portal.bccs286.org
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 0c:e6:b4:b2:e2:ea:61:8a:31:8f:df:e0:80:ba:c2:a6 was issued on by Amazon.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=portal.bccs286.org
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0c:e6:b4:b2:e2:ea:61:8a:31:8f:df:e0:80:ba:c2:a6Serial Number (int): 17148629233450547149320749506178499238
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 9c:06:75:47:a6:82:b3:a9:61:14:a3:46:03:7a:c2:d0:43:af:32:03
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 0e:db:8d:7f:90:cb:62:18:40:b4:45:25:b8:a1:75:dc:5e:49:68:5e
Fingerprint (sha256): dc:e1:9d:98:ff:1c:e9:2f:dd:94:02:ab:6b:a3:65:3a:71:24:34:c4:c8:9b:2d:24:5e:34:88:27:67:65:be:d6
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate portal.bccs286.org
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for portal.bccs286.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
portal.bccs286.org
ia39217a967d094a3d85121f0ea57274b3.us003-rapididentity.com
bccs286.us003.ia.us003-rapididentity.com
ia39217a967d094a3d85121f0ea57274b3.us003.ia.us003-rapididentity.com
bccs286.us003-rapididentity.com
ia39217a967d094a3d85121f0ea57274b3.us003-rapididentity.com
bccs286.us003.ia.us003-rapididentity.com
ia39217a967d094a3d85121f0ea57274b3.us003.ia.us003-rapididentity.com
bccs286.us003-rapididentity.com
Other certificates including the domain name bccs286.org
(limited to 100 certificates)
Certificate
The complete raw certificate details for portal.bccs286.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGoDCCBYigAwIBAgIQDOa0suLqYYoxj9/ggLrCpjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTI0MDIxNDAwMDAwMFoXDTI1MDMxNTIzNTk1OVowHTEb MBkGA1UEAxMScG9ydGFsLmJjY3MyODYub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEA2FV3YiC3J1NmPcBft2h5jZAqSCDhLM2xqr1UI+WVKFxcm7FF sQ3hwfRHwb8aIpANSITkmzwL9LXHd5btsA5vaV3aMIPN3uyR/5dhr9JxCDRv1OLW FynVgU4HMTPYmDg5MuxID5kMgNre2RZNRhktClZGBaHphK+07tOnFB/B8MbKqTa5 WeXTQSAyxqPNQws5d0SSxILeKCouwxwPXfKmwm5yoGUmKyFzEwQGuBdOa1E5magL 82DjZSyBANZTFWSUpsJiqrDAHQ+1QiiNyQiq1uB2IL9trNoqd/UUG5RVOroxUzYm 90rLlzJI19Vxda/7m9yPyYufm1WxA58Gu+qIrwIDAQABo4IDuzCCA7cwHwYDVR0j BBgwFoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFJwGdUemgrOpYRSj RgN6wtBDrzIDMIHrBgNVHREEgeMwgeCCEnBvcnRhbC5iY2NzMjg2Lm9yZ4I6aWEz OTIxN2E5NjdkMDk0YTNkODUxMjFmMGVhNTcyNzRiMy51czAwMy1yYXBpZGlkZW50 aXR5LmNvbYIoYmNjczI4Ni51czAwMy5pYS51czAwMy1yYXBpZGlkZW50aXR5LmNv bYJDaWEzOTIxN2E5NjdkMDk0YTNkODUxMjFmMGVhNTcyNzRiMy51czAwMy5pYS51 czAwMy1yYXBpZGlkZW50aXR5LmNvbYIfYmNjczI4Ni51czAwMy1yYXBpZGlkZW50 aXR5LmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0 dHA6Ly9jcmwucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEF BQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRy dXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVz dC5jb20vcjJtMDMuY2VyMAwGA1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIB bwSCAWsBaQB3AM8RVu7VLnyv84db2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABjaVi FqYAAAQDAEgwRgIhAMWWqpX6/iRJ9xeYjX49R0l45vumxAcv0HX6VFIM0SgAAiEA st9RRkw8BQ3NHDLbmA5H0h7MjSmA0EN07gIk/xTb2KIAdwB9WR4S4XgqexxhZ3xe /fjQh1wUoE6VnrkDL9kOjC55uAAAAY2lYhZqAAAEAwBIMEYCIQC4IG/7f4Za8Qzn XyJxC+VBtmMiI0CODuvpjprGES5bUwIhAKFUioYUSVZFTIB4MzyK4xJwAe5gICf1 dIwgyQIpKuU0AHUA5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGN pWIWjQAABAMARjBEAiAdGst289cvT7jZnDIPpgmfZlndW3q409fcJXSTlAmmZAIg YESFsudCrEljumulZVLQq05iJoOJsIe8RnN398FjfikwDQYJKoZIhvcNAQELBQAD