CRL & OCSP report for 0-checkpoint.riag.com.liucat.lib.liu.edu - liucat.lib.liu.edu (Long Island University)

liucat.lib.liu.edu

This certificate was cached at
Certificate details for liucat.lib.liu.edu (At position 0 in certificate chain)
Serial number:
hex: 71c15248a9a98bc3d39f81e15dca36c8
int: 151206545731915850979071105880289851080
Issued by: thawte EV SSL CA - G3
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Company registration number: Government Entity
Organization: Long Island University
Organization unit: IT
State / Province: New York
Locality: Greenvale
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-checkpoint.riag.com.liucat.lib.liu.edu.

Certificate Revocation List (CRL)

This CRL was cached at
http://ti.symcb.com/ti.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://ti.symcb.com/ti.crl
Size: 18689 bytes (DER data)
Response time: 97.723457ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 521

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Wed, 29 Mar 2017 09:04:30 GMT]
Etag: ["1f53ab296288a2a5e834e6dcf54a1246:1490736803"]
Last-Modified: [Tue, 28 Mar 2017 21:01:31 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ti.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ti.symcd.com (POST)
Size: 1420 bytes (DER data)
Response time: 109.630134ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte EV SSL CA - G3 OCSP Responder
Issued by: thawte EV SSL CA - G3
Signing certificate validity: 2017-02-04 - 2017-05-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 131h20m15s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRf3h+5hEjM/dnIiVtt0Z/tptP7EQQU8HBR
2tMqkU9Sd9eGd3QPznEabCICEHHBUkipqYvD05+B4V3KNsg=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFiAoBAKCCBYEwggV9BgkrBgEFBQcwAQEEggVuMIIFajCBnqIWBBQmvCDjDfoF
mrvj7Ibj+k6Gw9mAdRgPMjAxNzAzMjcxMzA0MjVaMHMwcTBJMAkGBSsOAwIaBQAE
FF/eH7mESMz92ciJW23Rn+2m0/sRBBTwcFHa0yqRT1J314Z3dA/OcRpsIgIQccFS
SKmpi8PTn4HhXco2yIAAGA8yMDE3MDMyNzEzMDQyNVqgERgPMjAxNzA0MDMxMzA0
MjVaMA0GCSqGSIb3DQEBBQUAA4IBAQA3hOJbzWj85xjhS5H0xocvtTOWlVN1U4rq
qMB7YWX8Ugh8Qu7X5cwdoj+NueTqOh6nDlogz72NFeCej41n7Y+RPPY+AhUISHIw
0Y8W5km9rN66K7EZWeQI9rSk38b2Ow9b5r/YWQP3R5di1okMP7Rc3W89afr1Fd2A
S7YuTobWKSAXVc5T0BXoDXxCfVu5jz2wohGnqAzqWldHvGrWgLO57wFDoMzQd71/
1pVbiQdEZ4HerfHupjz8wG+Ub+8fOYmXQdKj8VogxCB8AMvLIGZ0yoasy6x4f2Uw
EyT16MapwgVOAFTs2Boc4W/wAzzlvkcQSQOd7U4nMF7xeJPwSbfQoIIDsTCCA60w
ggOpMIICkaADAgECAhBhrxTI1gCx9vRbBNrEYAdEMA0GCSqGSIb3DQEBCwUAMEQx
CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xHjAcBgNVBAMTFXRo
YXd0ZSBFViBTU0wgQ0EgLSBHMzAeFw0xNzAyMDQwMDAwMDBaFw0xNzA1MDUyMzU5
NTlaMC8xLTArBgNVBAMTJHRoYXd0ZSBFViBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3Bv
bmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKpCXNjRdNubgUJx
P6/l1KYL0EnB8CtTURhQS/REPLwtjIMOj54MUUKKj3sIxVs3Qd8hGLPJrlqS3U/q
5u6ILU4yBlsJNEnVGZw4vQ/aTzuFqXG21Vzsg5CvP/tbxNa82oAvbkwCXz2Tp2EU
cG8SPpTJ1YeKrPR9KBzDLl59x07X1KcELath3Lc6N9BXtR4FZaEueEyeIHGsPXVm
eVH4QXub9gcfiy+pyrtbPEJG+mOlgaZYtHeE6e1oGiRFITXgCu57kmSqJNFzv4TZ
W8tH5Aft593BAdva325MaxGaGGAuLDm2Y8UtetWV2apEh7u/bHrUEi98KjQ/zdzh
CiHtSUsCAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAV
MRMwEQYDVQQDEwpUR1YtRC0zODY2MB8GA1UdIwQYMBaAFPBwUdrTKpFPUnfXhnd0
D85xGmwiMB0GA1UdDgQWBBQmvCDjDfoFmrvj7Ibj+k6Gw9mAdTAMBgNVHRMBAf8E
AjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG
9w0BAQsFAAOCAQEAWd0E9b3gOG5yeCvpjOZ9tBOimc0lXn5IwGO/S9xonaS91Sm8
W4a9nHyaicuE2/8DM0AGQ3kqVEcI9ifzJpqojeRBBspfj5cV520F1p1fIQylORSU
xjoZ7ICyR1RuadGkuPc8YpZ2E3hJ/OMnBzI0APDt61kHyXk+vX5tKin4G+087M9s
Yn4xbj/zoXRmjFvshwNQERcwxvb7eRxpTbCG6SB3N2s29XVChBcC3/Dt1DjF+KzO
cRrYBtlKu03T4RhLGKm9Q/GMvKJWFBN/Q/czYSRvBRqpV7G3PLlgO00l8QrzbFSz
rd6Uym5MLJwu5Qe0gneunNmUPgMGNCwRCTkRlQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDqTCCApGgAwIBAgIQYa8UyNYAsfb0WwTaxGAHRDANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR4wHAYDVQQDExV0
aGF3dGUgRVYgU1NMIENBIC0gRzMwHhcNMTcwMjA0MDAwMDAwWhcNMTcwNTA1MjM1
OTU5WjAvMS0wKwYDVQQDEyR0aGF3dGUgRVYgU1NMIENBIC0gRzMgT0NTUCBSZXNw
b25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqQlzY0XTbm4FC
cT+v5dSmC9BJwfArU1EYUEv0RDy8LYyDDo+eDFFCio97CMVbN0HfIRizya5akt1P
6ubuiC1OMgZbCTRJ1RmcOL0P2k87halxttVc7IOQrz/7W8TWvNqAL25MAl89k6dh
FHBvEj6UydWHiqz0fSgcwy5efcdO19SnBC2rYdy3OjfQV7UeBWWhLnhMniBxrD11
ZnlR+EF7m/YHH4svqcq7WzxCRvpjpYGmWLR3hOntaBokRSE14Arue5JkqiTRc7+E
2VvLR+QH7efdwQHb2t9uTGsRmhhgLiw5tmPFLXrVldmqRIe7v2x61BIvfCo0P83c
4Qoh7UlLAgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcw
FTETMBEGA1UEAxMKVEdWLUQtMzg2NjAfBgNVHSMEGDAWgBTwcFHa0yqRT1J314Z3
dA/OcRpsIjAdBgNVHQ4EFgQUJrwg4w36BZq74+yG4/pOhsPZgHUwDAYDVR0TAQH/
BAIwADATBgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZI
hvcNAQELBQADggEBAFndBPW94Dhucngr6YzmfbQTopnNJV5+SMBjv0vcaJ2kvdUp
vFuGvZx8monLhNv/AzNABkN5KlRHCPYn8yaaqI3kQQbKX4+XFedtBdadXyEMpTkU
lMY6GeyAskdUbmnRpLj3PGKWdhN4SfzjJwcyNADw7etZB8l5Pr1+bSop+BvtPOzP
bGJ+MW4/86F0Zoxb7IcDUBEXMMb2+3kcaU2whukgdzdrNvV1QoQXAt/w7dQ4xfis
znEa2AbZSrtN0+EYSxipvUPxjLyiVhQTf0P3M2EkbwUaqVextzy5YDtNJfEK82xU
s63elMpuTCycLuUHtIJ3rpzZlD4DBjQsEQk5EZU=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=472815, public, no-transform, must-revalidate]
Content-Length: [1420]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 29 Mar 2017 01:44:10 GMT]
Expires: [Mon, 3 Apr 2017 13:04:25 GMT]
Last-Modified: [Mon, 27 Mar 2017 13:04:25 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ti.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ti.symcd.com (GET)
Size: 1420 bytes (DER data)
Response time: 77.417502ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte EV SSL CA - G3 OCSP Responder
