alwaysmanaged.com
Issued by R3
About this certificate
This digital certificate with serial number 03:a1:22:e8:dc:42:46:d8:4c:0a:1b:29:ab:c1:72:80:e7:7c was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=alwaysmanaged.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:a1:22:e8:dc:42:46:d8:4c:0a:1b:29:ab:c1:72:80:e7:7cSerial Number (int): 316168721701660796744223306706782773110652
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: d4:6a:41:0b:a5:9e:2b:f6:f0:97:f3:df:46:b5:1b:82:22:a7:54:d3
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 81:0a:8f:4a:8b:60:1d:ae:aa:7c:f6:6f:c5:93:19:7a:98:71:6c:24
Fingerprint (sha256): d0:66:a9:a2:f3:8a:65:86:2a:91:b6:e7:7a:70:b6:d1:d8:f0:af:56:91:3d:b7:1e:50:d2:9a:67:c2:02:cf:e9
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate alwaysmanaged.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for alwaysmanaged.com
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
alwaysmanaged.com
www.alwaysmanaged.com
www.alwaysmanaged.com
Other certificates including the domain name alwaysmanaged.com
(limited to 100 certificates)
alwaysmanaged.com
billing.alwaysmanaged.com
billing.alwaysmanaged.com
www.alwaysmanaged.com
alwaysmanaged.com
www.alwaysmanaged.com
www.alwaysmanaged.com
alwaysmanaged.com
alwaysmanaged.com
www.alwaysmanaged.com
ads.i3o.net
billing.alwaysmanaged.com
billing.alwaysmanaged.com
albertilegalservices.com
www.alwaysmanaged.com
alwaysmanaged.com
billing.alwaysmanaged.com
postfixadmin.i3o.net
alwaysmanaged.com
alwaysmanaged.com
alwaysmanaged.com
roundcube.alwaysmanaged.com
alwaysmanaged.com
billing.alwaysmanaged.com
pfa.alwaysmanaged.com
ads.i3o.net
www.alwaysmanaged.com
alwaysmanaged.com
albertilegalservices.com
billing.alwaysmanaged.com
billing.alwaysmanaged.com
www.alwaysmanaged.com
alwaysmanaged.com
www.alwaysmanaged.com
www.alwaysmanaged.com
alwaysmanaged.com
alwaysmanaged.com
www.alwaysmanaged.com
ads.i3o.net
billing.alwaysmanaged.com
billing.alwaysmanaged.com
albertilegalservices.com
www.alwaysmanaged.com
alwaysmanaged.com
billing.alwaysmanaged.com
postfixadmin.i3o.net
alwaysmanaged.com
alwaysmanaged.com
alwaysmanaged.com
roundcube.alwaysmanaged.com
alwaysmanaged.com
billing.alwaysmanaged.com
pfa.alwaysmanaged.com
ads.i3o.net
www.alwaysmanaged.com
alwaysmanaged.com
albertilegalservices.com
Certificate
The complete raw certificate details for alwaysmanaged.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBjCCBO6gAwIBAgISA6Ei6NxCRthMChspq8FygOd8MA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjYwNzU2MTRaFw0yNDAxMjQwNzU2MTNaMBwxGjAYBgNVBAMT EWFsd2F5c21hbmFnZWQuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC AgEAjni9lVe6N4H1UKssULKDLy2VZnxMRq/pPPxHQnS7BkXZJ/CEhOQPRCj6PXJX 6Lp+Kly8ZTK6A1IR9/nZ4kGFZe0zcaYd2ZbfZA9bq61Tf/O60kCq0vQ0ipuSX2up 0MSc4/wavsoHg5nr1ZMBlsCYW+6gTxwWKYVWhaphr96DMD7CksZ8+HEAa6D9FvzF /aL9aDLNyyKo6D/ZW+jwzPK3Ohu+8O4l2/5fq0vvqi0ythNBkRSVIn20gVb5/snK zB4yTT5g0OmjAdboAAZcAR+w90qGiL/a7C4y7SVyZbJ3ziIrcoqaS/VrSgbq0XDv UQuV5NflU2c5iRyGuzmF7GG1cRpJZ8QxEaCihbHxseP/Is6oOc1EHB8y2JNDSqWI n5PCLLj+x8ncqr6uN81QcR6qCaLVS/dqhHYbj+sefv9nguCKEcjpU/fz5tvMPXj2 3tPKoR8KnM00ta5ZxzMqOAML3R9nXZPrfW/1H3wcwGWwnFRfLW/dRy3mHZ91KWv7 3ZdzsigliPIoVl+D44Z9rkTHRKe+AnFU+teBiwG8tBjD8Yvh2I3+xcVucecZndxp OMhdV4oFxGpmyVdqanRQx0OlrzPgcw6OzOuD3Hqvh6R05sXmqPotR+DYG6e9eZNB DMw3x8qji907QhXICQvPBDynXtXtzhZyt43pub7d9Rdg1BkCAwEAAaOCAiowggIm MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU1GpBC6WeK/bwl/PfRrUbgiKnVNMwHwYD VR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEG CCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0 dHA6Ly9yMy5pLmxlbmNyLm9yZy8wMwYDVR0RBCwwKoIRYWx3YXlzbWFuYWdlZC5j b22CFXd3dy5hbHdheXNtYW5hZ2VkLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCC AQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1ADtTd3U+LbmAToswWwb+QDtn2E/D9Me9 AA0tcm/h+tQXAAABi2sy0ogAAAQDAEYwRAIgYmOAr54li9wzhygnJDGSBRtLNlX+ 6fyhG9mEFeBflooCIFh9H32edcnAhOQv5Nfw01mLi9FB+Qt7I5GnyOdml0LWAHcA 7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLazLScAAABAMASDBG AiEAqFFKYKQb/G/1m7iFmphEiKT3wECGl25cOcWMfofn9b8CIQDL4SJlaT1YjWnK