pisa.fi
Issued by R3
About this certificate
This digital certificate with serial number 03:54:d1:2e:6b:3a:7e:98:81:d7:08:4a:25:66:63:73:f0:d1 was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=pisa.fi
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:54:d1:2e:6b:3a:7e:98:81:d7:08:4a:25:66:63:73:f0:d1Serial Number (int): 290198626288266351387973035052425618387153
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 17:69:88:6e:db:75:49:38:8d:1b:32:02:25:09:c0:8f:77:97:09:01
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 8f:cc:de:cf:ca:a8:f1:47:56:a5:12:43:3b:ca:36:91:69:cf:48:ab
Fingerprint (sha256): df:3d:e3:3c:2c:59:1a:2f:e7:dc:e6:65:72:aa:7c:55:34:72:07:e7:fc:b0:eb:b8:0a:76:64:0f:fc:de:95:87
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate pisa.fi
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for pisa.fi
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
pisa.fi
www.pisa.fi
www.pisa.fi
Other certificates including the domain name pisa.fi
(limited to 100 certificates)
pisa.fi
dev.pisa.fi
apsis.pisa.fi
pisa.fi
pisa.fi
pisa.fi
amiedu.pisa.fi
pisa.fi
kuvat.pisa.fi
works.pisa.fi
dev.pisa.fi
apsis.pisa.fi
works.pisa.fi
apsis.pisa.fi
apsis.pisa.fi
pisa.fi
apsis.pisa.fi
pisa.fi
ssl.pisa.fi
pisa.fi
works.pisa.fi
pisa.fi
pisa.fi
works.pisa.fi
pisa.fi
works.pisa.fi
pisa.fi
pisa.fi
works.pisa.fi
pisa.fi
pisa.fi
dev.pisa.fi
kuvat.pisa.fi
pisa.fi
works.pisa.fi
amiedu.pisa.fi
pisa.fi
pisa.fi
pisa.fi
kuvat.pisa.fi
apsis.pisa.fi
pisa.fi
apsis.pisa.fi
dev.pisa.fi
dev.pisa.fi
apsis.pisa.fi
pisa.fi
pisa.fi
pisa.fi
amiedu.pisa.fi
pisa.fi
kuvat.pisa.fi
works.pisa.fi
dev.pisa.fi
apsis.pisa.fi
works.pisa.fi
apsis.pisa.fi
apsis.pisa.fi
pisa.fi
apsis.pisa.fi
pisa.fi
ssl.pisa.fi
pisa.fi
works.pisa.fi
pisa.fi
pisa.fi
works.pisa.fi
pisa.fi
works.pisa.fi
pisa.fi
pisa.fi
works.pisa.fi
pisa.fi
pisa.fi
dev.pisa.fi
kuvat.pisa.fi
pisa.fi
works.pisa.fi
amiedu.pisa.fi
pisa.fi
pisa.fi
pisa.fi
kuvat.pisa.fi
apsis.pisa.fi
pisa.fi
apsis.pisa.fi
dev.pisa.fi
Certificate
The complete raw certificate details for pisa.fi in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgISA1TRLms6fpiB1whKJWZjc/DRMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzExMTYxOTAyMDZaFw0yNDAyMTQxOTAyMDVaMBIxEDAOBgNVBAMT B3Bpc2EuZmkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCm3PKrnWHi NQywDHmOo+LMwqlYY4BlXGqJ6oSs1G1Uxv06S3AzYCILMF7JlJVfAESLwgAEJpT6 Uh6GoblGhOUsJfjOEp+9/Zd0v1VqE56ECIsnIlBM+xvou0WSr02jUfSBxFn6m6OR lP1CFWEVwj4DZTzeL+kiUBUT6Yl2FsbTEqc6J/EktnGLBNWz6Yw50UBn/8w934Eq RgY+vfQvsZ4dbYtHeolbP7rxtYQIxtwv8OI0kOlQ9OLL6Y4HwjnFIr2fUCx+K5kc C7Zk9XzdFt3qNtVJdV9uyKpQt4YZJQ0f1AlyhQlxjl6atMVLrL1iPoNI01pvB0iX sA06XCNNxW93ORNxpwYYn3EOc5PWIAuVOYqZiYjXDdHghlfmQHoClazzKjviw14N AwWnE+0+CSRhILpn9Qoz4kLHTP76KC+ThjuN/f0Ll82c6A8KXDeyMJzJ5GM+bbE4 HInNPbfJOh/HcSwc7bLwmvEBAT/Ft7F4clhIYg6jmWlIHVNXks/Q/631ofp92fek hkzGQv4WIwobSb942gG1YE7CDAQXYoZVQOS6d1Un0+UYtuYQKv2m7ZX2qROFTrM5 mHor4S1WB4yd0GigrhHbTr9uZ2o07Ugwb718PtNmHLCkMSUfm/x0EaaP+yzGWDbf tGqHVR1cXD0AUsPQVPFJ38uiRudi3IRE9QIDAQABo4ICGDCCAhQwDgYDVR0PAQH/ BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8E AjAAMB0GA1UdDgQWBBQXaYhu23VJOI0bMgIlCcCPd5cJATAfBgNVHSMEGDAWgBQU LrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGG FWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmku bGVuY3Iub3JnLzAfBgNVHREEGDAWggdwaXNhLmZpggt3d3cucGlzYS5maTATBgNV HSAEDDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3ADtTd3U+ LbmAToswWwb+QDtn2E/D9Me9AA0tcm/h+tQXAAABi9m5++wAAAQDAEgwRgIhAOSR SITg31uAmf8cDq+wKlzdkS3D6CuSIwo54q7tHH5yAiEA0IsDkWm3QxulTDStPC3f 22f1fJ3CgVFE6IQdsE6Ff1IAdwDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlG cR+1mwAAAYvZufyDAAAEAwBIMEYCIQCanEv/tnWDZ+1pf+WxmkhbDYjYj+sF2iXW iuwYxyU3uAIhAPICOahXIu/JSxygUzQ+PtAb28qcrQsMT1gTZEVXQJy/MA0GCSqG SIb3DQEBCwUAA4IBAQCso8NN34SOPxZmn02Wa/0QNkUynsvkeo6MkInlhwvLi4ig 0XE4Ku4oXg3m1ntWAAp4DiloJnTzTWwdRnaLEHendpg+GwiJG4jr2g7tFHGHBexI