CRL & OCSP report for 0-assets.acs.org.topcat.switchinc.org - koha.switchinc.org

koha.switchinc.org

Certificate details for koha.switchinc.org (At position 0 in certificate chain)
Serial number:
hex: 5df951bc7a9f1fcf9419aaf242e3d944
int: 124912743333794337352589522895257196868
Issued by: GeoTrust DV SSL CA - G3
Public Key Algorithm: RSA
Not valid before:
Not valid after:
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-assets.acs.org.topcat.switchinc.org.

Certificate Revocation List (CRL)

This CRL was cached at
http://gt.symcb.com/gt.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gt.symcb.com/gt.crl
Size: 141351 bytes (DER data)
Response time: 19.158067ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 4025

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_HIT from a23-217-200-39.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Sat, 29 Apr 2017 17:26:33 GMT]
Etag: ["3e200430be688e3c3803ed4de0bbdd42:1493457061"]
Last-Modified: [Sat, 29 Apr 2017 09:11:01 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_HIT from a23-217-200-39.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gt.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gt.symcd.com (GET)
Size: 1455 bytes (DER data)
Response time: 60.402481ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust DV SSL CA - G3 OCSP Responder
Issued by: GeoTrust DV SSL CA - G3
Signing certificate validity: 2017-04-05 - 2017-07-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 138h52m59s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRYPS8usrA85jHipK5UlO17MFVDRgQUrWUihZDQO%2BOhSYs3%2BfELHV8XoHcCEF35Ubx6nx%2FPlBmq8kLj2UQ%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRYPS8usrA85jHipK5UlO17MFVDRgQUrWUi
hZDQO+OhSYs3+fELHV8XoHcCEF35Ubx6nx/PlBmq8kLj2UQ=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFqwoBAKCCBaQwggWgBgkrBgEFBQcwAQEEggWRMIIFjTCBnqIWBBSj7DW5EzBv
a5jfQ0qnFTMZxg7+hRgPMjAxNzA0MjMwMzMyMTRaMHMwcTBJMAkGBSsOAwIaBQAE
FFg9Ly6ysDzmMeKkrlSU7XswVUNGBBStZSKFkNA746FJizf58QsdXxegdwIQXflR
vHqfH8+UGaryQuPZRIAAGA8yMDE3MDQyMzAzMzIxNFqgERgPMjAxNzA0MzAwMzMy
MTRaMA0GCSqGSIb3DQEBBQUAA4IBAQBoi1iFZYXY+oVSpS44zBTr4i5r/9H41eDB
bxZJbS/FjPUHcwG7fuLSYDg+LF5gt4u4Xwno4V2q6hQYpG3cZwY+8De3ZQbGg7vj
Qq1fY8BlV23tjuRoPUh9X8g9FXs72Jb+fdU2z9zNew+mDSd9dU3hRBoOE0WR027A
96/aSYSiNi2Txhdhsp9zEDIHMtITIl+nIYWgSI/urcvmXa3Gq0fBR9xCidPEO0zo
Q5e9XZxDgnvlusW6tw57IPVIczHJk6mrSQHIJfmAN1ElTJKIZPzZm2W84ZCs5Mpm
kqCtMNPoyXWG9UqVHLkbV4A6RHxFn5wI5+bqgBqkwzcQNplf5gpPoIID1DCCA9Aw
