CRL & OCSP report for 0-hp.com - www.0-hp.com

www.0-hp.com

This certificate was cached at
Certificate details for www.0-hp.com (At position 0 in certificate chain)
Serial number:
hex: 7d5f765a4bc7c2c0304658c4be79adcb
int: 166649168152996021577641984468679503307
Issued by: RapidSSL SHA256 CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-hp.com.

Certificate Revocation List (CRL)

This CRL was cached at
http://gp.symcb.com/gp.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gp.symcb.com/gp.crl
Size: 365330 bytes (DER data)
Response time: 103.041677ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 10426

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Tue, 28 Mar 2017 09:34:57 GMT]
Etag: ["bcb6478307acee8ef7308016acad3102:1490650396"]
Last-Modified: [Mon, 27 Mar 2017 21:01:04 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gp.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gp.symcd.com (POST)
Size: 1414 bytes (DER data)
Response time: 25.169069ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: RapidSSL SHA256 CA OCSP Responder
Issued by: RapidSSL SHA256 CA
Signing certificate validity: 2017-03-23 - 2017-06-21
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 140h8m36s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRH4mIoBb+hjdi7K/E2J4ZS9L/ZgAQUl8In
UJ7CyewMiDLIfK3ipgFP2m8CEH1fdlpLx8LAMEZYxL55rcs=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFggoBAKCCBXswggV3BgkrBgEFBQcwAQEEggVoMIIFZDCBnqIWBBQkH3IMTvTP
IOMXYLognB79KiaONxgPMjAxNzAzMjgxMzIwMzNaMHMwcTBJMAkGBSsOAwIaBQAE
FEfiYigFv6GN2Lsr8TYnhlL0v9mABBSXwidQnsLJ7AyIMsh8reKmAU/abwIQfV92
WkvHwsAwRljEvnmty4AAGA8yMDE3MDMyODEzMjAzM1qgERgPMjAxNzA0MDQxMzIw
MzNaMA0GCSqGSIb3DQEBBQUAA4IBAQCebA6tL2kwp93VmByenH1FZK+5rU1+BGO9
oYPnxJCcUIOG/pilCbJRNcowwg0nw7uuyQa5tVhdHvTju5CE0DQ6wfS7OZftt6Zv
WofKU2kmifZTpUbr7BjVBIovoY8Z7wYBh2AJTmdSj6ISXWNEtOelfOM4Ar0y6n5g
b6FDcAcWrgJepuGxwM/ce/fBV4RbGmAiNibPdRhyxl4Gcvny7SoBQJO2+7r7L6tp
kOGCIAHy8yJZWMyLDIwkGSSe61SfzXzdviRagGHLNuslQ1k4WUy1hx6Q58zENH0d
p8ilhIDla9L1IZa1HM7kNOf9113gXiiiVHrkrqDsUO3sAeLUR+PSoIIDqzCCA6cw
ggOjMIICi6ADAgECAhAi+dKXYAIkBhGXUgnxij0KMA0GCSqGSIb3DQEBCwUAMEIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJS
YXBpZFNTTCBTSEEyNTYgQ0EwHhcNMTcwMzIzMDAwMDAwWhcNMTcwNjIxMjM1OTU5
