CRL & OCSP report for 0-acw.elsevier.com.pugwash.lib.warwick.ac.uk - *.pugwash.lib.warwick.ac.uk (University of Warwick)

*.pugwash.lib.warwick.ac.uk

Certificate details for *.pugwash.lib.warwick.ac.uk (At position 0 in certificate chain)
Serial number:
hex: 6591e023bb2b5e18147eb76a9ef33156cf5caccf
int: 579861201217717101262183076208705693981502909647
Issued by: QuoVadis Global SSL ICA G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: University of Warwick
Organization unit: University Library
State / Province: West Midlands
Locality: COVENTRY
Country: GB
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-acw.elsevier.com.pugwash.lib.warwick.ac.uk.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.quovadisglobal.com/qvsslg2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.quovadisglobal.com/qvsslg2.crl
Size: 390369 bytes (DER data)
Response time: 1.312173281s
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 7358

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: AmazonS3

Raw CRL response headers

Content-Length: [390369]
Content-Type: [application/pkix-crl]
Date: [Wed, 24 May 2017 15:28:57 GMT]
Etag: ["fc4749b4ed8c735172af6dd661828a61"]
Last-Modified: [Wed, 24 May 2017 15:25:02 GMT]
Server: [AmazonS3]
X-Amz-Id-2: [p9uSmig5cd7R2DMvGUOkJOVdUfBINH5+CffWaM+g5JkzIPBHSTTu4dbyF6UBrlaU2X3oxMNX56c=]
X-Amz-Request-Id: [EA5F657C98415E0B]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.quovadisglobal.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.quovadisglobal.com (GET)
Size: 1574 bytes (DER data)
Response time: 243.044447ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: QuoVadis OCSP Authority Signature
Issued by: QuoVadis Global SSL ICA G2
Signing certificate validity: 2016-11-03 - 2023-06-01
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 43h11m59s

Server and network information

Server Software: Apache

URL used for GET request

http://ocsp.quovadisglobal.com/MFUwUzBRME8wTTAJBgUrDgMCGgUABBQizVAdki5cQPHmWNk6O3DgVg1ovgQUkRlirVsXpzD78N45JbG9jLm4UScCFGWR4CO7K14YFH63ap7zMVbPXKzP

