CRL & OCSP report for 0-ec.consumerreports.org.millennium.newport.lib.ca.us - millennium.newport.lib.ca.us (Newport Beach Public Library)

millennium.newport.lib.ca.us

Certificate details for millennium.newport.lib.ca.us (At position 0 in certificate chain)
Serial number:
hex: 3dc392e3a934e5b2519238b7c905f611
int: 82098384899256099030332329920764966417
Issued by: thawte SSL CA - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Newport Beach Public Library
Organization unit: Library
State / Province: California
Locality: Newport Beach
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-ec.consumerreports.org.millennium.newport.lib.ca.us.

Certificate Revocation List (CRL)

This CRL was cached at
http://tj.symcb.com/tj.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://tj.symcb.com/tj.crl
Size: 130189 bytes (DER data)
Response time: 502.509392ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3707

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_HIT from a72-247-11-46.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Thu, 27 Apr 2017 03:06:48 GMT]
Etag: ["44eedee03318b42830408573ac640133:1493241104"]
Last-Modified: [Wed, 26 Apr 2017 21:11:44 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_HIT from a72-247-11-46.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://tj.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://tj.symcd.com (GET)
Size: 1414 bytes (DER data)
Response time: 103.596206ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte SSL CA - G2 OCSP Responder
Issued by: thawte SSL CA - G2
Signing certificate validity: 2017-02-04 - 2017-05-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 120h42m33s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc%2FlYx1bXFBnllP1ugYHmAQUwk9IV%2FzRT5rAXTh9DgXb2S61UmACED3DkuOpNOWyUZI4t8kF9hE%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc/lYx1bXFBnllP1ugYHmAQUwk9I
V/zRT5rAXTh9DgXb2S61UmACED3DkuOpNOWyUZI4t8kF9hE=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFggoBAKCCBXswggV3BgkrBgEFBQcwAQEEggVoMIIFZDCBnqIWBBTcBj2E7JLw
SFp9H2+JDfoebSfYjRgPMjAxNzA0MjExMjM2MzFaMHMwcTBJMAkGBSsOAwIaBQAE
FG92W4YBz+VjHVtcUGeWU/W6BgeYBBTCT0hX/NFPmsBdOH0OBdvZLrVSYAIQPcOS
46k05bJRkji3yQX2EYAAGA8yMDE3MDQyMTEyMzYzMVqgERgPMjAxNzA0MjgxMjM2
MzFaMA0GCSqGSIb3DQEBBQUAA4IBAQAobr2jCxgcdnXrLEdYREAP87DxtgYNfQYO
exgmw5kVkJ7CMqzoRIhmYbJFNERKB22u8NAa4WljOytJlNlyzYj9NmONuwTbn3mo
d5Slpj7cq8+uFKoF2i8egabIME098Yjp6dTh6Qy7vm+wkRdsMi7VK2K3ftt24x6U
wiaNoQ2z0S+wrwyAuO4bWPvzYUlX/tgBZl8sgfE4oR2maaaQfFNf4sVdGYT0lNoe
kblrtJMhtO3PJT2Kd7FXjK5z9b+0zWUTP5jcF2G+xyQSGATH3DlK81JPVbpRzN3z
HtckYesl0DvruMXMNXZISiIq8X61LP1xZJdYnHnYT3AjldHnTUzUoIIDqzCCA6cw
ggOjMIICi6ADAgECAhAoRSY7/1N11QlKWAK2fgyRMA0GCSqGSIb3DQEBCwUAMEEx
CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xGzAZBgNVBAMTEnRo
