www.redsocks.nl

Issued by thawte DV SSL SHA256 CA

About this certificate

This digital certificate with serial number 4d:b8:92:b8:28:f1:0d:56:84:7d:ef:87:d9:9d:53:41 was issued on by thawte, Inc..

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Sub certificates SHOULD include Subject Key Identifier in end entity certs (RFC 5280: 4.2 & 4.2.1.2)

Certificate Subject

CN=www.redsocks.nl

thawte, Inc.

Organization: thawte, Inc.
Organization unit: Domain Validated SSL
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 4d:b8:92:b8:28:f1:0d:56:84:7d:ef:87:d9:9d:53:41
Serial Number (int): 103308914119863780767875014653288207169
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId:
AuthorityKeyId: 7d:29:31:2f:c1:1e:6e:ae:31:05:6a:b3:eb:1c:cd:a9:dd:ae:80:9a

Fingerprint (sha1): a8:f7:7a:80:a7:e4:a0:1d:97:d3:2d:06:dc:7c:56:2f:18:be:ef:16
Fingerprint (sha256): e4:77:91:76:1a:76:1c:d6:b3:b3:dd:7c:4c:be:9b:bf:94:97:69:3b:42:e0:b7:23:da:da:c8:bd:e3:e1:8f:86

Issuing Certificate URL: http://tm.symcb.com/tm.crt

Revocation information

OCSP Server: http://tm.symcd.com
CRL Distribution Point: http://tm.symcb.com/tm.crl

Check the revocation status for certificate www.redsocks.nl

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.redsocks.nl

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.redsocks.nl
redsocks.nl

Other certificates including the domain name redsocks.nl

(limited to 100 certificates)
redsocks.nl
redsocks.nl
cti.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
portal.redsocks.nl
cti.redsocks.nl
sni.cloudflaressl.com
www.redsocks.nl
redsocks.nl
portal.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
www.redsocks.nl
www.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
redsocks.nl
interact.redsocks.nl
www.redsocks.nl
*.redsocks.nl
portal.redsocks.nl
www.redsocks.nl
interact.redsocks.nl
www.redsocks.nl
www.redsocks.nl
portal.redsocks.nl

