CRL & OCSP report for 0-ec.consumerreports.org.millennium.newport.lib.ca.us - millennium.newport.lib.ca.us (Newport Beach Public Library)

millennium.newport.lib.ca.us

This certificate was cached at
Certificate details for millennium.newport.lib.ca.us (At position 0 in certificate chain)
Serial number:
hex: 3dc392e3a934e5b2519238b7c905f611
int: 82098384899256099030332329920764966417
Issued by: thawte SSL CA - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Newport Beach Public Library
Organization unit: Library
State / Province: California
Locality: Newport Beach
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-ec.consumerreports.org.millennium.newport.lib.ca.us.

Certificate Revocation List (CRL)

This CRL was cached at
http://tj.symcb.com/tj.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://tj.symcb.com/tj.crl
Size: 130326 bytes (DER data)
Response time: 38.911929ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3711

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a165-254-48-159.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Fri, 20 Jan 2017 04:13:46 GMT]
Etag: ["a66039cc6440e6c86edc50cc91ba09da:1484868097"]
Last-Modified: [Thu, 19 Jan 2017 23:21:37 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_REFRESH_MISS from a165-254-48-159.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://tj.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://tj.symcd.com (GET)
Size: 1414 bytes (DER data)
Response time: 116.177708ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte SSL CA - G2 OCSP Responder
Issued by: thawte SSL CA - G2
Signing certificate validity: 2016-11-13 - 2017-02-11
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 100h59m30s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc%2FlYx1bXFBnllP1ugYHmAQUwk9IV%2FzRT5rAXTh9DgXb2S61UmACED3DkuOpNOWyUZI4t8kF9hE%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc/lYx1bXFBnllP1ugYHmAQUwk9I
V/zRT5rAXTh9DgXb2S61UmACED3DkuOpNOWyUZI4t8kF9hE=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFggoBAKCCBXswggV3BgkrBgEFBQcwAQEEggVoMIIFZDCBnqIWBBT40Ms5D6qz
RXbsl9/IHHDxwSV1FRgPMjAxNzAxMTUxOTA1MDRaMHMwcTBJMAkGBSsOAwIaBQAE
FG92W4YBz+VjHVtcUGeWU/W6BgeYBBTCT0hX/NFPmsBdOH0OBdvZLrVSYAIQPcOS
46k05bJRkji3yQX2EYAAGA8yMDE3MDExNTE5MDUwNFqgERgPMjAxNzAxMjIxOTA1
MDRaMA0GCSqGSIb3DQEBBQUAA4IBAQBgs29jd7+cHij/f9LWgBZko2Wn3RTCM4Kr
oxIaRe71Csoj+yX3o60OTkM2Vv8SAvpnEunBPKLvpmrZrfj25Yv32kbe63J4K2DK
HJUDdJn26+G9oIim24zKjB14NSuXOvLb2bAqwqos9C+5MHPHzMj49ZCLRw0WDKwq
CxNTj6o41U2cBJuqh+Tiq5eVet+vsPHbA73K2ktDeVHmIFtLJUPnJ3hid3XwNj2T
6u4t/YL1iclOrCBfJWeNuy1cQcBru7bJz/UumU13XCzKDzc/Sak/VwNxZrXAWh5u
wZncvY22djkhcpQr128PkehJDg0at+kPbSb45XiG7gTNWRTNJDyVoIIDqzCCA6cw
ggOjMIICi6ADAgECAhBVvrHC+6CjPczTC+UmCYRbMA0GCSqGSIb3DQEBCwUAMEEx
CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xGzAZBgNVBAMTEnRo