Issued by: thawte EV SSL CA - G3
Signing certificate validity: 2017-02-04 - 2017-05-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 131h20m15s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRf3h%2B5hEjM%2FdnIiVtt0Z%2FtptP7EQQU8HBR2tMqkU9Sd9eGd3QPznEabCICEHHBUkipqYvD05%2BB4V3KNsg%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRf3h+5hEjM/dnIiVtt0Z/tptP7EQQU8HBR
2tMqkU9Sd9eGd3QPznEabCICEHHBUkipqYvD05+B4V3KNsg=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFiAoBAKCCBYEwggV9BgkrBgEFBQcwAQEEggVuMIIFajCBnqIWBBQmvCDjDfoF
mrvj7Ibj+k6Gw9mAdRgPMjAxNzAzMjcxMzA0MjVaMHMwcTBJMAkGBSsOAwIaBQAE
FF/eH7mESMz92ciJW23Rn+2m0/sRBBTwcFHa0yqRT1J314Z3dA/OcRpsIgIQccFS
SKmpi8PTn4HhXco2yIAAGA8yMDE3MDMyNzEzMDQyNVqgERgPMjAxNzA0MDMxMzA0
MjVaMA0GCSqGSIb3DQEBBQUAA4IBAQA3hOJbzWj85xjhS5H0xocvtTOWlVN1U4rq
qMB7YWX8Ugh8Qu7X5cwdoj+NueTqOh6nDlogz72NFeCej41n7Y+RPPY+AhUISHIw
0Y8W5km9rN66K7EZWeQI9rSk38b2Ow9b5r/YWQP3R5di1okMP7Rc3W89afr1Fd2A
S7YuTobWKSAXVc5T0BXoDXxCfVu5jz2wohGnqAzqWldHvGrWgLO57wFDoMzQd71/
1pVbiQdEZ4HerfHupjz8wG+Ub+8fOYmXQdKj8VogxCB8AMvLIGZ0yoasy6x4f2Uw
EyT16MapwgVOAFTs2Boc4W/wAzzlvkcQSQOd7U4nMF7xeJPwSbfQoIIDsTCCA60w
ggOpMIICkaADAgECAhBhrxTI1gCx9vRbBNrEYAdEMA0GCSqGSIb3DQEBCwUAMEQx
CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xHjAcBgNVBAMTFXRo
YXd0ZSBFViBTU0wgQ0EgLSBHMzAeFw0xNzAyMDQwMDAwMDBaFw0xNzA1MDUyMzU5
NTlaMC8xLTArBgNVBAMTJHRoYXd0ZSBFViBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3Bv
bmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKpCXNjRdNubgUJx
P6/l1KYL0EnB8CtTURhQS/REPLwtjIMOj54MUUKKj3sIxVs3Qd8hGLPJrlqS3U/q
5u6ILU4yBlsJNEnVGZw4vQ/aTzuFqXG21Vzsg5CvP/tbxNa82oAvbkwCXz2Tp2EU
cG8SPpTJ1YeKrPR9KBzDLl59x07X1KcELath3Lc6N9BXtR4FZaEueEyeIHGsPXVm
eVH4QXub9gcfiy+pyrtbPEJG+mOlgaZYtHeE6e1oGiRFITXgCu57kmSqJNFzv4TZ
W8tH5Aft593BAdva325MaxGaGGAuLDm2Y8UtetWV2apEh7u/bHrUEi98KjQ/zdzh
CiHtSUsCAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAV
MRMwEQYDVQQDEwpUR1YtRC0zODY2MB8GA1UdIwQYMBaAFPBwUdrTKpFPUnfXhnd0
D85xGmwiMB0GA1UdDgQWBBQmvCDjDfoFmrvj7Ibj+k6Gw9mAdTAMBgNVHRMBAf8E
AjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG
9w0BAQsFAAOCAQEAWd0E9b3gOG5yeCvpjOZ9tBOimc0lXn5IwGO/S9xonaS91Sm8
W4a9nHyaicuE2/8DM0AGQ3kqVEcI9ifzJpqojeRBBspfj5cV520F1p1fIQylORSU
xjoZ7ICyR1RuadGkuPc8YpZ2E3hJ/OMnBzI0APDt61kHyXk+vX5tKin4G+087M9s
Yn4xbj/zoXRmjFvshwNQERcwxvb7eRxpTbCG6SB3N2s29XVChBcC3/Dt1DjF+KzO
cRrYBtlKu03T4RhLGKm9Q/GMvKJWFBN/Q/czYSRvBRqpV7G3PLlgO00l8QrzbFSz
rd6Uym5MLJwu5Qe0gneunNmUPgMGNCwRCTkRlQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDqTCCApGgAwIBAgIQYa8UyNYAsfb0WwTaxGAHRDANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMR4wHAYDVQQDExV0
aGF3dGUgRVYgU1NMIENBIC0gRzMwHhcNMTcwMjA0MDAwMDAwWhcNMTcwNTA1MjM1
OTU5WjAvMS0wKwYDVQQDEyR0aGF3dGUgRVYgU1NMIENBIC0gRzMgT0NTUCBSZXNw
