www.redsocks.nl
Issued by thawte DV SSL SHA256 CA
About this certificate
This digital certificate with serial number 4d:b8:92:b8:28:f1:0d:56:84:7d:ef:87:d9:9d:53:41 was issued on by thawte, Inc..
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)
Certificate Subject
CN=www.redsocks.nl
thawte, Inc.
Organization:
thawte, Inc.
Organization unit: Domain Validated SSL
Organization unit: Domain Validated SSL
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 4d:b8:92:b8:28:f1:0d:56:84:7d:ef:87:d9:9d:53:41Serial Number (int): 103308914119863780767875014653288207169
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId:
AuthorityKeyId: 7d:29:31:2f:c1:1e:6e:ae:31:05:6a:b3:eb:1c:cd:a9:dd:ae:80:9a
Fingerprint (sha1): a8:f7:7a:80:a7:e4:a0:1d:97:d3:2d:06:dc:7c:56:2f:18:be:ef:16
Fingerprint (sha256): e4:77:91:76:1a:76:1c:d6:b3:b3:dd:7c:4c:be:9b:bf:94:97:69:3b:42:e0:b7:23:da:da:c8:bd:e3:e1:8f:86
Issuing Certificate URL: http://tm.symcb.com/tm.crt
Revocation information
OCSP Server: http://tm.symcd.comCRL Distribution Point: http://tm.symcb.com/tm.crl
Check the revocation status for certificate www.redsocks.nl
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.redsocks.nl
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.redsocks.nl
redsocks.nl
redsocks.nl
Other certificates including the domain name redsocks.nl
(limited to 100 certificates)
redsocks.nl
redsocks.nl
cti.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
portal.redsocks.nl
cti.redsocks.nl
sni.cloudflaressl.com
www.redsocks.nl
redsocks.nl
portal.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
www.redsocks.nl
www.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
redsocks.nl
interact.redsocks.nl
www.redsocks.nl
*.redsocks.nl
portal.redsocks.nl
www.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
www.redsocks.nl
portal.redsocks.nl
redsocks.nl
cti.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
portal.redsocks.nl
cti.redsocks.nl
sni.cloudflaressl.com
www.redsocks.nl
redsocks.nl
portal.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
www.redsocks.nl
www.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
redsocks.nl
interact.redsocks.nl
www.redsocks.nl
*.redsocks.nl
portal.redsocks.nl
www.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
www.redsocks.nl
portal.redsocks.nl
Certificate
The complete raw certificate details for www.redsocks.nl in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgIQTbiSuCjxDVaEfe+H2Z1TQTANBgkqhkiG9w0BAQsFADBl MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE b21haW4gVmFsaWRhdGVkIFNTTDEgMB4GA1UEAxMXdGhhd3RlIERWIFNTTCBTSEEy NTYgQ0EwHhcNMTYwNDA2MDAwMDAwWhcNMTcwNjA1MjM1OTU5WjAaMRgwFgYDVQQD FA93d3cucmVkc29ja3MubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2GhOJ9V8unnmftRLWydpFmuSn2lHcfR2jnsYhKxKURqRtM/el3E/rJlwfm/tX 29/zNpxQB0igVaVTModHVDEf73/300+zzWnHqEU26KI+UB0L4zBKJafDjSHXKqDs IAaJmOxY9EqsxBx9755A2/PnwUF0LMUmM/DLEVxlawLcrApAWuD+9V/FFH5cmFc0 wTr6ElMG4o1YI8PLjnopIg14cfT2/oqPXpaSKZbs9sevj5L7vOEmqo6akX2zreVL tSurPzq5GWW1BzI7RvSwLKmgmVo07iVZSoRJ3nrZAxoxPL0qzPpknRgSseLPKu6h n5BZZDK5VIhWE9oqruMshx5TAgMBAAGjggKHMIICgzAnBgNVHREEIDAegg93d3cu cmVkc29ja3MubmyCC3JlZHNvY2tzLm5sMAkGA1UdEwQCMAAwKwYDVR0fBCQwIjAg oB6gHIYaaHR0cDovL3RtLnN5bWNiLmNvbS90bS5jcmwwbgYDVR0gBGcwZTBjBgZn gQwBAgEwWTAmBggrBgEFBQcCARYaaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMw LwYIKwYBBQUHAgIwIwwhaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5 MB8GA1UdIwQYMBaAFH0pMS/BHm6uMQVqs+sczandroCaMA4GA1UdDwEB/wQEAwIF oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYBBQUHAQEESzBJ MB8GCCsGAQUFBzABhhNodHRwOi8vdG0uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpo