b-o-v-arch.ch
Issued by R3
About this certificate
This digital certificate with serial number 03:7c:1e:de:45:31:79:b0:12:2d:71:47:12:d4:e5:32:75:29 was issued on by Let's Encrypt.
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=b-o-v-arch.ch
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:7c:1e:de:45:31:79:b0:12:2d:71:47:12:d4:e5:32:75:29Serial Number (int): 303572902226659354775388507222150944552233
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 19:f8:b1:e2:77:58:b1:7a:54:8e:33:62:a3:df:9a:7d:85:27:e5:43
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 6d:a6:65:16:fb:d5:9a:bd:b7:5e:c8:df:cf:1a:6c:4b:22:73:4a:67
Fingerprint (sha256): ec:2f:72:e0:44:3c:a8:a3:35:87:8f:73:76:94:d7:aa:7e:23:b1:24:8f:25:f4:b3:69:59:40:74:c7:f6:e5:ff
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate b-o-v-arch.ch
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for b-o-v-arch.ch
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
b-o-v-arch.ch
b-o-v-arch.vhosts.ispweb1.nimag.net
b-o-v.ch
compo-site.ch
www.b-o-v-arch.ch
www.b-o-v-arch.vhosts.ispweb1.nimag.net
www.b-o-v.ch
www.compo-site.ch
b-o-v-arch.vhosts.ispweb1.nimag.net
b-o-v.ch
compo-site.ch
www.b-o-v-arch.ch
www.b-o-v-arch.vhosts.ispweb1.nimag.net
www.b-o-v.ch
www.compo-site.ch
Other certificates including the domain name b-o-v-arch.ch
(limited to 100 certificates)
Certificate
The complete raw certificate details for b-o-v-arch.ch in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGhDCCBWygAwIBAgISA3we3kUxebASLXFHEtTlMnUpMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMjQwMjA3NDVaFw0yNDAxMjIwMjA3NDRaMBgxFjAUBgNVBAMT DWItby12LWFyY2guY2gwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM Yb/tXQ5r8iFUwgJrDHSptp4NAg85Akq/0vuuookNJlK+jgNCvl9KWDicnMpV8LhA DR5Mp5O8Up9K9UGNjvy35jPBsX27x8LP1eOG+ZjqnHEYd786eULK7OXzYTrigarN n0Qxtecke0rKlp0X0jSlIYHJb/JeJ3DsPjhgoAKeh95o5SkycLqYihvFACFrWqnz Ja0n/0efmPNcXsRAnpzkiZRU1mZHTG2mKKFYwWu0Im5T2olB1FLXfLVBuJEikSY7 ndPWor9QXnwKWmaglEqllS072uROeXvRp4HW513dQFq4T1c6EQWMEK4Oi7/L/PG0 RAHpey8VkpHBanw8q5ruMv9n0JGbGy091cyP54mjyW/+o5osqep3pLQxjKjvtClN AxQPpl1VyYVUoFnxLbloEZghTO1xVum+yTMK0+eAhc0m9aJzBS0z0V9TPAkqh9Fi ojZPuF14HNtj6YOfkmeFJkoXgZjXUyKiTdt6IPydxjHc1nfEpqF/XWa/NAClQ5EU 86cB9TnxckDKPPp+3CYSo47pAd67D9/uAPOek/8AHTOXix8OvbQMs4JTupR2VpnO VWLpKiLbrwzlW706vPQ4ZsX1fwelp2VkhEZpkILOEOoNP44UprJN33X4aj21QUOV j8Sf7MEdqa34yywIO+/VWAdshULVpEqx6I13fvLysQIDAQABo4ICrDCCAqgwDgYD VR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBQZ+LHid1ixelSOM2Kj35p9hSflQzAfBgNVHSME GDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYB BQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDov L3IzLmkubGVuY3Iub3JnLzCBtQYDVR0RBIGtMIGqgg1iLW8tdi1hcmNoLmNogiNi LW8tdi1hcmNoLnZob3N0cy5pc3B3ZWIxLm5pbWFnLm5ldIIIYi1vLXYuY2iCDWNv bXBvLXNpdGUuY2iCEXd3dy5iLW8tdi1hcmNoLmNogid3d3cuYi1vLXYtYXJjaC52 aG9zdHMuaXNwd2ViMS5uaW1hZy5uZXSCDHd3dy5iLW8tdi5jaIIRd3d3LmNvbXBv LXNpdGUuY2gwEwYDVR0gBAwwCjAIBgZngQwBAgEwggEDBgorBgEEAdZ5AgQCBIH0 BIHxAO8AdgDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYtfpw0i AAAEAwBHMEUCIH4NLgx2JqiCMUTmuNdJ0h0GTIZsmlLVtkMNUhRZKEMrAiEAuR+R lDC+28Z8IhZklVqn/wMHhTnM1QbYhtA1b38V80sAdQA7U3d1Pi25gE6LMFsG/kA7 Z9hPw/THvQANLXJv4frUFwAAAYtfpw8MAAAEAwBGMEQCIEU3fuLBG0a9TmRLK3s6 VRLi0NgOci34xu5Aa/uGRwHXAiAHzyZv9HJcNOPN5bKe4K0rOsfOcJQgZzoGLPhe 9YhssDANBgkqhkiG9w0BAQsFAAOCAQEAJkF4qi0N2bYQQHe/SDzdzLBPiNB+xSRZ 1bHqn94d82wMhnMJXWVgcaZIur2oqtkXeQN1WVxmNBkNlW3rH69sfdp3lqtPIXVj EPCQPP+mJfT/v1Afm//CgLzQ5fGpH9fj6LgXRbZC2g0QkGmIFmFr4eIAW9vQHjoA Eb1qCu5hCaUrbWtzfdfkaRkrrbYuvejyMOtab4ebKBozettxI/3ycf5KAvKbwZih hwyLndUmCMtDol+1ylQdn2fqd4UMQj4qAfaVlReszZ8myvZedkFFvjhnRV9MXXRW oobokXTZ3tRXHD5eNGVAz3nmlYglla43+iYStbmwh4kt3V+0zHYtog== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzGG/7V0Oa/IhVMICawx0 qbaeDQIPOQJKv9L7rqKJDSZSvo4DQr5fSlg4nJzKVfC4QA0eTKeTvFKfSvVBjY78 t+YzwbF9u8fCz9XjhvmY6pxxGHe/OnlCyuzl82E64oGqzZ9EMbXnJHtKypadF9I0 