CRL & OCSP report for 0-hosting.eu - immotherm.de

immotherm.de

This certificate was cached at
Certificate details for immotherm.de (At position 0 in certificate chain)
Serial number:
hex: 40c26e884f4077c7b615c02ded28e754
int: 86080139185404128723450848310748309332
Issued by: StartCom Class 1 DV Server CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Country: DE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-hosting.eu.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.startssl.com/sca-server1.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.startssl.com/sca-server1.crl
Size: 35998 bytes (DER data)
Response time: 205.300106ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1014

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: nginx/1.0.12
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-213.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.1-18764048) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Length: [48798]
Content-Type: [application/pkix-crl]
Date: [Tue, 17 Jan 2017 07:17:35 GMT]
Last-Modified: [Mon, 16 Jan 2017 21:56:49 GMT]
Server: [nginx/1.0.12]
X-Cache: [TCP_MEM_HIT from a23-219-93-213.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.1-18764048) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL should be in DER format but is PEM encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.startssl.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.startssl.com (POST)
Size: 1816 bytes (DER data)
Response time: 92.772573ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: StartCom Class 1 DV Server CA OCSP Responder
Issued by: StartCom Class 1 DV Server CA
Signing certificate validity: 2016-12-10 - 2017-03-30
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: nginx/1.7.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-50-225-15.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.1-18764048) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRRaBWasZmbOlXoYMAiydUZ4DA9KQQU15FO
AcSwv/jIZ5NEnOcz+q2TDK8CEEDCbohPQHfHthXALe0o51Q=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHFAoBAKCCBw0wggcJBgkrBgEFBQcwAQEEggb6MIIG9jCCAROhgYowgYcxCzAJ
BgNVBAYTAklMMRYwFAYDVQQKDA1TdGFydENvbSBMdGQuMSkwJwYDVQQLDCBTdGFy
dENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTE1MDMGA1UEAwwsU3RhcnRDb20g
Q2xhc3MgMSBEViBTZXJ2ZXIgQ0EgT0NTUCBSZXNwb25kZXIYDzIwMTcwMTIwMTAz
NjQ0WjBzMHEwSTAJBgUrDgMCGgUABBRRaBWasZmbOlXoYMAiydUZ4DA9KQQU15FO
AcSwv/jIZ5NEnOcz+q2TDK8CEEDCbohPQHfHthXALe0o51SAABgPMjAxNzAxMjAx
MDM2NDRaoBEYDzIwMTcwMTI0MTA0NjQ0WjANBgkqhkiG9w0BAQsFAAOCAQEAuzTR
THcxnTtg3+otFbWmRwnY6HFmbsPHuUjkQ9I3XRjTYcTQa5x0X40kY+JF2fHeIK1G