b25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqQlzY0XTbm4FC
cT+v5dSmC9BJwfArU1EYUEv0RDy8LYyDDo+eDFFCio97CMVbN0HfIRizya5akt1P
6ubuiC1OMgZbCTRJ1RmcOL0P2k87halxttVc7IOQrz/7W8TWvNqAL25MAl89k6dh
FHBvEj6UydWHiqz0fSgcwy5efcdO19SnBC2rYdy3OjfQV7UeBWWhLnhMniBxrD11
ZnlR+EF7m/YHH4svqcq7WzxCRvpjpYGmWLR3hOntaBokRSE14Arue5JkqiTRc7+E
2VvLR+QH7efdwQHb2t9uTGsRmhhgLiw5tmPFLXrVldmqRIe7v2x61BIvfCo0P83c
4Qoh7UlLAgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcw
FTETMBEGA1UEAxMKVEdWLUQtMzg2NjAfBgNVHSMEGDAWgBTwcFHa0yqRT1J314Z3
dA/OcRpsIjAdBgNVHQ4EFgQUJrwg4w36BZq74+yG4/pOhsPZgHUwDAYDVR0TAQH/
BAIwADATBgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZI
hvcNAQELBQADggEBAFndBPW94Dhucngr6YzmfbQTopnNJV5+SMBjv0vcaJ2kvdUp
vFuGvZx8monLhNv/AzNABkN5KlRHCPYn8yaaqI3kQQbKX4+XFedtBdadXyEMpTkU
lMY6GeyAskdUbmnRpLj3PGKWdhN4SfzjJwcyNADw7etZB8l5Pr1+bSop+BvtPOzP
bGJ+MW4/86F0Zoxb7IcDUBEXMMb2+3kcaU2whukgdzdrNvV1QoQXAt/w7dQ4xfis
znEa2AbZSrtN0+EYSxipvUPxjLyiVhQTf0P3M2EkbwUaqVextzy5YDtNJfEK82xU
s63elMpuTCycLuUHtIJ3rpzZlD4DBjQsEQk5EZU=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=472815, public, no-transform, must-revalidate]
Content-Length: [1420]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 29 Mar 2017 01:44:10 GMT]
Expires: [Mon, 3 Apr 2017 13:04:25 GMT]
Last-Modified: [Mon, 27 Mar 2017 13:04:25 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

thawte EV SSL CA - G3 (CA Certificate)

This certificate was cached at
Certificate details for thawte EV SSL CA - G3 (At position 1 in certificate chain)
Serial number:
hex: 5d72fb337620f64c7280dbe91281ff6a
int: 124215220411876031223968719307607768938
Issued by: thawte Primary Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: thawte, Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://t1.symcb.com/ThawtePCA.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://t1.symcb.com/ThawtePCA.crl
Size: 537 bytes (DER data)
Response time: 33.141997ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Wed, 29 Mar 2017 16:31:32 GMT]
Etag: ["9a0c909d0279c1bbdf66260ef952850c:1490320987"]
Last-Modified: [Fri, 24 Mar 2017 02:01:25 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://t2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://t2.symcb.com (GET)
Size: 1504 bytes (DER data)
Response time: 4.977449ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte Primary Root OCSP Responder Certificate 5
Issued by: thawte Primary Root CA
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 141h15m5s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEF1y%2BzN2IPZMcoDb6RKB%2F2o%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD/yl6nWPkczAQUe1tF
z6/Oy3r9MZIaarbzRutXSFACEF1y+zN2IPZMcoDb6RKB/2o=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF3AoBAKCCBdUwggXRBgkrBgEFBQcwAQEEggXCMIIFvjCBnqIWBBSy2bdAZSGF
