CRL & OCSP report for 0-hp.com - www.0-hp.com

www.0-hp.com

This certificate was cached at
Certificate details for www.0-hp.com (At position 0 in certificate chain)
Serial number:
hex: 7d5f765a4bc7c2c0304658c4be79adcb
int: 166649168152996021577641984468679503307
Issued by: RapidSSL SHA256 CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-hp.com.

Certificate Revocation List (CRL)

This CRL was cached at
http://gp.symcb.com/gp.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gp.symcb.com/gp.crl
Size: 311889 bytes (DER data)
Response time: 16.167123ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 8899

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_HIT from a165-254-123-143.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Mon, 23 Jan 2017 08:23:20 GMT]
Etag: ["d080033645715176dc63c7883333b2eb:1485119460"]
Last-Modified: [Sun, 22 Jan 2017 21:11:00 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_REFRESH_HIT from a165-254-123-143.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gp.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gp.symcd.com (GET)
Size: 1415 bytes (DER data)
Response time: 49.296559ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: RapidSSL SHA256 CA OCSP Responder
Issued by: RapidSSL SHA256 CA
Signing certificate validity: 2016-12-30 - 2017-03-30
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 150h6m3s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a63-238-85-158.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRH4mIoBb%2Bhjdi7K%2FE2J4ZS9L%2FZgAQUl8InUJ7CyewMiDLIfK3ipgFP2m8CEH1fdlpLx8LAMEZYxL55rcs%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRH4mIoBb+hjdi7K/E2J4ZS9L/ZgAQUl8In
UJ7CyewMiDLIfK3ipgFP2m8CEH1fdlpLx8LAMEZYxL55rcs=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFgwoBAKCCBXwwggV4BgkrBgEFBQcwAQEEggVpMIIFZTCBnqIWBBQ5O/F3RGI8
xIZIOPKsh4g9ccklDhgPMjAxNzAxMjAyMTI1MjdaMHMwcTBJMAkGBSsOAwIaBQAE
FEfiYigFv6GN2Lsr8TYnhlL0v9mABBSXwidQnsLJ7AyIMsh8reKmAU/abwIQfV92
WkvHwsAwRljEvnmty4AAGA8yMDE3MDEyMDIxMjUyN1qgERgPMjAxNzAxMjcyMTI1
MjdaMA0GCSqGSIb3DQEBBQUAA4IBAQB0Ms5AD4AEYYGQMYUKR5vsvuzCdQZrrGcB
gkoExwvZT371eliLLBrLR6v9129Em5gn1zqbaj/NLIFJ69Xuf/olKP9FphhtNIrD
sW3iUTb20Hw4L9xWMbmlsrGVMiACDeae9YVhO+KYrVtx3mwIzIYasLa8Kma+r0Sr
lnSGnr824GjuxUzCHpiIKxxsO/hMYAlLTeTUFiDkwUZMSSOksniGd5zBa8JXgNq5
49eyUvdk918VtGTrYWQPYtDWs5P0/m6c6NvHkzVl4RQ0STK5+t15OcR7ybcnkbtM
