CRL & OCSP report for 0-checkpoint.riag.com.lawpac.lawnet.fordham.edu - lawpac.lawnet.fordham.edu

lawpac.lawnet.fordham.edu

Certificate details for lawpac.lawnet.fordham.edu (At position 0 in certificate chain)
Serial number:
hex: 975b0198debebf48
int: 10906312678691487560
Issued by: Go Daddy Secure Certificate Authority - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: Domain Control Validated
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-checkpoint.riag.com.lawpac.lawnet.fordham.edu.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.godaddy.com/gdig2s1-290.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.godaddy.com/gdig2s1-290.crl
Size: 52278 bytes (DER data)
Response time: 143.756651ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1239

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: Apache

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=259200]
Content-Length: [52278]
Content-Type: [application/pkix-crl]
Date: [Fri, 28 Apr 2017 06:07:10 GMT]
Etag: ["cc36-54e2309a23300"]
Expires: [Mon, 01 May 2017 06:07:10 GMT]
Last-Modified: [Thu, 27 Apr 2017 10:01:16 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.godaddy.com/ (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.godaddy.com/ (POST)
Size: 1777 bytes (DER data)
Response time: 48.245006ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Go Daddy Validation Authority - G2
Issued by: Go Daddy Secure Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 34h0m13s

Server and network information

Server Software: Apache

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEowSDBGMEQwQjAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9
J47MNIMwojPX+2yz8LQsgM4CCQCXWwGY3r6/SA==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIG7QoBAKCCBuYwggbiBgkrBgEFBQcwAQEEggbTMIIGzzCB+6F6MHgxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRUw
EwYDVQQKEwxHb0RhZGR5IEluYy4xKzApBgNVBAMTIkdvIERhZGR5IFZhbGlkYXRp
b24gQXV0aG9yaXR5IC0gRzIYDzIwMTcwNDI3MDg1OTMyWjBsMGowQjAJBgUrDgMC
GgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX+2yz8LQsgM4C
CQCXWwGY3r6/SIAAGA8yMDE3MDQyNzA4NTkzMlqgERgPMjAxNzA0MjgyMDU5MzJa
MA0GCSqGSIb3DQEBBQUAA4IBAQARbh+6TPSBVcEJEdJvF+2+GkMrKPQVcsQTHLNs
j3tYgXsrXfUBGZSr8KEa3OHtxpgYkLVYUSpU4cCMdcyHtAVU9rmxx3PiC5gtFtYs
U344QgTHwfwL7jH2IGF3p+EHMxYHSSwxZBERdm+Cn0Khmx4/FFvXlNlk3RQaLhKH
YKoWiMzfsIToyNdD8wtYRKYvLJ5mWfcrziXIDLMl45HOAkyyYzodjmaV+u4JA4mX
B9X7ctc/cNBu6Cknimalw7fuHgvDGdoRyPtT/ZWyO2IgeSMTf6cl7tlaWxWG4dEA
PeJVBNoKfW7eObsplpWe5kZ2z7XY3fdJmHao9iSJsHW6rv37oIIEuTCCBLUwggSx
MIIDmaADAgECAggzprL4sHhYYzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMC
VVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNV
BAoTEUdvRGFkZHkuY29tLCBJbmMuMS0wKwYDVQQLEyRodHRwOi8vY2VydHMuZ29k
YWRkeS5jb20vcmVwb3NpdG9yeS8xMzAxBgNVBAMTKkdvIERhZGR5IFNlY3VyZSBD
ZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0xNzEy
MTMwNzAwMDBaMHgxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYD
VQQHEwpTY290dHNkYWxlMRUwEwYDVQQKEwxHb0RhZGR5IEluYy4xKzApBgNVBAMT
IkdvIERhZGR5IFZhbGlkYXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDDErfsw30Hf/hAxEiB+MSDi8yZAoDhaslimDLF
Y72B+7wnZVNBABrtgJc2IiIym2hmC20BbTn/qIWoi5ensF9OBSJnVunPe+VKInvl
5zBmDlckp1hyF7/6unxV+0YMIedLzjAg7ihwgqcdzK2FOYNJD9yfj7L/YxNjXNI5