YXd0ZSBTU0wgQ0EgLSBHMjAeFw0xNzAyMDQwMDAwMDBaFw0xNzA1MDUyMzU5NTla
MCwxKjAoBgNVBAMTIXRoYXd0ZSBTU0wgQ0EgLSBHMiBPQ1NQIFJlc3BvbmRlcjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCv4N/h3+VMTnsLyJbB1IFw
6hYShJKzxrOy1L+GE60F8RsFW1EgHjOGGWTe/WDd5YscQy8cbA41QMoFzHx3qeZy
inPMpiFCdD+HhOyOjZumZc2HfeOfmndXxVc6e8dDS64uzJawtKh6AZxbT0yI/noF
lckH+7nw6iFlxSMflhQbH3mua2oauHjMxNbw12hbMGLgJAn6OiIMF0h2XxF7FuVQ
Ngq4y2ICrYVf/DXicxWkiJomRd8VG1r1bfcU4W7eVGLgy83wuN6dO3VgniKoTrWC
40Di2IRdFdhNrdacq9JOon29xDSpRkCwu/GOUDJcjAHQJVEdnFsBpqjLFcSjqVcC
AwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAVMRMwEQYD
VQQDEwpUR1YtRC0zODU4MB8GA1UdIwQYMBaAFMJPSFf80U+awF04fQ4F29kutVJg
MB0GA1UdDgQWBBTcBj2E7JLwSFp9H2+JDfoebSfYjTAMBgNVHRMBAf8EAjAAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF
AAOCAQEALp7BXATVKbsXupOyIBYjn4G93/7UOGBFDPqY4GNAh0AV1Infd7hgC+GE
TDK4dtGwiLGs4PoaUtj3kqE6+c98uRLcEj2W+JWjQidKVptBLsmQrxvcYw0gowG5
hJHRDRzuQR/BYz7FJHAnJTl8EYfsdl1hfybzL/wWpZeLv/nOFOGiqbsxEGjJ6gMY
CCwZXanMXyyC9T9TFWiejhar8rCLN7xDJpg7vr9NByVcNGgaLvupKjuwd8tzCaBB
XhEK/T0bJ4/WtOyjEQCawIOqgq/MF+m7eZatsIyLSDyQoPeeyUiYkf78ymJaX3R8
LOjiNtqrmldU2ZhF1/Hobsd6ynSRpQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIQKEUmO/9TddUJSlgCtn4MkTANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwMjA0MDAwMDAwWhcNMTcwNTA1MjM1OTU5
WjAsMSowKAYDVQQDEyF0aGF3dGUgU1NMIENBIC0gRzIgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwr+Df4d/lTE57C8iWwdSB
cOoWEoSSs8azstS/hhOtBfEbBVtRIB4zhhlk3v1g3eWLHEMvHGwONUDKBcx8d6nm
copzzKYhQnQ/h4Tsjo2bpmXNh33jn5p3V8VXOnvHQ0uuLsyWsLSoegGcW09MiP56
BZXJB/u58OohZcUjH5YUGx95rmtqGrh4zMTW8NdoWzBi4CQJ+joiDBdIdl8Rexbl
UDYKuMtiAq2FX/w14nMVpIiaJkXfFRta9W33FOFu3lRi4MvN8LjenTt1YJ4iqE61
guNA4tiEXRXYTa3WnKvSTqJ9vcQ0qUZAsLvxjlAyXIwB0CVRHZxbAaaoyxXEo6lX
AgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcwFTETMBEG
A1UEAxMKVEdWLUQtMzg1ODAfBgNVHSMEGDAWgBTCT0hX/NFPmsBdOH0OBdvZLrVS
YDAdBgNVHQ4EFgQU3AY9hOyS8EhafR9viQ36Hm0n2I0wDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBAC6ewVwE1Sm7F7qTsiAWI5+Bvd/+1DhgRQz6mOBjQIdAFdSJ33e4YAvh
hEwyuHbRsIixrOD6GlLY95KhOvnPfLkS3BI9lviVo0InSlabQS7JkK8b3GMNIKMB
uYSR0Q0c7kEfwWM+xSRwJyU5fBGH7HZdYX8m8y/8FqWXi7/5zhThoqm7MRBoyeoD
GAgsGV2pzF8sgvU/UxVono4Wq/Kwize8QyaYO76/TQclXDRoGi77qSo7sHfLcwmg
QV4RCv09GyeP1rTsoxEAmsCDqoKvzBfpu3mWrbCMi0g8kKD3nslImJH+/MpiWl90
fCzo4jbaq5pXVNmYRdfx6G7Hesp0kaU=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=434553, public, no-transform, must-revalidate]
Content-Length: [1414]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sun, 23 Apr 2017 11:53:58 GMT]
Expires: [Fri, 28 Apr 2017 12:36:31 GMT]
Last-Modified: [Fri, 21 Apr 2017 12:36:31 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://tj.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://tj.symcd.com (POST)
Size: 1414 bytes (DER data)