ggPMMIICtKADAgECAhBmR3bqglT/GApRVHN6IMBuMA0GCSqGSIb3DQEBCwUAMGYx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEgMB4GA1UEAxMXR2VvVHJ1c3QgRFYgU1NMIENB
IC0gRzMwHhcNMTcwNDA1MDAwMDAwWhcNMTcwNzA0MjM1OTU5WjAxMS8wLQYDVQQD
EyZHZW9UcnVzdCBEViBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpV8w3BtczaJ7SKsUH85BcvOz0JcStm
nPHUbDAmsg5TbZJDOYCtz5tsviioOTg7gxUBxy/AzhgQNxMcAkyleYOsKWcJJsxx
GEJiZJxy8nSdCoOVBMI5gyY+KK71lgtvOPg/neM+UCzylnH1Y4IIPFSv/1+T8L3N
OdN5LXtdzHQxSmfiKmTOR1bVmCoOdrzi1/LpjkrBrvsWF+nCCDeTj6CiS6Pbln6p
M2veuszAipV64oO5MqjgxwKG0/w03du7wJxKgZN1uOcrEk+hclGHFMgBJK2tS82g
JuphhATnwF2Yy5+9d4dFukh+3y0zfXgYCvrG2Y0c9IcqplolArLqYSECAwEAAaOB
qjCBpzAPBgkrBgEFBQcwAQUEAgUAMCEGA1UdEQQaMBikFjAUMRIwEAYDVQQDEwlU
R1YtRS02NzMwHwYDVR0jBBgwFoAUrWUihZDQO+OhSYs3+fELHV8XoHcwHQYDVR0O
BBYEFKPsNbkTMG9rmN9DSqcVMxnGDv6FMAwGA1UdEwEB/wQCMAAwEwYDVR0lBAww
CgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCl
QIxbIQPX/uF5VuHJc6CUq3xUcQX88Y/Ll9nfkLmaQOX2aQsCfQKCI4qmnEws3HZ3
qcNpnB4bQNXV7JnB6G1L9GzHWfyX8JaPJWOVtzMamQO4b7y1L6U4aeNpKsj2O55f
a5KRVM5PeNb2uSER65m0hy0Td7JJSbAFMkn3WU9VJocxM/lUVyM6octI9Kwf52iM
UzrBC+6lbE7yRaz8Z9eCuk+EgGHC13kvTPO85rr7cdJ/gC4p1M+PnVPJrYOgLXyt
OWOU5DX6L0ZpNbLULc3oUlWsPyprE8mLk1CVRoFh/G4dET2iXrNjYG3nUrg4RUFX
hglXYnIKaUsh8tKVrh3j
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDzDCCArSgAwIBAgIQZkd26oJU/xgKUVRzeiDAbjANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMU
RG9tYWluIFZhbGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBD
QSAtIEczMB4XDTE3MDQwNTAwMDAwMFoXDTE3MDcwNDIzNTk1OVowMTEvMC0GA1UE
AxMmR2VvVHJ1c3QgRFYgU1NMIENBIC0gRzMgT0NTUCBSZXNwb25kZXIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKVfMNwbXM2ie0irFB/OQXLzs9CXEr
Zpzx1GwwJrIOU22SQzmArc+bbL4oqDk4O4MVAccvwM4YEDcTHAJMpXmDrClnCSbM
cRhCYmSccvJ0nQqDlQTCOYMmPiiu9ZYLbzj4P53jPlAs8pZx9WOCCDxUr/9fk/C9
zTnTeS17Xcx0MUpn4ipkzkdW1ZgqDna84tfy6Y5Kwa77Fhfpwgg3k4+gokuj25Z+
qTNr3rrMwIqVeuKDuTKo4McChtP8NN3bu8CcSoGTdbjnKxJPoXJRhxTIASStrUvN
oCbqYYQE58BdmMufvXeHRbpIft8tM314GAr6xtmNHPSHKqZaJQKy6mEhAgMBAAGj
gaowgacwDwYJKwYBBQUHMAEFBAIFADAhBgNVHREEGjAYpBYwFDESMBAGA1UEAxMJ
VEdWLUUtNjczMB8GA1UdIwQYMBaAFK1lIoWQ0DvjoUmLN/nxCx1fF6B3MB0GA1Ud
DgQWBBSj7DW5EzBva5jfQ0qnFTMZxg7+hTAMBgNVHRMBAf8EAjAAMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEA
pUCMWyED1/7heVbhyXOglKt8VHEF/PGPy5fZ35C5mkDl9mkLAn0CgiOKppxMLNx2
d6nDaZweG0DV1eyZwehtS/Rsx1n8l/CWjyVjlbczGpkDuG+8tS+lOGnjaSrI9jue
X2uSkVTOT3jW9rkhEeuZtIctE3eySUmwBTJJ91lPVSaHMTP5VFcjOqHLSPSsH+do