YXd0ZSBTU0wgQ0EgLSBHMjAeFw0xNjExMTMwMDAwMDBaFw0xNzAyMTEyMzU5NTla
MCwxKjAoBgNVBAMTIXRoYXd0ZSBTU0wgQ0EgLSBHMiBPQ1NQIFJlc3BvbmRlcjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK+52F7x35LeFhyIGwH7koHN
GV/j27lfCuH0sTIOXE3mU0I5JT+3snqAFJyhd+lqw9azSaH//LPdP0bRceZJyAnX
1tWMcKMVcTf0dPTrKI2lp8hHySFJQAR2zf39S9+YAyhWVrxwGEGFeJQOxgMHihuJ
LSS0G43CbFk0ttGVwSuufMZUFESVL/IPFdiBndfLE4YAG8nnyr5WFvG5mYaDrXJa
l1a3sWf3AVWn4vDkadK23QjrWg/a1FQKA3pE2ci6IEjLRxQHCj9LyLOnGIonyHbd
bRFnW+d9B/shsxRbqLfx3sdrEpPCvgBneQNQTaCySd/h2fzjCalTxPBPPc1iZVcC
AwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAVMRMwEQYD
VQQDEwpUR1YtRC0yNzYwMB8GA1UdIwQYMBaAFMJPSFf80U+awF04fQ4F29kutVJg
MB0GA1UdDgQWBBT40Ms5D6qzRXbsl9/IHHDxwSV1FTAMBgNVHRMBAf8EAjAAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF
AAOCAQEAhxASa0WQ5yqkweCte7W8s24nheWsb1WTmz+gCqHzq6y7pVdc8D+ANyYC
CCJ0YLhdO7hgz94ypIKo+8ht7hnxd1P3nDzJVYK2zvH+3Dql3776rsg8/IBDHVdC
KDOnAlUtUQ9j/vkgVhs4+nc4qfNm6bKnkkEDqOSQOzHGvXV0tC3EKlwdaWJi6LXm
kHvVvEuCQMcmOmus+B/aAmLPCDppwIh5m5NvYfvxWRCACJ2kp0JERvGqKcWzSV5U
NZ50FCqhUCyenFDf4JU48rU92aZQMG+taXj9U9SOSR8w5Ad4e6SB7DMv9Ep/dpX4
WJ+NN2ySx0mAS3Gb5mRNLXNF0I0wOw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIQVb6xwvugoz3M0wvlJgmEWzANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTYxMTEzMDAwMDAwWhcNMTcwMjExMjM1OTU5
WjAsMSowKAYDVQQDEyF0aGF3dGUgU1NMIENBIC0gRzIgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvudhe8d+S3hYciBsB+5KB
zRlf49u5Xwrh9LEyDlxN5lNCOSU/t7J6gBScoXfpasPWs0mh//yz3T9G0XHmScgJ
19bVjHCjFXE39HT06yiNpafIR8khSUAEds39/UvfmAMoVla8cBhBhXiUDsYDB4ob
iS0ktBuNwmxZNLbRlcErrnzGVBRElS/yDxXYgZ3XyxOGABvJ58q+VhbxuZmGg61y
WpdWt7Fn9wFVp+Lw5GnStt0I61oP2tRUCgN6RNnIuiBIy0cUBwo/S8izpxiKJ8h2
3W0RZ1vnfQf7IbMUW6i38d7HaxKTwr4AZ3kDUE2gsknf4dn84wmpU8TwTz3NYmVX
AgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcwFTETMBEG
A1UEAxMKVEdWLUQtMjc2MDAfBgNVHSMEGDAWgBTCT0hX/NFPmsBdOH0OBdvZLrVS
YDAdBgNVHQ4EFgQU+NDLOQ+qs0V27JffyBxw8cEldRUwDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBAIcQEmtFkOcqpMHgrXu1vLNuJ4XlrG9Vk5s/oAqh86usu6VXXPA/gDcm
AggidGC4XTu4YM/eMqSCqPvIbe4Z8XdT95w8yVWCts7x/tw6pd+++q7IPPyAQx1X
QigzpwJVLVEPY/75IFYbOPp3OKnzZumyp5JBA6jkkDsxxr11dLQtxCpcHWliYui1
5pB71bxLgkDHJjprrPgf2gJizwg6acCIeZuTb2H78VkQgAidpKdCREbxqinFs0le
VDWedBQqoVAsnpxQ3+CVOPK1PdmmUDBvrWl4/VPUjkkfMOQHeHukgewzL/RKf3aV
+FifjTdsksdJgEtxm+ZkTS1zRdCNMDs=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=363570, public, no-transform, must-revalidate]
Content-Length: [1414]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 18 Jan 2017 14:05:34 GMT]
Expires: [Sun, 22 Jan 2017 19:05:04 GMT]
Last-Modified: [Sun, 15 Jan 2017 19:05:04 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://tj.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://tj.symcd.com (POST)
Size: 1414 bytes (DER data)