pSGByW/yXidw7D44YKACnofeaOUpMnC6mIobxQAha1qp8yWtJ/9Hn5jzXF7EQJ6c 5ImUVNZmR0xtpiihWMFrtCJuU9qJQdRS13y1QbiRIpEmO53T1qK/UF58ClpmoJRK pZUtO9rkTnl70aeB1udd3UBauE9XOhEFjBCuDou/y/zxtEQB6XsvFZKRwWp8PKua 7jL/Z9CRmxstPdXMj+eJo8lv/qOaLKnqd6S0MYyo77QpTQMUD6ZdVcmFVKBZ8S25 aBGYIUztcVbpvskzCtPngIXNJvWicwUtM9FfUzwJKofRYqI2T7hdeBzbY+mDn5Jn hSZKF4GY11Miok3beiD8ncYx3NZ3xKahf11mvzQApUORFPOnAfU58XJAyjz6ftwm EqOO6QHeuw/f7gDznpP/AB0zl4sfDr20DLOCU7qUdlaZzlVi6Soi268M5Vu9Orz0 OGbF9X8HpadlZIRGaZCCzhDqDT+OFKayTd91+Go9tUFDlY/En+zBHamt+MssCDvv 1VgHbIVC1aRKseiNd37y8rECAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 303572902226659354775388507222150944552233 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-24 02:07:45 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-22 02:07:44 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'b-o-v-arch.ch' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 833805140061726771216140794767210309197561352679946596642807045325881578303242780449617965965024862545770835611087486442658054254522788534445594099241546833072868200998707319166064227526248463419433296459422643157159812587822497688658765456009588600669494566094120091500299477789566846082771907815543244478062132623178140670659637867118907569899813589845500828034642026685576871278977497005395657689853735781812079304896948265298591395038223607715414764894369186859660027587904281218988203794820869978795684989177477544833742338224842932866714910998227218656286012519780762728134823738801220105609226995923224006498185116103502468836762494484076321416734953622236460460247691609403740555495475600560330383417949488445265630508408817217762459545709022205134042170682589903713909215914455946484236327333064052504441239477747775845734044541419436483275369076787729319980171798898120889327204947154136615061369520004940106091109231722876790704341024411023756376115030899547771277006381055756470104819815906217534716216226067326091771193719672251078272435435771350945172473784629101056762035009557235550136373769932317779585833638611647535025195686342691872384871584287780242603407299386056209021565603565219928665230163370856024674333361 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 19f8b1e27758b17a548e3362a3df9a7d8527e543 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (173 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b-o-v-arch.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b-o-v-arch.vhosts.ispweb1.nimag.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'b-o-v.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'compo-site.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.b-o-v-arch.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.b-o-v-arch.vhosts.ispweb1.nimag.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.b-o-v.ch' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.compo-site.ch' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b5fa70d22000004030047304502207e0d2e0c7626a8823144e6b8d749d21d064c866c9a52d5b6430d52145928432b022100b91f919430bedbc67c221664955aa7ff03078539ccd506d886d0356f7f15f34b0075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b5fa70f0c0000040300463044022045377ee2c11b46bd4e644b2b7b3a5512e2d0d80e722df8c6ee406bfb864701d7022007cf266ff4725c34e3cde5b29ee0ad2b3ac7ce709420673a062cf85ef5886cb0 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00264178aa2d0dd9b6104077bf483cddccb04f88d07ec52459d5b1ea9fde1df36c0c8673095d656071a648babda8aad917790375595c6634190d956deb1faf6c7dda7796ab4f21756310f0903cffa625f4ffbf501f9bffc280bcd0e5f1a91fd7e3e8b81745b642da0d1090698816616be1e2005bdbd01e3a0011bd6a0aee6109a52b6d6b737dd7e469192badb62ebde8f230eb5a6f879b281a337adb7123fdf271fe4a02f29bc198a1870c8b9dd52608cb43a25fb5ca541d9f67ea77850c423e2a01f6959517accd9f26caf65e764145be3867455f4c5d7456a286e89174d9ded4571c3e5e346540cf79e695882595ae37fa2612b5b9b087892ddd5fb4cc762da2