dJEJzQWJNOXg5SwcIxgPMjAxNzAzMjgxMjExNDlaMHMwcTBJMAkGBSsOAwIaBQAE
FDAXimvD1LuYJsIQcP/KXqdY+RzMBBR7W0XPr87Lev0xkhpqtvNG61dIUAIQXXL7
M3Yg9kxygNvpEoH/aoAAGA8yMDE3MDMyODEyMTE0OVqgERgPMjAxNzA0MDQxMjEx
NDlaMA0GCSqGSIb3DQEBBQUAA4IBAQCEobKewlQwxZfWVwDkCY+SZgP5LVOqpNmk
FnEtJgGStVpoeDSIlhwCAFDWFY40YtpR0shuPmnoEEQXW0Tz2foOa0xAglDAr/8Z
TTQMOAxqDhr0l0ypff9Iyx8jAcltJS0Zp+CeM7zRT9bdvnj+ohEpkZmQQd4IMyFr
XvGkCgXrv9NVzGY6vhAQBIflykNXnPsCisLbKVDNA1GE0tY5RqlQ/69Tkruarvze
JEgA+VbVDrNfhq5SaZKv3apcwhFj2sAj95nyZGxDIhXdtZmVPT1h0UZlOr5KUkxF
v1qQoMzFndyaOq28pK6k4Kkz0ChUZdFXtXjRztCgIIE958z/pHODoIIEBTCCBAEw
ggP9MIIC5aADAgECAhBqIaLOBLu8Jqunme8AdApUMA0GCSqGSIb3DQEBBQUAMIGp
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYDVQQLEy8oYykgMjAw
NiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UE
AxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTAeFw0xNjExMjIwMDAwMDBaFw0xNzEy
MTQyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4x
OTA3BgNVBAMTMHRoYXd0ZSBQcmltYXJ5IFJvb3QgT0NTUCBSZXNwb25kZXIgQ2Vy
dGlmaWNhdGUgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwOc/CD
T/ilVz6H2rkWETL80qIX5ttu5I16yxgPVYUP2Qy1D6dpiw9JZb0Tw134T58HpV+B
e3HSYDvEwPLyCBgKDNGAQ4RTEvuVDAJXhDHFDe+tE3wUWX0QCsmqMqXTc/BI18Zx
1vekmip6OnwyEoRdlaIeRv1qFLOGj9NqcQrh3CN/4SJb/DnWmTQta4gODnKS/ADF
WRs/wB3rqPDBZhBLBqywq6YRmzcz6hb/dpddqcTp7tDtEHmw+BDWTl/92a2YwJAw
9mKjfzqNYZa37ydH0MYioCjreLj++js4ZCM+av59twiH//GjaqSaQnW2z7rKM/5A
5tBowI+SWtr93p8CAwEAAaNqMGgwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYB
BQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREE
GzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MTANBgkqhkiG9w0BAQUFAAOCAQEA
MZQVzAXoEbM5j6fQNNDzrTvMeEMlOlf8ShOg6pa5Y6/s9m+3nEqxRZhdJXtqn7YI
2736XikAfsn7cVikARa66mlLn6QxdnbUHX/TUpJf2/nZqCb2T80lmSjOfLwBzdgD
9N4MUzs16ivcuEEEJhuBhtcp/66+oEQqdXdLejHG61bRkhnqrW6U9sGBPhoQw2Hq
G3zclM6IlNJX+LYxOuDDD/5SbKAbcy+QBsue7Yf5XG7lZacI9CVFreoggA+YR8VQ
SVChJNc4k3ALASLz2OckP2X/357OiJFcsoqNdeo70ZLPLS4U/gOn60QiAnxonBCJ
PjZyT4sg074MlhPJSGR+HA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIQaiGizgS7vCarp5nvAHQKVDANBgkqhkiG9w0BAQUFADCB
qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcx
MjE0MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
MTkwNwYDVQQDEzB0aGF3dGUgUHJpbWFyeSBSb290IE9DU1AgUmVzcG9uZGVyIENl
cnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDnPw
g0/4pVc+h9q5FhEy/NKiF+bbbuSNessYD1WFD9kMtQ+naYsPSWW9E8Nd+E+fB6Vf
gXtx0mA7xMDy8ggYCgzRgEOEUxL7lQwCV4QxxQ3vrRN8FFl9EArJqjKl03PwSNfG
cdb3pJoqejp8MhKEXZWiHkb9ahSzho/TanEK4dwjf+EiW/w51pk0LWuIDg5ykvwA
xVkbP8Ad66jwwWYQSwassKumEZs3M+oW/3aXXanE6e7Q7RB5sPgQ1k5f/dmtmMCQ
MPZio386jWGWt+8nR9DGIqAo63i4/vo7OGQjPmr+fbcIh//xo2qkmkJ1ts+6yjP+
QObQaMCPklra/d6fAgMBAAGjajBoMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsG
AQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwIgYDVR0R
BBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTEwDQYJKoZIhvcNAQEFBQADggEB
ADGUFcwF6BGzOY+n0DTQ8607zHhDJTpX/EoToOqWuWOv7PZvt5xKsUWYXSV7ap+2
CNu9+l4pAH7J+3FYpAEWuuppS5+kMXZ21B1/01KSX9v52agm9k/NJZkozny8Ac3Y
A/TeDFM7Neor3LhBBCYbgYbXKf+uvqBEKnV3S3oxxutW0ZIZ6q1ulPbBgT4aEMNh
6ht83JTOiJTSV/i2MTrgww/+UmygG3MvkAbLnu2H+Vxu5WWnCPQlRa3qIIAPmEfF
UElQoSTXOJNwCwEi89jnJD9l/9+ezoiRXLKKjXXqO9GSzy0uFP4Dp+tEIgJ8aJwQ
iT42ck+LINO+DJYTyUhkfhw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=508505, public, no-transform, must-revalidate]
Content-Length: [1504]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 29 Mar 2017 14:59:50 GMT]
Expires: [Tue, 4 Apr 2017 12:11:49 GMT]
Last-Modified: [Tue, 28 Mar 2017 12:11:49 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m6s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://t2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://t2.symcb.com (POST)
Size: 1504 bytes (DER data)
Response time: 5.801613ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte Primary Root OCSP Responder Certificate 5
Issued by: thawte Primary Root CA
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 141h15m1s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD/yl6nWPkczAQUe1tF
z6/Oy3r9MZIaarbzRutXSFACEF1y+zN2IPZMcoDb6RKB/2o=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF3AoBAKCCBdUwggXRBgkrBgEFBQcwAQEEggXCMIIFvjCBnqIWBBSy2bdAZSGF
dJEJzQWJNOXg5SwcIxgPMjAxNzAzMjgxMjExNDlaMHMwcTBJMAkGBSsOAwIaBQAE
FDAXimvD1LuYJsIQcP/KXqdY+RzMBBR7W0XPr87Lev0xkhpqtvNG61dIUAIQXXL7
M3Yg9kxygNvpEoH/aoAAGA8yMDE3MDMyODEyMTE0OVqgERgPMjAxNzA0MDQxMjEx
NDlaMA0GCSqGSIb3DQEBBQUAA4IBAQCEobKewlQwxZfWVwDkCY+SZgP5LVOqpNmk
FnEtJgGStVpoeDSIlhwCAFDWFY40YtpR0shuPmnoEEQXW0Tz2foOa0xAglDAr/8Z
TTQMOAxqDhr0l0ypff9Iyx8jAcltJS0Zp+CeM7zRT9bdvnj+ohEpkZmQQd4IMyFr
XvGkCgXrv9NVzGY6vhAQBIflykNXnPsCisLbKVDNA1GE0tY5RqlQ/69Tkruarvze
JEgA+VbVDrNfhq5SaZKv3apcwhFj2sAj95nyZGxDIhXdtZmVPT1h0UZlOr5KUkxF
v1qQoMzFndyaOq28pK6k4Kkz0ChUZdFXtXjRztCgIIE958z/pHODoIIEBTCCBAEw
ggP9MIIC5aADAgECAhBqIaLOBLu8Jqunme8AdApUMA0GCSqGSIb3DQEBBQUAMIGp
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYDVQQLEy8oYykgMjAw
NiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UE
AxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTAeFw0xNjExMjIwMDAwMDBaFw0xNzEy
MTQyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4x
OTA3BgNVBAMTMHRoYXd0ZSBQcmltYXJ5IFJvb3QgT0NTUCBSZXNwb25kZXIgQ2Vy
dGlmaWNhdGUgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwOc/CD
T/ilVz6H2rkWETL80qIX5ttu5I16yxgPVYUP2Qy1D6dpiw9JZb0Tw134T58HpV+B
e3HSYDvEwPLyCBgKDNGAQ4RTEvuVDAJXhDHFDe+tE3wUWX0QCsmqMqXTc/BI18Zx
1vekmip6OnwyEoRdlaIeRv1qFLOGj9NqcQrh3CN/4SJb/DnWmTQta4gODnKS/ADF
WRs/wB3rqPDBZhBLBqywq6YRmzcz6hb/dpddqcTp7tDtEHmw+BDWTl/92a2YwJAw
9mKjfzqNYZa37ydH0MYioCjreLj++js4ZCM+av59twiH//GjaqSaQnW2z7rKM/5A
