CRL & OCSP report for 0-jump.valueline.com.search.milibrary.org - search.milibrary.org (Mechanics' Institute)

search.milibrary.org

This certificate was cached at
Certificate details for search.milibrary.org (At position 0 in certificate chain)
Serial number:
hex: 1cf390c05fb892762195dbf4f386366f
int: 38483047927015946062812629843287881327
Issued by: GeoTrust SSL CA - G3
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Mechanics' Institute
State / Province: California
Locality: San Francisco
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-jump.valueline.com.search.milibrary.org.

Certificate Revocation List (CRL)

This CRL was cached at
http://gn.symcb.com/gn.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gn.symcb.com/gn.crl
Size: 128860 bytes (DER data)
Response time: 10.600998ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3669

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Tue, 17 Jan 2017 05:41:15 GMT]
Etag: ["d47191d95c76c19fc51f3d6efb3c99b5:1484604646"]
Last-Modified: [Mon, 16 Jan 2017 22:10:46 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gn.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gn.symcd.com (POST)
Size: 1419 bytes (DER data)
Response time: 86.386655ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust SSL CA - G3 OCSP Responder
Issued by: GeoTrust SSL CA - G3
Signing certificate validity: 2016-11-19 - 2017-02-17
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 167h44m19s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSxiwsBl1MHLHQ30p2z4Y2jbM5X4AQU0m/3
lvSFP3I8MH0j2oV4m6N8WnwCEBzzkMBfuJJ2IZXb9POGNm8=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFhwoBAKCCBYAwggV8BgkrBgEFBQcwAQEEggVtMIIFaTCBnqIWBBQg1D14iL5Y
bhV1/HCC5AtXnJfa+BgPMjAxNzAxMTgxMzQ1MThaMHMwcTBJMAkGBSsOAwIaBQAE
FLGLCwGXUwcsdDfSnbPhjaNszlfgBBTSb/eW9IU/cjwwfSPahXibo3xafAIQHPOQ
wF+4knYhldv084Y2b4AAGA8yMDE3MDExODEzNDUxOFqgERgPMjAxNzAxMjUxMzQ1
MThaMA0GCSqGSIb3DQEBBQUAA4IBAQBt8hHapjtTfP/u4isWSxqjNA0HeIJFBzek
yKBfSBuLlKvWoi2UkmDk+AYZthe3rDnbIFFHF3aq1cxbm6mgU8KmpG8Vmo5vrU9u
sc7rbIarI4FA+qTKajnRREYNYZcG+S4WnPGnrSBlZrOrEKIb4ENbmAIlS6IrIO/4
bCts1RTbdWd+B9SD6gJNDHb6gJ/bHMa8o3UyVPhawSvO1evZkA0WfBWzfF+XfLv/
Qhea6nrwdLh/swPrPWKPR3IRURMYhDyxrsF4WJz/xadZh5w5lZYslJ6LRznbbJ25
LWv6ZfXpEQI/ludnRHsa+pCjr9fzQJSn8+JVHV1ECs8vDHDVrnfSoIIDsDCCA6ww
ggOoMIICkKADAgECAhAUR2gmuTM0A7SSYiieV5tnMA0GCSqGSIb3DQEBCwUAMEQx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQDExRH
ZW9UcnVzdCBTU0wgQ0EgLSBHMzAeFw0xNjExMTkwMDAwMDBaFw0xNzAyMTcyMzU5
NTlaMC4xLDAqBgNVBAMTI0dlb1RydXN0IFNTTCBDQSAtIEczIE9DU1AgUmVzcG9u
ZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2olFT+M4RoPHlw4A
HAHIfB8x26fzRZboJicCsoufV1ReyTqZ2rbVqstBOP/gR5EWuOgrE+PmW+yERWnx
dv0dmDzO9W5GirHe+4Fu4l7L8qFhFAmJD7sB059fQ1cf0c35YDzgzRMOIo5lkQJ8
ZyYF8cRQzjv2ycVZML969KvH9Mwc4xbWn3KfGPl1UcaiUcxdmfqgen1pbKvyf9Xw
DNMD/NMvAgVu/u5twT9iy0d1e/YKoXUN4GoH+HMzZY5J7fgy+u+sPxpFQ9yFhVqe
iKoyv6d7Acc72t3bgmbldvq2gAaX5SWFHLaalle6RFtUTQSyRxznDus5fwZazwLb
bJbhLwIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBswGaQXMBUx
EzARBgNVBAMTClRHVi1ELTI4MzAwHwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4
m6N8WnwwHQYDVR0OBBYEFCDUPXiIvlhuFXX8cILkC1ecl9r4MAwGA1UdEwEB/wQC
MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3
DQEBCwUAA4IBAQAZs8uP3cDnKIJc/shrPVbNvbqsSFtTVK3YtR6JpreTmkp6Msdl
GhibFOPnfJ79d8HuQIsVWVR6sFjxrL4om2wwb4nUFM6iqP3w/xX7dUeiRvrTd3AA
JZcJCW3XcxfPL2uyBVg7/gksMMV04UyGW1zoSybKJylIGfo4FmOeGJW89wXioyAE
