guerin.pt
Issued by Gandi RSA Domain Validation Secure Server CA 3
About this certificate
This digital certificate with serial number 40:04:32:79:73:02:c5:86:dc:43:a7:cf:bf:8d:96:59 was issued on by Gandi.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=guerin.pt
Gandi
Organization:
Gandi
Country:
FR
This certificate will expire on
Certificate Details
Serial Number (hex): 40:04:32:79:73:02:c5:86:dc:43:a7:cf:bf:8d:96:59Serial Number (int): 85092384660350728760890277406025029209
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 1e:22:29:69:22:47:b4:0f:1a:8a:c0:ea:22:f7:87:e2:ef:bc:d1:c8
AuthorityKeyId: 81:11:92:de:66:32:a5:b0:5b:33:3d:65:43:85:fc:d4:04:2d:f1:ae
Fingerprint (sha1): 03:a1:5c:30:25:2a:93:11:13:95:dc:87:c5:be:ed:d3:60:79:f3:4d
Fingerprint (sha256): ec:0a:4d:c5:25:db:46:f7:fc:1b:bf:63:52:b3:a5:67:8d:45:7d:67:37:16:e9:c7:4f:e9:2a:62:7b:a4:d5:96
Issuing Certificate URL: http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCheck the revocation status for certificate guerin.pt
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for guerin.pt
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA384 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
guerin.pt
www.guerin.pt
www.guerin.pt
Other certificates including the domain name guerin.pt
(limited to 100 certificates)
clientes.guerin.pt
www.guerin.pt
guerin.pt
clientes.guerin.pt
www.guerin.pt
surveys.guerin.pt
business.guerin.pt
www.guerin.pt
privacidade.guerin.pt
privacidade.guerin.pt
www.guerin.pt
www.guerin.pt
guerin.pt
guerin.pt
www.guerin.pt
privacidade.guerin.pt
surveys.guerin.pt
rest.app.guerin.pt
guerin.pt
www.guerin.pt
www.guerin.pt
guerin.pt
clientes.guerin.pt
www.guerin.pt
surveys.guerin.pt
business.guerin.pt
www.guerin.pt
privacidade.guerin.pt
privacidade.guerin.pt
www.guerin.pt
www.guerin.pt
guerin.pt
guerin.pt
www.guerin.pt
privacidade.guerin.pt
surveys.guerin.pt
rest.app.guerin.pt
guerin.pt
www.guerin.pt
Certificate
The complete raw certificate details for guerin.pt in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGbjCCBNagAwIBAgIQQAQyeXMCxYbcQ6fPv42WWTANBgkqhkiG9w0BAQwFADBW MQswCQYDVQQGEwJGUjEOMAwGA1UEChMFR2FuZGkxNzA1BgNVBAMTLkdhbmRpIFJT QSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBIDMwHhcNMjMxMjI5 MDAwMDAwWhcNMjQxMjMwMjM1OTU5WjAUMRIwEAYDVQQDEwlndWVyaW4ucHQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfxPOuWdH/gE66FhSuArlXekiP FFnVSvkUwTEsZBp6tmvw+aHCS3rQZw+hXWRxp2d6I3ccfAjiF3geW/GZsoxnu5R+ 32IxVl4qBRvId+wq+umY0uEzv3WDizWedoWgnBQY6BLFKYdfrxNvRfE2NyPL2Kbh kdrDNLznZhNtFeW1abgIHVQw40fpbZN6q5WCVjKK2uOKtHJgesepk8fyYfKyySkF SJlMPSYnVHgpL+uuf3VMiEF2EpMduTON+t2plYcCRZx5E0TrlF+VFHohMeWzgET/ Y7kslkIilYKXdh4D495aejE0aI7T7tajrivCx433wnoJXwX6rfyf7heg4YkrAgMB AAGjggL4MIIC9DAfBgNVHSMEGDAWgBSBEZLeZjKlsFszPWVDhfzUBC3xrjAdBgNV HQ4EFgQUHiIpaSJHtA8aisDqIveH4u+80cgwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMEkGA1UdIARC MEAwNAYLKwYBBAGyMQECAhowJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdv LmNvbS9DUFMwCAYGZ4EMAQIBMIGDBggrBgEFBQcBAQR3MHUwTgYIKwYBBQUHMAKG Qmh0dHA6Ly9jcnQuc2VjdGlnby5jb20vR2FuZGlSU0FEb21haW5WYWxpZGF0aW9u U2VjdXJlU2VydmVyQ0EzLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2Vj dGlnby5jb20wIwYDVR0RBBwwGoIJZ3VlcmluLnB0gg13d3cuZ3VlcmluLnB0MIIB fQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuync aEIKn+ZnTFo6dAAAAYy0wnl5AAAEAwBHMEUCIGr6VwAKiXZaCxL2VKxFFcLT4icq w7CvTir1PbenHuZEAiEAmm8Ukmj4MhIckFaiVsUEjzWiueMyIfKb8Fyd3VRJSkwA dgA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYy0wnkzAAAEAwBH MEUCIQDboCIxonH98YS45W/0NzCiTsyZUJIrKVkSy+woRJVSqQIgM8k/rWpeLola rrqFZXnjSpwMG/i+fYslxR0sfMDGFGsAdQDuzdBk1dsazsVct520zROiModGfLzs 3sNRSFlGcR+1mwAAAYy0wnkbAAAEAwBGMEQCIGAdwr5qI12CHS34+yfbRYWwME0g XnVhDQQnwfR80GRLAiBVcgkFhxCqQrcyj1CU8BSLpppkid83La0ORRSsYiPXFDAN BgkqhkiG9w0BAQwFAAOCAYEAtVHPg5Oifwdb/+7zSsW3DEsnRUaNa/pdsJPgwNPV /91n7nSpogNR+s4kgyTqKPkZ/tU/UHqjc/B/DrRaVGRYSLq4aC/SiFmQG9+/X/pt KaB1VR9ybUEe8lpju+lpEcVwE9fNJg/dOJsq4cYSQUY+17G/pqiOk/HwkG9hpre1 