qQ2SjMrEm2TXMLeFOaJRPYGohlTtP0w0Hwd7NeWWh3e+yuywYMkoLj2KZUmFhUKO
ojVD6m1Qq8lcD11PTFG+dev4TwTilSooKiGaGNKWy4VVVV14AfCifGNnTfvx74re
atGveGudjF0bXC3BwO3f7kYBDmRssTGjPBDjRX6sjn+NfQJFKPgGzve1IGcVV+Op
TqoohkkMQ1eu5L8kweRbYYxCP01AaFVb0glrEDnk1uvl8HaOpMsA/XzbqymFESXP
TgP+sz86v94xFhimh6CCBMcwggTDMIIEvzCCA6egAwIBAgIQVKueA9VfZkHR3Afu
yXYb3TANBgkqhkiG9w0BAQsFADB4MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3Rh
cnRDb20gTHRkLjEpMCcGA1UECxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdHkxJjAkBgNVBAMTHVN0YXJ0Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4X
DTE2MTIxMDAzNDQzMVoXDTE3MDMzMDAzNDQzMVowgYcxCzAJBgNVBAYTAklMMRYw
FAYDVQQKDA1TdGFydENvbSBMdGQuMSkwJwYDVQQLDCBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTE1MDMGA1UEAwwsU3RhcnRDb20gQ2xhc3MgMSBEViBT
ZXJ2ZXIgQ0EgT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDsWdnWSrg/VpeaRuJygc4sGjrPpnt7b0CzTwKWmK0kYkPu3YlzNyEI
HEqjaJK1VJP10WpZ/xW5/VYXoWOPXCSHKHG9e0+ci0zjCXUGWDg5VcHXFo17uksN
P32qlSwo71OnPkY8YF0AYI6h2XlKkPq9H7qtwTKidquHhCaoIj485WbvypGTGf+N
Q0sGqh3E433Ya7s47owOW/j3mwhSZ+d0hNR4mAfrepSn6PEo/o8/3YY5eFSF9lqz
XHx9exbzyMDp+gSWPrqltvbQhLOf4WGlMv5HpCeHkGj6FBmvIUkP6o79ljqMLjwZ
DWj5CPM1GEgkH1waPlBJH97atfBKWbWFAgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8E
BAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYBBQUHMAEFBAIFADAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBRv97wRaU9N66S5OrcF+lPg7d+nVDAfBgNVHSME
GDAWgBTXkU4BxLC/+Mhnk0Sc5zP6rZMMrzBvBggrBgEFBQcBAQRjMGEwJAYIKwYB
BQUHMAGGGGh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbTA5BggrBgEFBQcwAoYtaHR0
cDovL2FpYS5zdGFydHNzbC5jb20vY2VydHMvc2NhLnNlcnZlcjEuY3J0MDgGA1Ud
HwQxMC8wLaAroCmGJ2h0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL3NjYS1zZXJ2ZXIx
LmNybDANBgkqhkiG9w0BAQsFAAOCAQEAIDClr/C1F+Sh/yYNQUVeKzE8wGIc0cby
rM7n7Rs0wBsZJjoIj+IG8Ksk134BurCswxRXqIPy/KgBrLkRSWhZU/+lVcsNAKLj
+bncbZ/n7x8E5oFGLOgKetyGrE3QVIvqWULt/aYQlFY45Wgri3RP/51F9v6WOC0W
raOR5vZJ/BDREslZDEq2IutiuLoWveGlAxwAh2wIDBK99IZLiNITFqze0R8xR1Nn
aF1uwENrXxANOjJ4TtO9321OHHRWAMx8sWvR1Jyna8+uefHrHcNvXpKMXjfcHfAT
vcIeFHl1q7yYyf/BW/QglRMwC9q1l2AHEkX5C70bmxh29EXu9bQyOw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIQVKueA9VfZkHR3AfuyXYb3TANBgkqhkiG9w0BAQsFADB4
MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg
U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0
Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4XDTE2MTIxMDAzNDQzMVoXDTE3MDMz
MDAzNDQzMVowgYcxCzAJBgNVBAYTAklMMRYwFAYDVQQKDA1TdGFydENvbSBMdGQu
MSkwJwYDVQQLDCBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTE1MDMG
A1UEAwwsU3RhcnRDb20gQ2xhc3MgMSBEViBTZXJ2ZXIgQ0EgT0NTUCBSZXNwb25k
ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsWdnWSrg/VpeaRuJy