Response time: 62.946366ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte SSL CA - G2 OCSP Responder
Issued by: thawte SSL CA - G2
Signing certificate validity: 2017-02-04 - 2017-05-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 120h42m33s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc/lYx1bXFBnllP1ugYHmAQUwk9I
V/zRT5rAXTh9DgXb2S61UmACED3DkuOpNOWyUZI4t8kF9hE=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFggoBAKCCBXswggV3BgkrBgEFBQcwAQEEggVoMIIFZDCBnqIWBBTcBj2E7JLw
SFp9H2+JDfoebSfYjRgPMjAxNzA0MjExMjM2MzFaMHMwcTBJMAkGBSsOAwIaBQAE
FG92W4YBz+VjHVtcUGeWU/W6BgeYBBTCT0hX/NFPmsBdOH0OBdvZLrVSYAIQPcOS
46k05bJRkji3yQX2EYAAGA8yMDE3MDQyMTEyMzYzMVqgERgPMjAxNzA0MjgxMjM2
MzFaMA0GCSqGSIb3DQEBBQUAA4IBAQAobr2jCxgcdnXrLEdYREAP87DxtgYNfQYO
exgmw5kVkJ7CMqzoRIhmYbJFNERKB22u8NAa4WljOytJlNlyzYj9NmONuwTbn3mo
d5Slpj7cq8+uFKoF2i8egabIME098Yjp6dTh6Qy7vm+wkRdsMi7VK2K3ftt24x6U
wiaNoQ2z0S+wrwyAuO4bWPvzYUlX/tgBZl8sgfE4oR2maaaQfFNf4sVdGYT0lNoe
kblrtJMhtO3PJT2Kd7FXjK5z9b+0zWUTP5jcF2G+xyQSGATH3DlK81JPVbpRzN3z
HtckYesl0DvruMXMNXZISiIq8X61LP1xZJdYnHnYT3AjldHnTUzUoIIDqzCCA6cw
ggOjMIICi6ADAgECAhAoRSY7/1N11QlKWAK2fgyRMA0GCSqGSIb3DQEBCwUAMEEx
CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xGzAZBgNVBAMTEnRo
YXd0ZSBTU0wgQ0EgLSBHMjAeFw0xNzAyMDQwMDAwMDBaFw0xNzA1MDUyMzU5NTla
MCwxKjAoBgNVBAMTIXRoYXd0ZSBTU0wgQ0EgLSBHMiBPQ1NQIFJlc3BvbmRlcjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCv4N/h3+VMTnsLyJbB1IFw
6hYShJKzxrOy1L+GE60F8RsFW1EgHjOGGWTe/WDd5YscQy8cbA41QMoFzHx3qeZy
inPMpiFCdD+HhOyOjZumZc2HfeOfmndXxVc6e8dDS64uzJawtKh6AZxbT0yI/noF
lckH+7nw6iFlxSMflhQbH3mua2oauHjMxNbw12hbMGLgJAn6OiIMF0h2XxF7FuVQ
Ngq4y2ICrYVf/DXicxWkiJomRd8VG1r1bfcU4W7eVGLgy83wuN6dO3VgniKoTrWC
40Di2IRdFdhNrdacq9JOon29xDSpRkCwu/GOUDJcjAHQJVEdnFsBpqjLFcSjqVcC
AwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAVMRMwEQYD
VQQDEwpUR1YtRC0zODU4MB8GA1UdIwQYMBaAFMJPSFf80U+awF04fQ4F29kutVJg
MB0GA1UdDgQWBBTcBj2E7JLwSFp9H2+JDfoebSfYjTAMBgNVHRMBAf8EAjAAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF
AAOCAQEALp7BXATVKbsXupOyIBYjn4G93/7UOGBFDPqY4GNAh0AV1Infd7hgC+GE
TDK4dtGwiLGs4PoaUtj3kqE6+c98uRLcEj2W+JWjQidKVptBLsmQrxvcYw0gowG5
hJHRDRzuQR/BYz7FJHAnJTl8EYfsdl1hfybzL/wWpZeLv/nOFOGiqbsxEGjJ6gMY
CCwZXanMXyyC9T9TFWiejhar8rCLN7xDJpg7vr9NByVcNGgaLvupKjuwd8tzCaBB
XhEK/T0bJ4/WtOyjEQCawIOqgq/MF+m7eZatsIyLSDyQoPeeyUiYkf78ymJaX3R8
LOjiNtqrmldU2ZhF1/Hobsd6ynSRpQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIQKEUmO/9TddUJSlgCtn4MkTANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwMjA0MDAwMDAwWhcNMTcwNTA1MjM1OTU5
WjAsMSowKAYDVQQDEyF0aGF3dGUgU1NMIENBIC0gRzIgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwr+Df4d/lTE57C8iWwdSB
cOoWEoSSs8azstS/hhOtBfEbBVtRIB4zhhlk3v1g3eWLHEMvHGwONUDKBcx8d6nm
copzzKYhQnQ/h4Tsjo2bpmXNh33jn5p3V8VXOnvHQ0uuLsyWsLSoegGcW09MiP56