Response time: 11.934525ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte SSL CA - G2 OCSP Responder
Issued by: thawte SSL CA - G2
Signing certificate validity: 2016-11-13 - 2017-02-11
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 100h59m30s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc/lYx1bXFBnllP1ugYHmAQUwk9I
V/zRT5rAXTh9DgXb2S61UmACED3DkuOpNOWyUZI4t8kF9hE=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFggoBAKCCBXswggV3BgkrBgEFBQcwAQEEggVoMIIFZDCBnqIWBBT40Ms5D6qz
RXbsl9/IHHDxwSV1FRgPMjAxNzAxMTUxOTA1MDRaMHMwcTBJMAkGBSsOAwIaBQAE
FG92W4YBz+VjHVtcUGeWU/W6BgeYBBTCT0hX/NFPmsBdOH0OBdvZLrVSYAIQPcOS
46k05bJRkji3yQX2EYAAGA8yMDE3MDExNTE5MDUwNFqgERgPMjAxNzAxMjIxOTA1
MDRaMA0GCSqGSIb3DQEBBQUAA4IBAQBgs29jd7+cHij/f9LWgBZko2Wn3RTCM4Kr
oxIaRe71Csoj+yX3o60OTkM2Vv8SAvpnEunBPKLvpmrZrfj25Yv32kbe63J4K2DK
HJUDdJn26+G9oIim24zKjB14NSuXOvLb2bAqwqos9C+5MHPHzMj49ZCLRw0WDKwq
CxNTj6o41U2cBJuqh+Tiq5eVet+vsPHbA73K2ktDeVHmIFtLJUPnJ3hid3XwNj2T
6u4t/YL1iclOrCBfJWeNuy1cQcBru7bJz/UumU13XCzKDzc/Sak/VwNxZrXAWh5u
wZncvY22djkhcpQr128PkehJDg0at+kPbSb45XiG7gTNWRTNJDyVoIIDqzCCA6cw
ggOjMIICi6ADAgECAhBVvrHC+6CjPczTC+UmCYRbMA0GCSqGSIb3DQEBCwUAMEEx
CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xGzAZBgNVBAMTEnRo
YXd0ZSBTU0wgQ0EgLSBHMjAeFw0xNjExMTMwMDAwMDBaFw0xNzAyMTEyMzU5NTla
MCwxKjAoBgNVBAMTIXRoYXd0ZSBTU0wgQ0EgLSBHMiBPQ1NQIFJlc3BvbmRlcjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK+52F7x35LeFhyIGwH7koHN
GV/j27lfCuH0sTIOXE3mU0I5JT+3snqAFJyhd+lqw9azSaH//LPdP0bRceZJyAnX
1tWMcKMVcTf0dPTrKI2lp8hHySFJQAR2zf39S9+YAyhWVrxwGEGFeJQOxgMHihuJ
LSS0G43CbFk0ttGVwSuufMZUFESVL/IPFdiBndfLE4YAG8nnyr5WFvG5mYaDrXJa
l1a3sWf3AVWn4vDkadK23QjrWg/a1FQKA3pE2ci6IEjLRxQHCj9LyLOnGIonyHbd
bRFnW+d9B/shsxRbqLfx3sdrEpPCvgBneQNQTaCySd/h2fzjCalTxPBPPc1iZVcC
AwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAVMRMwEQYD
VQQDEwpUR1YtRC0yNzYwMB8GA1UdIwQYMBaAFMJPSFf80U+awF04fQ4F29kutVJg
MB0GA1UdDgQWBBT40Ms5D6qzRXbsl9/IHHDxwSV1FTAMBgNVHRMBAf8EAjAAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF
AAOCAQEAhxASa0WQ5yqkweCte7W8s24nheWsb1WTmz+gCqHzq6y7pVdc8D+ANyYC
CCJ0YLhdO7hgz94ypIKo+8ht7hnxd1P3nDzJVYK2zvH+3Dql3776rsg8/IBDHVdC
KDOnAlUtUQ9j/vkgVhs4+nc4qfNm6bKnkkEDqOSQOzHGvXV0tC3EKlwdaWJi6LXm
kHvVvEuCQMcmOmus+B/aAmLPCDppwIh5m5NvYfvxWRCACJ2kp0JERvGqKcWzSV5U
NZ50FCqhUCyenFDf4JU48rU92aZQMG+taXj9U9SOSR8w5Ad4e6SB7DMv9Ep/dpX4
WJ+NN2ySx0mAS3Gb5mRNLXNF0I0wOw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIQVb6xwvugoz3M0wvlJgmEWzANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTYxMTEzMDAwMDAwWhcNMTcwMjExMjM1OTU5
WjAsMSowKAYDVQQDEyF0aGF3dGUgU1NMIENBIC0gRzIgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvudhe8d+S3hYciBsB+5KB
zRlf49u5Xwrh9LEyDlxN5lNCOSU/t7J6gBScoXfpasPWs0mh//yz3T9G0XHmScgJ
19bVjHCjFXE39HT06yiNpafIR8khSUAEds39/UvfmAMoVla8cBhBhXiUDsYDB4ob
iS0ktBuNwmxZNLbRlcErrnzGVBRElS/yDxXYgZ3XyxOGABvJ58q+VhbxuZmGg61y