5tBowI+SWtr93p8CAwEAAaNqMGgwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYB
BQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREE
GzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MTANBgkqhkiG9w0BAQUFAAOCAQEA
MZQVzAXoEbM5j6fQNNDzrTvMeEMlOlf8ShOg6pa5Y6/s9m+3nEqxRZhdJXtqn7YI
2736XikAfsn7cVikARa66mlLn6QxdnbUHX/TUpJf2/nZqCb2T80lmSjOfLwBzdgD
9N4MUzs16ivcuEEEJhuBhtcp/66+oEQqdXdLejHG61bRkhnqrW6U9sGBPhoQw2Hq
G3zclM6IlNJX+LYxOuDDD/5SbKAbcy+QBsue7Yf5XG7lZacI9CVFreoggA+YR8VQ
SVChJNc4k3ALASLz2OckP2X/357OiJFcsoqNdeo70ZLPLS4U/gOn60QiAnxonBCJ
PjZyT4sg074MlhPJSGR+HA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIQaiGizgS7vCarp5nvAHQKVDANBgkqhkiG9w0BAQUFADCB
qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcx
MjE0MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
MTkwNwYDVQQDEzB0aGF3dGUgUHJpbWFyeSBSb290IE9DU1AgUmVzcG9uZGVyIENl
cnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDnPw
g0/4pVc+h9q5FhEy/NKiF+bbbuSNessYD1WFD9kMtQ+naYsPSWW9E8Nd+E+fB6Vf
gXtx0mA7xMDy8ggYCgzRgEOEUxL7lQwCV4QxxQ3vrRN8FFl9EArJqjKl03PwSNfG
cdb3pJoqejp8MhKEXZWiHkb9ahSzho/TanEK4dwjf+EiW/w51pk0LWuIDg5ykvwA
xVkbP8Ad66jwwWYQSwassKumEZs3M+oW/3aXXanE6e7Q7RB5sPgQ1k5f/dmtmMCQ
MPZio386jWGWt+8nR9DGIqAo63i4/vo7OGQjPmr+fbcIh//xo2qkmkJ1ts+6yjP+
QObQaMCPklra/d6fAgMBAAGjajBoMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsG
AQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwIgYDVR0R
BBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTEwDQYJKoZIhvcNAQEFBQADggEB
ADGUFcwF6BGzOY+n0DTQ8607zHhDJTpX/EoToOqWuWOv7PZvt5xKsUWYXSV7ap+2
CNu9+l4pAH7J+3FYpAEWuuppS5+kMXZ21B1/01KSX9v52agm9k/NJZkozny8Ac3Y
A/TeDFM7Neor3LhBBCYbgYbXKf+uvqBEKnV3S3oxxutW0ZIZ6q1ulPbBgT4aEMNh
6ht83JTOiJTSV/i2MTrgww/+UmygG3MvkAbLnu2H+Vxu5WWnCPQlRa3qIIAPmEfF
UElQoSTXOJNwCwEi89jnJD9l/9+ezoiRXLKKjXXqO9GSzy0uFP4Dp+tEIgJ8aJwQ
iT42ck+LINO+DJYTyUhkfhw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=508501, public, no-transform, must-revalidate]
Content-Length: [1504]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 29 Mar 2017 14:59:50 GMT]
Expires: [Tue, 4 Apr 2017 12:11:49 GMT]
Last-Modified: [Tue, 28 Mar 2017 12:11:49 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m2s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

thawte Primary Root CA (CA Certificate)

This certificate was cached at
Certificate details for thawte Primary Root CA (At position 2 in certificate chain)
Serial number:
hex: 344ed55720d5edec49f42fce37db2b6d
int: 69529181992039203566298953787712940909
Issued by: thawte Primary Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: thawte, Inc.
Organization unit: Certification Services Division
Organization unit: (c) 2006 thawte, Inc. - For authorized use only
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.