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBQizVAdki5cQPHmWNk6O3DgVg1ovgQUkRli
rVsXpzD78N45JbG9jLm4UScCFGWR4CO7K14YFH63ap7zMVbPXKzP
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGIgoBAKCCBhswggYXBgkrBgEFBQcwAQEEggYIMIIGBDCB+6FvMG0xCzAJBgNV
BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRcwFQYDVQQLEw5PQ1NQ
IFJlc3BvbmRlcjEqMCgGA1UEAxMhUXVvVmFkaXMgT0NTUCBBdXRob3JpdHkgU2ln
bmF0dXJlGA8yMDE3MDUyNDE1Mjk0NlowdzB1ME0wCQYFKw4DAhoFAAQUIs1QHZIu
XEDx5ljZOjtw4FYNaL4EFJEZYq1bF6cw+/DeOSWxvYy5uFEnAhRlkeAjuyteGBR+
t2qe8zFWz1ysz4AAGA8yMDE3MDUyNDE1Mjk0NlqgERgPMjAxNzA1MjYxNTI5NDZa
MA0GCSqGSIb3DQEBCwUAA4IBAQCNC/HoQGsXmLQF6p1MFpnuMcWhtv7dD324CYDm
R6JjHYxBdUKgddZWj+tQOgt/mC/UVnqpjS8iKmDqs1zJTHcK1Zkecs8JhPwLbnIq
VjOeCKEV7zLc1Y1OExWmV+hO0jd9joaIhfo4kUF0pl+XmHNqi2n8FGH3Gd0yI+47
MvkKboA/HUkA0qAiwjdxg4H0M5/pNK0UfZ5UVRUn9M0aMhkaHuA8baUue69M6YkM
2iPHuwY+XN1BnwzBnYwhcQBXH+I4y81Y4bSx53T0yzAOLlkycIywJQLz9y+qWFCP
5xoyl04QUk/s4S6vT0xS7fRaGQQjFIrPx+I4JjBSyoZtAIq3oIID7jCCA+owggPm
MIICzqADAgECAhQ71stVPAefEHywTAVRuWeTVME4JzANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEjMCEGA1UE
AxMaUXVvVmFkaXMgR2xvYmFsIFNTTCBJQ0EgRzIwHhcNMTYxMTAzMTcxODU1WhcN
MjMwNjAxMTMzNTA1WjBtMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMg
TGltaXRlZDEXMBUGA1UECxMOT0NTUCBSZXNwb25kZXIxKjAoBgNVBAMTIVF1b1Zh
ZGlzIE9DU1AgQXV0aG9yaXR5IFNpZ25hdHVyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJPvqSJP4Ux+tJ3URn8q9FYahMUaHMKW5Vp/INWQcjiApsS
5uvUhh7Od9muSB7sh8oFncqK1bbiMg860Op4WXOWF1Ny3ZQbnG9A/lT/qoRcJ1mD
64JXIvlvo3d1f6DxYMWMg++Po4CMDJlluGtOHqzFpWk7WDvvkLDJvsFj6QJeDL7z
525sACKLnMK6Xdm0eZ0621uCtMtCOC1YoFwFOAI0bcsj6VyVGMTz1q02xlMF8GpX
F4FfXvcHFKNrfYnT+TZ/TyMv40Z7pyX9axQ/1y1AVrTELVrSPuvwNpe/3ThdRq9G
1on3hnjYlXQQ4Yrxu/nDZvfFUjqOgNeJtm/jSL0CAwEAAaOBnTCBmjAJBgNVHRME
AjAAMA8GCSsGAQUFBzABBQQCBQAwFwYDVR0gBBAwDjAMBgorBgEEAb5YAYIsMA4G
A1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAWgBSR
GWKtWxenMPvw3jklsb2MubhRJzAdBgNVHQ4EFgQUMIxEwKrg25Ed5raK8wtKIV5c
3AswDQYJKoZIhvcNAQELBQADggEBADA5GVwBA1E1BQRMV0qhrmdPrVI5SaD7zH0A
REtfF74DRoaZ+TDOQavQTYw65dFJTTCktnE1tK/rM85znWLzXLWrXyWSyiF8rIcL
/J/5XzeerhDfzAlgw6cvpYWDRxHeUzK8RgXUaUFnta6pcVh4W9tcfGRTYQaMZkb0
sNv4ayNs+j4rrrXGG+m5hdCv1oMEMo35VylOo8wqU8GJqOiYUhnT/0N5jTXn1MJe
zFR8NGp47ufvmOJVmaBPtwfg55HiqcMiliZkNgeAHzyUIFeHDPo/It9FiKIBfAV/
oWLwyus9xw3DPIi0Dpgu72AiAlIUC2MPkwHFkGyyjoqlywYFtyk=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID5jCCAs6gAwIBAgIUO9bLVTwHnxB8sEwFUblnk1TBOCcwDQYJKoZIhvcNAQEL
BQAwTTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxIzAh
BgNVBAMTGlF1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBIEcyMB4XDTE2MTEwMzE3MTg1
NVoXDTIzMDYwMTEzMzUwNVowbTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1Zh
ZGlzIExpbWl0ZWQxFzAVBgNVBAsTDk9DU1AgUmVzcG9uZGVyMSowKAYDVQQDEyFR
dW9WYWRpcyBPQ1NQIEF1dGhvcml0eSBTaWduYXR1cmUwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCST76kiT+FMfrSd1EZ/KvRWGoTFGhzCluVafyDVkHI
4gKbEubr1IYeznfZrkge7IfKBZ3KitW24jIPOtDqeFlzlhdTct2UG5xvQP5U/6qE
XCdZg+uCVyL5b6N3dX+g8WDFjIPvj6OAjAyZZbhrTh6sxaVpO1g775Cwyb7BY+kC
Xgy+8+dubAAii5zCul3ZtHmdOttbgrTLQjgtWKBcBTgCNG3LI+lclRjE89atNsZT
BfBqVxeBX173BxSja32J0/k2f08jL+NGe6cl/WsUP9ctQFa0xC1a0j7r8DaXv904
XUavRtaJ94Z42JV0EOGK8bv5w2b3xVI6joDXibZv40i9AgMBAAGjgZ0wgZowCQYD
VR0TBAIwADAPBgkrBgEFBQcwAQUEAgUAMBcGA1UdIAQQMA4wDAYKKwYBBAG+WAGC
LDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHwYDVR0jBBgw
FoAUkRlirVsXpzD78N45JbG9jLm4UScwHQYDVR0OBBYEFDCMRMCq4NuRHea2ivML
SiFeXNwLMA0GCSqGSIb3DQEBCwUAA4IBAQAwORlcAQNRNQUETFdKoa5nT61SOUmg
+8x9AERLXxe+A0aGmfkwzkGr0E2MOuXRSU0wpLZxNbSv6zPOc51i81y1q18lksoh
fKyHC/yf+V83nq4Q38wJYMOnL6WFg0cR3lMyvEYF1GlBZ7WuqXFYeFvbXHxkU2EG
jGZG9LDb+GsjbPo+K661xhvpuYXQr9aDBDKN+VcpTqPMKlPBiajomFIZ0/9DeY01
59TCXsxUfDRqeO7n75jiVZmgT7cH4OeR4qnDIpYmZDYHgB88lCBXhwz6PyLfRYii
AXwFf6Fi8MrrPccNwzyItA6YLu9gIgJSFAtjD5MBxZBsso6KpcsGBbcp
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=155519,public,no-transform,must-revalidate]
Content-Length: [1574]
Content-Type: [application/ocsp-response]
Date: [Wed, 24 May 2017 15:29:46 GMT]
Etag: ["427bdce8e658fc8617c59fb569c77a2b916b57c1"]
Expires: [Fri, 26 May 2017 15:29:46 GMT]
Last-Modified: [Wed, 24 May 2017 15:29:46 GMT]
Server: [Apache]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.quovadisglobal.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.quovadisglobal.com (POST)
Size: 1574 bytes (DER data)
Response time: 241.547907ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: QuoVadis OCSP Authority Signature
Issued by: QuoVadis Global SSL ICA G2
Signing certificate validity: 2016-11-03 - 2023-06-01
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:

Server and network information

Server Software: Apache

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBQizVAdki5cQPHmWNk6O3DgVg1ovgQUkRli
rVsXpzD78N45JbG9jLm4UScCFGWR4CO7K14YFH63ap7zMVbPXKzP
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGIgoBAKCCBhswggYXBgkrBgEFBQcwAQEEggYIMIIGBDCB+6FvMG0xCzAJBgNV
BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRcwFQYDVQQLEw5PQ1NQ
IFJlc3BvbmRlcjEqMCgGA1UEAxMhUXVvVmFkaXMgT0NTUCBBdXRob3JpdHkgU2ln
bmF0dXJlGA8yMDE3MDUyNDE1Mjk0NlowdzB1ME0wCQYFKw4DAhoFAAQUIs1QHZIu
XEDx5ljZOjtw4FYNaL4EFJEZYq1bF6cw+/DeOSWxvYy5uFEnAhRlkeAjuyteGBR+
t2qe8zFWz1ysz4AAGA8yMDE3MDUyNDE1Mjk0NlqgERgPMjAxNzA1MjYxNTI5NDZa
MA0GCSqGSIb3DQEBCwUAA4IBAQCNC/HoQGsXmLQF6p1MFpnuMcWhtv7dD324CYDm
R6JjHYxBdUKgddZWj+tQOgt/mC/UVnqpjS8iKmDqs1zJTHcK1Zkecs8JhPwLbnIq
VjOeCKEV7zLc1Y1OExWmV+hO0jd9joaIhfo4kUF0pl+XmHNqi2n8FGH3Gd0yI+47
MvkKboA/HUkA0qAiwjdxg4H0M5/pNK0UfZ5UVRUn9M0aMhkaHuA8baUue69M6YkM
2iPHuwY+XN1BnwzBnYwhcQBXH+I4y81Y4bSx53T0yzAOLlkycIywJQLz9y+qWFCP
5xoyl04QUk/s4S6vT0xS7fRaGQQjFIrPx+I4JjBSyoZtAIq3oIID7jCCA+owggPm
MIICzqADAgECAhQ71stVPAefEHywTAVRuWeTVME4JzANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEjMCEGA1UE
AxMaUXVvVmFkaXMgR2xvYmFsIFNTTCBJQ0EgRzIwHhcNMTYxMTAzMTcxODU1WhcN
MjMwNjAxMTMzNTA1WjBtMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMg
TGltaXRlZDEXMBUGA1UECxMOT0NTUCBSZXNwb25kZXIxKjAoBgNVBAMTIVF1b1Zh
ZGlzIE9DU1AgQXV0aG9yaXR5IFNpZ25hdHVyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJJPvqSJP4Ux+tJ3URn8q9FYahMUaHMKW5Vp/INWQcjiApsS
5uvUhh7Od9muSB7sh8oFncqK1bbiMg860Op4WXOWF1Ny3ZQbnG9A/lT/qoRcJ1mD
64JXIvlvo3d1f6DxYMWMg++Po4CMDJlluGtOHqzFpWk7WDvvkLDJvsFj6QJeDL7z
525sACKLnMK6Xdm0eZ0621uCtMtCOC1YoFwFOAI0bcsj6VyVGMTz1q02xlMF8GpX
F4FfXvcHFKNrfYnT+TZ/TyMv40Z7pyX9axQ/1y1AVrTELVrSPuvwNpe/3ThdRq9G
1on3hnjYlXQQ4Yrxu/nDZvfFUjqOgNeJtm/jSL0CAwEAAaOBnTCBmjAJBgNVHRME
AjAAMA8GCSsGAQUFBzABBQQCBQAwFwYDVR0gBBAwDjAMBgorBgEEAb5YAYIsMA4G
A1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAfBgNVHSMEGDAWgBSR
GWKtWxenMPvw3jklsb2MubhRJzAdBgNVHQ4EFgQUMIxEwKrg25Ed5raK8wtKIV5c
3AswDQYJKoZIhvcNAQELBQADggEBADA5GVwBA1E1BQRMV0qhrmdPrVI5SaD7zH0A
REtfF74DRoaZ+TDOQavQTYw65dFJTTCktnE1tK/rM85znWLzXLWrXyWSyiF8rIcL
/J/5XzeerhDfzAlgw6cvpYWDRxHeUzK8RgXUaUFnta6pcVh4W9tcfGRTYQaMZkb0
sNv4ayNs+j4rrrXGG+m5hdCv1oMEMo35VylOo8wqU8GJqOiYUhnT/0N5jTXn1MJe
zFR8NGp47ufvmOJVmaBPtwfg55HiqcMiliZkNgeAHzyUIFeHDPo/It9FiKIBfAV/
oWLwyus9xw3DPIi0Dpgu72AiAlIUC2MPkwHFkGyyjoqlywYFtyk=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID5jCCAs6gAwIBAgIUO9bLVTwHnxB8sEwFUblnk1TBOCcwDQYJKoZIhvcNAQEL
BQAwTTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxIzAh
BgNVBAMTGlF1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBIEcyMB4XDTE2MTEwMzE3MTg1
NVoXDTIzMDYwMTEzMzUwNVowbTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1Zh
ZGlzIExpbWl0ZWQxFzAVBgNVBAsTDk9DU1AgUmVzcG9uZGVyMSowKAYDVQQDEyFR
dW9WYWRpcyBPQ1NQIEF1dGhvcml0eSBTaWduYXR1cmUwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCST76kiT+FMfrSd1EZ/KvRWGoTFGhzCluVafyDVkHI
4gKbEubr1IYeznfZrkge7IfKBZ3KitW24jIPOtDqeFlzlhdTct2UG5xvQP5U/6qE
XCdZg+uCVyL5b6N3dX+g8WDFjIPvj6OAjAyZZbhrTh6sxaVpO1g775Cwyb7BY+kC
Xgy+8+dubAAii5zCul3ZtHmdOttbgrTLQjgtWKBcBTgCNG3LI+lclRjE89atNsZT
BfBqVxeBX173BxSja32J0/k2f08jL+NGe6cl/WsUP9ctQFa0xC1a0j7r8DaXv904
XUavRtaJ94Z42JV0EOGK8bv5w2b3xVI6joDXibZv40i9AgMBAAGjgZ0wgZowCQYD
VR0TBAIwADAPBgkrBgEFBQcwAQUEAgUAMBcGA1UdIAQQMA4wDAYKKwYBBAG+WAGC
LDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHwYDVR0jBBgw
FoAUkRlirVsXpzD78N45JbG9jLm4UScwHQYDVR0OBBYEFDCMRMCq4NuRHea2ivML
SiFeXNwLMA0GCSqGSIb3DQEBCwUAA4IBAQAwORlcAQNRNQUETFdKoa5nT61SOUmg
+8x9AERLXxe+A0aGmfkwzkGr0E2MOuXRSU0wpLZxNbSv6zPOc51i81y1q18lksoh
fKyHC/yf+V83nq4Q38wJYMOnL6WFg0cR3lMyvEYF1GlBZ7WuqXFYeFvbXHxkU2EG
jGZG9LDb+GsjbPo+K661xhvpuYXQr9aDBDKN+VcpTqPMKlPBiajomFIZ0/9DeY01
59TCXsxUfDRqeO7n75jiVZmgT7cH4OeR4qnDIpYmZDYHgB88lCBXhwz6PyLfRYii
AXwFf6Fi8MrrPccNwzyItA6YLu9gIgJSFAtjD5MBxZBsso6KpcsGBbcp
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1574]
Content-Type: [application/ocsp-response]
Date: [Wed, 24 May 2017 15:29:46 GMT]
Server: [Apache]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