gc4sGjrPpnt7b0CzTwKWmK0kYkPu3YlzNyEIHEqjaJK1VJP10WpZ/xW5/VYXoWOP
XCSHKHG9e0+ci0zjCXUGWDg5VcHXFo17uksNP32qlSwo71OnPkY8YF0AYI6h2XlK
kPq9H7qtwTKidquHhCaoIj485WbvypGTGf+NQ0sGqh3E433Ya7s47owOW/j3mwhS
Z+d0hNR4mAfrepSn6PEo/o8/3YY5eFSF9lqzXHx9exbzyMDp+gSWPrqltvbQhLOf
4WGlMv5HpCeHkGj6FBmvIUkP6o79ljqMLjwZDWj5CPM1GEgkH1waPlBJH97atfBK
WbWFAgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYB
BQUHAwkwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRv
97wRaU9N66S5OrcF+lPg7d+nVDAfBgNVHSMEGDAWgBTXkU4BxLC/+Mhnk0Sc5zP6
rZMMrzBvBggrBgEFBQcBAQRjMGEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnN0
YXJ0c3NsLmNvbTA5BggrBgEFBQcwAoYtaHR0cDovL2FpYS5zdGFydHNzbC5jb20v
Y2VydHMvc2NhLnNlcnZlcjEuY3J0MDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9j
cmwuc3RhcnRzc2wuY29tL3NjYS1zZXJ2ZXIxLmNybDANBgkqhkiG9w0BAQsFAAOC
AQEAIDClr/C1F+Sh/yYNQUVeKzE8wGIc0cbyrM7n7Rs0wBsZJjoIj+IG8Ksk134B
urCswxRXqIPy/KgBrLkRSWhZU/+lVcsNAKLj+bncbZ/n7x8E5oFGLOgKetyGrE3Q
VIvqWULt/aYQlFY45Wgri3RP/51F9v6WOC0WraOR5vZJ/BDREslZDEq2IutiuLoW
veGlAxwAh2wIDBK99IZLiNITFqze0R8xR1NnaF1uwENrXxANOjJ4TtO9321OHHRW
AMx8sWvR1Jyna8+uefHrHcNvXpKMXjfcHfATvcIeFHl1q7yYyf/BW/QglRMwC9q1
l2AHEkX5C70bmxh29EXu9bQyOw==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=0, no-cache, no-store]
Content-Length: [1816]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 22:07:53 GMT]
Etag: ["B4F1E667F2D7C9F7535C4846BC2F9FD44A1D3106"]
Expires: [Fri, 20 Jan 2017 22:07:53 GMT]
Last-Modified: [Fri, 20 Jan 2017 10:36:44 GMT]
Pragma: [no-cache]
Server: [nginx/1.7.2]
X-Cache: [TCP_MISS from a23-50-225-15.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.1-18764048) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.startssl.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.startssl.com (GET)
Size: 1816 bytes (DER data)
Response time: 114.575751ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: StartCom Class 1 DV Server CA OCSP Responder
Issued by: StartCom Class 1 DV Server CA
Signing certificate validity: 2016-12-10 - 2017-03-30
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: nginx/1.7.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-50-225-15.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.1-18764048) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRRaBWasZmbOlXoYMAiydUZ4DA9KQQU15FOAcSwv%2FjIZ5NEnOcz%2Bq2TDK8CEEDCbohPQHfHthXALe0o51Q%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRRaBWasZmbOlXoYMAiydUZ4DA9KQQU15FO
AcSwv/jIZ5NEnOcz+q2TDK8CEEDCbohPQHfHthXALe0o51Q=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHFAoBAKCCBw0wggcJBgkrBgEFBQcwAQEEggb6MIIG9jCCAROhgYowgYcxCzAJ
BgNVBAYTAklMMRYwFAYDVQQKDA1TdGFydENvbSBMdGQuMSkwJwYDVQQLDCBTdGFy
dENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTE1MDMGA1UEAwwsU3RhcnRDb20g
Q2xhc3MgMSBEViBTZXJ2ZXIgQ0EgT0NTUCBSZXNwb25kZXIYDzIwMTcwMTIwMTAz
NjQ0WjBzMHEwSTAJBgUrDgMCGgUABBRRaBWasZmbOlXoYMAiydUZ4DA9KQQU15FO
AcSwv/jIZ5NEnOcz+q2TDK8CEEDCbohPQHfHthXALe0o51SAABgPMjAxNzAxMjAx
MDM2NDRaoBEYDzIwMTcwMTI0MTA0NjQ0WjANBgkqhkiG9w0BAQsFAAOCAQEAuzTR
THcxnTtg3+otFbWmRwnY6HFmbsPHuUjkQ9I3XRjTYcTQa5x0X40kY+JF2fHeIK1G
qQ2SjMrEm2TXMLeFOaJRPYGohlTtP0w0Hwd7NeWWh3e+yuywYMkoLj2KZUmFhUKO
ojVD6m1Qq8lcD11PTFG+dev4TwTilSooKiGaGNKWy4VVVV14AfCifGNnTfvx74re
atGveGudjF0bXC3BwO3f7kYBDmRssTGjPBDjRX6sjn+NfQJFKPgGzve1IGcVV+Op
TqoohkkMQ1eu5L8kweRbYYxCP01AaFVb0glrEDnk1uvl8HaOpMsA/XzbqymFESXP
TgP+sz86v94xFhimh6CCBMcwggTDMIIEvzCCA6egAwIBAgIQVKueA9VfZkHR3Afu
yXYb3TANBgkqhkiG9w0BAQsFADB4MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3Rh
cnRDb20gTHRkLjEpMCcGA1UECxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdHkxJjAkBgNVBAMTHVN0YXJ0Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4X
DTE2MTIxMDAzNDQzMVoXDTE3MDMzMDAzNDQzMVowgYcxCzAJBgNVBAYTAklMMRYw
FAYDVQQKDA1TdGFydENvbSBMdGQuMSkwJwYDVQQLDCBTdGFydENvbSBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eTE1MDMGA1UEAwwsU3RhcnRDb20gQ2xhc3MgMSBEViBT
ZXJ2ZXIgQ0EgT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQDsWdnWSrg/VpeaRuJygc4sGjrPpnt7b0CzTwKWmK0kYkPu3YlzNyEI
HEqjaJK1VJP10WpZ/xW5/VYXoWOPXCSHKHG9e0+ci0zjCXUGWDg5VcHXFo17uksN
P32qlSwo71OnPkY8YF0AYI6h2XlKkPq9H7qtwTKidquHhCaoIj485WbvypGTGf+N
Q0sGqh3E433Ya7s47owOW/j3mwhSZ+d0hNR4mAfrepSn6PEo/o8/3YY5eFSF9lqz
XHx9exbzyMDp+gSWPrqltvbQhLOf4WGlMv5HpCeHkGj6FBmvIUkP6o79ljqMLjwZ
DWj5CPM1GEgkH1waPlBJH97atfBKWbWFAgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8E
BAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYBBQUHMAEFBAIFADAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBRv97wRaU9N66S5OrcF+lPg7d+nVDAfBgNVHSME
GDAWgBTXkU4BxLC/+Mhnk0Sc5zP6rZMMrzBvBggrBgEFBQcBAQRjMGEwJAYIKwYB
BQUHMAGGGGh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNvbTA5BggrBgEFBQcwAoYtaHR0
cDovL2FpYS5zdGFydHNzbC5jb20vY2VydHMvc2NhLnNlcnZlcjEuY3J0MDgGA1Ud
HwQxMC8wLaAroCmGJ2h0dHA6Ly9jcmwuc3RhcnRzc2wuY29tL3NjYS1zZXJ2ZXIx
LmNybDANBgkqhkiG9w0BAQsFAAOCAQEAIDClr/C1F+Sh/yYNQUVeKzE8wGIc0cby
rM7n7Rs0wBsZJjoIj+IG8Ksk134BurCswxRXqIPy/KgBrLkRSWhZU/+lVcsNAKLj
+bncbZ/n7x8E5oFGLOgKetyGrE3QVIvqWULt/aYQlFY45Wgri3RP/51F9v6WOC0W
raOR5vZJ/BDREslZDEq2IutiuLoWveGlAxwAh2wIDBK99IZLiNITFqze0R8xR1Nn
aF1uwENrXxANOjJ4TtO9321OHHRWAMx8sWvR1Jyna8+uefHrHcNvXpKMXjfcHfAT
vcIeFHl1q7yYyf/BW/QglRMwC9q1l2AHEkX5C70bmxh29EXu9bQyOw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIQVKueA9VfZkHR3AfuyXYb3TANBgkqhkiG9w0BAQsFADB4
MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjEpMCcGA1UECxMg