UQfPKtRmkgfE2ZKjP90K4oa8fZy4zW0YKIIaEFkmXwDX97boyUOZFKkSue3lmJvR 1rogZmFn/FGgyQuHoo6f5f9eIXG9KnaDZNiOoVyfqiQas6yaEKmCkss+ON6HYjeC WRHxhmRP5uO64AHsUOKvvgFj9tInX9kKzLeOF76aj/Bl+wa7SLAW3UqHwgjjE92E goBe7sR6vraHr0yT2qpeoODBRoAy9kRX9Mx9rBLq -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAptzyq51h4jUMsAx5jqPi zMKpWGOAZVxqieqErNRtVMb9OktwM2AiCzBeyZSVXwBEi8IABCaU+lIehqG5RoTl LCX4zhKfvf2XdL9VahOehAiLJyJQTPsb6LtFkq9No1H0gcRZ+pujkZT9QhVhFcI+ A2U83i/pIlAVE+mJdhbG0xKnOifxJLZxiwTVs+mMOdFAZ//MPd+BKkYGPr30L7Ge HW2LR3qJWz+68bWECMbcL/DiNJDpUPTiy+mOB8I5xSK9n1AsfiuZHAu2ZPV83Rbd 6jbVSXVfbsiqULeGGSUNH9QJcoUJcY5emrTFS6y9Yj6DSNNabwdIl7ANOlwjTcVv dzkTcacGGJ9xDnOT1iALlTmKmYmI1w3R4IZX5kB6ApWs8yo74sNeDQMFpxPtPgkk YSC6Z/UKM+JCx0z++igvk4Y7jf39C5fNnOgPClw3sjCcyeRjPm2xOByJzT23yTof x3EsHO2y8JrxAQE/xbexeHJYSGIOo5lpSB1TV5LP0P+t9aH6fdn3pIZMxkL+FiMK G0m/eNoBtWBOwgwEF2KGVUDkundVJ9PlGLbmECr9pu2V9qkThU6zOZh6K+EtVgeM ndBooK4R206/bmdqNO1IMG+9fD7TZhywpDElH5v8dBGmj/ssxlg237Rqh1UdXFw9 AFLD0FTxSd/LokbnYtyERPUCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 290198626288266351387973035052425618387153 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-16 19:02:06 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-14 19:02:05 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pisa.fi' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 680741965746773545691063886796640232065442073751586793889596057625699307987298436439702004874263730518269254424928321240568667346046029443418901134619182116343042542719502517022438914390811540879669946810301858943850532728190359891558696869391000809747627969467946066867024232181661677781069576058451457129104291968374523867479317131358889585587294037507696022682469682606852124238949740087465810350270678772022593561420181110338539471106221892068726943014844885600527558149944834653423903406215829067876383300307422226062055714379333521755954612177019868346233935781929459964132588829776450502006434226380823139137874951901881958925352455472444577149559138301655814096252700367089372629926642603990549931312996011164539554077094803664316762507216585618532782242290957256832472732958377732412938711501642791536420232129927063810909938971310473241223157215348287846244337186182076247578425885858815792400763727302338929944743797309036402373027710209944223986216578080096100996295122354944587301853671561223402580064239732127550539225971263000975117015717614798981182286509962835437053033514129457982303967788812168193419631573545806601378110718461378800358271652175676687750547340007880333976696477769435478322151017541388788039959797 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1769886edb7549388d1b32022509c08f77970901 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pisa.fi' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.pisa.fi' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (247 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) 00f20077003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bd9b9fbec0000040300483046022100e4914884e0df5b8099ff1c0eafb02a5cdd912dc3e82b92230a39e2aeed1c7e72022100d08b039169b7431ba54c34ad3c2ddfdb67f57c9dc2815144e8841db04e857f52007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bd9b9fc8300000403004830460221009a9c4bffb6758367ed697fe5b19a485b0d88d88feb05da25d68aec18c72537b8022100f20239a85722efc94b1ca053343e3ed01bdbca9cad0b0c4f5813644557409cbf . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00aca3c34ddf848e3f16669f4d966bfd103645329ecbe47a8e8c9089e5870bcb8b88a0d171382aee285e0de6d67b56000a780e29682674f34d6c1d46768b1077a776983e1b08891b88ebda0eed14718705ec485107cf2ad4669207c4d992a33fdd0ae286bc7d9cb8cd6d1828821a1059265f00d7f7b6e8c9439914a912b9ede5989bd1d6ba20666167fc51a0c90b87a28e9fe5ff5e2171bd2a768364d88ea15c9faa241ab3ac9a10a98292cb3e38de876237825911f186644fe6e3bae001ec50e2afbe0163f6d2275fd90accb78e17be9a8ff065fb06bb48b016dd4a87c208e313dd8482805eeec47abeb687af4c93daaa5ea0e0c1468032f64457f4cc7dac12ea