QuoVadis Global SSL ICA G2 (CA Certificate)

Certificate details for QuoVadis Global SSL ICA G2 (At position 1 in certificate chain)
Serial number:
hex: 48982de2a92cb339e1c8f933358275d3e4f88255
int: 414441045951046581292119350263127430575186018901
Issued by: QuoVadis Root CA 2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: QuoVadis Limited
Country: BM
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.quovadisglobal.com/qvrca2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.quovadisglobal.com/qvrca2.crl
Size: 1216 bytes (DER data)
Response time: 411.871123ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 9

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: AmazonS3

Raw CRL response headers

Content-Length: [1216]
Content-Type: [application/pkix-crl]
Date: [Wed, 24 May 2017 15:28:57 GMT]
Etag: ["2a38fa7616227660cf09e031e6d04876"]
Last-Modified: [Wed, 24 May 2017 15:25:02 GMT]
Server: [AmazonS3]
X-Amz-Id-2: [Tn6qLqEx3jjsa52/o1wVoV9Qb8u1/qfjeJRi7ouAJ64BSqTz+sQY8Tjp/x2SeVp77863sx5WFMI=]
X-Amz-Request-Id: [956C804D286F1546]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.quovadisglobal.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.quovadisglobal.com (GET)
Size: 1822 bytes (DER data)
Response time: 289.690882ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: QuoVadis OCSP Authority Signature
Issued by: QuoVadis Root CA 2
Signing certificate validity: 2016-11-04 - 2020-02-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 43h11m59s