9J2FXE6men6pEsS9pZu8i2bbznQCiagjKysZ120+dH2VoE/MnIoWoIIDrDCCA6gw
ggOkMIICjKADAgECAhB+C6l+fDtMcSdDD8Zz6s1lMA0GCSqGSIb3DQEBCwUAMEIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJS
YXBpZFNTTCBTSEEyNTYgQ0EwHhcNMTYxMjMwMDAwMDAwWhcNMTcwMzMwMjM1OTU5
WjAsMSowKAYDVQQDEyFSYXBpZFNTTCBTSEEyNTYgQ0EgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqS8c4KM2CXwpVy2OrGVHz
8xLrKQFqr9B66SpSrSwWv1OXEBXcRBsF69sD62oo13Zd/o+BMzRHOHKzLLj77IBJ
evAlJ/ucMvH9DgYKtWZX/I7P1xRkStRJx652YjeD/ScgEoMkTO9MkqduovjqC/FY
g2GtM5AViYX9hbBkyFC8aKE1io/6ICpfOVQ8dztsXH9hX3LydZVSevtoSvJEfjhv
Nmb2woE7T5MG2U4cRhqDJTP6+dGGUf5pJwt0M7G2vr8VqxmabWSpuaBKv1NPfOV8
Caf2AetTL6JmpaY10BDLCcG0+ly0uQXVoTc7tcDrx3MPGQ4JnH9lh216vWOInEoJ
AgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcwFTETMBEG
A1UEAxMKVEdWLUQtMzM5MTAfBgNVHSMEGDAWgBSXwidQnsLJ7AyIMsh8reKmAU/a
bzAdBgNVHQ4EFgQUOTvxd0RiPMSGSDjyrIeIPXHJJQ4wDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBADYYTQLCapYQIWgleAmlz5BXOzW+jL7bCR1gEnP2pPrz4PtZFvcKImqx
JXx/bOQFrL5zsKLbrfkQ/biyqRnKeV1taQQYg6fxIq/ZmXnqmnk8aax3pAK1NmKx
D4a86mH24go1Acv0uHM53UiB6wUgQvStx45jF+bC1n4tEP5eJ5WH8NJsasnItbuX
SujzEq1O8NqpvezWndThruArsDz6FyTofFq4P5vFStbzpPgRyeb2VQrNeCN8ImtT
xSKhoEypns8OQbzhWaZwT3dU9CInDt0qEEEsK+2ELjFw2FSFKeePA9i1SSYX5Axj
0KLJNWIfFKDZtvIBCW5McCJ6QE22lCU=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDpDCCAoygAwIBAgIQfgupfnw7THEnQw/Gc+rNZTANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE2MTIzMDAwMDAwMFoXDTE3MDMzMDIzNTk1
OVowLDEqMCgGA1UEAxMhUmFwaWRTU0wgU0hBMjU2IENBIE9DU1AgUmVzcG9uZGVy
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkvHOCjNgl8KVctjqxlR
8/MS6ykBaq/QeukqUq0sFr9TlxAV3EQbBevbA+tqKNd2Xf6PgTM0Rzhysyy4++yA
SXrwJSf7nDLx/Q4GCrVmV/yOz9cUZErUSceudmI3g/0nIBKDJEzvTJKnbqL46gvx
WINhrTOQFYmF/YWwZMhQvGihNYqP+iAqXzlUPHc7bFx/YV9y8nWVUnr7aEryRH44
bzZm9sKBO0+TBtlOHEYagyUz+vnRhlH+aScLdDOxtr6/FasZmm1kqbmgSr9TT3zl
fAmn9gHrUy+iZqWmNdAQywnBtPpctLkF1aE3O7XA68dzDxkOCZx/ZYdter1jiJxK
CQIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBswGaQXMBUxEzAR
BgNVBAMTClRHVi1ELTMzOTEwHwYDVR0jBBgwFoAUl8InUJ7CyewMiDLIfK3ipgFP
2m8wHQYDVR0OBBYEFDk78XdEYjzEhkg48qyHiD1xySUOMAwGA1UdEwEB/wQCMAAw
EwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB
CwUAA4IBAQA2GE0CwmqWECFoJXgJpc+QVzs1voy+2wkdYBJz9qT68+D7WRb3CiJq
sSV8f2zkBay+c7Ci2635EP24sqkZynldbWkEGIOn8SKv2Zl56pp5PGmsd6QCtTZi
sQ+GvOph9uIKNQHL9LhzOd1IgesFIEL0rceOYxfmwtZ+LRD+XieVh/DSbGrJyLW7
