www.carlofrigerio.com
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 04:4a:a7:9c:74:f3:d7:82:1e:ab:4d:26:98:ca:fe:76:61:28 was issued on by Let's Encrypt.
With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.carlofrigerio.com
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:4a:a7:9c:74:f3:d7:82:1e:ab:4d:26:98:ca:fe:76:61:28Serial Number (int): 373852832324875099363529394822737886077224
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 05:2d:c2:7a:65:f4:52:4e:ce:bb:a5:1f:6c:8a:26:94:17:cd:95:78
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): f9:aa:1e:fb:77:04:38:4a:0d:4d:89:a7:d1:bc:e3:25:10:cf:f4:73
Fingerprint (sha256): f2:15:d0:01:51:06:d8:da:8b:87:7a:bb:60:97:54:af:f6:f7:b3:67:77:14:78:ad:df:da:af:a8:7a:1d:67:5a
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.carlofrigerio.com
6
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.carlofrigerio.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
carlofrigerio.amsbustovm1.a2hosted.com
ginidanilo.amsbustovm1.a2hosted.com
mail.carlofrigerio.com
www.carlofrigerio.amsbustovm1.a2hosted.com
www.carlofrigerio.com
www.ginidanilo.amsbustovm1.a2hosted.com
ginidanilo.amsbustovm1.a2hosted.com
mail.carlofrigerio.com
www.carlofrigerio.amsbustovm1.a2hosted.com
www.carlofrigerio.com
www.ginidanilo.amsbustovm1.a2hosted.com
Other certificates including the domain name carlofrigerio.com
(limited to 100 certificates)
carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
carlofrigerio.com
carlofrigerio.com
www.carlofrigerio.com
mail.gma-steuerungen.com
carlofrigerio.com
carlofrigerio.com
carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
ww2.carlofrigerio.com
www.carlofrigerio.com
carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
carlofrigerio.com
carlofrigerio.com
www.carlofrigerio.com
mail.gma-steuerungen.com
carlofrigerio.com
carlofrigerio.com
carlofrigerio.com
www.carlofrigerio.com
www.carlofrigerio.com
ww2.carlofrigerio.com
www.carlofrigerio.com
carlofrigerio.com
www.carlofrigerio.com
Certificate
The complete raw certificate details for www.carlofrigerio.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGHzCCBQegAwIBAgISBEqnnHTz14Ieq00mmMr+dmEoMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAxMTUyMzQxMTVaFw0y MDA0MTQyMzQxMTVaMCAxHjAcBgNVBAMTFXd3dy5jYXJsb2ZyaWdlcmlvLmNvbTCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANznm+3Hl3yQkTN7J0ct1pJb qOyR/VTtCC6RRdHO3tFJKKUKRMhBEqxQrA9sEB5PP/4ulJ/ZwFWDCTsUDaUX2Ttz kf5SmjBBCkzNUf4EwyxxOqRLVpoKOgUK2MBVEzDqcRdeTP4shLxQPomVMyXCib9K oXJzr97w8QjTPPIt/OKGFyWSW+4c2jr155MWB/ScDFHWS4RMIYzmP3LIE7vdqL8k X5cUUkQOPe5jOzM6khDVnf4/1HB6kup1crGB3GvtDgAseF83B38YrBJUqGr058W4 Q1EY2QAwryBrFIrcSiJDqR0sk96UfbQy6CYg2GYXZ28IYlTAVlnIWXP7eYcgazEC AwEAAaOCAycwggMjMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD AQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUBS3CemX0Uk7Ou6Uf bIomlBfNlXgwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYB BQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2Vu Y3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2Vu Y3J5cHQub3JnLzCB3AYDVR0RBIHUMIHRgiZjYXJsb2ZyaWdlcmlvLmFtc2J1c3Rv dm0xLmEyaG9zdGVkLmNvbYIjZ2luaWRhbmlsby5hbXNidXN0b3ZtMS5hMmhvc3Rl ZC5jb22CFm1haWwuY2FybG9mcmlnZXJpby5jb22CKnd3dy5jYXJsb2ZyaWdlcmlv LmFtc2J1c3Rvdm0xLmEyaG9zdGVkLmNvbYIVd3d3LmNhcmxvZnJpZ2VyaW8uY29t gid3d3cuZ2luaWRhbmlsby5hbXNidXN0b3ZtMS5hMmhvc3RlZC5jb20wTAYDVR0g BEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0 cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAA dgDwlaRZ8gDRgkAQLS+TiI6tS/4dR+OZ4dA0prCoqo6ycwAAAW+rzBOFAAAEAwBH MEUCIQCqE/sfuOG1eDYI7/fLeF2di++P7okDTWC9xR8LaIcgEgIgPVEjmPPQGRuN 