a-rosa.de

Issued by R3

About this certificate

This digital certificate with serial number 04:a6:e2:7a:7e:7e:ac:2a:04:e0:fb:14:76:98:71:d1:ab:a5 was issued on by Let's Encrypt.

With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=a-rosa.de

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 04:a6:e2:7a:7e:7e:ac:2a:04:e0:fb:14:76:98:71:d1:ab:a5
Serial Number (int): 405237058188800544514183827900355585354661
Serial Number lenght: 139 bits, 18 octets

SubjectKeyId: 19:a5:df:53:f0:46:19:b5:90:20:b3:d7:6c:89:cf:64:05:0a:bb:68
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6

Fingerprint (sha1): 22:ea:6a:a1:6e:0c:2a:fb:a2:7e:dc:9c:6d:b2:be:4b:8f:86:d5:f3
Fingerprint (sha256): e0:e2:22:07:04:63:6a:a7:1e:d5:bb:8e:75:a3:17:40:7c:8f:8c:51:8d:c5:44:a5:74:5e:90:7c:9e:15:89:1e

Issuing Certificate URL: http://r3.i.lencr.org/

Revocation information

OCSP Server: http://r3.o.lencr.org

Check the revocation status for certificate a-rosa.de

11

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for a-rosa.de

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

a-rosa.com
a-rosa.de
arosa-cruises.com
arosacruises.com
extranet.arosa-cruises.com
jobs.arosa-cruises.com
karriere.a-rosa.de
www.a-rosa.com
www.a-rosa.de
www.arosa-cruises.com
www.arosacruises.com

Other certificates including the domain name a-rosa.de

(limited to 100 certificates)
www.a-rosa.de
kurs.a-rosa.de
webmail.a-rosa.de
webmail.a-rosa.de
sslvpn.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
mx01.a-rosa.de
mail.a-rosa.de
kurs.a-rosa.de
m.a-rosa.de
afleet.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
a-rosa.de
booking.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
kurs.a-rosa.de
blog.a-rosa.de
blog.a-rosa.de
webmail.a-rosa.de
a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
old.a-rosa.de
mail.a-rosa.de
a-rosa.de
booking.a-rosa.de
mail.a-rosa.de
webmail.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de
a-rosa.de
a-rosa.de
kurs.a-rosa.de
kurs.a-rosa.de
resort.a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
mail.a-rosa.de
a-rosa.de
a-rosa.de
webmail.a-rosa.de
www.a-rosa.de
m.a-rosa.de
www.kurs.a-rosa.de
a-rosa.de
afleet.a-rosa.de
a-rosa.de
a-rosa.de
www.a-rosa.de
blog.a-rosa.de
a-rosa.de
a-rosa.de
blog.a-rosa.de
mail.a-rosa.de
a-rosa.de
blog.a-rosa.de
a-rosa.de
www.a-rosa.de
kurs.a-rosa.de

