www.canoa.co
Issued by Let's Encrypt Authority X3
About this certificate
This digital certificate with serial number 03:fb:a6:f0:67:52:0a:94:3e:0b:98:c1:78:fd:50:ba:37:50 was issued on by Let's Encrypt.
This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=www.canoa.co
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 03:fb:a6:f0:67:52:0a:94:3e:0b:98:c1:78:fd:50:ba:37:50Serial Number (int): 346969631986570811229123493363862403168080
Serial Number lenght: 138 bits, 18 octets
SubjectKeyId: 17:fb:5a:b3:60:21:46:5e:7a:81:1a:8f:e5:f5:bc:5e:2a:a4:65:0c
AuthorityKeyId: a8:4a:6a:63:04:7d:dd:ba:e6:d1:39:b7:a6:45:65:ef:f3:a8:ec:a1
Fingerprint (sha1): d5:05:a2:88:f5:f2:ce:48:d7:97:73:aa:b2:e9:24:b1:f1:c8:ea:fd
Fingerprint (sha256): f2:6f:16:70:db:e9:e9:de:c2:7f:d8:74:fa:d3:e2:fd:30:e7:53:a7:42:f5:bf:ab:34:d7:41:ba:91:cb:3a:12
Issuing Certificate URL: http://cert.int-x3.letsencrypt.org/
Revocation information
OCSP Server: http://ocsp.int-x3.letsencrypt.orgCheck the revocation status for certificate www.canoa.co
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.canoa.co
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.canoa.co
Other certificates including the domain name canoa.co
(limited to 100 certificates)
www.battista.co
99451.com
www.designschool.co
canoa.co
treelovinggypsy.com
69383.com
www.faros.net
www.thepalmclub.co
www.canoa.co
www.oversizedsweaters.com
masteryogurt.com
irishexaminer.co
ooodirect.com
rosaria.co
newjerseyprobate.co
www.bayridgegenesis.net
canoa.co
canoa.co
santateresa.co
spoilers.top
www.neomholo.com
www.fashionsecrets.in
www.gaeta.co
marinella.co
www.canoa.co
99451.com
www.designschool.co
canoa.co
treelovinggypsy.com
69383.com
www.faros.net
www.thepalmclub.co
www.canoa.co
www.oversizedsweaters.com
masteryogurt.com
irishexaminer.co
ooodirect.com
rosaria.co
newjerseyprobate.co
www.bayridgegenesis.net
canoa.co
canoa.co
santateresa.co
spoilers.top
www.neomholo.com
www.fashionsecrets.in
www.gaeta.co
marinella.co
www.canoa.co
Certificate
The complete raw certificate details for www.canoa.co in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGTzCCBTegAwIBAgISA/um8GdSCpQ+C5jBeP1QujdQMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xOTA1MjUwMTU0MzlaFw0x OTA4MjMwMTU0MzlaMBcxFTATBgNVBAMTDHd3dy5jYW5vYS5jbzCCAiIwDQYJKoZI hvcNAQEBBQADggIPADCCAgoCggIBAKpE7jid7KJPOOQrCf29BtVwFDruybpxPCcx vNJxA8zlPSyQuakAqHpVRp15zG3j9L6OrvPsy4WIiPiyE24nm90WLQAPNy0KQFy9 2BXtUZuXRvgDjD5kXjI+o5fANdEXIZjG4kbya7V1LECBlc9T/zTlcvQEJcflhiKu WQPgiVVGaiMtW36PnfSdU79S8M4O21nYMcO8iWn/Ij80uXxqm2pQpFnt/OSAV1WJ JJLuTsjUHcia2X+RISWo6puheXJ69E4Ffmehs3iu0t2z7R3e8CmhpmpUgHADy5+o OpKTBzPXhLgBSxKrRFqejiOB82WbuhMYG/hftKiInPENY+u0N0kCcH9lRUiXk2ms HKjOog1X+HdPLx/qkNP7Ouf5AkpXqvOPakoAm+oOz89tJFJGoV3gKMMYxhuku0Jr /+mwlxWF4RpmAOOaWevNi6QmS+FTuMaEhLBv/vjU4LdsS+26xSSD35I9QqZ2fyZc 0MwSs1k1vkyASkC7AerI7iHZ+eAsTDZbGX626j7/aL48Sw617EENPtHHYfT1cDEh 1EMaiPDzEywsheosqWGUPKb+RaLKZfedY/34NkCvFRh/1MgzeF4lGdQvqSdETEk7 fRdMk4KdPqHMlhjYLP8C7XOhu421Dh0RgXllhAgW7MY5+ePGacjJCo3v2H0cBmof fJUGqfm9AgMBAAGjggJgMIICXDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI KwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBf7WrNg IUZeeoEaj+X1vF4qpGUMMB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyh MG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgz LmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgz LmxldHNlbmNyeXB0Lm9yZy8wFwYDVR0RBBAwDoIMd3d3LmNhbm9hLmNvMEwGA1Ud IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0 dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDv AHYAb1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFq7OlkAwAABAMA RzBFAiEArjq5CrZnvHtRUOaXSXeCNjJeumAjO1rZb9pvQYkPlC4CIBbazZUhCciN +BqfPddIYDv07Rzp/WAwy6jW3wTBm5YsAHUAKTxRllTIOWW6qlD8WAfUt2+/WHop ctykwwz05UVH9HgAAAFq7Olj0gAABAMARjBEAiBUQZK97x7ucptYi0I+N+Y9gha8 3MBBTDdpLlgUcqABBQIgPKW5kLBYtw+GqycRzhRjazD9oev1h/m/dLLAzW+u0wEw DQYJKoZIhvcNAQELBQADggEBAEypKyOk4v24y3BTe1QRYyuuNIufksy2tXKbmZU7 0Epu9wthJEypIj4JjjXUW9QUwvdQX6/hRDVVghPriaFpJhz0P2+bxQnfsJrJuHmv 45kDjHvGLbtFxZdjxgWPPewipRkdMpM44Om6EfMZpmGpcVlySQs2gW3x7+cd25Y8 LU495bRTA+eDK0vS1FKiiYfk3/PLKoY6DRiBUc9585C1I/sP4MXKBTy7TobegADY MqejFo+OSBMXTKIMPXEJQKLPcy9w+dpyLwVpwQBkZUV0/E9Jqvvkwt1xdcS5x8ti