0tkAxaumZ72nGQaGH3GQcFdBp8RfaCoAdgAHt1wb5X1o//Gwxh0jFce65ld8V5S3 au68YToaadOiHAAAAW+rzBOnAAAEAwBHMEUCIQCsRbAp4A0a8kiPgO5c1TCTXxv1 Uf+bIFAGwf/4+OaxrgIgEO+qa2E49OqHo8PLWmaA4d3CiW9yddCtifycwDTKQ4Yw DQYJKoZIhvcNAQELBQADggEBAEL5sHhjUIHwfeAqvoALSAVed1CTwUyk1hfcabrn +EbA4EatWqrXgAiV+UcMvCWWPOQox+1v0TIIjKEZ2xG11b8XRF2KdODSjOJcekgH 9Ai0e58rVTdyFAIwqmThB2bVjVhjKwP4FQTCuxzAe0/QaAM18R7XCD67gz6SkfF2 MC9Pwxbkar0CpGipzSKrhm0RN0ZxIkU6SPXUW/KEo6ruiPzO7ziath+cxeytWxKY FkGJlbriaUoZmtxTbhxcksJ6BDlbKgcKvkv5a3lo6mfEEWMJvUCppk978dcrj4sE scKNIrrTYrfKqHXeuIwCGB1S04OWwexYUO/x15hH88dwNII= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Oeb7ceXfJCRM3snRy3W kluo7JH9VO0ILpFF0c7e0UkopQpEyEESrFCsD2wQHk8//i6Un9nAVYMJOxQNpRfZ O3OR/lKaMEEKTM1R/gTDLHE6pEtWmgo6BQrYwFUTMOpxF15M/iyEvFA+iZUzJcKJ v0qhcnOv3vDxCNM88i384oYXJZJb7hzaOvXnkxYH9JwMUdZLhEwhjOY/csgTu92o vyRflxRSRA497mM7MzqSENWd/j/UcHqS6nVysYHca+0OACx4XzcHfxisElSoavTn xbhDURjZADCvIGsUitxKIkOpHSyT3pR9tDLoJiDYZhdnbwhiVMBWWchZc/t5hyBr MQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 373852832324875099363529394822737886077224 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-01-15 23:41:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-04-14 23:41:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.carlofrigerio.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27886637794944711548923780513140570225486939695647713854608814885363069855166092170305530677308589631275774454529910903788333150971345047405015175185829896699065914227141864805210777907049227521560957950697417007062758307101657454941966118745763807195191663164759588257952510901270101117167534666068575780116644379712940880664228591993069817684997982257141956861419622066106110101023406478961337778548683100148979085928320034035016984500778203053403230674835006678170781847729078772914064000204109346132046498897498961614121185827247451159781282031641774777862285942650483126662226083640249955877027087170346774719281 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 052dc27a65f4524ecebba51f6c8a269417cd9578 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (212 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carlofrigerio.amsbustovm1.a2hosted.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ginidanilo.amsbustovm1.a2hosted.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.carlofrigerio.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.carlofrigerio.amsbustovm1.a2hosted.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.carlofrigerio.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.ginidanilo.amsbustovm1.a2hosted.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007600f095a459f200d18240102d2f93888ead4bfe1d47e399e1d034a6b0a8aa8eb2730000016fabcc13850000040300473045022100aa13fb1fb8e1b5783608eff7cb785d9d8bef8fee89034d60bdc51f0b6887201202203d512398f3d0191b8dd2d900c5aba667bda71906861f7190705741a7c45f682a00760007b75c1be57d68fff1b0c61d2315c7bae6577c5794b76aeebc613a1a69d3a21c0000016fabcc13a70000040300473045022100ac45b029e00d1af2488f80ee5cd530935f1bf551ff9b205006c1fff8f8e6b1ae022010efaa6b6138f4ea87a3c3cb5a6680e1ddc2896f7275d0ad89fc9cc034ca4386 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0042f9b078635081f07de02abe800b48055e775093c14ca4d617dc69bae7f846c0e046ad5aaad7800895f9470cbc25963ce428c7ed6fd132088ca119db11b5d5bf17445d8a74e0d28ce25c7a4807f408b47b9f2b553772140230aa64e10766d58d58632b03f81504c2bb1cc07b4fd0680335f11ed7083ebb833e9291f176302f4fc316e46abd02a468a9cd22ab866d1137467122453a48f5d45bf284a3aaee88fcceef389ab61f9cc5ecad5b129816418995bae2694a199adc536e1c5c92c27a04395b2a070abe4bf96b7968ea67c4116309bd40a9a64f7bf1d72b8f8b04b1c28d22bad362b7caa875deb88c02181d52d38396c1ec5850eff1d79847f3c7703482