nfwaterworks.ca

Issued by R3

About this certificate

This digital certificate with serial number 04:c8:dc:1a:61:33:56:8f:c3:c0:78:8c:c1:78:a6:10:6a:d3 was issued on by Let's Encrypt.

With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=nfwaterworks.ca

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:c8:dc:1a:61:33:56:8f:c3:c0:78:8c:c1:78:a6:10:6a:d3
Serial Number (int): 416798184241480840030815977302925224471251
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 80:e7:29:5d:40:1b:c0:8f:e4:a5:1b:3a:fb:d9:a9:39:94:41:51:49
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 77:04:ec:36:c7:18:99:32:28:0d:4b:43:e3:8b:e4:bf:46:29:fb:89
Fingerprint (sha256): e0:c0:35:1f:8d:52:1e:d1:af:98:8f:8a:75:ac:91:9e:59:60:11:73:86:ce:01:90:88:4a:5a:ac:d2:39:58:8b

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate nfwaterworks.ca

14

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for nfwaterworks.ca

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

60discount.com
arbitrageaficionado.com
drivingbanana.com
finewinevineyard.com.panzer.finance
fintechforvip.com.arbitragecryptos.com
galvestoncommercialappraisal.com
homeschooldiplomas.org.texasnetworksystems.net.naturokids.com
ifainaction.com
lylanoel.com
nfwaterworks.ca
promomprobaby.com
trapsand.com
whipantenna.com
willacycounty.com

Other certificates including the domain name nfwaterworks.ca

(limited to 100 certificates)
cochranebikerepair.ca
nfwaterworks.ca
centralfloridacountryproperty.com.nfwaterworks.ca
ssl-cxlmf.epik.to
nfwaterworks.ca
nfwaterworks.ca