Dnh0Gna6VU6PBxglqM+1wixSHwnY41pKAy7uAdP/cnoTWgvmcKzsvXJ1BDYZxP/t
FjCKFHTi5A/xKtuAE1QVVwXu0N6OP+4c2Fj6AAYoKx6QeqtbtSC6QfmXtit63Vs+
Lfd5Psqgsm52VRSriWcud1UuDw7M34kR3yBGaNk2RgYCFX1/AgMBAAGjggEAMIH9
MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMBMGA1UdJQQMMAoGCCsGAQUF
BwMJMB0GA1UdDgQWBBTFhkohftnytX2hAaysXl3+FYL3vzAPBgkrBgEFBQcwAQUE
AgUAMEwGA1UdHwRFMEMwQaA/oD2GO2h0dHA6Ly9jcmwuZ29kYWRkeS5jb20vcmVw
b3NpdG9yeS9tYXN0ZXJnb2RhZGR5Mmlzc3VpbmcuY3JsMEoGA1UdIARDMEEwPwYL
YIZIAYb9bQEHFwEwMDAuBggrBgEFBQcCARYiaHR0cDovL2NybC5nb2RhZGR5LmNv
bS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAJv+j83K18m9ZGfccEvbd
p7T5javvXUHBJZi1uLl3JzQvktEOFtciLLIqCVk/6zbE4azA56XcAg6SEyRcoqej
rWoIMTeEfde/PvdmK6wHVL70bf7bIOjXNWnirXCY4w7b10QhsIkPQM9kGmn5udgo
e3TcBmAFDZNpmURNbOn2dAJQ3OpAhAQO7nx2WO9UGzu8NhU6QLtUJ2b1WVcmg1VA
d66CC0x2mn7tSvVBuE84MitMkHga2WMNfYOddw7rQj53wBlBEswn+IFGw6Q38G96
7qmG2ZdoadGEDv2Kq3Q0OnhJQCzpcBssK1r2GW8vbYILRVBYmTtnAKbqqqjIyfKC
jw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIIM6ay+LB4WGMwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz
LmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1
cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTYxMjEzMDcwMDAwWhcN
MTcxMjEzMDcwMDAwWjB4MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEVMBMGA1UEChMMR29EYWRkeSBJbmMuMSswKQYD
VQQDEyJHbyBEYWRkeSBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxK37MN9B3/4QMRIgfjEg4vMmQKA4WrJ
YpgyxWO9gfu8J2VTQQAa7YCXNiIiMptoZgttAW05/6iFqIuXp7BfTgUiZ1bpz3vl
SiJ75ecwZg5XJKdYche/+rp8VftGDCHnS84wIO4ocIKnHcythTmDSQ/cn4+y/2MT
Y1zSOQ54dBp2ulVOjwcYJajPtcIsUh8J2ONaSgMu7gHT/3J6E1oL5nCs7L1ydQQ2
GcT/7RYwihR04uQP8SrbgBNUFVcF7tDejj/uHNhY+gAGKCsekHqrW7UgukH5l7Yr
et1bPi33eT7KoLJudlUUq4lnLndVLg8OzN+JEd8gRmjZNkYGAhV9fwIDAQABo4IB
ADCB/TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggr
BgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978wDwYJKwYBBQUH
MAEFBAIFADBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmdvZGFkZHkuY29t
L3JlcG9zaXRvcnkvbWFzdGVyZ29kYWRkeTJpc3N1aW5nLmNybDBKBgNVHSAEQzBB
MD8GC2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRk
eS5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBACb/o/NytfJvWRn3
HBL23ae0+Y2r711BwSWYtbi5dyc0L5LRDhbXIiyyKglZP+s2xOGswOel3AIOkhMk
XKKno61qCDE3hH3Xvz73ZiusB1S+9G3+2yDo1zVp4q1wmOMO29dEIbCJD0DPZBpp
+bnYKHt03AZgBQ2TaZlETWzp9nQCUNzqQIQEDu58dljvVBs7vDYVOkC7VCdm9VlX
JoNVQHeuggtMdpp+7Ur1QbhPODIrTJB4GtljDX2DnXcO60I+d8AZQRLMJ/iBRsOk
N/Bveu6phtmXaGnRhA79iqt0NDp4SUAs6XAbLCta9hlvL22CC0VQWJk7ZwCm6qqo
yMnygo8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=122413, public, no-transform, must-revalidate]
Content-Length: [1777]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 27 Apr 2017 09:11:56 GMT]
Etag: ["a2f3b71478df818ba421bcfa5102dea3581751a0"]
Expires: [Fri, 28 Apr 2017 20:59:32 GMT]
Last-Modified: [Thu, 27 Apr 2017 08:59:32 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.godaddy.com/ (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.godaddy.com/ (GET)
Size: 1777 bytes (DER data)
Response time: 48.459007ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Go Daddy Validation Authority - G2
Issued by: Go Daddy Secure Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 33h59m35s