Server and network information

Server Software: Apache

URL used for GET request

http://ocsp.quovadisglobal.com/MFUwUzBRME8wTTAJBgUrDgMCGgUABBTyhcKR1A4XhQLFZRt5u%2BT8TDsYdQQUGoRivEhMMyUE1O7Q9gPEGUbRlGsCFEiYLeKpLLM54cj5MzWCddPk%2BIJV

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBTyhcKR1A4XhQLFZRt5u+T8TDsYdQQUGoRi
vEhMMyUE1O7Q9gPEGUbRlGsCFEiYLeKpLLM54cj5MzWCddPk+IJV
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHGgoBAKCCBxMwggcPBgkrBgEFBQcwAQEEggcAMIIG/DCB+6FvMG0xCzAJBgNV
BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRcwFQYDVQQLEw5PQ1NQ
IFJlc3BvbmRlcjEqMCgGA1UEAxMhUXVvVmFkaXMgT0NTUCBBdXRob3JpdHkgU2ln
bmF0dXJlGA8yMDE3MDUyNDE1Mjg1NlowdzB1ME0wCQYFKw4DAhoFAAQU8oXCkdQO
F4UCxWUbebvk/Ew7GHUEFBqEYrxITDMlBNTu0PYDxBlG0ZRrAhRImC3iqSyzOeHI
+TM1gnXT5PiCVYAAGA8yMDE3MDUyNDE1Mjg1NlqgERgPMjAxNzA1MjYxNTI4NTZa
MA0GCSqGSIb3DQEBCwUAA4IBAQAQb41QwW1Bto1KfsykAAGh4WMjUnrv/7nlFoDr
Xz81ZCcJ1zCOtX1s3DuLnA2r4TbYJ2l8D5fN3GrZ+g+v7469QCdDB2nnc8nn4RYD
HCOQnNlUg62VRBez4lKlSlDTkXtcdkmsvdOE2o04aZj0YasHLJZM7inmyF+7jVF7
9UmOLiIUOGnafq+H2JjTKAGHjbirqMvzi7aNzKRqfgbdWYzW2w/u4iFHYC4R8LpJ
SjKRHf6B+wOCe97tLj0+k4XPkhmNyIeww2VWvRZu54sd0TOm3xLEN9oP47xz16WQ
jAhd+tc0MGbGZBMzxqikjs8hgUpSaE9dd9D4ddBPSh2OEqqzoIIE5jCCBOIwggTe
MIICxqADAgECAhRU3eJIqOHmitSP3lDKIdhfVuWo/zANBgkqhkiG9w0BAQsFADBF
MQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UE
AxMSUXVvVmFkaXMgUm9vdCBDQSAyMB4XDTE2MTEwNDE2Mzg0MloXDTIwMDIwNTE2
Mzg0MlowbTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQx
FzAVBgNVBAsTDk9DU1AgUmVzcG9uZGVyMSowKAYDVQQDEyFRdW9WYWRpcyBPQ1NQ
IEF1dGhvcml0eSBTaWduYXR1cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpT1c9iJ+DU6WVSp7Wqsnx4CrYEnrUPC6mGeP73w/n+klFAWsJ2gza3dQr
EwugM1QxmpzD7CNCgmvLWqk7wMiOBg39o69VBU3Tfydm245KplPcNGu44IwTkaYC
HfeR1aAnh5NOo3OGdua3HWdH6Pk30+4rq1+4xr5jhaWV+mknVacK+96YhbA9xECp
pVtRqJlN/cErYjEzYTz0/KJik7wzc1/tAipx6JZaHM3rh7h6zLlc8XamjzA+tVWN
WHM5zx6yu3BB1I9q5K5m3G+ekN1dCyAr7udcyiicsX8nFKql7sb0bfUk1FOjhes5
0VREii1lgxrmxdHDupCeM3q9D46ZAgMBAAGjgZ0wgZowCQYDVR0TBAIwADAPBgkr
BgEFBQcwAQUEAgUAMBcGA1UdIAQQMA4wDAYKKwYBBAG+WAGCLDAOBgNVHQ8BAf8E
BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHwYDVR0jBBgwFoAUGoRivEhMMyUE
1O7Q9gPEGUbRlGswHQYDVR0OBBYEFE8O6c0LnL4NFD7GEZlCPob9ywJgMA0GCSqG
SIb3DQEBCwUAA4ICAQBZdwCRu3z7y2cGlI7SDtYjPCfar5hqVSosh6Qvz2CtNLbR
0t7FBUgZe5ZQeVIyxxsHJKMYGeDGqHvwuSStv5pF4GTvpM8yCkGpEmfGQkhZ8J8n
opURFtKcIHlLsGGJOhHo7EnJWIM7kJN2hJwaj5P3vukRZUUT8/10tFqsIHAC2Vih
oB5+PAg/RA+rRmIaYzIPnkd4RgyV87n17G5L2tUjNTe1e1k6jAcsmK6+Nh8N0CL2
4BJe7BguSkcKUaHLLscFZtYXNfuCVYf5A765owO4xm9v/mXh1yFH+1OXwfMyWefm
iYzDfnh0oj/6iMNB0E6VH8Trvobu2YGLhcQBI5hI+68wYxHkDO5NzcLx5hLXhAN+
OwBqc7DkHsbGNtNHaGPkYjk3Zxn92sDW8mFQYERidmmvoiwFDDQW02/ozjG2VuPq