WjAsMSowKAYDVQQDEyFSYXBpZFNTTCBTSEEyNTYgQ0EgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+nYO0BvC7vcRovhl2JgQ
aCLQmHS9qQDM8J06BeBPVjXwzfJd/MDWvFqTjRg1oFm2CBxnDlmxy5nisVHJ4sOa
18hQbXRD31HbhB/DmzJkgviIwRoWPcxQ4zX6FJB22TBj5KZymbQrz/34+3RU1QXT
QCD4PgnP4FtrgPITjauIHQU6ujte6p5LkjJOlEwpjlIVuxlLAuX6mEE/hrbetUBS
dsNKbKvSULSeobgWI9ndB+QO9CGb764BHBiU4Gufx48fcjdDqg1gvF7KcVn+vU4A
x1q5h1s7+xEcTxMlUuV6oRIihpsu9O3+tksCYFJezRmPRmRpS9JdnaCBvv4mU8Fp
AgMBAAGjgaowgacwDwYJKwYBBQUHMAEFBAIFADAhBgNVHREEGjAYpBYwFDESMBAG
A1UEAxMJVEdWLUUtNTA3MB8GA1UdIwQYMBaAFJfCJ1CewsnsDIgyyHyt4qYBT9pv
MB0GA1UdDgQWBBQkH3IMTvTPIOMXYLognB79KiaONzAMBgNVHRMBAf8EAjAAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF
AAOCAQEAmfxMu9ByNbCj7HKuSQyd1K5cYFgBbrZhWJ/OVlPg9o6syhBCnVNgd02U
MLC1GyxkVVP0tXhVM6/WZzydDbOVF+wD4MRxdl0qVL2vj6Q6eVaB5o60iS8B19b8
v4NXm9nOrH4NEq+0qHEJJhq+lDXLOGbXl2UdV6u9qTWxHcE1EbbGl7uy8cMSofYr
GntoemZ5qTFFA71W1Hx4Yjh7I+c+Mq2FF3tVi0XD9yN+HGK1MlVxxA2BQUA3hnVV
5QBLpEC0/IXbVpNRH7+gZB3IRjrBD7n4DDunLZrii5thvt+tOMZEP855NodnjlY8
6Z4M5PcTzpHbAcGLxvlxfLnWiDWU3w==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIQIvnSl2ACJAYRl1IJ8Yo9CjANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE3MDMyMzAwMDAwMFoXDTE3MDYyMTIzNTk1
OVowLDEqMCgGA1UEAxMhUmFwaWRTU0wgU0hBMjU2IENBIE9DU1AgUmVzcG9uZGVy
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPp2DtAbwu73EaL4ZdiY
EGgi0Jh0vakAzPCdOgXgT1Y18M3yXfzA1rxak40YNaBZtggcZw5ZscuZ4rFRyeLD
mtfIUG10Q99R24Qfw5syZIL4iMEaFj3MUOM1+hSQdtkwY+Smcpm0K8/9+Pt0VNUF
00Ag+D4Jz+Bba4DyE42riB0FOro7XuqeS5IyTpRMKY5SFbsZSwLl+phBP4a23rVA
UnbDSmyr0lC0nqG4FiPZ3QfkDvQhm++uARwYlOBrn8ePH3I3Q6oNYLxeynFZ/r1O
AMdauYdbO/sRHE8TJVLleqESIoabLvTt/rZLAmBSXs0Zj0ZkaUvSXZ2ggb7+JlPB
aQIDAQABo4GqMIGnMA8GCSsGAQUFBzABBQQCBQAwIQYDVR0RBBowGKQWMBQxEjAQ
BgNVBAMTCVRHVi1FLTUwNzAfBgNVHSMEGDAWgBSXwidQnsLJ7AyIMsh8reKmAU/a
bzAdBgNVHQ4EFgQUJB9yDE70zyDjF2C6IJwe/SomjjcwDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBAJn8TLvQcjWwo+xyrkkMndSuXGBYAW62YVifzlZT4PaOrMoQQp1TYHdN
lDCwtRssZFVT9LV4VTOv1mc8nQ2zlRfsA+DEcXZdKlS9r4+kOnlWgeaOtIkvAdfW
/L+DV5vZzqx+DRKvtKhxCSYavpQ1yzhm15dlHVervak1sR3BNRG2xpe7svHDEqH2
Kxp7aHpmeakxRQO9VtR8eGI4eyPnPjKthRd7VYtFw/cjfhxitTJVccQNgUFAN4Z1
VeUAS6RAtPyF21aTUR+/oGQdyEY6wQ+5+Aw7py2a4oubYb7frTjGRD/OeTaHZ45W