Server and network information

Server Software: Apache

URL used for GET request

http:/MEowSDBGMEQwQjAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX%2B2yz8LQsgM4CCQCXWwGY3r6%2FSA%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEowSDBGMEQwQjAJBgUrDgMCGgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9
J47MNIMwojPX+2yz8LQsgM4CCQCXWwGY3r6/SA==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIG7QoBAKCCBuYwggbiBgkrBgEFBQcwAQEEggbTMIIGzzCB+6F6MHgxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRUw
EwYDVQQKEwxHb0RhZGR5IEluYy4xKzApBgNVBAMTIkdvIERhZGR5IFZhbGlkYXRp
b24gQXV0aG9yaXR5IC0gRzIYDzIwMTcwNDI3MDg1OTMyWjBsMGowQjAJBgUrDgMC
GgUABBS2CA1fbGt26xPkOKX4ZguoUjM0TgQUQMK9J47MNIMwojPX+2yz8LQsgM4C
CQCXWwGY3r6/SIAAGA8yMDE3MDQyNzA4NTkzMlqgERgPMjAxNzA0MjgyMDU5MzJa
MA0GCSqGSIb3DQEBBQUAA4IBAQARbh+6TPSBVcEJEdJvF+2+GkMrKPQVcsQTHLNs
j3tYgXsrXfUBGZSr8KEa3OHtxpgYkLVYUSpU4cCMdcyHtAVU9rmxx3PiC5gtFtYs
U344QgTHwfwL7jH2IGF3p+EHMxYHSSwxZBERdm+Cn0Khmx4/FFvXlNlk3RQaLhKH
YKoWiMzfsIToyNdD8wtYRKYvLJ5mWfcrziXIDLMl45HOAkyyYzodjmaV+u4JA4mX
B9X7ctc/cNBu6Cknimalw7fuHgvDGdoRyPtT/ZWyO2IgeSMTf6cl7tlaWxWG4dEA
PeJVBNoKfW7eObsplpWe5kZ2z7XY3fdJmHao9iSJsHW6rv37oIIEuTCCBLUwggSx
MIIDmaADAgECAggzprL4sHhYYzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMC
VVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNV
BAoTEUdvRGFkZHkuY29tLCBJbmMuMS0wKwYDVQQLEyRodHRwOi8vY2VydHMuZ29k
YWRkeS5jb20vcmVwb3NpdG9yeS8xMzAxBgNVBAMTKkdvIERhZGR5IFNlY3VyZSBD
ZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0xNzEy
MTMwNzAwMDBaMHgxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYD
VQQHEwpTY290dHNkYWxlMRUwEwYDVQQKEwxHb0RhZGR5IEluYy4xKzApBgNVBAMT
IkdvIERhZGR5IFZhbGlkYXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDDErfsw30Hf/hAxEiB+MSDi8yZAoDhaslimDLF
Y72B+7wnZVNBABrtgJc2IiIym2hmC20BbTn/qIWoi5ensF9OBSJnVunPe+VKInvl
5zBmDlckp1hyF7/6unxV+0YMIedLzjAg7ihwgqcdzK2FOYNJD9yfj7L/YxNjXNI5
Dnh0Gna6VU6PBxglqM+1wixSHwnY41pKAy7uAdP/cnoTWgvmcKzsvXJ1BDYZxP/t
FjCKFHTi5A/xKtuAE1QVVwXu0N6OP+4c2Fj6AAYoKx6QeqtbtSC6QfmXtit63Vs+
Lfd5Psqgsm52VRSriWcud1UuDw7M34kR3yBGaNk2RgYCFX1/AgMBAAGjggEAMIH9
MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMBMGA1UdJQQMMAoGCCsGAQUF
BwMJMB0GA1UdDgQWBBTFhkohftnytX2hAaysXl3+FYL3vzAPBgkrBgEFBQcwAQUE
AgUAMEwGA1UdHwRFMEMwQaA/oD2GO2h0dHA6Ly9jcmwuZ29kYWRkeS5jb20vcmVw
b3NpdG9yeS9tYXN0ZXJnb2RhZGR5Mmlzc3VpbmcuY3JsMEoGA1UdIARDMEEwPwYL
YIZIAYb9bQEHFwEwMDAuBggrBgEFBQcCARYiaHR0cDovL2NybC5nb2RhZGR5LmNv