BZXJB/u58OohZcUjH5YUGx95rmtqGrh4zMTW8NdoWzBi4CQJ+joiDBdIdl8Rexbl
UDYKuMtiAq2FX/w14nMVpIiaJkXfFRta9W33FOFu3lRi4MvN8LjenTt1YJ4iqE61
guNA4tiEXRXYTa3WnKvSTqJ9vcQ0qUZAsLvxjlAyXIwB0CVRHZxbAaaoyxXEo6lX
AgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcwFTETMBEG
A1UEAxMKVEdWLUQtMzg1ODAfBgNVHSMEGDAWgBTCT0hX/NFPmsBdOH0OBdvZLrVS
YDAdBgNVHQ4EFgQU3AY9hOyS8EhafR9viQ36Hm0n2I0wDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBAC6ewVwE1Sm7F7qTsiAWI5+Bvd/+1DhgRQz6mOBjQIdAFdSJ33e4YAvh
hEwyuHbRsIixrOD6GlLY95KhOvnPfLkS3BI9lviVo0InSlabQS7JkK8b3GMNIKMB
uYSR0Q0c7kEfwWM+xSRwJyU5fBGH7HZdYX8m8y/8FqWXi7/5zhThoqm7MRBoyeoD
GAgsGV2pzF8sgvU/UxVono4Wq/Kwize8QyaYO76/TQclXDRoGi77qSo7sHfLcwmg
QV4RCv09GyeP1rTsoxEAmsCDqoKvzBfpu3mWrbCMi0g8kKD3nslImJH+/MpiWl90
fCzo4jbaq5pXVNmYRdfx6G7Hesp0kaU=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=434553, public, no-transform, must-revalidate]
Content-Length: [1414]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sun, 23 Apr 2017 11:53:58 GMT]
Expires: [Fri, 28 Apr 2017 12:36:31 GMT]
Last-Modified: [Fri, 21 Apr 2017 12:36:31 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

thawte SSL CA - G2 (CA Certificate)

Certificate details for thawte SSL CA - G2 (At position 1 in certificate chain)
Serial number:
hex: 1687d6886de2300685233dbf11bf6597
int: 29948327227862944430780750156152137111
Issued by: thawte Primary Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: thawte, Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://t1.symcb.com/ThawtePCA.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://t1.symcb.com/ThawtePCA.crl
Size: 537 bytes (DER data)
Response time: 304.360097ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a69-31-33-156.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Thu, 27 Apr 2017 03:06:48 GMT]
Etag: ["9a0c909d0279c1bbdf66260ef952850c:1490320987"]
Last-Modified: [Fri, 24 Mar 2017 02:01:25 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a69-31-33-156.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://t2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://t2.symcb.com (GET)
Size: 1504 bytes (DER data)
Response time: 397.090233ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte Primary Root OCSP Responder Certificate 5
Issued by: thawte Primary Root CA
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 94h43m49s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a72-247-11-63.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG%2FZZc%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD/yl6nWPkczAQUe1tF
z6/Oy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG/ZZc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF3AoBAKCCBdUwggXRBgkrBgEFBQcwAQEEggXCMIIFvjCBnqIWBBSy2bdAZSGF
dJEJzQWJNOXg5SwcIxgPMjAxNzA0MjQwMTQ2NTZaMHMwcTBJMAkGBSsOAwIaBQAE