WpdWt7Fn9wFVp+Lw5GnStt0I61oP2tRUCgN6RNnIuiBIy0cUBwo/S8izpxiKJ8h2
3W0RZ1vnfQf7IbMUW6i38d7HaxKTwr4AZ3kDUE2gsknf4dn84wmpU8TwTz3NYmVX
AgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcwFTETMBEG
A1UEAxMKVEdWLUQtMjc2MDAfBgNVHSMEGDAWgBTCT0hX/NFPmsBdOH0OBdvZLrVS
YDAdBgNVHQ4EFgQU+NDLOQ+qs0V27JffyBxw8cEldRUwDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBAIcQEmtFkOcqpMHgrXu1vLNuJ4XlrG9Vk5s/oAqh86usu6VXXPA/gDcm
AggidGC4XTu4YM/eMqSCqPvIbe4Z8XdT95w8yVWCts7x/tw6pd+++q7IPPyAQx1X
QigzpwJVLVEPY/75IFYbOPp3OKnzZumyp5JBA6jkkDsxxr11dLQtxCpcHWliYui1
5pB71bxLgkDHJjprrPgf2gJizwg6acCIeZuTb2H78VkQgAidpKdCREbxqinFs0le
VDWedBQqoVAsnpxQ3+CVOPK1PdmmUDBvrWl4/VPUjkkfMOQHeHukgewzL/RKf3aV
+FifjTdsksdJgEtxm+ZkTS1zRdCNMDs=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=363570, public, no-transform, must-revalidate]
Content-Length: [1414]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 18 Jan 2017 14:05:34 GMT]
Expires: [Sun, 22 Jan 2017 19:05:04 GMT]
Last-Modified: [Sun, 15 Jan 2017 19:05:04 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

thawte SSL CA - G2 (CA Certificate)

This certificate was cached at
Certificate details for thawte SSL CA - G2 (At position 1 in certificate chain)
Serial number:
hex: 1687d6886de2300685233dbf11bf6597
int: 29948327227862944430780750156152137111
Issued by: thawte Primary Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: thawte, Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://t1.symcb.com/ThawtePCA.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://t1.symcb.com/ThawtePCA.crl
Size: 537 bytes (DER data)
Response time: 37.000672ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_HIT from a165-254-48-163.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Fri, 20 Jan 2017 04:13:46 GMT]
Etag: ["97d74be76a349c9d5232f6dd460156a6:1482373812"]
Last-Modified: [Thu, 22 Dec 2016 02:30:12 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_REFRESH_HIT from a165-254-48-163.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://t2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://t2.symcb.com (GET)
Size: 1504 bytes (DER data)
Response time: 13.931618ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte Primary Root OCSP Responder Certificate 5
Issued by: thawte Primary Root CA
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 112h2m28s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a165-254-48-153.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG%2FZZc%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD/yl6nWPkczAQUe1tF
z6/Oy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG/ZZc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF3AoBAKCCBdUwggXRBgkrBgEFBQcwAQEEggXCMIIFvjCBnqIWBBSy2bdAZSGF
dJEJzQWJNOXg5SwcIxgPMjAxNzAxMTcyMDE1NDlaMHMwcTBJMAkGBSsOAwIaBQAE