Certificate

The complete raw certificate details for a-rosa.de in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISBKbien5+rCoE4PsUdphx0aulMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yNDAxMTAwNzA5NDNaFw0yNDA0MDkwNzA5NDJaMBQxEjAQBgNVBAMT
CWEtcm9zYS5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPWGXoEn
ec3cY2fX3GSCbiBWZWZZ9Z1kz2raYW1oPn83VH5/jHImIQLes1eOrHwVtEI8BxSV
CaQfNYBQBr4iYFG2p/NR17avXMODzPQeCBmp0bvWbG8BTj3KkdsMbDTftru7FhM5
s2Oqg0QwowafDIh135ea7mgQELbp8bqGNNncpvSs3G4Xc10tIT1YYcVPOck0tGtO
RpubQAWf/BKh7XT/i6z2ehSWxwpba1tdalBfXTKgTPOjdXbq/BZgBAS+ASxum4AT
A5nxKbxVzG+uzAhm1m7ZbID6EcgUVjkuZ31P5yjYE1m7U+rm5pv1tKViHGZJ/ymB
3LqRKzvoeJ9HDA8CAwEAAaOCAtMwggLPMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
GaXfU/BGGbWQILPXbInPZAUKu2gwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+v
nYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMuby5s
ZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8wgdsG
A1UdEQSB0zCB0IIKYS1yb3NhLmNvbYIJYS1yb3NhLmRlghFhcm9zYS1jcnVpc2Vz
LmNvbYIQYXJvc2FjcnVpc2VzLmNvbYIaZXh0cmFuZXQuYXJvc2EtY3J1aXNlcy5j
b22CFmpvYnMuYXJvc2EtY3J1aXNlcy5jb22CEmthcnJpZXJlLmEtcm9zYS5kZYIO
d3d3LmEtcm9zYS5jb22CDXd3dy5hLXJvc2EuZGWCFXd3dy5hcm9zYS1jcnVpc2Vz
LmNvbYIUd3d3LmFyb3NhY3J1aXNlcy5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEw
ggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgCi4r/WHt4vLweg1k5tN6fcZUOwxrUu
otq3iviabfUX2AAAAYzya4vMAAAEAwBHMEUCIGvZu47fAvmz2PnMcNZbw5AppJzA
KPhWixnaOEiFdhI4AiEAwEe6Vf5NkZqEKQKC19fBCjz5xkBZKQWk3Gh1uELLK2AA
dgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYzya4xCAAAEAwBH
MEUCIQDVjQ67mIoQRv1zTn9ik+oEIfDudoZN2JoVIR922owumAIgDoGnTCWAzJ4y
gWMJaVjZs2PszZEaImhwKBsmJhZmb/EwDQYJKoZIhvcNAQELBQADggEBAFJsiXLU
h0Lhbdd+Zkpxo2tXig/GBt+mXgVZeV4OxwKTfPwFJikp06TTQvBiWmDDvKcG0R0V
dgc4v2p4zTVamZzFIQMjQlS/eStrC7lFw3MtH0/Bc9F9N51vsbi6SAg/wksIR2ng
mm663x693DsjNHg6I83D43NsrvBF/CmthympeLXYZTUPf+mcqtyTxmGuyvnOT7kb
91ndfiqyo7iEgvmFz7cwEAkyLxXkCZLsRgeQnVvdZaFiyCjrOgtEuADY3inqO+Yd
RvR35fgJ7pCJdSOEU6cJOQSs5DLtH6J+z3Og77YtqCPSARVlv5cnZRqrL0E3K8d2
ZNFC5YAzJYgaA7g=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YZegSd5zdxjZ9fcZIJu
IFZlZln1nWTPatphbWg+fzdUfn+MciYhAt6zV46sfBW0QjwHFJUJpB81gFAGviJg
Uban81HXtq9cw4PM9B4IGanRu9ZsbwFOPcqR2wxsNN+2u7sWEzmzY6qDRDCjBp8M
iHXfl5ruaBAQtunxuoY02dym9KzcbhdzXS0hPVhhxU85yTS0a05Gm5tABZ/8EqHt
dP+LrPZ6FJbHCltrW11qUF9dMqBM86N1dur8FmAEBL4BLG6bgBMDmfEpvFXMb67M
CGbWbtlsgPoRyBRWOS5nfU/nKNgTWbtT6ubmm/W0pWIcZkn/KYHcupErO+h4n0cM
DwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 405237058188800544514183827900355585354661
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-10 07:09:43 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-09 07:09:42 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'a-rosa.de'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30994644618151240982216206827320356282029279265750891391628477454732277442218778498250376532616276873346831934529010420585308039334028790965517238015473162439939244876396026792477602622170125641273172442483199296619974797306594475806785821590198142553954121736821760212002134105734864713434721518827902019102227147578585644839549543719499778179514907783301822744279385720374800346751046560617099366440255050432710721777013427167325478327197234290604895540414950709689315728107303448393481253728142557852265421084698990403866514072987830325694205286993877887005887284974483297625072467767376298885304139643411193334799
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							19a5df53f04619b59020b3d76c89cf64050abb68
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (211 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a-rosa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'a-rosa.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arosa-cruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arosacruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'extranet.arosa-cruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jobs.arosa-cruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'karriere.a-rosa.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.a-rosa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.a-rosa.de'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.arosa-cruises.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.arosacruises.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007600a2e2bfd61ede2f2f07a0d64e6d37a7dc6543b0c6b52ea2dab78af89a6df517d80000018cf26b8bcc000004030047304502206bd9bb8edf02f9b3d8f9cc70d65bc39029a49cc028f8568b19da384885761238022100c047ba55fe4d919a84290282d7d7c10a3cf9c640592905a4dc6875b842cb2b60007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cf26b8c420000040300473045022100d58d0ebb988a1046fd734e7f6293ea0421f0ee76864dd89a15211f76da8c2e9802200e81a74c2580cc9e328163096958d9b363eccd911a226870281b262616666ff1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00526c8972d48742e16dd77e664a71a36b578a0fc606dfa65e0559795e0ec702937cfc05262929d3a4d342f0625a60c3bca706d11d15760738bf6a78cd355a999cc52103234254bf792b6b0bb945c3732d1f4fc173d17d379d6fb1b8ba48083fc24b084769e09a6ebadf1ebddc3b2334783a23cdc3e3736caef045fc29ad8729a978b5d865350f7fe99caadc93c661aecaf9ce4fb91bf759dd7e2ab2a3b88482f985cfb7301009322f15e40992ec4607909d5bdd65a162c828eb3a0b44b800d8de29ea3be61d46f477e5f809ee908975238453a7093904ace432ed1fa27ecf73a0efb62da823d2011565bf9727651aab2f41372bc77664d142e5803325881a03b8