www.orietta.org

Issued by Let's Encrypt Authority X3

About this certificate

This digital certificate with serial number 03:1f:f6:4c:96:1d:e4:1f:dc:9d:ac:fe:67:99:e4:2f:af:5d was issued on by Let's Encrypt.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=www.orietta.org

Let's Encrypt

Organization: Let's Encrypt
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 03:1f:f6:4c:96:1d:e4:1f:dc:9d:ac:fe:67:99:e4:2f:af:5d
Serial Number (int): 272212998916083828620303550869630530596701
Serial Number lenght: 138 bits, 18 octets

SubjectKeyId: ba:6b:77:71:6f:7d:0c:3d:e7:2c:71:c4:7f:5d:29:1b:c9:b7:14:1a
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1

Fingerprint (sha1): 20:ce:a8:0f:32:0e:d6:6b:9a:59:5e:cb:c4:01:ec:4f:b4:c4:75:06
Fingerprint (sha256): e8:59:71:f1:01:61:9f:05:a9:5b:f3:4a:26:e6:33:bc:9b:f1:d1:3e:5d:a0:c4:f0:ef:b8:5a:0e:a8:a9:fb:e3

Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/

Revocation information

OCSP Server: http://ocsp.int-x3.letsencrypt.org

Check the revocation status for certificate www.orietta.org

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.orietta.org

Public Key Algorithm

RSA

Key Size

4096

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.orietta.org

Other certificates including the domain name orietta.org

(limited to 100 certificates)
www.orietta.org
orietta.org
www.orietta.org
orietta.org
orietta.org
orietta.org
orietta.org
orietta.org
www.orietta.org
orietta.org
orietta.org
www.orietta.org
orietta.org
www.settimomilanese.org
www.orietta.org
orietta.org
www.orietta.org