NH9Ik64Ri+NgwhenxKg2y/vk8BC7ocfJU5IAgpMJ40wra+I= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqkTuOJ3sok845CsJ/b0G 1XAUOu7JunE8JzG80nEDzOU9LJC5qQCoelVGnXnMbeP0vo6u8+zLhYiI+LITbieb 3RYtAA83LQpAXL3YFe1Rm5dG+AOMPmReMj6jl8A10RchmMbiRvJrtXUsQIGVz1P/ NOVy9AQlx+WGIq5ZA+CJVUZqIy1bfo+d9J1Tv1Lwzg7bWdgxw7yJaf8iPzS5fGqb alCkWe385IBXVYkkku5OyNQdyJrZf5EhJajqm6F5cnr0TgV+Z6GzeK7S3bPtHd7w KaGmalSAcAPLn6g6kpMHM9eEuAFLEqtEWp6OI4HzZZu6Exgb+F+0qIic8Q1j67Q3 SQJwf2VFSJeTaawcqM6iDVf4d08vH+qQ0/s65/kCSleq849qSgCb6g7Pz20kUkah XeAowxjGG6S7Qmv/6bCXFYXhGmYA45pZ682LpCZL4VO4xoSEsG/++NTgt2xL7brF JIPfkj1CpnZ/JlzQzBKzWTW+TIBKQLsB6sjuIdn54CxMNlsZfrbqPv9ovjxLDrXs QQ0+0cdh9PVwMSHUQxqI8PMTLCyF6iypYZQ8pv5Fospl951j/fg2QK8VGH/UyDN4 XiUZ1C+pJ0RMSTt9F0yTgp0+ocyWGNgs/wLtc6G7jbUOHRGBeWWECBbsxjn548Zp yMkKje/YfRwGah98lQap+b0CAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 346969631986570811229123493363862403168080 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt Authority X3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-05-25 01:54:39 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-23 01:54:39 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.canoa.co' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 694637976388209208034215600231637620323239146856805016105413927487186982213544681722200033970617053500725588151065663935262209383611690448213396404237123848955297147007586336601078383746827378327370807540502380457750631762309723547688533806802665590293859401811713404907437325298464989542064409051325487842986611156856903792422561295827602137025522688370379971707832894296578718701258540166656407629547276080887346389721535930403124668217096820416391306008688962885965907793399985713796176192667515094542784846105546803567653139188830729599728043147040180339775915248761040747372394576129375002650778250320209255152232956250099617732316014444538119287784825373133827691759842897307448992878319435539931328733995658124790104786786026830423450263054083543604294992439651593021487201105017278479871925248499392699091656739137045076676485630262048469043820246857735807200345726922799086966885825382554033414193173080068660794015684161541231852609745250057565604320043229377595523192077135471689807587691993289943319232346061190193287714091225178358597982233210224778286396775236630891567816054139786923305453396620029490148593892621769808556005440675754177408595282985813414651765754364893282310440523501148039840113013330412519698332093 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 17fb5ab36021465e7a811a8fe5f5bc5e2aa4650c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName a84a6a63047dddbae6d139b7a64565eff3a8eca1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (99 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.int-x3.letsencrypt.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cert.int-x3.letsencrypt.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (16 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.canoa.co' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.44947.1.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://cps.letsencrypt.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (244 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (241 bytes) 00ef0076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016aece964030000040300473045022100ae3ab90ab667bc7b5150e69749778236325eba60233b5ad96fda6f41890f942e022016dacd952109c88df81a9f3dd748603bf4ed1ce9fd6030cba8d6df04c19b962c007500293c519654c83965baaa50fc5807d4b76fbf587a2972dca4c30cf4e54547f4780000016aece963d200000403004630440220544192bdef1eee729b588b423e37e63d8216bcdcc0414c37692e581472a0010502203ca5b990b058b70f86ab2711ce14636b30fda1ebf587f9bf74b2c0cd6faed301 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 004ca92b23a4e2fdb8cb70537b5411632bae348b9f92ccb6b5729b99953bd04a6ef70b61244ca9223e098e35d45bd414c2f7505fafe14435558213eb89a169261cf43f6f9bc509dfb09ac9b879afe399038c7bc62dbb45c59763c6058f3dec22a5191d329338e0e9ba11f319a661a9715972490b36816df1efe71ddb963c2d4e3de5b45303e7832b4bd2d452a28987e4dff3cb2a863a0d188151cf79f390b523fb0fe0c5ca053cbb4e86de8000d832a7a3168f8e4813174ca20c3d710940a2cf732f70f9da722f0569c10064654574fc4f49aafbe4c2dd7175c4b9c7cb62347f4893ae118be360c217a7c4a836cbfbe4f010bba1c7c9539200829309e34c2b6be2