dHRwOi8vdG0uc3ltY2IuY29tL3RtLmNydDCCAQUGCisGAQQB1nkCBAIEgfYEgfMA 8QB2AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABU+n8xTsAAAQD AEcwRQIgKRf7aUG0atbVytlPh/3p9GJU1Xi+ojOPd6G+fESdawACIQCxDv0VgE7P gh1L5jpVvmKphJoymGEl9j4brDsYXHkCgQB3AKS5CZC0GFgUh7sTosxncAo8NZgE +RvfuON3zQ7IDdwQAAABU+n8xXIAAAQDAEgwRgIhAOh8Yfd3I7ffef9/mIqfdIzh sPWMV9HRuEWqxB96qKkSAiEAnQPgZkQ4MF9bKq0REFAvzlRi2HDNejrWyH+8HhoX NEwwDQYJKoZIhvcNAQELBQADggEBAEILQUpKHB+EJ8Y26dAjcjRsTS+MPFdIFTu9 GYv99/qj4tOiflGUsVH0rmiPXdswIMLUAXfmQoymu4PIWUn6zlFScL0JuBvV04Lo XgGpp9I8058a6iDuGzWcjzK9Uvvoh+XopB7UCw3Lxlzq0kLlgyEQKaQHVv8jcx5L QUNR6ATIUZ1YFTZfd35Zh3KiMmTRWCS2fEP68lVb18DkMEagc57zDk4ztEnDTbGq WUsvxN1ATwIar8FgTzHoKuu5V5kBSpVBfmaWuFE2WfvMUvfrUQSuQZYAy+oYY4/I 9vt7SwJy2pB+Ci8YNArJ+i/XOreM/u7iVxOkFFHm0G94O96S3cM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthoTifVfLp55n7US1sna RZrkp9pR3H0do57GISsSlEakbTP3pdxP6yZcH5v7V9vf8zacUAdIoFWlUzKHR1Qx H+9/99NPs81px6hFNuiiPlAdC+MwSiWnw40h1yqg7CAGiZjsWPRKrMQcfe+eQNvz 58FBdCzFJjPwyxFcZWsC3KwKQFrg/vVfxRR+XJhXNME6+hJTBuKNWCPDy456KSIN eHH09v6Kj16WkimW7PbHr4+S+7zhJqqOmpF9s63lS7Urqz86uRlltQcyO0b0sCyp oJlaNO4lWUqESd562QMaMTy9Ksz6ZJ0YErHizyruoZ+QWWQyuVSIVhPaKq7jLIce UwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 103308914119863780767875014653288207169 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte DV SSL SHA256 CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-06 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-05 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'www.redsocks.nl' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22988230218353800523470232273847554713895652522844014227866944466054108260401237829647182155991172000000320938404380986234052277063224714501405048652083720313744736896272971145871380559449853412570364789243102881761175511544257989649852006855766268921792047468870217194394660238085779599470322092403738320723633760788420822828980904125981414992347429802107833307480707565484158352905611803682083861244726208002494786191989620388371211881260303003639129911034549574444244810716550184413263011375806861150268574252786408425820172793112084727014688207649089482102614391109609313167073774038919282933216239920789645106771 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.redsocks.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'redsocks.nl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcb.com/tm.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps' . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7d29312fc11e6eae31056ab3eb1ccda9ddae809a . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcb.com/tm.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000153e9fcc53b000004030047304502202917fb6941b46ad6d5cad94f87fde9f46254d578bea2338f77a1be7c449d6b00022100b10efd15804ecf821d4be63a55be62a9849a32986125f63e1bac3b185c790281007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000153e9fcc5720000040300483046022100e87c61f77723b7df79ff7f988a9f748ce1b0f58c57d1d1b845aac41f7aa8a9120221009d03e0664438305f5b2aad1110502fce5462d870cd7a3ad6c87fbc1e1a17344c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00420b414a4a1c1f8427c636e9d02372346c4d2f8c3c5748153bbd198bfdf7faa3e2d3a27e5194b151f4ae688f5ddb3020c2d40177e6428ca6bb83c85949face515270bd09b81bd5d382e85e01a9a7d23cd39f1aea20ee1b359c8f32bd52fbe887e5e8a41ed40b0dcbc65cead242e583211029a40756ff23731e4b414351e804c8519d5815365f777e598772a23264d15824b67c43faf2555bd7c0e43046a0739ef30e4e33b449c34db1aa594b2fc4dd404f021aafc1604f31e82aebb95799014a95417e6696b8513659fbcc52f7eb5104ae419600cbea18638fc8f6fb7b4b0272da907e0a2f18340ac9fa2fd73ab78cfeeee25713a41451e6d06f783bde92ddc3