jFM6wQvupWxO8kWs/GfXgrpPhIBhwtd5L0zzvOa6+3HSf4AuKdTPj51Tya2DoC18
rTljlOQ1+i9GaTWy1C3N6FJVrD8qaxPJi5NQlUaBYfxuHRE9ol6zY2Bt51K4OEVB
V4YJV2JyCmlLIfLSla4d4w==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=499979, public, no-transform, must-revalidate]
Content-Length: [1455]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Mon, 24 Apr 2017 08:39:15 GMT]
Expires: [Sun, 30 Apr 2017 03:32:14 GMT]
Last-Modified: [Sun, 23 Apr 2017 03:32:14 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gt.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gt.symcd.com (POST)
Size: 1455 bytes (DER data)
Response time: 16.813436ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust DV SSL CA - G3 OCSP Responder
Issued by: GeoTrust DV SSL CA - G3
Signing certificate validity: 2017-04-05 - 2017-07-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 138h52m59s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRYPS8usrA85jHipK5UlO17MFVDRgQUrWUi
hZDQO+OhSYs3+fELHV8XoHcCEF35Ubx6nx/PlBmq8kLj2UQ=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFqwoBAKCCBaQwggWgBgkrBgEFBQcwAQEEggWRMIIFjTCBnqIWBBSj7DW5EzBv
a5jfQ0qnFTMZxg7+hRgPMjAxNzA0MjMwMzMyMTRaMHMwcTBJMAkGBSsOAwIaBQAE
FFg9Ly6ysDzmMeKkrlSU7XswVUNGBBStZSKFkNA746FJizf58QsdXxegdwIQXflR
vHqfH8+UGaryQuPZRIAAGA8yMDE3MDQyMzAzMzIxNFqgERgPMjAxNzA0MzAwMzMy
MTRaMA0GCSqGSIb3DQEBBQUAA4IBAQBoi1iFZYXY+oVSpS44zBTr4i5r/9H41eDB
bxZJbS/FjPUHcwG7fuLSYDg+LF5gt4u4Xwno4V2q6hQYpG3cZwY+8De3ZQbGg7vj
Qq1fY8BlV23tjuRoPUh9X8g9FXs72Jb+fdU2z9zNew+mDSd9dU3hRBoOE0WR027A
96/aSYSiNi2Txhdhsp9zEDIHMtITIl+nIYWgSI/urcvmXa3Gq0fBR9xCidPEO0zo
Q5e9XZxDgnvlusW6tw57IPVIczHJk6mrSQHIJfmAN1ElTJKIZPzZm2W84ZCs5Mpm
kqCtMNPoyXWG9UqVHLkbV4A6RHxFn5wI5+bqgBqkwzcQNplf5gpPoIID1DCCA9Aw
ggPMMIICtKADAgECAhBmR3bqglT/GApRVHN6IMBuMA0GCSqGSIb3DQEBCwUAMGYx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEgMB4GA1UEAxMXR2VvVHJ1c3QgRFYgU1NMIENB
IC0gRzMwHhcNMTcwNDA1MDAwMDAwWhcNMTcwNzA0MjM1OTU5WjAxMS8wLQYDVQQD
EyZHZW9UcnVzdCBEViBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpV8w3BtczaJ7SKsUH85BcvOz0JcStm
nPHUbDAmsg5TbZJDOYCtz5tsviioOTg7gxUBxy/AzhgQNxMcAkyleYOsKWcJJsxx
GEJiZJxy8nSdCoOVBMI5gyY+KK71lgtvOPg/neM+UCzylnH1Y4IIPFSv/1+T8L3N
OdN5LXtdzHQxSmfiKmTOR1bVmCoOdrzi1/LpjkrBrvsWF+nCCDeTj6CiS6Pbln6p
M2veuszAipV64oO5MqjgxwKG0/w03du7wJxKgZN1uOcrEk+hclGHFMgBJK2tS82g
JuphhATnwF2Yy5+9d4dFukh+3y0zfXgYCvrG2Y0c9IcqplolArLqYSECAwEAAaOB
qjCBpzAPBgkrBgEFBQcwAQUEAgUAMCEGA1UdEQQaMBikFjAUMRIwEAYDVQQDEwlU
R1YtRS02NzMwHwYDVR0jBBgwFoAUrWUihZDQO+OhSYs3+fELHV8XoHcwHQYDVR0O