Certificate

The complete raw certificate details for www.redsocks.nl in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgIQTbiSuCjxDVaEfe+H2Z1TQTANBgkqhkiG9w0BAQsFADBl
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEgMB4GA1UEAxMXdGhhd3RlIERWIFNTTCBTSEEy
NTYgQ0EwHhcNMTYwNDA2MDAwMDAwWhcNMTcwNjA1MjM1OTU5WjAaMRgwFgYDVQQD
FA93d3cucmVkc29ja3MubmwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2GhOJ9V8unnmftRLWydpFmuSn2lHcfR2jnsYhKxKURqRtM/el3E/rJlwfm/tX
29/zNpxQB0igVaVTModHVDEf73/300+zzWnHqEU26KI+UB0L4zBKJafDjSHXKqDs
IAaJmOxY9EqsxBx9755A2/PnwUF0LMUmM/DLEVxlawLcrApAWuD+9V/FFH5cmFc0
wTr6ElMG4o1YI8PLjnopIg14cfT2/oqPXpaSKZbs9sevj5L7vOEmqo6akX2zreVL
tSurPzq5GWW1BzI7RvSwLKmgmVo07iVZSoRJ3nrZAxoxPL0qzPpknRgSseLPKu6h
n5BZZDK5VIhWE9oqruMshx5TAgMBAAGjggKHMIICgzAnBgNVHREEIDAegg93d3cu
cmVkc29ja3MubmyCC3JlZHNvY2tzLm5sMAkGA1UdEwQCMAAwKwYDVR0fBCQwIjAg
oB6gHIYaaHR0cDovL3RtLnN5bWNiLmNvbS90bS5jcmwwbgYDVR0gBGcwZTBjBgZn
gQwBAgEwWTAmBggrBgEFBQcCARYaaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMw
LwYIKwYBBQUHAgIwIwwhaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5
MB8GA1UdIwQYMBaAFH0pMS/BHm6uMQVqs+sczandroCaMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYBBQUHAQEESzBJ
MB8GCCsGAQUFBzABhhNodHRwOi8vdG0uc3ltY2QuY29tMCYGCCsGAQUFBzAChhpo
dHRwOi8vdG0uc3ltY2IuY29tL3RtLmNydDCCAQUGCisGAQQB1nkCBAIEgfYEgfMA
8QB2AN3rHSt6DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABU+n8xTsAAAQD
AEcwRQIgKRf7aUG0atbVytlPh/3p9GJU1Xi+ojOPd6G+fESdawACIQCxDv0VgE7P
gh1L5jpVvmKphJoymGEl9j4brDsYXHkCgQB3AKS5CZC0GFgUh7sTosxncAo8NZgE
+RvfuON3zQ7IDdwQAAABU+n8xXIAAAQDAEgwRgIhAOh8Yfd3I7ffef9/mIqfdIzh
sPWMV9HRuEWqxB96qKkSAiEAnQPgZkQ4MF9bKq0REFAvzlRi2HDNejrWyH+8HhoX
NEwwDQYJKoZIhvcNAQELBQADggEBAEILQUpKHB+EJ8Y26dAjcjRsTS+MPFdIFTu9
GYv99/qj4tOiflGUsVH0rmiPXdswIMLUAXfmQoymu4PIWUn6zlFScL0JuBvV04Lo
XgGpp9I8058a6iDuGzWcjzK9Uvvoh+XopB7UCw3Lxlzq0kLlgyEQKaQHVv8jcx5L
QUNR6ATIUZ1YFTZfd35Zh3KiMmTRWCS2fEP68lVb18DkMEagc57zDk4ztEnDTbGq
WUsvxN1ATwIar8FgTzHoKuu5V5kBSpVBfmaWuFE2WfvMUvfrUQSuQZYAy+oYY4/I
9vt7SwJy2pB+Ci8YNArJ+i/XOreM/u7iVxOkFFHm0G94O96S3cM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthoTifVfLp55n7US1sna
RZrkp9pR3H0do57GISsSlEakbTP3pdxP6yZcH5v7V9vf8zacUAdIoFWlUzKHR1Qx
H+9/99NPs81px6hFNuiiPlAdC+MwSiWnw40h1yqg7CAGiZjsWPRKrMQcfe+eQNvz
58FBdCzFJjPwyxFcZWsC3KwKQFrg/vVfxRR+XJhXNME6+hJTBuKNWCPDy456KSIN
eHH09v6Kj16WkimW7PbHr4+S+7zhJqqOmpF9s63lS7Urqz86uRlltQcyO0b0sCyp
oJlaNO4lWUqESd562QMaMTy9Ksz6ZJ0YErHizyruoZ+QWWQyuVSIVhPaKq7jLIce
UwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 103308914119863780767875014653288207169
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Domain Validated SSL'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'thawte DV SSL SHA256 CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2016-04-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2017-06-05 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'www.redsocks.nl'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22988230218353800523470232273847554713895652522844014227866944466054108260401237829647182155991172000000320938404380986234052277063224714501405048652083720313744736896272971145871380559449853412570364789243102881761175511544257989649852006855766268921792047468870217194394660238085779599470322092403738320723633760788420822828980904125981414992347429802107833307480707565484158352905611803682083861244726208002494786191989620388371211881260303003639129911034549574444244810716550184413263011375806861150268574252786408425820172793112084727014688207649089482102614391109609313167073774038919282933216239920789645106771
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.redsocks.nl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'redsocks.nl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (36 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcb.com/tm.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (103 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.thawte.com/cps'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.2 (unotice)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'https://www.thawte.com/repository'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 7d29312fc11e6eae31056ab3eb1ccda9ddae809a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (75 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcd.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://tm.symcb.com/tm.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007600ddeb1d2b7a0d4fa6208b81ad8168707e2e8e9d01d55c888d3d11c4cdb6ecbecc00000153e9fcc53b000004030047304502202917fb6941b46ad6d5cad94f87fde9f46254d578bea2338f77a1be7c449d6b00022100b10efd15804ecf821d4be63a55be62a9849a32986125f63e1bac3b185c790281007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc1000000153e9fcc5720000040300483046022100e87c61f77723b7df79ff7f988a9f748ce1b0f58c57d1d1b845aac41f7aa8a9120221009d03e0664438305f5b2aad1110502fce5462d870cd7a3ad6c87fbc1e1a17344c
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00420b414a4a1c1f8427c636e9d02372346c4d2f8c3c5748153bbd198bfdf7faa3e2d3a27e5194b151f4ae688f5ddb3020c2d40177e6428ca6bb83c85949face515270bd09b81bd5d382e85e01a9a7d23cd39f1aea20ee1b359c8f32bd52fbe887e5e8a41ed40b0dcbc65cead242e583211029a40756ff23731e4b414351e804c8519d5815365f777e598772a23264d15824b67c43faf2555bd7c0e43046a0739ef30e4e33b449c34db1aa594b2fc4dd404f021aafc1604f31e82aebb95799014a95417e6696b8513659fbcc52f7eb5104ae419600cbea18638fc8f6fb7b4b0272da907e0a2f18340ac9fa2fd73ab78cfeeee25713a41451e6d06f783bde92ddc3