Certificate

The complete raw certificate details for www.orietta.org in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISAx/2TJYd5B/cnaz+Z5nkL69dMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTExMDkwNzA0MjJaFw0y
MDAyMDcwNzA0MjJaMBoxGDAWBgNVBAMTD3d3dy5vcmlldHRhLm9yZzCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBAK7S+RYiFJPUs2DfeyLulmeWszbuns/x
nlhRrNyavZHTM83WL3r9XCzG3yg687Rd6D7SgMzDJWNPXcsYeOjoktxuQk0bE9O3
TYgG70r7Y/5rPXuUgD6YN1pJT0lVdJAJrr39X9rsEQEWqGoJ2/y4yyGgeJPLs1NU
BdrbVX0uucKFCg7C/kK4Z2b+23+9v+JJhjqcjxLQY0X0q+IuIh8HFdwse9NSCryu
bsjpVzT5f+wMB1mFISaHnu6sRq2AskvKA30edSioa5VF3VSonzYOg/FdJBz40egq
7owUDLhxxDoOHklWHhtADaYPiN/OO3QTLiDce+ogoZkbceRkPPA+3IrzeFbk4sBH
O6vig2i9ilRZZ0xbZ3ZIG1/F3OU6B5Xdl0ND6zANFJ0nilXguRDIcpQFCciqKYg6
y5vsYSBGpkPYHhOKu1kl/bPs7n4/kMYqeHyTt5LNuKRckzTK8QFHr8QyLiGTn7kb
6HAPzhVXvoZc73NIb/S7S02N8v8+yrQNwS6Wlz2leKYxMWR6CVOjEW/f0Fq2i7iN
oE0huoWkqkBvcMXj3OF+kS2FWR+qS5WpDN/MIASG1maMKHU+9eSB3+umP859o6vm
JsZ2/c1oECAcsNgMK/I0g6x3r99Z3/ausTf8qSRtCGcd5IkTuNiExy7n7GlyD0C5
DdQX/AuPV+07AgMBAAGjggJlMIICYTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFLpr
d3FvfQw95yxxxH9dKRvJtxQaMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/z
qOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50
LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50
LXgzLmxldHNlbmNyeXB0Lm9yZy8wGgYDVR0RBBMwEYIPd3d3Lm9yaWV0dGEub3Jn
MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUH
AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB
9gSB8wDxAHYAXqdz+d9WwOe1Nkh90EngMnqRmgyEoRIShBh1loFxRVgAAAFuTzFQ
mQAABAMARzBFAiEAiJdt9LNrljLxIGLp0zEcWke49FWal8GJpxZx+l7MsIwCIBoT
DQXrebinjj9UDqj0DvkcvvPiZRWrOEeuRc/su2ZrAHcAsh4FzIuizYogTodm+Su5
iiUgZ2va+nDnsklTLe+LkF4AAAFuTzFQhwAABAMASDBGAiEA0pAOYmu+iXodLzZh
PJ56iCDoyYAcofaJG7nsqTmKjIYCIQDWPwInp01eNAGbfKi9hct2S3wUBUBObgIY
mTbidJHvETANBgkqhkiG9w0BAQsFAAOCAQEAmroMQm/mnNWmGuPog0rRBZwPiDEQ
oG0cBAy2vvGKpeNgVAtMLA7DvKnmc+74XhPCMS8sheZpWZF7J8W1K/KB6mcAoZYI
i9o9k9F7Lpu8VrrSjztbUR0y0GuE16y2VgQu+W0NILl2TcrbWsFzCCe8jfDMjpd7
0sxkYaFhq1jMLCrli2SYIB6xzOKsQ+n6vpWdfmHbN3CBN4ZcZvxi2p2/JxZtX0+w
HM52lApHfSwWtaLZ58nHSQRX6An29XxjH+o05ifyCynfPK73ovfdgfwRa7FAMIl5
I1eMt9QLciwK58uObpXvJtDziGi6xuytkCNIcGIE1juc7j3rMvn2lwaY7w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArtL5FiIUk9SzYN97Iu6W
Z5azNu6ez/GeWFGs3Jq9kdMzzdYvev1cLMbfKDrztF3oPtKAzMMlY09dyxh46OiS
3G5CTRsT07dNiAbvSvtj/ms9e5SAPpg3WklPSVV0kAmuvf1f2uwRARaoagnb/LjL
IaB4k8uzU1QF2ttVfS65woUKDsL+QrhnZv7bf72/4kmGOpyPEtBjRfSr4i4iHwcV
3Cx701IKvK5uyOlXNPl/7AwHWYUhJoee7qxGrYCyS8oDfR51KKhrlUXdVKifNg6D
8V0kHPjR6CrujBQMuHHEOg4eSVYeG0ANpg+I3847dBMuINx76iChmRtx5GQ88D7c
ivN4VuTiwEc7q+KDaL2KVFlnTFtndkgbX8Xc5ToHld2XQ0PrMA0UnSeKVeC5EMhy
lAUJyKopiDrLm+xhIEamQ9geE4q7WSX9s+zufj+Qxip4fJO3ks24pFyTNMrxAUev
xDIuIZOfuRvocA/OFVe+hlzvc0hv9LtLTY3y/z7KtA3BLpaXPaV4pjExZHoJU6MR
b9/QWraLuI2gTSG6haSqQG9wxePc4X6RLYVZH6pLlakM38wgBIbWZowodT715IHf
66Y/zn2jq+Ymxnb9zWgQIByw2Awr8jSDrHev31nf9q6xN/ypJG0IZx3kiRO42ITH
LufsaXIPQLkN1Bf8C49X7TsCAwEAAQ==
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 272212998916083828620303550869630530596701
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-09 07:04:22 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-02-07 07:04:22 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.orietta.org'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 713220156598710551261570660311893311673120954889914868440256459327222533576419458662433941980283483955187751373011930963931565802320506578932723500963406232384961871683392233413556626804018022258661524100321433761166304798495747550354045595633252672320502016539451061785412015779990669762642719049592200037079579493118606257475877420445253405847136855603016624077786881776820672602460353414898124080151667718323666864873842451240625360273212608053161283998966828124337033554435807040582689667012168154467838688789893816392351505902746410035689378145099701195099184880299445810287460614919719554665446176294381451615645704977305705668646377454692919192388223138470996828290500355662112680231831019612249781583224047003888611263371350999735811933651438834357611562384249345778798846595947966445327861680135511147485070339940992683016838408356120249506069935039398524814250280290107376233183920513262691236270412959331129848232178086405909538427352106813057706600681966131821034878502389798923814229944952499608008395307606245108856851839218253588930711998589687520442416265400308539011099982701506553660779157377651552104445191455996285173040643977067028740314854628294275905669475795301744505829794957188380227147370659159547246538043
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ba6b77716f7d0c3de72c71c47f5d291bc9b7141a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (19 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.orietta.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f10076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016e4f315099000004030047304502210088976df4b36b9632f12062e9d3311c5a47b8f4559a97c189a71671fa5eccb08c02201a130d05eb79b8a78e3f540ea8f40ef91cbef3e26515ab3847ae45cfecbb666b007700b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016e4f3150870000040300483046022100d2900e626bbe897a1d2f36613c9e7a8820e8c9801ca1f6891bb9eca9398a8c86022100d63f0227a74d5e34019b7ca8bd85cb764b7c1405404e6e02189936e27491ef11
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		009aba0c426fe69cd5a61ae3e8834ad1059c0f883110a06d1c040cb6bef18aa5e360540b4c2c0ec3bca9e673eef85e13c2312f2c85e66959917b27c5b52bf281ea6700a196088bda3d93d17b2e9bbc56bad28f3b5b511d32d06b84d7acb656042ef96d0d20b9764dcadb5ac1730827bc8df0cc8e977bd2cc6461a161ab58cc2c2ae58b6498201eb1cce2ac43e9fabe959d7e61db37708137865c66fc62da9dbf27166d5f4fb01cce76940a477d2c16b5a2d9e7c9c7490457e809f6f57c631fea34e627f20b29df3caef7a2f7dd81fc116bb14030897923578cb7d40b722c0ae7cb8e6e95ef26d0f38868bac6ecad902348706204d63b9cee3deb32f9f6970698ef