bS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAJv+j83K18m9ZGfccEvbd
p7T5javvXUHBJZi1uLl3JzQvktEOFtciLLIqCVk/6zbE4azA56XcAg6SEyRcoqej
rWoIMTeEfde/PvdmK6wHVL70bf7bIOjXNWnirXCY4w7b10QhsIkPQM9kGmn5udgo
e3TcBmAFDZNpmURNbOn2dAJQ3OpAhAQO7nx2WO9UGzu8NhU6QLtUJ2b1WVcmg1VA
d66CC0x2mn7tSvVBuE84MitMkHga2WMNfYOddw7rQj53wBlBEswn+IFGw6Q38G96
7qmG2ZdoadGEDv2Kq3Q0OnhJQCzpcBssK1r2GW8vbYILRVBYmTtnAKbqqqjIyfKC
jw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIIM6ay+LB4WGMwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRz
LmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1
cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTYxMjEzMDcwMDAwWhcN
MTcxMjEzMDcwMDAwWjB4MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEVMBMGA1UEChMMR29EYWRkeSBJbmMuMSswKQYD
VQQDEyJHbyBEYWRkeSBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxK37MN9B3/4QMRIgfjEg4vMmQKA4WrJ
YpgyxWO9gfu8J2VTQQAa7YCXNiIiMptoZgttAW05/6iFqIuXp7BfTgUiZ1bpz3vl
SiJ75ecwZg5XJKdYche/+rp8VftGDCHnS84wIO4ocIKnHcythTmDSQ/cn4+y/2MT
Y1zSOQ54dBp2ulVOjwcYJajPtcIsUh8J2ONaSgMu7gHT/3J6E1oL5nCs7L1ydQQ2
GcT/7RYwihR04uQP8SrbgBNUFVcF7tDejj/uHNhY+gAGKCsekHqrW7UgukH5l7Yr
et1bPi33eT7KoLJudlUUq4lnLndVLg8OzN+JEd8gRmjZNkYGAhV9fwIDAQABo4IB
ADCB/TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggr
BgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978wDwYJKwYBBQUH
MAEFBAIFADBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmdvZGFkZHkuY29t
L3JlcG9zaXRvcnkvbWFzdGVyZ29kYWRkeTJpc3N1aW5nLmNybDBKBgNVHSAEQzBB
MD8GC2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRk
eS5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBACb/o/NytfJvWRn3
HBL23ae0+Y2r711BwSWYtbi5dyc0L5LRDhbXIiyyKglZP+s2xOGswOel3AIOkhMk
XKKno61qCDE3hH3Xvz73ZiusB1S+9G3+2yDo1zVp4q1wmOMO29dEIbCJD0DPZBpp
+bnYKHt03AZgBQ2TaZlETWzp9nQCUNzqQIQEDu58dljvVBs7vDYVOkC7VCdm9VlX
JoNVQHeuggtMdpp+7Ur1QbhPODIrTJB4GtljDX2DnXcO60I+d8AZQRLMJ/iBRsOk
N/Bveu6phtmXaGnRhA79iqt0NDp4SUAs6XAbLCta9hlvL22CC0VQWJk7ZwCm6qqo
yMnygo8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=122375, public, no-transform, must-revalidate]
Content-Length: [1777]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 27 Apr 2017 09:12:36 GMT]
Etag: ["a2f3b71478df818ba421bcfa5102dea3581751a0"]
Expires: [Fri, 28 Apr 2017 20:59:32 GMT]
Last-Modified: [Thu, 27 Apr 2017 08:59:32 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Go Daddy Secure Certificate Authority - G2 (CA Certificate)