Ne3blR5zsdjlf06EcmyA0j4WqC4QT0BvEUAh1i14M3FSAxWSynTg2mABsuEO0a4T bF5Zl8/NlA0+rGLFJZofzNQGEHKax+IXmyScVILD3SH+MG/pYZepuHNVDQkOhlf+ xE/cgfaNKvuI00bokS3i/gFOYZ0T6kohiF0sNO1awZNE+zfFDMJ20ztjiGsHnlHY vtj0Xi+MYIriNVp24OumhNX5WwYK1JZq7bxSqIUw63uNvV3O9qwnJw4jiHSYR4RW y8QXZgAHprUcD26lI293DYR5AjfecKg9Yid7vBZjsxRHHg5N3T6VMeCBIMuqVzud VEN6TqyU036B+df4OLjPMsGr -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8TzrlnR/4BOuhYUrgK5 V3pIjxRZ1Ur5FMExLGQaerZr8Pmhwkt60GcPoV1kcadneiN3HHwI4hd4HlvxmbKM Z7uUft9iMVZeKgUbyHfsKvrpmNLhM791g4s1nnaFoJwUGOgSxSmHX68Tb0XxNjcj y9im4ZHawzS852YTbRXltWm4CB1UMONH6W2TequVglYyitrjirRyYHrHqZPH8mHy sskpBUiZTD0mJ1R4KS/rrn91TIhBdhKTHbkzjfrdqZWHAkWceRNE65RflRR6ITHl s4BE/2O5LJZCIpWCl3YeA+PeWnoxNGiO0+7Wo64rwseN98J6CV8F+q38n+4XoOGJ KwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 85092384660350728760890277406025029209 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'FR' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Gandi RSA Domain Validation Secure Server CA 3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-30 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'guerin.pt' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20169011080937815108190041732594974421562150262533396240550500191296516699828822358050757725399899701313667675469098940217664017234990704217354514243327320010591850238095621947664148377740860916375744709343038852085490496707396256291728218347863792746342660825344460431195795572797791958079631030756147085988675775069064213195264102619833625657122682820650577490732219517832101787709252852342455253598888847701101213930241691473832570279383897015969801994290031209428510720112275582657460540728965389585066582347170146135407906086665529126222678807202505917417868697145201242995700739222712315578466433970936293198123 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 811192de6632a5b05b333d654385fcd4042df1ae . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 1e2229692247b40f1a8ac0ea22f787e2efbcd1c8 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (66 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.2.26 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (119 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/GandiRSADomainValidationSecureServerCA3.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (28 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'guerin.pt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.guerin.pt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018cb4c27979000004030047304502206afa57000a89765a0b12f654ac4515c2d3e2272ac3b0af4e2af53db7a71ee6440221009a6f149268f832121c9056a256c5048f35a2b9e33221f29bf05c9ddd54494a4c0076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018cb4c279330000040300473045022100dba02231a271fdf184b8e56ff43730a24ecc9950922b295912cbec28449552a9022033c93fad6a5e2e895aaeba856579e34a9c0c1bf8be7d8b25c51d2c7cc0c6146b007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cb4c2791b00000403004630440220601dc2be6a235d821d2df8fb27db4585b0304d205e75610d0427c1f47cd0644b0220557209058710aa42b7328f5094f0148ba69a6489df372dad0e4514ac6223d714 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.12 (sha384WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (3072 bits) 00b551cf8393a27f075bffeef34ac5b70c4b2745468d6bfa5db093e0c0d3d5ffdd67ee74a9a20351face248324ea28f919fed53f507aa373f07f0eb45a54645848bab8682fd28859901bdfbf5ffa6d29a075551f726d411ef25a63bbe96911c57013d7cd260fdd389b2ae1c61241463ed7b1bfa6a88e93f1f0906f61a6b7b535eddb951e73b1d8e57f4e84726c80d23e16a82e104f406f114021d62d78337152031592ca74e0da6001b2e10ed1ae136c5e5997cfcd940d3eac62c5259a1fccd40610729ac7e2179b249c5482c3dd21fe306fe96197a9b873550d090e8657fec44fdc81f68d2afb88d346e8912de2fe014e619d13ea4a21885d2c34ed5ac19344fb37c50cc276d33b63886b079e51d8bed8f45e2f8c608ae2355a76e0eba684d5f95b060ad4966aedbc52a88530eb7b8dbd5dcef6ac27270e23887498478456cbc417660007a6b51c0f6ea5236f770d84790237de70a83d62277bbc1663b314471e0e4ddd3e9531e08120cbaa573b9d54437a4eac94d37e81f9d7f838b8cf32c1ab