FDAXimvD1LuYJsIQcP/KXqdY+RzMBBR7W0XPr87Lev0xkhpqtvNG61dIUAIQFofW
iG3iMAaFIz2/Eb9ll4AAGA8yMDE3MDQyNDAxNDY1NlqgERgPMjAxNzA1MDEwMTQ2
NTZaMA0GCSqGSIb3DQEBBQUAA4IBAQB5Q7LMgsloS6xtB7UzzE0pJ8lppul80e9w
fOMy6xajGwpsz1H0ouxIamQuicwoj13z+rD3VauxwPrNwgAlnbXyIx8Nc4JAB6cc
djqFPmCKdUjMGHR+2Es119YSifnzF5UFEhaUFFb6dPHYuBYvIb+6NDOgacPaCIW1
UzZNMiZ4vSXbjn+E65BTQcL/2YdfOOeBIVAO5aKO6806x4KDhXojUXB0Tp6zcj0S
gH4qTb/3CIyFQwd8gOz70KvVCPvkdJe35NsEBaCsTaVT8yNApoN+Qk/DaMOUzWJu
N8hchMY7qFSeJrDWu1rqPsiFByLAdwptqlkWirkm7S88UD3DK87eoIIEBTCCBAEw
ggP9MIIC5aADAgECAhBqIaLOBLu8Jqunme8AdApUMA0GCSqGSIb3DQEBBQUAMIGp
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYDVQQLEy8oYykgMjAw
NiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UE
AxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTAeFw0xNjExMjIwMDAwMDBaFw0xNzEy
MTQyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4x
OTA3BgNVBAMTMHRoYXd0ZSBQcmltYXJ5IFJvb3QgT0NTUCBSZXNwb25kZXIgQ2Vy
dGlmaWNhdGUgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwOc/CD
T/ilVz6H2rkWETL80qIX5ttu5I16yxgPVYUP2Qy1D6dpiw9JZb0Tw134T58HpV+B
e3HSYDvEwPLyCBgKDNGAQ4RTEvuVDAJXhDHFDe+tE3wUWX0QCsmqMqXTc/BI18Zx
1vekmip6OnwyEoRdlaIeRv1qFLOGj9NqcQrh3CN/4SJb/DnWmTQta4gODnKS/ADF
WRs/wB3rqPDBZhBLBqywq6YRmzcz6hb/dpddqcTp7tDtEHmw+BDWTl/92a2YwJAw
9mKjfzqNYZa37ydH0MYioCjreLj++js4ZCM+av59twiH//GjaqSaQnW2z7rKM/5A
5tBowI+SWtr93p8CAwEAAaNqMGgwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYB
BQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREE
GzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MTANBgkqhkiG9w0BAQUFAAOCAQEA
MZQVzAXoEbM5j6fQNNDzrTvMeEMlOlf8ShOg6pa5Y6/s9m+3nEqxRZhdJXtqn7YI
2736XikAfsn7cVikARa66mlLn6QxdnbUHX/TUpJf2/nZqCb2T80lmSjOfLwBzdgD
9N4MUzs16ivcuEEEJhuBhtcp/66+oEQqdXdLejHG61bRkhnqrW6U9sGBPhoQw2Hq
G3zclM6IlNJX+LYxOuDDD/5SbKAbcy+QBsue7Yf5XG7lZacI9CVFreoggA+YR8VQ
SVChJNc4k3ALASLz2OckP2X/357OiJFcsoqNdeo70ZLPLS4U/gOn60QiAnxonBCJ
PjZyT4sg074MlhPJSGR+HA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIQaiGizgS7vCarp5nvAHQKVDANBgkqhkiG9w0BAQUFADCB
qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcx
MjE0MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
MTkwNwYDVQQDEzB0aGF3dGUgUHJpbWFyeSBSb290IE9DU1AgUmVzcG9uZGVyIENl
cnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDnPw
g0/4pVc+h9q5FhEy/NKiF+bbbuSNessYD1WFD9kMtQ+naYsPSWW9E8Nd+E+fB6Vf
gXtx0mA7xMDy8ggYCgzRgEOEUxL7lQwCV4QxxQ3vrRN8FFl9EArJqjKl03PwSNfG
cdb3pJoqejp8MhKEXZWiHkb9ahSzho/TanEK4dwjf+EiW/w51pk0LWuIDg5ykvwA
xVkbP8Ad66jwwWYQSwassKumEZs3M+oW/3aXXanE6e7Q7RB5sPgQ1k5f/dmtmMCQ
MPZio386jWGWt+8nR9DGIqAo63i4/vo7OGQjPmr+fbcIh//xo2qkmkJ1ts+6yjP+
QObQaMCPklra/d6fAgMBAAGjajBoMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsG
AQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwIgYDVR0R
BBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTEwDQYJKoZIhvcNAQEFBQADggEB
