www.opportunity.cz
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:28:22:be:cf:e2:e5:95:3d:ea:cf:5b:98:26:18:83:42:ba was issued on by Let's Encrypt.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.opportunity.cz
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:28:22:be:cf:e2:e5:95:3d:ea:cf:5b:98:26:18:83:42:baSerial Number (int): 274994336976813492409046396964702265754298
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 6f:03:13:7a:bb:b3:5b:f2:92:c3:95:0e:64:77:b4:0b:af:d8:85:61
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): 4f:d0:b9:a0:9f:d7:d8:17:06:d4:e0:fe:e8:30:1a:75:7a:ba:8b:81
Fingerprint (sha256): f1:40:e2:75:a7:2a:d2:d5:05:72:6a:2b:4b:ea:f0:c9:59:b8:82:5e:6b:53:27:6e:22:30:8f:81:aa:ee:ca:fe
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.opportunity.cz
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.opportunity.cz
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
opportunity.cz
www.opportunity.cz
www.opportunity.cz
Other certificates including the domain name opportunity.cz
(limited to 100 certificates)
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
cxc.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
cxc.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
www.opportunity.cz
Certificate
The complete raw certificate details for www.opportunity.cz in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGazCCBVOgAwIBAgISAygivs/i5ZU96s9bmCYYg0K6MA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTEwMTUxMTIzMzFaFw0y MDAxMTMxMTIzMzFaMB0xGzAZBgNVBAMTEnd3dy5vcHBvcnR1bml0eS5jejCCAiIw DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALc1PFStv688lFul+6ydnTK6GAtt bYa1W3FzGOL1nrulFFQJmF7z2kpkMtu3gju5CP5YSaFnsfe1n3usWPdfHnUZ33nQ 8zEPaHf4IuNcME6KIKmLPIqSGwkvAUJcREwLfSZ2rCFi4Ig4X0tVfq6UShYfOCyf YWupYiCxVEl9BrjO8Toga5QftnK6ON8ayyd0dATSwMYfFnTc+Qu/QwBccoojZq02 pH0nDM1as0QEubAC/qlKCjfKF0zvVvP+bkIwu2lKedMIri8qiOiRYPTxRqRXvL+L cXckOhOctUObGGzLyMGPX4wDZFG56N98FVEV/PNOizShNzKQBuJNEBdTvhXdiLYc +K0WXWlADbLHkDja4NFOLr49sOU0ID3vEvr2aH8vfHLP91WHQZEAVPWpsR8ESUev 7SKbnecbO22pI83mcVdCqkfCqQKBVft+qdcIQu32K6vYllzwHXcaKi8HQn3CkSzG RYbNkqtLBBl249wMmwE0D8g0yoMKAab7FhywIp0Y5foXhXBi/55ATZJmvVQ/b9or c4dplW1fGRoRc9dogv8clZjP9bJIqHy84nuJ/iuwa/XVooEZCgwRPAEbdJkO0StA jLyBWjNIP4jIwrzgFvd2ntse2sOSQekWSvTVD8HeOEfmrqh5QW6pHRGref/yFRXp mkaQss+To2LA4BDTAgMBAAGjggJ2MIICcjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0l BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FG8DE3q7s1vyksOVDmR3tAuv2IVhMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZF Ze/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3Au aW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQu aW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYDVR0RBCYwJIIOb3Bwb3J0dW5pdHku Y3qCEnd3dy5vcHBvcnR1bml0eS5jejBMBgNVHSAERTBDMAgGBmeBDAECATA3Bgsr BgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0 Lm9yZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AF6nc/nfVsDntTZIfdBJ4DJ6 kZoMhKESEoQYdZaBcUVYAAABbc9fmcgAAAQDAEcwRQIgNHMHdPS9tQTLTADGNX6I JEeXuMoS6SqGPuULvnDHuj4CIQD7CU+tdZWfYh+Y8CKrBs70rDS1rKH1RdohHIqL HY1qcwB1ALIeBcyLos2KIE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABbc9fmeQA AAQDAEYwRAIgVyAU01F/Y8ZaYIhg6ptFcsjdFX9DVr4kKVgM6Ya8OTUCICf2Q9fr m+XrOe6Y+dE/FfxNR2DOus1OUnQ0CE5EQ2YDMA0GCSqGSIb3DQEBCwUAA4IBAQAK Z69g0ww4vTSOd3o5nne1C4Qhg6EXVnpUaSXVd02+JR+xCgQ4FtmLk09UzWsoIFpx cjP1A7mmKPYRx0ad0XDWncZsRrexOidVz+qPKTGnHFL3DphF2QFXryV7/iECbnzg t0oGgCC/oa2adoXw8sptEwjRf5VtbTbadVDcDmWS4G2D/oDdT1k7w9INrJ23F/DV YzsZ+S9PNhUcD7OGaImZ9VMzMU6kfEmgDQFmjqPBa4yl4q/yPKD+NTftcl7Pdado tPAOdnlEn0AnFJlWadMjtyrgutjaa3qZOJavCHaef1KvFI8vhXeeINA7xau+/LB8 9YqQPvfGg0VRNSTroV4Y -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtzU8VK2/rzyUW6X7rJ2d MroYC21thrVbcXMY4vWeu6UUVAmYXvPaSmQy27eCO7kI/lhJoWex97Wfe6xY918e dRnfedDzMQ9od/gi41wwToogqYs8ipIbCS8BQlxETAt9JnasIWLgiDhfS1V+rpRK Fh84LJ9ha6liILFUSX0GuM7xOiBrlB+2cro43xrLJ3R0BNLAxh8WdNz5C79DAFxy iiNmrTakfScMzVqzRAS5sAL+qUoKN8oXTO9W8/5uQjC7aUp50wiuLyqI6JFg9PFG pFe8v4txdyQ6E5y1Q5sYbMvIwY9fjANkUbno33wVURX8806LNKE3MpAG4k0QF1O+ Fd2Ithz4rRZdaUANsseQONrg0U4uvj2w5TQgPe8S+vZofy98cs/3VYdBkQBU9amx HwRJR6/tIpud5xs7bakjzeZxV0KqR8KpAoFV+36p1whC7fYrq9iWXPAddxoqLwdC fcKRLMZFhs2Sq0sEGXbj3AybATQPyDTKgwoBpvsWHLAinRjl+heFcGL/nkBNkma9 VD9v2itzh2mVbV8ZGhFz12iC/xyVmM/1skiofLzie4n+K7Br9dWigRkKDBE8ARt0 mQ7RK0CMvIFaM0g/iMjCvOAW93ae2x7aw5JB6RZK9NUPwd44R+auqHlBbqkdEat5 //IVFemaRpCyz5OjYsDgENMCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 274994336976813492409046396964702265754298 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-15 11:23:31 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-13 11:23:31 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.opportunity.cz' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 747423233875297423447177378743663539057691353021046205394794716883643638105666108066234498119220605854820358724766602839140410938292266189051987848473746879734930338758293747279913049399569941560596188539906157967781961638376729073995664894800169070297630207219913763649506839268703174304204564483360102238471393520023224636409518857625052378906550684820090649248947525394000284980723771829583264086935281825209594029769433302695645063904108395624498784285627312686267847732196420853652988266534287633274293118216516804098053574737743779044109263837476190242659935729746359293227330981788613559887011005509544441245435035172498837816792821360046064912629555214675826518279479364529114077183112394114940856168797717386335117184807332683459172607693468093545404824347152570737116224633378543556596745253992882305599281211409375570803353646589722788205380962514965950078762327387748119231208134930544620564161731609288514259765498045654094923962219748137416247724013601721708493205886190417953695586019952644889261955537239534494598237535688875048420447030335474002308226687634487709851592275468654937795975283560499700960171139017011131301007048554670715705577051725243115344723206410048125325242536178795681187654056073573910284603603 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6f03137abbb35bf292c3950e6477b40bafd88561 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'opportunity.cz' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.opportunity.cz' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076005ea773f9df56c0e7b536487dd049e0327a919a0c84a1121284187596817145580000016dcf5f99c80000040300473045022034730774f4bdb504cb4c00c6357e88244797b8ca12e92a863ee50bbe70c7ba3e022100fb094fad75959f621f98f022ab06cef4ac34b5aca1f545da211c8a8b1d8d6a73007500b21e05cc8ba2cd8a204e8766f92bb98a2520676bdafa70e7b249532def8b905e0000016dcf5f99e400000403004630440220572014d3517f63c65a608860ea9b4572c8dd157f4356be2429580ce986bc3935022027f643d7eb9be5eb39ee98f9d13f15fc4d4760cebacd4e527434084e44436603 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 000a67af60d30c38bd348e777a399e77b50b842183a117567a546925d5774dbe251fb10a043816d98b934f54cd6b28205a717233f503b9a628f611c7469dd170d69dc66c46b7b13a2755cfea8f2931a71c52f70e9845d90157af257bfe21026e7ce0b74a068020bfa1ad9a7685f0f2ca6d1308d17f956d6d36da7550dc0e6592e06d83fe80dd4f593bc3d20dac9db717f0d5633b19f92f4f36151c0fb386688999f55333314ea47c49a00d01668ea3c16b8ca5e2aff23ca0fe3537ed725ecf75a768b4f00e7679449f402714995669d323b72ae0bad8da6b7a993896af08769e7f52af148f2f85779e20d03bc5abbefcb07cf58a903ef7c68345513524eba15e18