AkhWbebl+1xteqjw4nGU5jsdBCbJqkUaIgdn8pYirersqIl4Tnqq3NPIjK1DgZWC
Yb9q5NCPN8jjpBMca3wDrWmBFeSn+7+KXuao0iGQh6jlpsDq+xt3lN2WN0CyrG0H
lPPjbmWP6dT9x3EplHcdylyOVUbanqvxuAJ/1iRDBBWgSOGdKGgh7ybUE9CEuQ36
qszutt3olN1uv1fO35mt1vSwrE1RX7SN6nct0+UNixE5OKITXKwR6QT0EtFozA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE3jCCAsagAwIBAgIUVN3iSKjh5orUj95QyiHYX1blqP8wDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0xNjExMDQxNjM4NDJaFw0yMDAy
MDUxNjM4NDJaMG0xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
dGVkMRcwFQYDVQQLEw5PQ1NQIFJlc3BvbmRlcjEqMCgGA1UEAxMhUXVvVmFkaXMg
T0NTUCBBdXRob3JpdHkgU2lnbmF0dXJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAqU9XPYifg1OllUqe1qrJ8eAq2BJ61Dwuphnj+98P5/pJRQFrCdoM
2t3UKxMLoDNUMZqcw+wjQoJry1qpO8DIjgYN/aOvVQVN038nZtuOSqZT3DRruOCM
E5GmAh33kdWgJ4eTTqNzhnbmtx1nR+j5N9PuK6tfuMa+Y4WllfppJ1WnCvvemIWw
PcRAqaVbUaiZTf3BK2IxM2E89PyiYpO8M3Nf7QIqceiWWhzN64e4esy5XPF2po8w
PrVVjVhzOc8esrtwQdSPauSuZtxvnpDdXQsgK+7nXMoonLF/JxSqpe7G9G31JNRT
o4XrOdFURIotZYMa5sXRw7qQnjN6vQ+OmQIDAQABo4GdMIGaMAkGA1UdEwQCMAAw
DwYJKwYBBQUHMAEFBAIFADAXBgNVHSAEEDAOMAwGCisGAQQBvlgBgiwwDgYDVR0P
AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFBqEYrxI
TDMlBNTu0PYDxBlG0ZRrMB0GA1UdDgQWBBRPDunNC5y+DRQ+xhGZQj6G/csCYDAN
BgkqhkiG9w0BAQsFAAOCAgEAWXcAkbt8+8tnBpSO0g7WIzwn2q+YalUqLIekL89g
rTS20dLexQVIGXuWUHlSMscbBySjGBngxqh78Lkkrb+aReBk76TPMgpBqRJnxkJI
WfCfJ6KVERbSnCB5S7BhiToR6OxJyViDO5CTdoScGo+T977pEWVFE/P9dLRarCBw
AtlYoaAefjwIP0QPq0ZiGmMyD55HeEYMlfO59exuS9rVIzU3tXtZOowHLJiuvjYf
DdAi9uASXuwYLkpHClGhyy7HBWbWFzX7glWH+QO+uaMDuMZvb/5l4dchR/tTl8Hz
Mlnn5omMw354dKI/+ojDQdBOlR/E676G7tmBi4XEASOYSPuvMGMR5AzuTc3C8eYS
14QDfjsAanOw5B7GxjbTR2hj5GI5N2cZ/drA1vJhUGBEYnZpr6IsBQw0FtNv6M4x
tlbj6gJIVm3m5ftcbXqo8OJxlOY7HQQmyapFGiIHZ/KWIq3q7KiJeE56qtzTyIyt
Q4GVgmG/auTQjzfI46QTHGt8A61pgRXkp/u/il7mqNIhkIeo5abA6vsbd5TdljdA
sqxtB5Tz425lj+nU/cdxKZR3HcpcjlVG2p6r8bgCf9YkQwQVoEjhnShoIe8m1BPQ
hLkN+qrM7rbd6JTdbr9Xzt+Zrdb0sKxNUV+0jep3LdPlDYsROTiiE1ysEekE9BLR
aMw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=155519,public,no-transform,must-revalidate]
Content-Length: [1822]
Content-Type: [application/ocsp-response]
Date: [Wed, 24 May 2017 15:28:56 GMT]
Etag: ["edb7059d4dac14d5e267069df2c59731894997ee"]
Expires: [Fri, 26 May 2017 15:28:56 GMT]
Last-Modified: [Wed, 24 May 2017 15:28:56 GMT]
Server: [Apache]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.quovadisglobal.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.quovadisglobal.com (POST)
Size: 1822 bytes (DER data)
Response time: 298.014674ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: QuoVadis OCSP Authority Signature
Issued by: QuoVadis Root CA 2
Signing certificate validity: 2016-11-04 - 2020-02-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:

Server and network information

Server Software: Apache

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFUwUzBRME8wTTAJBgUrDgMCGgUABBTyhcKR1A4XhQLFZRt5u+T8TDsYdQQUGoRi
vEhMMyUE1O7Q9gPEGUbRlGsCFEiYLeKpLLM54cj5MzWCddPk+IJV
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHGgoBAKCCBxMwggcPBgkrBgEFBQcwAQEEggcAMIIG/DCB+6FvMG0xCzAJBgNV
BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRcwFQYDVQQLEw5PQ1NQ
IFJlc3BvbmRlcjEqMCgGA1UEAxMhUXVvVmFkaXMgT0NTUCBBdXRob3JpdHkgU2ln
bmF0dXJlGA8yMDE3MDUyNDE1Mjg1NlowdzB1ME0wCQYFKw4DAhoFAAQU8oXCkdQO
F4UCxWUbebvk/Ew7GHUEFBqEYrxITDMlBNTu0PYDxBlG0ZRrAhRImC3iqSyzOeHI
+TM1gnXT5PiCVYAAGA8yMDE3MDUyNDE1Mjg1NlqgERgPMjAxNzA1MjYxNTI4NTZa
MA0GCSqGSIb3DQEBCwUAA4IBAQAQb41QwW1Bto1KfsykAAGh4WMjUnrv/7nlFoDr
Xz81ZCcJ1zCOtX1s3DuLnA2r4TbYJ2l8D5fN3GrZ+g+v7469QCdDB2nnc8nn4RYD
HCOQnNlUg62VRBez4lKlSlDTkXtcdkmsvdOE2o04aZj0YasHLJZM7inmyF+7jVF7
9UmOLiIUOGnafq+H2JjTKAGHjbirqMvzi7aNzKRqfgbdWYzW2w/u4iFHYC4R8LpJ
SjKRHf6B+wOCe97tLj0+k4XPkhmNyIeww2VWvRZu54sd0TOm3xLEN9oP47xz16WQ
jAhd+tc0MGbGZBMzxqikjs8hgUpSaE9dd9D4ddBPSh2OEqqzoIIE5jCCBOIwggTe
MIICxqADAgECAhRU3eJIqOHmitSP3lDKIdhfVuWo/zANBgkqhkiG9w0BAQsFADBF
MQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UE
AxMSUXVvVmFkaXMgUm9vdCBDQSAyMB4XDTE2MTEwNDE2Mzg0MloXDTIwMDIwNTE2
Mzg0MlowbTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQx
FzAVBgNVBAsTDk9DU1AgUmVzcG9uZGVyMSowKAYDVQQDEyFRdW9WYWRpcyBPQ1NQ
IEF1dGhvcml0eSBTaWduYXR1cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpT1c9iJ+DU6WVSp7Wqsnx4CrYEnrUPC6mGeP73w/n+klFAWsJ2gza3dQr
EwugM1QxmpzD7CNCgmvLWqk7wMiOBg39o69VBU3Tfydm245KplPcNGu44IwTkaYC
HfeR1aAnh5NOo3OGdua3HWdH6Pk30+4rq1+4xr5jhaWV+mknVacK+96YhbA9xECp
pVtRqJlN/cErYjEzYTz0/KJik7wzc1/tAipx6JZaHM3rh7h6zLlc8XamjzA+tVWN
WHM5zx6yu3BB1I9q5K5m3G+ekN1dCyAr7udcyiicsX8nFKql7sb0bfUk1FOjhes5
0VREii1lgxrmxdHDupCeM3q9D46ZAgMBAAGjgZ0wgZowCQYDVR0TBAIwADAPBgkr
BgEFBQcwAQUEAgUAMBcGA1UdIAQQMA4wDAYKKwYBBAG+WAGCLDAOBgNVHQ8BAf8E
BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHwYDVR0jBBgwFoAUGoRivEhMMyUE
1O7Q9gPEGUbRlGswHQYDVR0OBBYEFE8O6c0LnL4NFD7GEZlCPob9ywJgMA0GCSqG
SIb3DQEBCwUAA4ICAQBZdwCRu3z7y2cGlI7SDtYjPCfar5hqVSosh6Qvz2CtNLbR
0t7FBUgZe5ZQeVIyxxsHJKMYGeDGqHvwuSStv5pF4GTvpM8yCkGpEmfGQkhZ8J8n
opURFtKcIHlLsGGJOhHo7EnJWIM7kJN2hJwaj5P3vukRZUUT8/10tFqsIHAC2Vih
oB5+PAg/RA+rRmIaYzIPnkd4RgyV87n17G5L2tUjNTe1e1k6jAcsmK6+Nh8N0CL2
4BJe7BguSkcKUaHLLscFZtYXNfuCVYf5A765owO4xm9v/mXh1yFH+1OXwfMyWefm