ADGUFcwF6BGzOY+n0DTQ8607zHhDJTpX/EoToOqWuWOv7PZvt5xKsUWYXSV7ap+2
CNu9+l4pAH7J+3FYpAEWuuppS5+kMXZ21B1/01KSX9v52agm9k/NJZkozny8Ac3Y
A/TeDFM7Neor3LhBBCYbgYbXKf+uvqBEKnV3S3oxxutW0ZIZ6q1ulPbBgT4aEMNh
6ht83JTOiJTSV/i2MTrgww/+UmygG3MvkAbLnu2H+Vxu5WWnCPQlRa3qIIAPmEfF
UElQoSTXOJNwCwEi89jnJD9l/9+ezoiRXLKKjXXqO9GSzy0uFP4Dp+tEIgJ8aJwQ
iT42ck+LINO+DJYTyUhkfhw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=341029, public, no-transform, must-revalidate]
Content-Length: [1504]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 27 Apr 2017 03:06:48 GMT]
Expires: [Mon, 1 May 2017 01:46:56 GMT]
Last-Modified: [Mon, 24 Apr 2017 01:46:56 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a72-247-11-63.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m41s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://t2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://t2.symcb.com (POST)
Size: 1504 bytes (DER data)
Response time: 424.897966ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte Primary Root OCSP Responder Certificate 5
Issued by: thawte Primary Root CA
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 94h40m8s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a72-247-11-63.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD/yl6nWPkczAQUe1tF
z6/Oy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG/ZZc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF3AoBAKCCBdUwggXRBgkrBgEFBQcwAQEEggXCMIIFvjCBnqIWBBSy2bdAZSGF
dJEJzQWJNOXg5SwcIxgPMjAxNzA0MjQwMTQ2NTZaMHMwcTBJMAkGBSsOAwIaBQAE
FDAXimvD1LuYJsIQcP/KXqdY+RzMBBR7W0XPr87Lev0xkhpqtvNG61dIUAIQFofW
iG3iMAaFIz2/Eb9ll4AAGA8yMDE3MDQyNDAxNDY1NlqgERgPMjAxNzA1MDEwMTQ2
NTZaMA0GCSqGSIb3DQEBBQUAA4IBAQB5Q7LMgsloS6xtB7UzzE0pJ8lppul80e9w
fOMy6xajGwpsz1H0ouxIamQuicwoj13z+rD3VauxwPrNwgAlnbXyIx8Nc4JAB6cc
djqFPmCKdUjMGHR+2Es119YSifnzF5UFEhaUFFb6dPHYuBYvIb+6NDOgacPaCIW1
UzZNMiZ4vSXbjn+E65BTQcL/2YdfOOeBIVAO5aKO6806x4KDhXojUXB0Tp6zcj0S
gH4qTb/3CIyFQwd8gOz70KvVCPvkdJe35NsEBaCsTaVT8yNApoN+Qk/DaMOUzWJu
N8hchMY7qFSeJrDWu1rqPsiFByLAdwptqlkWirkm7S88UD3DK87eoIIEBTCCBAEw
ggP9MIIC5aADAgECAhBqIaLOBLu8Jqunme8AdApUMA0GCSqGSIb3DQEBBQUAMIGp
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYDVQQLEy8oYykgMjAw
NiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UE
AxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTAeFw0xNjExMjIwMDAwMDBaFw0xNzEy
MTQyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4x
OTA3BgNVBAMTMHRoYXd0ZSBQcmltYXJ5IFJvb3QgT0NTUCBSZXNwb25kZXIgQ2Vy
dGlmaWNhdGUgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwOc/CD
T/ilVz6H2rkWETL80qIX5ttu5I16yxgPVYUP2Qy1D6dpiw9JZb0Tw134T58HpV+B
e3HSYDvEwPLyCBgKDNGAQ4RTEvuVDAJXhDHFDe+tE3wUWX0QCsmqMqXTc/BI18Zx
1vekmip6OnwyEoRdlaIeRv1qFLOGj9NqcQrh3CN/4SJb/DnWmTQta4gODnKS/ADF
WRs/wB3rqPDBZhBLBqywq6YRmzcz6hb/dpddqcTp7tDtEHmw+BDWTl/92a2YwJAw