ggEBALCJAwwUG2M16pSygCiQDlG1nrEwENO+Jh6Q6xe7m/ggZBczPugNtp1Tw5Dd M1lfzhqV1Q8ts7zCuE8ZLcuJL/TgPeoVWCC10fgapz7wHp6icmnn9M6vfindYo7v stVTEAk4zF5mP13NFS44Bsbsx+RQawFwhfirZGuJ9vl7Ysfzd+ISkXRAwZ8e881W eqNKssk/x0fv4zGGXJECRoTOSAp/znOMLTPwSyTN+sOeNHz0q8FzCVmhOlKkewoC E6xcDPlviOKWdCXj1Tp759R1VRuTeju+4+UwtLe5acbVIQe6FyK9OSOc14l2kEry 7ty66y6jiU+ihqq2/i3v81k4SGA= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FV3YiC3J1NmPcBft2h5 jZAqSCDhLM2xqr1UI+WVKFxcm7FFsQ3hwfRHwb8aIpANSITkmzwL9LXHd5btsA5v aV3aMIPN3uyR/5dhr9JxCDRv1OLWFynVgU4HMTPYmDg5MuxID5kMgNre2RZNRhkt ClZGBaHphK+07tOnFB/B8MbKqTa5WeXTQSAyxqPNQws5d0SSxILeKCouwxwPXfKm wm5yoGUmKyFzEwQGuBdOa1E5magL82DjZSyBANZTFWSUpsJiqrDAHQ+1QiiNyQiq 1uB2IL9trNoqd/UUG5RVOroxUzYm90rLlzJI19Vxda/7m9yPyYufm1WxA58Gu+qI rwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17148629233450547149320749506178499238 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-15 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'portal.bccs286.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27309618896212538033727762696967430812993584900170529892709258333123171968331763829647052178943095780129401005958674471284169756917594468804099707950090427557130382103546915402770713203316001063190647100703983232407008172503689040995461602704878734176632846590444331108495729285036152759280401249489117974477045183696517715962531377167661906342797972844969986111739866208755943647479324834979913034894019804295240145578406072760850706347949131765079046278730999797964476951603293338730266839616413472296759165308789515422488059627917044036990063474789904494814530181772284570409815856393018924937197218964534081521839 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9c067547a682b3a96114a346037ac2d043af3203 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (227 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.bccs286.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ia39217a967d094a3d85121f0ea57274b3.us003-rapididentity.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bccs286.us003.ia.us003-rapididentity.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ia39217a967d094a3d85121f0ea57274b3.us003.ia.us003-rapididentity.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bccs286.us003-rapididentity.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018da56216a60000040300483046022100c596aa95fafe2449f717988d7e3d474978e6fba6c4072fd075fa54520cd12800022100b2df51464c3c050dcd1c32db980e47d21ecc8d2980d04374ee0224ff14dbd8a20077007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018da562166a0000040300483046022100b8206ffb7f865af10ce75f22710be541b6632223408e0eebe98e9ac6112e5b53022100a1548a86144956454c8078333c8ae3127001ee602027f5748c20c902292ae534007500e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018da562168d000004030046304402201d1acb76f3d72f4fb8d99c320fa6099f6659dd5b7ab8d3d7dc2574939409a6640220604485b2e742ac4963ba6ba56552d0ab4e62268389b087bc467377f7c1637e29 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00b089030c141b6335ea94b28028900e51b59eb13010d3be261e90eb17bb9bf8206417333ee80db69d53c390dd33595fce1a95d50f2db3bcc2b84f192dcb892ff4e03dea155820b5d1f81aa73ef01e9ea27269e7f4ceaf7e29dd628eefb2d553100938cc5e663f5dcd152e3806c6ecc7e4506b017085f8ab646b89f6f97b62c7f377e212917440c19f1ef3cd567aa34ab2c93fc747efe331865c91024684ce480a7fce738c2d33f04b24cdfac39e347cf4abc1730959a13a52a47b0a0213ac5c0cf96f88e2967425e3d53a7be7d475551b937a3bbee3e530b4b7b969c6d52107ba1722bd39239cd78976904af2eedcbaeb2ea3894fa286aab6fe2deff359384860