Certificate details for Go Daddy Secure Certificate Authority - G2 (At position 1 in certificate chain)
Serial number:
hex: 7
int: 7
Issued by: Go Daddy Root Certificate Authority - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
State / Province: Arizona
Locality: Scottsdale
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.godaddy.com/gdroot-g2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.godaddy.com/gdroot-g2.crl
Size: 462 bytes (DER data)
Response time: 45.202163ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 0

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: Apache

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=259200]
Content-Length: [462]
Content-Type: [application/pkix-crl]
Date: [Fri, 28 Apr 2017 08:05:12 GMT]
Etag: ["1ce-543a28e7ef080"]
Expires: [Mon, 01 May 2017 08:05:12 GMT]
Last-Modified: [Wed, 14 Dec 2016 18:32:18 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.godaddy.com/ (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.godaddy.com/ (POST)
Size: 1730 bytes (DER data)
Response time: 50.562701ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Go Daddy Root Validation Authority - G2
Issued by: Go Daddy Root Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 31h11m10s

Server and network information

Server Software: Apache

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEIwQDA+MDwwOjAJBgUrDgMCGgUABBQdI2+OBkuXH93foRUj4a7lAr4rGwQUOpqF
BxBnKLbv9r0FQW4gwZTaD94CAQc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGvgoBAKCCBrcwggazBgkrBgEFBQcwAQEEggakMIIGoDCB/6GBhTCBgjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUx
GjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTAwLgYDVQQDEydHbyBEYWRkeSBS
b290IFZhbGlkYXRpb24gQXV0aG9yaXR5IC0gRzIYDzIwMTcwNDI4MDQ1NTQ0WjBk
MGIwOjAJBgUrDgMCGgUABBQdI2+OBkuXH93foRUj4a7lAr4rGwQUOpqFBxBnKLbv
9r0FQW4gwZTaD94CAQeAABgPMjAxNzA0MjgwNDU1NDRaoBEYDzIwMTcwNDI5MTY1
NTQ0WjANBgkqhkiG9w0BAQUFAAOCAQEArVfkwaXnIC2gtirZaUdk+B8FmloOYX7H
WW2Dq6tfRqbBRn9+ayaz5RVFzoW5G7sV7sjoh1EUpmrMH3ExQ/95DB4XZDi0n+UI
bDKL6yGI29cBLpsYViXjsDOkkzCMM58vuEVrlpB+NyZPCCgVDWTFpMePzkhe2BtK
nUmsSYVAPqja3Hb6R2Xtwm+o6NQ/hEaSAu2zCfwG00Vt3blP+p6pUPGQHb1hpNdW
bKGDaXI8DDNHDycbjGqy5jaJjU4YVhZkKqEJhsakqnePflmgRXhWEwmx6OYCS/1U
VTbPcuKQR27fgSfDXhTHTbeUWGqbbLARYB1YYHMRcW13ToLfqHpukaCCBIYwggSC
MIIEfjCCA2agAwIBAgIIAlR8ANLxDDcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0x
NzEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
MDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBH
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4
xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ew
X04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5
g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNa
C+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6