l0ro8xKtTvDaqb3s1p3U4a7gK7A8+hck6HxauD+bxUrW86T4Ecnm9lUKzXgjfCJr
U8UioaBMqZ7PDkG84VmmcE93VPQiJw7dKhBBLCvthC4xcNhUhSnnjwPYtUkmF+QM
Y9CiyTViHxSg2bbyAQluTHAiekBNtpQl
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=540363, public, no-transform, must-revalidate]
Content-Length: [1415]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sat, 21 Jan 2017 15:19:24 GMT]
Expires: [Fri, 27 Jan 2017 21:25:27 GMT]
Last-Modified: [Fri, 20 Jan 2017 21:25:27 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a63-238-85-158.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gp.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gp.symcd.com (POST)
Size: 1415 bytes (DER data)
Response time: 20.165903ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: RapidSSL SHA256 CA OCSP Responder
Issued by: RapidSSL SHA256 CA
Signing certificate validity: 2016-12-30 - 2017-03-30
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 150h6m3s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a63-238-85-142.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRH4mIoBb+hjdi7K/E2J4ZS9L/ZgAQUl8In
UJ7CyewMiDLIfK3ipgFP2m8CEH1fdlpLx8LAMEZYxL55rcs=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFgwoBAKCCBXwwggV4BgkrBgEFBQcwAQEEggVpMIIFZTCBnqIWBBQ5O/F3RGI8
xIZIOPKsh4g9ccklDhgPMjAxNzAxMjAyMTI1MjdaMHMwcTBJMAkGBSsOAwIaBQAE
FEfiYigFv6GN2Lsr8TYnhlL0v9mABBSXwidQnsLJ7AyIMsh8reKmAU/abwIQfV92
WkvHwsAwRljEvnmty4AAGA8yMDE3MDEyMDIxMjUyN1qgERgPMjAxNzAxMjcyMTI1
MjdaMA0GCSqGSIb3DQEBBQUAA4IBAQB0Ms5AD4AEYYGQMYUKR5vsvuzCdQZrrGcB
gkoExwvZT371eliLLBrLR6v9129Em5gn1zqbaj/NLIFJ69Xuf/olKP9FphhtNIrD
sW3iUTb20Hw4L9xWMbmlsrGVMiACDeae9YVhO+KYrVtx3mwIzIYasLa8Kma+r0Sr
lnSGnr824GjuxUzCHpiIKxxsO/hMYAlLTeTUFiDkwUZMSSOksniGd5zBa8JXgNq5
49eyUvdk918VtGTrYWQPYtDWs5P0/m6c6NvHkzVl4RQ0STK5+t15OcR7ybcnkbtM
9J2FXE6men6pEsS9pZu8i2bbznQCiagjKysZ120+dH2VoE/MnIoWoIIDrDCCA6gw
ggOkMIICjKADAgECAhB+C6l+fDtMcSdDD8Zz6s1lMA0GCSqGSIb3DQEBCwUAMEIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJS
YXBpZFNTTCBTSEEyNTYgQ0EwHhcNMTYxMjMwMDAwMDAwWhcNMTcwMzMwMjM1OTU5
WjAsMSowKAYDVQQDEyFSYXBpZFNTTCBTSEEyNTYgQ0EgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqS8c4KM2CXwpVy2OrGVHz
8xLrKQFqr9B66SpSrSwWv1OXEBXcRBsF69sD62oo13Zd/o+BMzRHOHKzLLj77IBJ
evAlJ/ucMvH9DgYKtWZX/I7P1xRkStRJx652YjeD/ScgEoMkTO9MkqduovjqC/FY
g2GtM5AViYX9hbBkyFC8aKE1io/6ICpfOVQ8dztsXH9hX3LydZVSevtoSvJEfjhv