9mKjfzqNYZa37ydH0MYioCjreLj++js4ZCM+av59twiH//GjaqSaQnW2z7rKM/5A
5tBowI+SWtr93p8CAwEAAaNqMGgwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYB
BQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREE
GzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MTANBgkqhkiG9w0BAQUFAAOCAQEA
MZQVzAXoEbM5j6fQNNDzrTvMeEMlOlf8ShOg6pa5Y6/s9m+3nEqxRZhdJXtqn7YI
2736XikAfsn7cVikARa66mlLn6QxdnbUHX/TUpJf2/nZqCb2T80lmSjOfLwBzdgD
9N4MUzs16ivcuEEEJhuBhtcp/66+oEQqdXdLejHG61bRkhnqrW6U9sGBPhoQw2Hq
G3zclM6IlNJX+LYxOuDDD/5SbKAbcy+QBsue7Yf5XG7lZacI9CVFreoggA+YR8VQ
SVChJNc4k3ALASLz2OckP2X/357OiJFcsoqNdeo70ZLPLS4U/gOn60QiAnxonBCJ
PjZyT4sg074MlhPJSGR+HA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIQaiGizgS7vCarp5nvAHQKVDANBgkqhkiG9w0BAQUFADCB
qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcx
MjE0MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
MTkwNwYDVQQDEzB0aGF3dGUgUHJpbWFyeSBSb290IE9DU1AgUmVzcG9uZGVyIENl
cnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDnPw
g0/4pVc+h9q5FhEy/NKiF+bbbuSNessYD1WFD9kMtQ+naYsPSWW9E8Nd+E+fB6Vf
gXtx0mA7xMDy8ggYCgzRgEOEUxL7lQwCV4QxxQ3vrRN8FFl9EArJqjKl03PwSNfG
cdb3pJoqejp8MhKEXZWiHkb9ahSzho/TanEK4dwjf+EiW/w51pk0LWuIDg5ykvwA
xVkbP8Ad66jwwWYQSwassKumEZs3M+oW/3aXXanE6e7Q7RB5sPgQ1k5f/dmtmMCQ
MPZio386jWGWt+8nR9DGIqAo63i4/vo7OGQjPmr+fbcIh//xo2qkmkJ1ts+6yjP+
QObQaMCPklra/d6fAgMBAAGjajBoMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsG
AQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwIgYDVR0R
BBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTEwDQYJKoZIhvcNAQEFBQADggEB
ADGUFcwF6BGzOY+n0DTQ8607zHhDJTpX/EoToOqWuWOv7PZvt5xKsUWYXSV7ap+2
CNu9+l4pAH7J+3FYpAEWuuppS5+kMXZ21B1/01KSX9v52agm9k/NJZkozny8Ac3Y
A/TeDFM7Neor3LhBBCYbgYbXKf+uvqBEKnV3S3oxxutW0ZIZ6q1ulPbBgT4aEMNh
6ht83JTOiJTSV/i2MTrgww/+UmygG3MvkAbLnu2H+Vxu5WWnCPQlRa3qIIAPmEfF
UElQoSTXOJNwCwEi89jnJD9l/9+ezoiRXLKKjXXqO9GSzy0uFP4Dp+tEIgJ8aJwQ
iT42ck+LINO+DJYTyUhkfhw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=340808, public, no-transform, must-revalidate]
Content-Length: [1504]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 27 Apr 2017 03:06:48 GMT]
Expires: [Mon, 1 May 2017 01:46:56 GMT]
Last-Modified: [Mon, 24 Apr 2017 01:46:56 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a72-247-11-63.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

thawte Primary Root CA (CA Certificate)

Certificate details for thawte Primary Root CA (At position 2 in certificate chain)
Serial number:
hex: 344ed55720d5edec49f42fce37db2b6d
int: 69529181992039203566298953787712940909
Issued by: thawte Primary Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: thawte, Inc.
Organization unit: Certification Services Division
Organization unit: (c) 2006 thawte, Inc. - For authorized use only
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.