iYzDfnh0oj/6iMNB0E6VH8Trvobu2YGLhcQBI5hI+68wYxHkDO5NzcLx5hLXhAN+
OwBqc7DkHsbGNtNHaGPkYjk3Zxn92sDW8mFQYERidmmvoiwFDDQW02/ozjG2VuPq
AkhWbebl+1xteqjw4nGU5jsdBCbJqkUaIgdn8pYirersqIl4Tnqq3NPIjK1DgZWC
Yb9q5NCPN8jjpBMca3wDrWmBFeSn+7+KXuao0iGQh6jlpsDq+xt3lN2WN0CyrG0H
lPPjbmWP6dT9x3EplHcdylyOVUbanqvxuAJ/1iRDBBWgSOGdKGgh7ybUE9CEuQ36
qszutt3olN1uv1fO35mt1vSwrE1RX7SN6nct0+UNixE5OKITXKwR6QT0EtFozA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE3jCCAsagAwIBAgIUVN3iSKjh5orUj95QyiHYX1blqP8wDQYJKoZIhvcNAQEL
BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0xNjExMDQxNjM4NDJaFw0yMDAy
MDUxNjM4NDJaMG0xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
dGVkMRcwFQYDVQQLEw5PQ1NQIFJlc3BvbmRlcjEqMCgGA1UEAxMhUXVvVmFkaXMg
T0NTUCBBdXRob3JpdHkgU2lnbmF0dXJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAqU9XPYifg1OllUqe1qrJ8eAq2BJ61Dwuphnj+98P5/pJRQFrCdoM
2t3UKxMLoDNUMZqcw+wjQoJry1qpO8DIjgYN/aOvVQVN038nZtuOSqZT3DRruOCM
E5GmAh33kdWgJ4eTTqNzhnbmtx1nR+j5N9PuK6tfuMa+Y4WllfppJ1WnCvvemIWw
PcRAqaVbUaiZTf3BK2IxM2E89PyiYpO8M3Nf7QIqceiWWhzN64e4esy5XPF2po8w
PrVVjVhzOc8esrtwQdSPauSuZtxvnpDdXQsgK+7nXMoonLF/JxSqpe7G9G31JNRT
o4XrOdFURIotZYMa5sXRw7qQnjN6vQ+OmQIDAQABo4GdMIGaMAkGA1UdEwQCMAAw
DwYJKwYBBQUHMAEFBAIFADAXBgNVHSAEEDAOMAwGCisGAQQBvlgBgiwwDgYDVR0P
AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFBqEYrxI
TDMlBNTu0PYDxBlG0ZRrMB0GA1UdDgQWBBRPDunNC5y+DRQ+xhGZQj6G/csCYDAN
BgkqhkiG9w0BAQsFAAOCAgEAWXcAkbt8+8tnBpSO0g7WIzwn2q+YalUqLIekL89g
rTS20dLexQVIGXuWUHlSMscbBySjGBngxqh78Lkkrb+aReBk76TPMgpBqRJnxkJI
WfCfJ6KVERbSnCB5S7BhiToR6OxJyViDO5CTdoScGo+T977pEWVFE/P9dLRarCBw
AtlYoaAefjwIP0QPq0ZiGmMyD55HeEYMlfO59exuS9rVIzU3tXtZOowHLJiuvjYf
DdAi9uASXuwYLkpHClGhyy7HBWbWFzX7glWH+QO+uaMDuMZvb/5l4dchR/tTl8Hz
Mlnn5omMw354dKI/+ojDQdBOlR/E676G7tmBi4XEASOYSPuvMGMR5AzuTc3C8eYS
14QDfjsAanOw5B7GxjbTR2hj5GI5N2cZ/drA1vJhUGBEYnZpr6IsBQw0FtNv6M4x
tlbj6gJIVm3m5ftcbXqo8OJxlOY7HQQmyapFGiIHZ/KWIq3q7KiJeE56qtzTyIyt
Q4GVgmG/auTQjzfI46QTHGt8A61pgRXkp/u/il7mqNIhkIeo5abA6vsbd5TdljdA
sqxtB5Tz425lj+nU/cdxKZR3HcpcjlVG2p6r8bgCf9YkQwQVoEjhnShoIe8m1BPQ
hLkN+qrM7rbd6JTdbr9Xzt+Zrdb0sKxNUV+0jep3LdPlDYsROTiiE1ysEekE9BLR
aMw=
-----END CERTIFICATE-----

Raw OCSP response headers

Content-Length: [1822]
Content-Type: [application/ocsp-response]
Date: [Wed, 24 May 2017 15:28:56 GMT]
Server: [Apache]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified cache header not set (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.