FDAXimvD1LuYJsIQcP/KXqdY+RzMBBR7W0XPr87Lev0xkhpqtvNG61dIUAIQFofW
iG3iMAaFIz2/Eb9ll4AAGA8yMDE3MDExNzIwMTU0OVqgERgPMjAxNzAxMjQyMDE1
NDlaMA0GCSqGSIb3DQEBBQUAA4IBAQC9gaioi6Jm0iDi1GoLnpqvwPbrJPXNg1Tj
KtQLOAgatQe2PmBfFIaxzWgQEY+bLFm0rKLsvg9pKe7PSGg/u1qO6N1eJdmgRbNl
GHCPi16cM1piDMtuoVe8T1ailv58nX1fdYQ+mlNZdryQTqIuaM4qcukyp60uINn2
15TXlq5z+GGoBQjCsJyTRqnsbi0aRNjVF7EcibZP6UnoEZnf4MbIwAJf04G5WH97
MTqGdNg0IguoJCcgttNSHR9ejG9T5ynrM7nxJQtId3+kOrINMVSGRl17RfZI6sUo
mZc9Ro1C2zebXk6Gd8LMEYZhtIPJUPUBb6Kr1kj3GF3/rlOESgk5oIIEBTCCBAEw
ggP9MIIC5aADAgECAhBqIaLOBLu8Jqunme8AdApUMA0GCSqGSIb3DQEBBQUAMIGp
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYDVQQLEy8oYykgMjAw
NiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UE
AxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTAeFw0xNjExMjIwMDAwMDBaFw0xNzEy
MTQyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4x
OTA3BgNVBAMTMHRoYXd0ZSBQcmltYXJ5IFJvb3QgT0NTUCBSZXNwb25kZXIgQ2Vy
dGlmaWNhdGUgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwOc/CD
T/ilVz6H2rkWETL80qIX5ttu5I16yxgPVYUP2Qy1D6dpiw9JZb0Tw134T58HpV+B
e3HSYDvEwPLyCBgKDNGAQ4RTEvuVDAJXhDHFDe+tE3wUWX0QCsmqMqXTc/BI18Zx
1vekmip6OnwyEoRdlaIeRv1qFLOGj9NqcQrh3CN/4SJb/DnWmTQta4gODnKS/ADF
WRs/wB3rqPDBZhBLBqywq6YRmzcz6hb/dpddqcTp7tDtEHmw+BDWTl/92a2YwJAw
9mKjfzqNYZa37ydH0MYioCjreLj++js4ZCM+av59twiH//GjaqSaQnW2z7rKM/5A
5tBowI+SWtr93p8CAwEAAaNqMGgwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYB
BQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREE
GzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MTANBgkqhkiG9w0BAQUFAAOCAQEA
MZQVzAXoEbM5j6fQNNDzrTvMeEMlOlf8ShOg6pa5Y6/s9m+3nEqxRZhdJXtqn7YI
2736XikAfsn7cVikARa66mlLn6QxdnbUHX/TUpJf2/nZqCb2T80lmSjOfLwBzdgD
9N4MUzs16ivcuEEEJhuBhtcp/66+oEQqdXdLejHG61bRkhnqrW6U9sGBPhoQw2Hq
G3zclM6IlNJX+LYxOuDDD/5SbKAbcy+QBsue7Yf5XG7lZacI9CVFreoggA+YR8VQ
SVChJNc4k3ALASLz2OckP2X/357OiJFcsoqNdeo70ZLPLS4U/gOn60QiAnxonBCJ
PjZyT4sg074MlhPJSGR+HA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIQaiGizgS7vCarp5nvAHQKVDANBgkqhkiG9w0BAQUFADCB
qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcx
MjE0MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
MTkwNwYDVQQDEzB0aGF3dGUgUHJpbWFyeSBSb290IE9DU1AgUmVzcG9uZGVyIENl
cnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDnPw
g0/4pVc+h9q5FhEy/NKiF+bbbuSNessYD1WFD9kMtQ+naYsPSWW9E8Nd+E+fB6Vf
gXtx0mA7xMDy8ggYCgzRgEOEUxL7lQwCV4QxxQ3vrRN8FFl9EArJqjKl03PwSNfG
cdb3pJoqejp8MhKEXZWiHkb9ahSzho/TanEK4dwjf+EiW/w51pk0LWuIDg5ykvwA
xVkbP8Ad66jwwWYQSwassKumEZs3M+oW/3aXXanE6e7Q7RB5sPgQ1k5f/dmtmMCQ
MPZio386jWGWt+8nR9DGIqAo63i4/vo7OGQjPmr+fbcIh//xo2qkmkJ1ts+6yjP+
QObQaMCPklra/d6fAgMBAAGjajBoMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsG
AQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwIgYDVR0R
BBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTEwDQYJKoZIhvcNAQEFBQADggEB