q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIV
fX8CAwEAAaOB9DCB8TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978w
DwYJKwYBBQUHMAEFBAIFADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmdv
ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LWcyLmNybDBKBgNVHSAEQzBBMD8G
C2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRkeS5j
b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD3O7aHU0cx8Ued53GtJ
JB/vo1RAf2ZmxW3Q3wUxG/ON/dGDXOMRFDEwla5UluC3zWWytZ1Go9WVaN1k8w5Q
7dN1puQIVbbOwy2OYtZlbqQT9RnPwMwwYSyfb9QNdDdPurf0eClCr/Q54fk5BKBy
rmw3msFD53d39C/GVbP3ulhLKIo64A68ENIJpFrBG2iQSFEBv1ohbRedCn11bD2b
d82aOnwWKlPVx87RLOo3UiU/MNRsCdlhzEPF14FNPpvmdPO5NweVBCfj7iOqMeNw
D8pauPYhnpApYDVfkDffUAbUr7YrdSxjJvZHt3D2rgU+kkYJc+hC3ze30906Xg0P
wkI=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEfjCCA2agAwIBAgIIAlR8ANLxDDcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0x
NzEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
MDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBH
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4
xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ew
X04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5
g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNa
C+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6
q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIV
fX8CAwEAAaOB9DCB8TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978w
DwYJKwYBBQUHMAEFBAIFADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmdv
ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LWcyLmNybDBKBgNVHSAEQzBBMD8G
C2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRkeS5j
b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD3O7aHU0cx8Ued53GtJ
JB/vo1RAf2ZmxW3Q3wUxG/ON/dGDXOMRFDEwla5UluC3zWWytZ1Go9WVaN1k8w5Q
7dN1puQIVbbOwy2OYtZlbqQT9RnPwMwwYSyfb9QNdDdPurf0eClCr/Q54fk5BKBy
rmw3msFD53d39C/GVbP3ulhLKIo64A68ENIJpFrBG2iQSFEBv1ohbRedCn11bD2b
d82aOnwWKlPVx87RLOo3UiU/MNRsCdlhzEPF14FNPpvmdPO5NweVBCfj7iOqMeNw
D8pauPYhnpApYDVfkDffUAbUr7YrdSxjJvZHt3D2rgU+kkYJc+hC3ze30906Xg0P
wkI=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=112270, public, no-transform, must-revalidate]
Content-Length: [1730]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 28 Apr 2017 08:06:05 GMT]
Etag: ["a13faa672e0f908f8e10231f0c51bc449011abf5"]
Expires: [Sat, 29 Apr 2017 16:55:44 GMT]
Last-Modified: [Fri, 28 Apr 2017 04:55:44 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.godaddy.com/ (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.godaddy.com/ (GET)
Size: 1730 bytes (DER data)
Response time: 54.299154ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Go Daddy Root Validation Authority - G2
Issued by: Go Daddy Root Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 31h12m1s