POmeDOT3E86R2wHBi8b5cXy51og1lN8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=504516, public, no-transform, must-revalidate]
Content-Length: [1414]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 29 Mar 2017 17:11:57 GMT]
Expires: [Tue, 4 Apr 2017 13:20:33 GMT]
Last-Modified: [Tue, 28 Mar 2017 13:20:33 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gp.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gp.symcd.com (GET)
Size: 1414 bytes (DER data)
Response time: 52.30213ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: RapidSSL SHA256 CA OCSP Responder
Issued by: RapidSSL SHA256 CA
Signing certificate validity: 2017-03-23 - 2017-06-21
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 140h8m36s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (S)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRH4mIoBb%2Bhjdi7K%2FE2J4ZS9L%2FZgAQUl8InUJ7CyewMiDLIfK3ipgFP2m8CEH1fdlpLx8LAMEZYxL55rcs%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRH4mIoBb+hjdi7K/E2J4ZS9L/ZgAQUl8In
UJ7CyewMiDLIfK3ipgFP2m8CEH1fdlpLx8LAMEZYxL55rcs=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFggoBAKCCBXswggV3BgkrBgEFBQcwAQEEggVoMIIFZDCBnqIWBBQkH3IMTvTP
IOMXYLognB79KiaONxgPMjAxNzAzMjgxMzIwMzNaMHMwcTBJMAkGBSsOAwIaBQAE
FEfiYigFv6GN2Lsr8TYnhlL0v9mABBSXwidQnsLJ7AyIMsh8reKmAU/abwIQfV92
WkvHwsAwRljEvnmty4AAGA8yMDE3MDMyODEzMjAzM1qgERgPMjAxNzA0MDQxMzIw
MzNaMA0GCSqGSIb3DQEBBQUAA4IBAQCebA6tL2kwp93VmByenH1FZK+5rU1+BGO9
oYPnxJCcUIOG/pilCbJRNcowwg0nw7uuyQa5tVhdHvTju5CE0DQ6wfS7OZftt6Zv
WofKU2kmifZTpUbr7BjVBIovoY8Z7wYBh2AJTmdSj6ISXWNEtOelfOM4Ar0y6n5g
b6FDcAcWrgJepuGxwM/ce/fBV4RbGmAiNibPdRhyxl4Gcvny7SoBQJO2+7r7L6tp
kOGCIAHy8yJZWMyLDIwkGSSe61SfzXzdviRagGHLNuslQ1k4WUy1hx6Q58zENH0d
p8ilhIDla9L1IZa1HM7kNOf9113gXiiiVHrkrqDsUO3sAeLUR+PSoIIDqzCCA6cw
ggOjMIICi6ADAgECAhAi+dKXYAIkBhGXUgnxij0KMA0GCSqGSIb3DQEBCwUAMEIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJS
YXBpZFNTTCBTSEEyNTYgQ0EwHhcNMTcwMzIzMDAwMDAwWhcNMTcwNjIxMjM1OTU5
WjAsMSowKAYDVQQDEyFSYXBpZFNTTCBTSEEyNTYgQ0EgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+nYO0BvC7vcRovhl2JgQ
aCLQmHS9qQDM8J06BeBPVjXwzfJd/MDWvFqTjRg1oFm2CBxnDlmxy5nisVHJ4sOa
18hQbXRD31HbhB/DmzJkgviIwRoWPcxQ4zX6FJB22TBj5KZymbQrz/34+3RU1QXT
QCD4PgnP4FtrgPITjauIHQU6ujte6p5LkjJOlEwpjlIVuxlLAuX6mEE/hrbetUBS