ADGUFcwF6BGzOY+n0DTQ8607zHhDJTpX/EoToOqWuWOv7PZvt5xKsUWYXSV7ap+2
CNu9+l4pAH7J+3FYpAEWuuppS5+kMXZ21B1/01KSX9v52agm9k/NJZkozny8Ac3Y
A/TeDFM7Neor3LhBBCYbgYbXKf+uvqBEKnV3S3oxxutW0ZIZ6q1ulPbBgT4aEMNh
6ht83JTOiJTSV/i2MTrgww/+UmygG3MvkAbLnu2H+Vxu5WWnCPQlRa3qIIAPmEfF
UElQoSTXOJNwCwEi89jnJD9l/9+ezoiRXLKKjXXqO9GSzy0uFP4Dp+tEIgJ8aJwQ
iT42ck+LINO+DJYTyUhkfhw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=403348, public, no-transform, must-revalidate]
Content-Length: [1504]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 04:13:46 GMT]
Expires: [Tue, 24 Jan 2017 20:15:49 GMT]
Last-Modified: [Tue, 17 Jan 2017 20:15:49 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a165-254-48-153.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 25s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://t2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://t2.symcb.com (POST)
Size: 1504 bytes (DER data)
Response time: 11.329474ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte Primary Root OCSP Responder Certificate 5
Issued by: thawte Primary Root CA
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 112h3m59s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a165-254-48-153.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD/yl6nWPkczAQUe1tF
z6/Oy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG/ZZc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF3AoBAKCCBdUwggXRBgkrBgEFBQcwAQEEggXCMIIFvjCBnqIWBBSy2bdAZSGF
dJEJzQWJNOXg5SwcIxgPMjAxNzAxMTcyMDE1NDlaMHMwcTBJMAkGBSsOAwIaBQAE
FDAXimvD1LuYJsIQcP/KXqdY+RzMBBR7W0XPr87Lev0xkhpqtvNG61dIUAIQFofW
iG3iMAaFIz2/Eb9ll4AAGA8yMDE3MDExNzIwMTU0OVqgERgPMjAxNzAxMjQyMDE1
NDlaMA0GCSqGSIb3DQEBBQUAA4IBAQC9gaioi6Jm0iDi1GoLnpqvwPbrJPXNg1Tj
KtQLOAgatQe2PmBfFIaxzWgQEY+bLFm0rKLsvg9pKe7PSGg/u1qO6N1eJdmgRbNl
GHCPi16cM1piDMtuoVe8T1ailv58nX1fdYQ+mlNZdryQTqIuaM4qcukyp60uINn2
15TXlq5z+GGoBQjCsJyTRqnsbi0aRNjVF7EcibZP6UnoEZnf4MbIwAJf04G5WH97
MTqGdNg0IguoJCcgttNSHR9ejG9T5ynrM7nxJQtId3+kOrINMVSGRl17RfZI6sUo
mZc9Ro1C2zebXk6Gd8LMEYZhtIPJUPUBb6Kr1kj3GF3/rlOESgk5oIIEBTCCBAEw
ggP9MIIC5aADAgECAhBqIaLOBLu8Jqunme8AdApUMA0GCSqGSIb3DQEBBQUAMIGp
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYDVQQLEy8oYykgMjAw
NiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UE
AxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTAeFw0xNjExMjIwMDAwMDBaFw0xNzEy
MTQyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4x
OTA3BgNVBAMTMHRoYXd0ZSBQcmltYXJ5IFJvb3QgT0NTUCBSZXNwb25kZXIgQ2Vy
dGlmaWNhdGUgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwOc/CD
T/ilVz6H2rkWETL80qIX5ttu5I16yxgPVYUP2Qy1D6dpiw9JZb0Tw134T58HpV+B
e3HSYDvEwPLyCBgKDNGAQ4RTEvuVDAJXhDHFDe+tE3wUWX0QCsmqMqXTc/BI18Zx
1vekmip6OnwyEoRdlaIeRv1qFLOGj9NqcQrh3CN/4SJb/DnWmTQta4gODnKS/ADF
WRs/wB3rqPDBZhBLBqywq6YRmzcz6hb/dpddqcTp7tDtEHmw+BDWTl/92a2YwJAw
9mKjfzqNYZa37ydH0MYioCjreLj++js4ZCM+av59twiH//GjaqSaQnW2z7rKM/5A