Certificate

The complete raw certificate details for nfwaterworks.ca in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISBMjcGmEzVo/DwHiMwXimEGrTMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzEyMjYwMzQwNDZaFw0yNDAzMjUwMzQwNDVaMBoxGDAWBgNVBAMT
D25md2F0ZXJ3b3Jrcy5jYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMmCRostbiPMCgIwu6wipaLf1BwPmHLNrOFYrU0ofA64rF9Ng0AbhkHcjvj6vPbB
J5bc/+jl/aGB1SiGPuQPf5+ObaDtEtQvovUxklbtMgTB3dqs8l050M3A01u2+ZGB
wBsMUDea2eDPv26T3lvsz5n2FQTLmRqL0q4FhKGLaKa4xp8QDKGngBjgI4kynTqr
6gE14r9v2+sqetv2FHHVlW5qf6y/bfz0aXDvMuN8jKbr1yqg12qB9YbhuaaqG0+/
Zdc8jS00bBubzHvZJWbGmqi84RmyFYiE7Zl8bWKiCIF51/47xFxpg9nw5UC10Een
ooO94l2Am5KEw24Po4TvuOsCAwEAAaOCA2UwggNhMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQUgOcpXUAbwI/kpRs6+9mpOZRBUUkwHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wggFsBgNVHREEggFjMIIBX4IONjBkaXNjb3VudC5jb22CF2FyYml0cmFnZWFm
aWNpb25hZG8uY29tghFkcml2aW5nYmFuYW5hLmNvbYIjZmluZXdpbmV2aW5leWFy
ZC5jb20ucGFuemVyLmZpbmFuY2WCJmZpbnRlY2hmb3J2aXAuY29tLmFyYml0cmFn
ZWNyeXB0b3MuY29tgiBnYWx2ZXN0b25jb21tZXJjaWFsYXBwcmFpc2FsLmNvbYI9
aG9tZXNjaG9vbGRpcGxvbWFzLm9yZy50ZXhhc25ldHdvcmtzeXN0ZW1zLm5ldC5u
YXR1cm9raWRzLmNvbYIPaWZhaW5hY3Rpb24uY29tggxseWxhbm9lbC5jb22CD25m
d2F0ZXJ3b3Jrcy5jYYIRcHJvbW9tcHJvYmFieS5jb22CDHRyYXBzYW5kLmNvbYIP
d2hpcGFudGVubmEuY29tghF3aWxsYWN5Y291bnR5LmNvbTATBgNVHSAEDDAKMAgG
BmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ADtTd3U+LbmAToswWwb+
QDtn2E/D9Me9AA0tcm/h+tQXAAABjKRs28kAAAQDAEcwRQIhAJ/AvEUBDsuBoQ55
ge01xbgvo8pKYoowyii34IPlxrWCAiAK17I2wBtEV4gypazrMTKuFbPJtxsxtedS
EPorEcd7fgB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABjKRs
28sAAAQDAEcwRQIgOeldjaZXOQ41rjFaCEVRHAplwHmMRds1pliZKcplHgUCIQCW
yK7rvkeafLrZh0d3lmMMT9V+F8XnlSql0tKfZBF1QjANBgkqhkiG9w0BAQsFAAOC
AQEAZHRIXdp7zngTSN8YMBAOuLyqYgjuNdKaEorcHtL7Z2yCK5OD/CRC46y3oCg3
C7AVmWH7fBeyYu8xL29KCFn5YeJa63BvNCGQIiCU7bN6FsbBwkYgzCRk29WcHqn5
Rawk1TgY6PEpV0diDoSgk12byqfFJIAXrSEMDlkooRzDfSu6v39+TFhj8fTzAHHn
pUty7URunAe7cKdWZACp0825HqPYtjOoojNZ/1OeRaHM3AFDEhSI2QLxejkeKx3F
lbmqPLuOtj8PGMFjnZ1f1VN3+HORVQriUG00EXIOicht6GRUXqUNzHBwwc+B/3X6
JCH//0LHw9h0/B2S4l/ZbEF6Tg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYJGiy1uI8wKAjC7rCKl
ot/UHA+Ycs2s4VitTSh8DrisX02DQBuGQdyO+Pq89sEnltz/6OX9oYHVKIY+5A9/
n45toO0S1C+i9TGSVu0yBMHd2qzyXTnQzcDTW7b5kYHAGwxQN5rZ4M+/bpPeW+zP
mfYVBMuZGovSrgWEoYtoprjGnxAMoaeAGOAjiTKdOqvqATXiv2/b6yp62/YUcdWV
bmp/rL9t/PRpcO8y43yMpuvXKqDXaoH1huG5pqobT79l1zyNLTRsG5vMe9klZsaa
qLzhGbIViITtmXxtYqIIgXnX/jvEXGmD2fDlQLXQR6eig73iXYCbkoTDbg+jhO+4
6wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 416798184241480840030815977302925224471251
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 03:40:46 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-03-25 03:40:45 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'nfwaterworks.ca'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25438140571700463810025723912293074255545792876720048097998879763813821323318293475138601633473380286262301173655621447022258999628061739167617282959826878510133800322388556789944097509585268186201503613048889910378355058032515893295975870687947734719271330559504831903356142608412358294988085543171892966242166756448572942105623822421810653664147731174010647003011612512148714163261859704219345251568234763658283222349296166621720843629623837378563087365650814008697902875918434221116295251888279768549903774264262908681252752504605091137024737438440905338958942450625505744984174663439241969291212452952242949961963
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							80e7295d401bc08fe4a51b3afbd9a93994415149
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (355 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '60discount.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arbitrageaficionado.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drivingbanana.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'finewinevineyard.com.panzer.finance'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fintechforvip.com.arbitragecryptos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'galvestoncommercialappraisal.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homeschooldiplomas.org.texasnetworksystems.net.naturokids.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ifainaction.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lylanoel.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nfwaterworks.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'promomprobaby.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'trapsand.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'whipantenna.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'willacycounty.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f00076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018ca46cdbc900000403004730450221009fc0bc45010ecb81a10e7981ed35c5b82fa3ca4a628a30ca28b7e083e5c6b58202200ad7b236c01b44578832a5aceb3132ae15b3c9b71b31b5e75210fa2b11c77b7e00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ca46cdbcb0000040300473045022039e95d8da657390e35ae315a0845511c0a65c0798c45db35a6589929ca651e0502210096c8aeebbe479a7cbad987477796630c4fd57e17c5e7952aa5d2d29f64117542
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006474485dda7bce781348df1830100eb8bcaa6208ee35d29a128adc1ed2fb676c822b9383fc2442e3acb7a028370bb0159961fb7c17b262ef312f6f4a0859f961e25aeb706f342190222094edb37a16c6c1c24620cc2464dbd59c1ea9f945ac24d53818e8f1295747620e84a0935d9bcaa7c5248017ad210c0e5928a11cc37d2bbabf7f7e4c5863f1f4f30071e7a54b72ed446e9c07bb70a7566400a9d3cdb91ea3d8b633a8a23359ff539e45a1ccdc0143121488d902f17a391e2b1dc595b9aa3cbb8eb63f0f18c1639d9d5fd55377f87391550ae2506d3411720e89c86de864545ea50dcc7070c1cf81ff75fa2421ffff42c7c3d874fc1d92e25fd96c417a4e