Nmb2woE7T5MG2U4cRhqDJTP6+dGGUf5pJwt0M7G2vr8VqxmabWSpuaBKv1NPfOV8
Caf2AetTL6JmpaY10BDLCcG0+ly0uQXVoTc7tcDrx3MPGQ4JnH9lh216vWOInEoJ
AgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcwFTETMBEG
A1UEAxMKVEdWLUQtMzM5MTAfBgNVHSMEGDAWgBSXwidQnsLJ7AyIMsh8reKmAU/a
bzAdBgNVHQ4EFgQUOTvxd0RiPMSGSDjyrIeIPXHJJQ4wDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBADYYTQLCapYQIWgleAmlz5BXOzW+jL7bCR1gEnP2pPrz4PtZFvcKImqx
JXx/bOQFrL5zsKLbrfkQ/biyqRnKeV1taQQYg6fxIq/ZmXnqmnk8aax3pAK1NmKx
D4a86mH24go1Acv0uHM53UiB6wUgQvStx45jF+bC1n4tEP5eJ5WH8NJsasnItbuX
SujzEq1O8NqpvezWndThruArsDz6FyTofFq4P5vFStbzpPgRyeb2VQrNeCN8ImtT
xSKhoEypns8OQbzhWaZwT3dU9CInDt0qEEEsK+2ELjFw2FSFKeePA9i1SSYX5Axj
0KLJNWIfFKDZtvIBCW5McCJ6QE22lCU=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDpDCCAoygAwIBAgIQfgupfnw7THEnQw/Gc+rNZTANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE2MTIzMDAwMDAwMFoXDTE3MDMzMDIzNTk1
OVowLDEqMCgGA1UEAxMhUmFwaWRTU0wgU0hBMjU2IENBIE9DU1AgUmVzcG9uZGVy
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkvHOCjNgl8KVctjqxlR
8/MS6ykBaq/QeukqUq0sFr9TlxAV3EQbBevbA+tqKNd2Xf6PgTM0Rzhysyy4++yA
SXrwJSf7nDLx/Q4GCrVmV/yOz9cUZErUSceudmI3g/0nIBKDJEzvTJKnbqL46gvx
WINhrTOQFYmF/YWwZMhQvGihNYqP+iAqXzlUPHc7bFx/YV9y8nWVUnr7aEryRH44
bzZm9sKBO0+TBtlOHEYagyUz+vnRhlH+aScLdDOxtr6/FasZmm1kqbmgSr9TT3zl
fAmn9gHrUy+iZqWmNdAQywnBtPpctLkF1aE3O7XA68dzDxkOCZx/ZYdter1jiJxK
CQIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBswGaQXMBUxEzAR
BgNVBAMTClRHVi1ELTMzOTEwHwYDVR0jBBgwFoAUl8InUJ7CyewMiDLIfK3ipgFP
2m8wHQYDVR0OBBYEFDk78XdEYjzEhkg48qyHiD1xySUOMAwGA1UdEwEB/wQCMAAw
EwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB
CwUAA4IBAQA2GE0CwmqWECFoJXgJpc+QVzs1voy+2wkdYBJz9qT68+D7WRb3CiJq
sSV8f2zkBay+c7Ci2635EP24sqkZynldbWkEGIOn8SKv2Zl56pp5PGmsd6QCtTZi
sQ+GvOph9uIKNQHL9LhzOd1IgesFIEL0rceOYxfmwtZ+LRD+XieVh/DSbGrJyLW7
l0ro8xKtTvDaqb3s1p3U4a7gK7A8+hck6HxauD+bxUrW86T4Ecnm9lUKzXgjfCJr
U8UioaBMqZ7PDkG84VmmcE93VPQiJw7dKhBBLCvthC4xcNhUhSnnjwPYtUkmF+QM
Y9CiyTViHxSg2bbyAQluTHAiekBNtpQl
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=540363, public, no-transform, must-revalidate]
Content-Length: [1415]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sat, 21 Jan 2017 15:19:24 GMT]
Expires: [Fri, 27 Jan 2017 21:25:27 GMT]
Last-Modified: [Fri, 20 Jan 2017 21:25:27 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a63-238-85-142.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