5tBowI+SWtr93p8CAwEAAaNqMGgwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYB
BQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREE
GzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MTANBgkqhkiG9w0BAQUFAAOCAQEA
MZQVzAXoEbM5j6fQNNDzrTvMeEMlOlf8ShOg6pa5Y6/s9m+3nEqxRZhdJXtqn7YI
2736XikAfsn7cVikARa66mlLn6QxdnbUHX/TUpJf2/nZqCb2T80lmSjOfLwBzdgD
9N4MUzs16ivcuEEEJhuBhtcp/66+oEQqdXdLejHG61bRkhnqrW6U9sGBPhoQw2Hq
G3zclM6IlNJX+LYxOuDDD/5SbKAbcy+QBsue7Yf5XG7lZacI9CVFreoggA+YR8VQ
SVChJNc4k3ALASLz2OckP2X/357OiJFcsoqNdeo70ZLPLS4U/gOn60QiAnxonBCJ
PjZyT4sg074MlhPJSGR+HA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIQaiGizgS7vCarp5nvAHQKVDANBgkqhkiG9w0BAQUFADCB
qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcx
MjE0MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
MTkwNwYDVQQDEzB0aGF3dGUgUHJpbWFyeSBSb290IE9DU1AgUmVzcG9uZGVyIENl
cnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDnPw
g0/4pVc+h9q5FhEy/NKiF+bbbuSNessYD1WFD9kMtQ+naYsPSWW9E8Nd+E+fB6Vf
gXtx0mA7xMDy8ggYCgzRgEOEUxL7lQwCV4QxxQ3vrRN8FFl9EArJqjKl03PwSNfG
cdb3pJoqejp8MhKEXZWiHkb9ahSzho/TanEK4dwjf+EiW/w51pk0LWuIDg5ykvwA
xVkbP8Ad66jwwWYQSwassKumEZs3M+oW/3aXXanE6e7Q7RB5sPgQ1k5f/dmtmMCQ
MPZio386jWGWt+8nR9DGIqAo63i4/vo7OGQjPmr+fbcIh//xo2qkmkJ1ts+6yjP+
QObQaMCPklra/d6fAgMBAAGjajBoMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsG
AQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwIgYDVR0R
BBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTEwDQYJKoZIhvcNAQEFBQADggEB
ADGUFcwF6BGzOY+n0DTQ8607zHhDJTpX/EoToOqWuWOv7PZvt5xKsUWYXSV7ap+2
CNu9+l4pAH7J+3FYpAEWuuppS5+kMXZ21B1/01KSX9v52agm9k/NJZkozny8Ac3Y
A/TeDFM7Neor3LhBBCYbgYbXKf+uvqBEKnV3S3oxxutW0ZIZ6q1ulPbBgT4aEMNh
6ht83JTOiJTSV/i2MTrgww/+UmygG3MvkAbLnu2H+Vxu5WWnCPQlRa3qIIAPmEfF
UElQoSTXOJNwCwEi89jnJD9l/9+ezoiRXLKKjXXqO9GSzy0uFP4Dp+tEIgJ8aJwQ
iT42ck+LINO+DJYTyUhkfhw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=403439, public, no-transform, must-revalidate]
Content-Length: [1504]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 04:13:46 GMT]
Expires: [Tue, 24 Jan 2017 20:15:49 GMT]
Last-Modified: [Tue, 17 Jan 2017 20:15:49 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a165-254-48-153.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 1m56s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

thawte Primary Root CA (CA Certificate)

This certificate was cached at
Certificate details for thawte Primary Root CA (At position 2 in certificate chain)
Serial number:
hex: 344ed55720d5edec49f42fce37db2b6d
int: 69529181992039203566298953787712940909
Issued by: thawte Primary Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: thawte, Inc.
Organization unit: Certification Services Division
Organization unit: (c) 2006 thawte, Inc. - For authorized use only
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.