U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJjAkBgNVBAMTHVN0YXJ0
Q29tIENsYXNzIDEgRFYgU2VydmVyIENBMB4XDTE2MTIxMDAzNDQzMVoXDTE3MDMz
MDAzNDQzMVowgYcxCzAJBgNVBAYTAklMMRYwFAYDVQQKDA1TdGFydENvbSBMdGQu
MSkwJwYDVQQLDCBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTE1MDMG
A1UEAwwsU3RhcnRDb20gQ2xhc3MgMSBEViBTZXJ2ZXIgQ0EgT0NTUCBSZXNwb25k
ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsWdnWSrg/VpeaRuJy
gc4sGjrPpnt7b0CzTwKWmK0kYkPu3YlzNyEIHEqjaJK1VJP10WpZ/xW5/VYXoWOP
XCSHKHG9e0+ci0zjCXUGWDg5VcHXFo17uksNP32qlSwo71OnPkY8YF0AYI6h2XlK
kPq9H7qtwTKidquHhCaoIj485WbvypGTGf+NQ0sGqh3E433Ya7s47owOW/j3mwhS
Z+d0hNR4mAfrepSn6PEo/o8/3YY5eFSF9lqzXHx9exbzyMDp+gSWPrqltvbQhLOf
4WGlMv5HpCeHkGj6FBmvIUkP6o79ljqMLjwZDWj5CPM1GEgkH1waPlBJH97atfBK
WbWFAgMBAAGjggEzMIIBLzAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYB
BQUHAwkwDwYJKwYBBQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRv
97wRaU9N66S5OrcF+lPg7d+nVDAfBgNVHSMEGDAWgBTXkU4BxLC/+Mhnk0Sc5zP6
rZMMrzBvBggrBgEFBQcBAQRjMGEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnN0
YXJ0c3NsLmNvbTA5BggrBgEFBQcwAoYtaHR0cDovL2FpYS5zdGFydHNzbC5jb20v
Y2VydHMvc2NhLnNlcnZlcjEuY3J0MDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9j
cmwuc3RhcnRzc2wuY29tL3NjYS1zZXJ2ZXIxLmNybDANBgkqhkiG9w0BAQsFAAOC
AQEAIDClr/C1F+Sh/yYNQUVeKzE8wGIc0cbyrM7n7Rs0wBsZJjoIj+IG8Ksk134B
urCswxRXqIPy/KgBrLkRSWhZU/+lVcsNAKLj+bncbZ/n7x8E5oFGLOgKetyGrE3Q
VIvqWULt/aYQlFY45Wgri3RP/51F9v6WOC0WraOR5vZJ/BDREslZDEq2IutiuLoW
veGlAxwAh2wIDBK99IZLiNITFqze0R8xR1NnaF1uwENrXxANOjJ4TtO9321OHHRW
AMx8sWvR1Jyna8+uefHrHcNvXpKMXjfcHfATvcIeFHl1q7yYyf/BW/QglRMwC9q1
l2AHEkX5C70bmxh29EXu9bQyOw==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=0, no-cache, no-store]
Content-Length: [1816]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 22:07:53 GMT]
Etag: ["B4F1E667F2D7C9F7535C4846BC2F9FD44A1D3106"]
Expires: [Fri, 20 Jan 2017 22:07:53 GMT]
Last-Modified: [Fri, 20 Jan 2017 10:36:44 GMT]
Pragma: [no-cache]
Server: [nginx/1.7.2]
X-Cache: [TCP_MISS from a23-50-225-15.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.1-18764048) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

StartCom Class 1 DV Server CA (CA Certificate)

This certificate was cached at
Certificate details for StartCom Class 1 DV Server CA (At position 1 in certificate chain)
Serial number:
hex: 6a5dc3e53b4e4fd07b691ea5fcec646b
int: 141385024392521038045679749985328718955
Issued by: StartCom Certification Authority
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: StartCom Ltd.
Organization unit: StartCom Certification Authority
Country: IL
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.