BBYEFKPsNbkTMG9rmN9DSqcVMxnGDv6FMAwGA1UdEwEB/wQCMAAwEwYDVR0lBAww
CgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCl
QIxbIQPX/uF5VuHJc6CUq3xUcQX88Y/Ll9nfkLmaQOX2aQsCfQKCI4qmnEws3HZ3
qcNpnB4bQNXV7JnB6G1L9GzHWfyX8JaPJWOVtzMamQO4b7y1L6U4aeNpKsj2O55f
a5KRVM5PeNb2uSER65m0hy0Td7JJSbAFMkn3WU9VJocxM/lUVyM6octI9Kwf52iM
UzrBC+6lbE7yRaz8Z9eCuk+EgGHC13kvTPO85rr7cdJ/gC4p1M+PnVPJrYOgLXyt
OWOU5DX6L0ZpNbLULc3oUlWsPyprE8mLk1CVRoFh/G4dET2iXrNjYG3nUrg4RUFX
hglXYnIKaUsh8tKVrh3j
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDzDCCArSgAwIBAgIQZkd26oJU/xgKUVRzeiDAbjANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMU
RG9tYWluIFZhbGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBD
QSAtIEczMB4XDTE3MDQwNTAwMDAwMFoXDTE3MDcwNDIzNTk1OVowMTEvMC0GA1UE
AxMmR2VvVHJ1c3QgRFYgU1NMIENBIC0gRzMgT0NTUCBSZXNwb25kZXIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKVfMNwbXM2ie0irFB/OQXLzs9CXEr
Zpzx1GwwJrIOU22SQzmArc+bbL4oqDk4O4MVAccvwM4YEDcTHAJMpXmDrClnCSbM
cRhCYmSccvJ0nQqDlQTCOYMmPiiu9ZYLbzj4P53jPlAs8pZx9WOCCDxUr/9fk/C9
zTnTeS17Xcx0MUpn4ipkzkdW1ZgqDna84tfy6Y5Kwa77Fhfpwgg3k4+gokuj25Z+
qTNr3rrMwIqVeuKDuTKo4McChtP8NN3bu8CcSoGTdbjnKxJPoXJRhxTIASStrUvN
oCbqYYQE58BdmMufvXeHRbpIft8tM314GAr6xtmNHPSHKqZaJQKy6mEhAgMBAAGj
gaowgacwDwYJKwYBBQUHMAEFBAIFADAhBgNVHREEGjAYpBYwFDESMBAGA1UEAxMJ
VEdWLUUtNjczMB8GA1UdIwQYMBaAFK1lIoWQ0DvjoUmLN/nxCx1fF6B3MB0GA1Ud
DgQWBBSj7DW5EzBva5jfQ0qnFTMZxg7+hTAMBgNVHRMBAf8EAjAAMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEA
pUCMWyED1/7heVbhyXOglKt8VHEF/PGPy5fZ35C5mkDl9mkLAn0CgiOKppxMLNx2
d6nDaZweG0DV1eyZwehtS/Rsx1n8l/CWjyVjlbczGpkDuG+8tS+lOGnjaSrI9jue
X2uSkVTOT3jW9rkhEeuZtIctE3eySUmwBTJJ91lPVSaHMTP5VFcjOqHLSPSsH+do
jFM6wQvupWxO8kWs/GfXgrpPhIBhwtd5L0zzvOa6+3HSf4AuKdTPj51Tya2DoC18
rTljlOQ1+i9GaTWy1C3N6FJVrD8qaxPJi5NQlUaBYfxuHRE9ol6zY2Bt51K4OEVB
V4YJV2JyCmlLIfLSla4d4w==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=499979, public, no-transform, must-revalidate]
Content-Length: [1455]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Mon, 24 Apr 2017 08:39:15 GMT]
Expires: [Sun, 30 Apr 2017 03:32:14 GMT]
Last-Modified: [Sun, 23 Apr 2017 03:32:14 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust DV SSL CA - G3 (CA Certificate)

Certificate details for GeoTrust DV SSL CA - G3 (At position 1 in certificate chain)
Serial number:
hex: 23a73
int: 146035
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Organization unit: Domain Validated SSL
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.