Server and network information

Server Software: Apache

URL used for GET request

http:/MEIwQDA%2BMDwwOjAJBgUrDgMCGgUABBQdI2%2BOBkuXH93foRUj4a7lAr4rGwQUOpqFBxBnKLbv9r0FQW4gwZTaD94CAQc%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEIwQDA+MDwwOjAJBgUrDgMCGgUABBQdI2+OBkuXH93foRUj4a7lAr4rGwQUOpqF
BxBnKLbv9r0FQW4gwZTaD94CAQc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGvgoBAKCCBrcwggazBgkrBgEFBQcwAQEEggakMIIGoDCB/6GBhTCBgjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUx
GjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTAwLgYDVQQDEydHbyBEYWRkeSBS
b290IFZhbGlkYXRpb24gQXV0aG9yaXR5IC0gRzIYDzIwMTcwNDI4MDQ1NTQ0WjBk
MGIwOjAJBgUrDgMCGgUABBQdI2+OBkuXH93foRUj4a7lAr4rGwQUOpqFBxBnKLbv
9r0FQW4gwZTaD94CAQeAABgPMjAxNzA0MjgwNDU1NDRaoBEYDzIwMTcwNDI5MTY1
NTQ0WjANBgkqhkiG9w0BAQUFAAOCAQEArVfkwaXnIC2gtirZaUdk+B8FmloOYX7H
WW2Dq6tfRqbBRn9+ayaz5RVFzoW5G7sV7sjoh1EUpmrMH3ExQ/95DB4XZDi0n+UI
bDKL6yGI29cBLpsYViXjsDOkkzCMM58vuEVrlpB+NyZPCCgVDWTFpMePzkhe2BtK
nUmsSYVAPqja3Hb6R2Xtwm+o6NQ/hEaSAu2zCfwG00Vt3blP+p6pUPGQHb1hpNdW
bKGDaXI8DDNHDycbjGqy5jaJjU4YVhZkKqEJhsakqnePflmgRXhWEwmx6OYCS/1U
VTbPcuKQR27fgSfDXhTHTbeUWGqbbLARYB1YYHMRcW13ToLfqHpukaCCBIYwggSC
MIIEfjCCA2agAwIBAgIIAlR8ANLxDDcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0x
NzEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
MDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBH
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4
xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ew
X04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5
g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNa
C+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6
q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIV
fX8CAwEAAaOB9DCB8TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978w
DwYJKwYBBQUHMAEFBAIFADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmdv
ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LWcyLmNybDBKBgNVHSAEQzBBMD8G
C2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRkeS5j
b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD3O7aHU0cx8Ued53GtJ
JB/vo1RAf2ZmxW3Q3wUxG/ON/dGDXOMRFDEwla5UluC3zWWytZ1Go9WVaN1k8w5Q
7dN1puQIVbbOwy2OYtZlbqQT9RnPwMwwYSyfb9QNdDdPurf0eClCr/Q54fk5BKBy
rmw3msFD53d39C/GVbP3ulhLKIo64A68ENIJpFrBG2iQSFEBv1ohbRedCn11bD2b
d82aOnwWKlPVx87RLOo3UiU/MNRsCdlhzEPF14FNPpvmdPO5NweVBCfj7iOqMeNw
D8pauPYhnpApYDVfkDffUAbUr7YrdSxjJvZHt3D2rgU+kkYJc+hC3ze30906Xg0P
wkI=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEfjCCA2agAwIBAgIIAlR8ANLxDDcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0x
NzEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
MDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBH
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4
xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ew
X04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5
g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNa
C+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6
q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIV
fX8CAwEAAaOB9DCB8TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978w
DwYJKwYBBQUHMAEFBAIFADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmdv
ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LWcyLmNybDBKBgNVHSAEQzBBMD8G
C2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRkeS5j
b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD3O7aHU0cx8Ued53GtJ
JB/vo1RAf2ZmxW3Q3wUxG/ON/dGDXOMRFDEwla5UluC3zWWytZ1Go9WVaN1k8w5Q
7dN1puQIVbbOwy2OYtZlbqQT9RnPwMwwYSyfb9QNdDdPurf0eClCr/Q54fk5BKBy
rmw3msFD53d39C/GVbP3ulhLKIo64A68ENIJpFrBG2iQSFEBv1ohbRedCn11bD2b
d82aOnwWKlPVx87RLOo3UiU/MNRsCdlhzEPF14FNPpvmdPO5NweVBCfj7iOqMeNw
D8pauPYhnpApYDVfkDffUAbUr7YrdSxjJvZHt3D2rgU+kkYJc+hC3ze30906Xg0P
wkI=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=112321, public, no-transform, must-revalidate]
Content-Length: [1730]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 28 Apr 2017 08:05:11 GMT]
Etag: ["a13faa672e0f908f8e10231f0c51bc449011abf5"]
Expires: [Sat, 29 Apr 2017 16:55:44 GMT]
Last-Modified: [Fri, 28 Apr 2017 04:55:44 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Go Daddy Root Certificate Authority - G2 (CA Certificate)

Certificate details for Go Daddy Root Certificate Authority - G2 (At position 2 in certificate chain)
Serial number:
hex: 0
int: 0
Issued by: Go Daddy Root Certificate Authority - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GoDaddy.com, Inc.
State / Province: Arizona
Locality: Scottsdale
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.