoNZObTen 3GVDsMa1LqLat4r4mm31F9gAAAGOdLL0pQAABAMARjBEAiBqZSUygXfNtg/SlBXM jurqqTl4OxOSTgJzPEiuNQu9SgIgBOnGkZbS6ELDYWw0HL1AnrFiX43wdAF+c8N8 tELzMnQwDQYJKoZIhvcNAQELBQADggEBAHAQs6BvS2qqInkPuUVhKGb8eBC84zWW tsyyBv7GXB2Alg5UlId8deP8fMb8fgRouqYUoX/7PQVNhlyWIaXgRKRT2q5ToStZ OA5sHVNfnTthtVa9viH4YmOJyKNWX4BFV0Fm6dUeITCgU6TtUHmC2jATdunJ3JZ1 MPCEppWXZRhAMwU4cdp6mtsr1LPuirNpULdAsc1fmRY0ywD5zJ1Pc1NPP6hzrXdo QVgZ/dL0VR8c0q1TdaEqwvUnuj0LIf8EmdDXM4cL9OFuWBGLKnSDtMB9tmQtPVG2 60fJjMtaoa5GQByEC8Fq5JImSfS/zYn3i0hYnvfriykbskWibp+mY7w= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskEMeCcIxiKlhHXsWd/d eRj0aSjM1fee9cqVIJWYv7qi1bH/jWEBPeGCRfxVIJuwtsN5vE62j9oh8j/TmWnM Mu7i09/3uA2Z8CCruZOM7onRDid7aLC2QT4RV2Wsj9cXlCBq9DCy8svXPQa79Y8L hnv95PdHjiNxvcV9bpxgtUJIVKVaxE2giWlyUUduChcyog8PsVtTUUVeHApBLZEd NOxBzm4BNrfQkKrDpVNf2DBClsACUvtz3bFRLFCWyWMJ8yvVS4mwOi1mQkfFZnN6 SniJuyHl/fMcgTQBDAWZXZGZOjxDActnGlX1Wv8RLpaRDGuGEHUDJcCfehU9MimC oQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 318963419872417764806792498435645287503660 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-25 07:21:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-23 07:21:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'firstforlions.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22502494997576748099527141832380266347353267290065004744997865130989472159645181223046048728988711862929749871162816202477594139074530417659373039146412060245805426198342242439622829073361319756161252701435380362792950398490370841043296072732198782300834239574064034283959305250871828549958785098869928123023530375251447280987300413002801378244155060370319513219744323547225827855059255361280784008128077167928392841201990595781504368207652378671709153802602044756779329203511847930064121571759110605404130907900802578770639894776777603621605183198877843427017497350164093812574683989572869592069426517935907863626401 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) cd4f1e9afd162855ef90c871d0888bab1b399feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (376 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '0allulose.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acebre.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'agradentist.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'chauch.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'collegelistmaker.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'firstforlions.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'greenchilly.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'insulinextinguisher.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'job-look.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kickingcamp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'peoplefriendlyhomes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'premieredomains.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rategoldiras.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'resumeworkshop.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'slotsgamesfree.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smootherroads.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'theultimaterunnerstudio.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thewar.us' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'transfers.epik.support' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ccplumb.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018e74b2ec280000040300473045022100f8b92f3a50799f5da55c4808d1bc7855d69fc5e50af1e03ffffb8af26fe3fafa02201a186722b5deb013974962c2591461b6b1d55ca40f8e234206e3496e08d12102007500a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018e74b2f4a5000004030046304402206a6525328177cdb60fd29415cc8eeaeaa939783b13924e02733c48ae350bbd4a022004e9c69196d2e842c3616c341cbd409eb1625f8df074017e73c37cb442f33274 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 007010b3a06f4b6aaa22790fb945612866fc7810bce33596b6ccb206fec65c1d80960e5494877c75e3fc7cc6fc7e0468baa614a17ffb3d054d865c9621a5e044a453daae53a12b59380e6c1d535f9d3b61b556bdbe21f8626389c8a3565f8045574166e9d51e2130a053a4ed507982da301376e9c9dc967530f084a6959765184033053871da7a9adb2bd4b3ee8ab36950b740b1cd5f991634cb00f9cc9d4f73534f3fa873ad7768415819fdd2f4551f1cd2ad5375a12ac2f527ba3d0b21ff0499d0d733870bf4e16e58118b2a7483b4c07db6642d3d51b6eb47c98ccb5aa1ae46401c840bc16ae4922649f4bfcd89f78b48589ef7eb8b291bb245a26e9fa663bc