RapidSSL SHA256 CA (CA Certificate)

This certificate was cached at
Certificate details for RapidSSL SHA256 CA (At position 1 in certificate chain)
Serial number:
hex: 23a71
int: 146033
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://g1.symcb.com/crls/gtglobal.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://g1.symcb.com/crls/gtglobal.crl
Size: 665 bytes (DER data)
Response time: 24.189073ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 12

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a165-254-123-174.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Mon, 23 Jan 2017 08:23:20 GMT]
Etag: ["cdfed412ffc55736da7d26dd6e325304:1480525813"]
Last-Modified: [Wed, 30 Nov 2016 17:10:13 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a165-254-123-174.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://g2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (GET)
Size: 1377 bytes (DER data)
Response time: 6.264985ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 167h58m55s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a165-254-123-143.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)

URL used for GET request

http:/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6cQ%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6cQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzAxMjMwODIxMjNaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjpx
gAAYDzIwMTcwMTIzMDgyMTIzWqARGA8yMDE3MDEzMDA4MjEyM1owDQYJKoZIhvcN
AQEFBQADggEBAJVPkT/wbMCabV3oZIP/ZK2HEPi2iOopz+M7K5+/bDQZtpkaBWhd
h37ssUzXMxzyV53y6MhkqxktJt2K7L3n5tHtW0bCBmSUSs8Rft5jhYcfp/9ajS82
V2Mn9Sfn2Ts/3YCGFXpkl6G3e0XoV2JkC1va3MnMakG3Bfw0CMa9uVydyp2Bv2cu
jt29OgEeKOy8QFMsuHiteMesCLGLytYx1YPUeNf+l7jcFvvzMr3Q2mcryI5T0bKo
k9LVfA7B9YNYtlmD6GrLqybX47Jx805I3lUt9zYnnChX44oOSHQ5P8vuJo6xPuLw
PLolZNIn2sxi1SGHlciCalYcMf4sMBJW5MigggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=604735, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Mon, 23 Jan 2017 08:23:20 GMT]
Expires: [Mon, 30 Jan 2017 08:21:23 GMT]
Last-Modified: [Mon, 23 Jan 2017 08:21:23 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a165-254-123-143.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 52s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://g2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (POST)
Size: 1377 bytes (DER data)
Response time: 5.491207ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 94h21m56s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a165-254-123-173.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6cQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzAxMjAwNjQxMDlaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjpx
gAAYDzIwMTcwMTIwMDY0MTA5WqARGA8yMDE3MDEyNzA2NDEwOVowDQYJKoZIhvcN
AQEFBQADggEBAE8r8ufKpalgqqskPVHzfFGat4hPYP2y+GU8BTolwkhhpqO0qBLo
foZBsQX1tSN8hhtdHgHRtglMQ232/wuwRBDWlHZKNA/w20RuYK3DdqviFp8eHNCf
vSyen9LoqobMYVaAXN6PHox5s/FXSEL/6wbqLg6cjxQYszj3omwhYOw6RDdwqMkI
/ir1XmNMh+NAS5YeZoYWTqw/VHwrE4dcNLiUUCTATnjqzza8YD22pyGE4xdlGMDZ
6X5bXp3J4rSgvlKO3ZDIxMmdG8qRbw1iUEdAw5jkXXGw8/ZsykJzehQez+GP+fK3
dxaP8SX3FaZOuM/y4Lzg7uU1lRhjqCqHdPegggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=339716, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Mon, 23 Jan 2017 08:23:20 GMT]
Expires: [Fri, 27 Jan 2017 06:41:09 GMT]
Last-Modified: [Fri, 20 Jan 2017 06:41:09 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a165-254-123-173.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 4m7s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust Global CA (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust Global CA (At position 2 in certificate chain)
Serial number:
hex: 23456
int: 144470
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.