dsNKbKvSULSeobgWI9ndB+QO9CGb764BHBiU4Gufx48fcjdDqg1gvF7KcVn+vU4A
x1q5h1s7+xEcTxMlUuV6oRIihpsu9O3+tksCYFJezRmPRmRpS9JdnaCBvv4mU8Fp
AgMBAAGjgaowgacwDwYJKwYBBQUHMAEFBAIFADAhBgNVHREEGjAYpBYwFDESMBAG
A1UEAxMJVEdWLUUtNTA3MB8GA1UdIwQYMBaAFJfCJ1CewsnsDIgyyHyt4qYBT9pv
MB0GA1UdDgQWBBQkH3IMTvTPIOMXYLognB79KiaONzAMBgNVHRMBAf8EAjAAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF
AAOCAQEAmfxMu9ByNbCj7HKuSQyd1K5cYFgBbrZhWJ/OVlPg9o6syhBCnVNgd02U
MLC1GyxkVVP0tXhVM6/WZzydDbOVF+wD4MRxdl0qVL2vj6Q6eVaB5o60iS8B19b8
v4NXm9nOrH4NEq+0qHEJJhq+lDXLOGbXl2UdV6u9qTWxHcE1EbbGl7uy8cMSofYr
GntoemZ5qTFFA71W1Hx4Yjh7I+c+Mq2FF3tVi0XD9yN+HGK1MlVxxA2BQUA3hnVV
5QBLpEC0/IXbVpNRH7+gZB3IRjrBD7n4DDunLZrii5thvt+tOMZEP855NodnjlY8
6Z4M5PcTzpHbAcGLxvlxfLnWiDWU3w==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIQIvnSl2ACJAYRl1IJ8Yo9CjANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE3MDMyMzAwMDAwMFoXDTE3MDYyMTIzNTk1
OVowLDEqMCgGA1UEAxMhUmFwaWRTU0wgU0hBMjU2IENBIE9DU1AgUmVzcG9uZGVy
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPp2DtAbwu73EaL4ZdiY
EGgi0Jh0vakAzPCdOgXgT1Y18M3yXfzA1rxak40YNaBZtggcZw5ZscuZ4rFRyeLD
mtfIUG10Q99R24Qfw5syZIL4iMEaFj3MUOM1+hSQdtkwY+Smcpm0K8/9+Pt0VNUF
00Ag+D4Jz+Bba4DyE42riB0FOro7XuqeS5IyTpRMKY5SFbsZSwLl+phBP4a23rVA
UnbDSmyr0lC0nqG4FiPZ3QfkDvQhm++uARwYlOBrn8ePH3I3Q6oNYLxeynFZ/r1O
AMdauYdbO/sRHE8TJVLleqESIoabLvTt/rZLAmBSXs0Zj0ZkaUvSXZ2ggb7+JlPB
aQIDAQABo4GqMIGnMA8GCSsGAQUFBzABBQQCBQAwIQYDVR0RBBowGKQWMBQxEjAQ
BgNVBAMTCVRHVi1FLTUwNzAfBgNVHSMEGDAWgBSXwidQnsLJ7AyIMsh8reKmAU/a
bzAdBgNVHQ4EFgQUJB9yDE70zyDjF2C6IJwe/SomjjcwDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBAJn8TLvQcjWwo+xyrkkMndSuXGBYAW62YVifzlZT4PaOrMoQQp1TYHdN
lDCwtRssZFVT9LV4VTOv1mc8nQ2zlRfsA+DEcXZdKlS9r4+kOnlWgeaOtIkvAdfW
/L+DV5vZzqx+DRKvtKhxCSYavpQ1yzhm15dlHVervak1sR3BNRG2xpe7svHDEqH2
Kxp7aHpmeakxRQO9VtR8eGI4eyPnPjKthRd7VYtFw/cjfhxitTJVccQNgUFAN4Z1
VeUAS6RAtPyF21aTUR+/oGQdyEY6wQ+5+Aw7py2a4oubYb7frTjGRD/OeTaHZ45W
POmeDOT3E86R2wHBi8b5cXy51og1lN8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=504516, public, no-transform, must-revalidate]
Content-Length: [1414]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 29 Mar 2017 17:11:57 GMT]
Expires: [Tue, 4 Apr 2017 13:20:33 GMT]
Last-Modified: [Tue, 28 Mar 2017 13:20:33 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