Hva0S/KAgiX1Ne47etOAjflXJ9m/gDANBgkqhkiG9w0BAQsFAAOCAQEAZabf1wKa jGwkswbV4pmTZH6yBShpAWdTDQpVp6Mwv7QgrFgfCDh5H9LfZRJPTF6kvaALhBfu M74qwgZIAKVjH6I1eD4RUmJ4CmEpU06h89ZVEL3NYWuUAIXraNADFJTvJCpL1zFN hc2bTbudm7SzCgOC3nbeNamQ8VhVa+Bn+g2m1RmbIpgUd9cJIc3c3D2FG6NG0KRx mUUYzWZZ0nuGGDxHh8D4ZcLCM9jEjNvKRYRIg8zw5r/eF/K+uulqFE3Rv5s3p8os x7X0JIuv9iifAHAP3/O+kNr+I0Ni61E8RZDCVgzw/FilcZD99Tcfblss2XTHEIJf kCEMmkChG2W3IQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjni9lVe6N4H1UKssULKD Ly2VZnxMRq/pPPxHQnS7BkXZJ/CEhOQPRCj6PXJX6Lp+Kly8ZTK6A1IR9/nZ4kGF Ze0zcaYd2ZbfZA9bq61Tf/O60kCq0vQ0ipuSX2up0MSc4/wavsoHg5nr1ZMBlsCY W+6gTxwWKYVWhaphr96DMD7CksZ8+HEAa6D9FvzF/aL9aDLNyyKo6D/ZW+jwzPK3 Ohu+8O4l2/5fq0vvqi0ythNBkRSVIn20gVb5/snKzB4yTT5g0OmjAdboAAZcAR+w 90qGiL/a7C4y7SVyZbJ3ziIrcoqaS/VrSgbq0XDvUQuV5NflU2c5iRyGuzmF7GG1 cRpJZ8QxEaCihbHxseP/Is6oOc1EHB8y2JNDSqWIn5PCLLj+x8ncqr6uN81QcR6q CaLVS/dqhHYbj+sefv9nguCKEcjpU/fz5tvMPXj23tPKoR8KnM00ta5ZxzMqOAML 3R9nXZPrfW/1H3wcwGWwnFRfLW/dRy3mHZ91KWv73ZdzsigliPIoVl+D44Z9rkTH RKe+AnFU+teBiwG8tBjD8Yvh2I3+xcVucecZndxpOMhdV4oFxGpmyVdqanRQx0Ol rzPgcw6OzOuD3Hqvh6R05sXmqPotR+DYG6e9eZNBDMw3x8qji907QhXICQvPBDyn XtXtzhZyt43pub7d9Rdg1BkCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 316168721701660796744223306706782773110652 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-26 07:56:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-24 07:56:13 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'alwaysmanaged.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 581233592461712025531703268015144121932223997658640720324428134731066996126078713554858476980458726100356811649787976926946351766110772569002285063054930360507053932918872673062643421957955912156714661595591544303491582951067444948926619083554464713314893999647428263260088991799184966440279811087728703413934818503015008470112124129222841722529384239992693632013275163745458415197787345251421203250414498874563450118557398915758918104685356819150805830674484036554041426063064022263204549482900263002434816379928784316851421381968618543963422165869745832497537165270946972455592455144373097035245462102867620512985204485509472486562320873268311323776139787285637550139415695857921574232905047439368673578525731473289188614485089756039629538021755092958331314570384079187610732692510370808011904614528658620796380905402650096010420142128323250791619132520607884101776768459608944549840055013019443334471113021616622870813071752766162026109229585631090443757920669213396749804772302859072284815620912659362697896155520493783565486619473897658863045542162398262295358192113655834878502801453966077981799443035594346392920074732674940845327235940751112410633584286182898254223534974509307225321281592274717121556953738110479229870199833 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) d46a410ba59e2bf6f097f3df46b51b8222a754d3 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'alwaysmanaged.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.alwaysmanaged.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f00075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b6b32d28800000403004630440220626380af9e258bdc33872827243192051b4b3655fee9fca11bd98415e05f968a0220587d1f7d9e75c9c084e42fe4d7f0d3598b8bd141f90b7b2391a7c8e7669742d6007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b6b32d2700000040300483046022100a8514a60a41bfc6ff59bb8859a984488a4f7c04086976e5c39c58c7e87e7f5bf022100cbe12265693d588d69ca1ef6b44bf2808225f535ee3b7ad3808df95727d9bf80 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0065a6dfd7029a8c6c24b306d5e29993647eb20528690167530d0a55a7a330bfb420ac581f0838791fd2df65124f4c5ea4bda00b8417ee33be2ac2064800a5631fa235783e115262780a6129534ea1f3d65510bdcd616b940085eb68d0031494ef242a4bd7314d85cd9b4dbb9d9bb4b30a0382de76de35a990f158556be067fa0da6d5199b22981477d70921cddcdc3d851ba346d0a471994518cd6659d27b86183c4787c0f865c2c233d8c48cdbca45844883ccf0e6bfde17f2bebae96a144dd1bf9b37a7ca2cc7b5f4248baff6289f00700fdff3be90dafe234362eb513c4590c2560cf0fc58a57190fdf5371f6e5b2cd974c710825f90210c9a40a11b65b721