RapidSSL SHA256 CA (CA Certificate)

This certificate was cached at
Certificate details for RapidSSL SHA256 CA (At position 1 in certificate chain)
Serial number:
hex: 23a71
int: 146033
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://g1.symcb.com/crls/gtglobal.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://g1.symcb.com/crls/gtglobal.crl
Size: 665 bytes (DER data)
Response time: 182.448155ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 12

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Tue, 28 Mar 2017 09:34:57 GMT]
Etag: ["ca736a3a4c64c88b82602fe64aa4182d:1490382195"]
Last-Modified: [Fri, 24 Mar 2017 18:49:54 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/8.3.1.1-19669903) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://g2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (GET)
Size: 1377 bytes (DER data)
Response time: 13.527644ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 141h53m48s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (-)

URL used for GET request

http:/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6cQ%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6cQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzAzMjcwNzI4MjJaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjpx
gAAYDzIwMTcwMzI3MDcyODIyWqARGA8yMDE3MDQwMzA3MjgyMlowDQYJKoZIhvcN
AQEFBQADggEBAD+/zCQlDmBVWOHO7ifMfh306aEJKxM9+xEyblKkSzaXfXRgTaGp
T9ACAhSrKBRvwbKvK67htX3y4KYnwD4LnB8dRYDmsX2XZQL0tKr7ppNA0Jtv2fE1
/ZjX4mQmgS6W8JJPKhp0yUua91Gr/6HXbljBqKsoGxql2hYGcdYhnifVijzVKDy/
9pLgOMOhLXDDE26HgMtQ9/ATCSFm7lPDECp1JA67MvJOVkTtDBoTrrud97KYww+7
43/HxvG5PdzWiEfNBCNHF+O+noZ+MWqFZqXc0jkUDQTDzpQkfEZNJxSsObnitMog
QngPwtFt4DGNL9/I+bClP4P7DZkRJC6QKC2gggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=510828, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 28 Mar 2017 09:34:57 GMT]
Expires: [Mon, 3 Apr 2017 07:28:22 GMT]
Last-Modified: [Mon, 27 Mar 2017 07:28:22 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 23s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://g2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (POST)
Size: 1377 bytes (DER data)
Response time: 34.106111ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 141h53m25s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6cQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzAzMjcwNzI4MjJaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjpx
gAAYDzIwMTcwMzI3MDcyODIyWqARGA8yMDE3MDQwMzA3MjgyMlowDQYJKoZIhvcN
AQEFBQADggEBAD+/zCQlDmBVWOHO7ifMfh306aEJKxM9+xEyblKkSzaXfXRgTaGp
T9ACAhSrKBRvwbKvK67htX3y4KYnwD4LnB8dRYDmsX2XZQL0tKr7ppNA0Jtv2fE1
/ZjX4mQmgS6W8JJPKhp0yUua91Gr/6HXbljBqKsoGxql2hYGcdYhnifVijzVKDy/
9pLgOMOhLXDDE26HgMtQ9/ATCSFm7lPDECp1JA67MvJOVkTtDBoTrrud97KYww+7
43/HxvG5PdzWiEfNBCNHF+O+noZ+MWqFZqXc0jkUDQTDzpQkfEZNJxSsObnitMog
QngPwtFt4DGNL9/I+bClP4P7DZkRJC6QKC2gggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=510805, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 28 Mar 2017 09:34:57 GMT]
Expires: [Mon, 3 Apr 2017 07:28:22 GMT]
Last-Modified: [Mon, 27 Mar 2017 07:28:22 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.4-19356466) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust Global CA (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust Global CA (At position 2 in certificate chain)
Serial number:
hex: 23456
int: 144470
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.