gTHyBZGEC2PQDwIPBkbitcyER8KMItLCFShEUtn642kFhKkiluJGn5UIhaXUwzIy
+2Qb4q2/b6mFksze4PVTOJcugHxjwEC0Alw2c7/feZ9ZujaABjtzYVTmroOflIL9
ZCie8GXhAF59ePKfo/LQ8iJor4qA/dWeqnxI
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDqDCCApCgAwIBAgIQFEdoJrkzNAO0kmIonlebZzANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU
R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTYxMTE5MDAwMDAwWhcNMTcwMjE3MjM1
OTU5WjAuMSwwKgYDVQQDEyNHZW9UcnVzdCBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3Bv
bmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANqJRU/jOEaDx5cO
ABwByHwfMdun80WW6CYnArKLn1dUXsk6mdq21arLQTj/4EeRFrjoKxPj5lvshEVp
8Xb9HZg8zvVuRoqx3vuBbuJey/KhYRQJiQ+7AdOfX0NXH9HN+WA84M0TDiKOZZEC
fGcmBfHEUM479snFWTC/evSrx/TMHOMW1p9ynxj5dVHGolHMXZn6oHp9aWyr8n/V
8AzTA/zTLwIFbv7ubcE/YstHdXv2CqF1DeBqB/hzM2WOSe34MvrvrD8aRUPchYVa
noiqMr+newHHO9rd24Jm5Xb6toAGl+UlhRy2mpZXukRbVE0Eskcc5w7rOX8GWs8C
22yW4S8CAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAV
MRMwEQYDVQQDEwpUR1YtRC0yODMwMB8GA1UdIwQYMBaAFNJv95b0hT9yPDB9I9qF
eJujfFp8MB0GA1UdDgQWBBQg1D14iL5YbhV1/HCC5AtXnJfa+DAMBgNVHRMBAf8E
AjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG
9w0BAQsFAAOCAQEAGbPLj93A5yiCXP7Iaz1Wzb26rEhbU1St2LUeiaa3k5pKejLH
ZRoYmxTj53ye/XfB7kCLFVlUerBY8ay+KJtsMG+J1BTOoqj98P8V+3VHokb603dw
ACWXCQlt13MXzy9rsgVYO/4JLDDFdOFMhltc6EsmyicpSBn6OBZjnhiVvPcF4qMg
BIEx8gWRhAtj0A8CDwZG4rXMhEfCjCLSwhUoRFLZ+uNpBYSpIpbiRp+VCIWl1MMy
MvtkG+Ktv2+phZLM3uD1UziXLoB8Y8BAtAJcNnO/33mfWbo2gAY7c2FU5q6Dn5SC
/WQonvBl4QBefXjyn6Py0PIiaK+KgP3Vnqp8SA==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=603859, public, no-transform, must-revalidate]
Content-Length: [1419]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 18 Jan 2017 14:00:59 GMT]
Expires: [Wed, 25 Jan 2017 13:45:18 GMT]
Last-Modified: [Wed, 18 Jan 2017 13:45:18 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gn.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gn.symcd.com (GET)
Size: 1419 bytes (DER data)
Response time: 117.406404ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust SSL CA - G3 OCSP Responder
Issued by: GeoTrust SSL CA - G3
Signing certificate validity: 2016-11-19 - 2017-02-17
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 167h44m19s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSxiwsBl1MHLHQ30p2z4Y2jbM5X4AQU0m%2F3lvSFP3I8MH0j2oV4m6N8WnwCEBzzkMBfuJJ2IZXb9POGNm8%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSxiwsBl1MHLHQ30p2z4Y2jbM5X4AQU0m/3
lvSFP3I8MH0j2oV4m6N8WnwCEBzzkMBfuJJ2IZXb9POGNm8=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFhwoBAKCCBYAwggV8BgkrBgEFBQcwAQEEggVtMIIFaTCBnqIWBBQg1D14iL5Y
bhV1/HCC5AtXnJfa+BgPMjAxNzAxMTgxMzQ1MThaMHMwcTBJMAkGBSsOAwIaBQAE
FLGLCwGXUwcsdDfSnbPhjaNszlfgBBTSb/eW9IU/cjwwfSPahXibo3xafAIQHPOQ
wF+4knYhldv084Y2b4AAGA8yMDE3MDExODEzNDUxOFqgERgPMjAxNzAxMjUxMzQ1
MThaMA0GCSqGSIb3DQEBBQUAA4IBAQBt8hHapjtTfP/u4isWSxqjNA0HeIJFBzek
yKBfSBuLlKvWoi2UkmDk+AYZthe3rDnbIFFHF3aq1cxbm6mgU8KmpG8Vmo5vrU9u
sc7rbIarI4FA+qTKajnRREYNYZcG+S4WnPGnrSBlZrOrEKIb4ENbmAIlS6IrIO/4
bCts1RTbdWd+B9SD6gJNDHb6gJ/bHMa8o3UyVPhawSvO1evZkA0WfBWzfF+XfLv/
Qhea6nrwdLh/swPrPWKPR3IRURMYhDyxrsF4WJz/xadZh5w5lZYslJ6LRznbbJ25
LWv6ZfXpEQI/ludnRHsa+pCjr9fzQJSn8+JVHV1ECs8vDHDVrnfSoIIDsDCCA6ww
ggOoMIICkKADAgECAhAUR2gmuTM0A7SSYiieV5tnMA0GCSqGSIb3DQEBCwUAMEQx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQDExRH
ZW9UcnVzdCBTU0wgQ0EgLSBHMzAeFw0xNjExMTkwMDAwMDBaFw0xNzAyMTcyMzU5
NTlaMC4xLDAqBgNVBAMTI0dlb1RydXN0IFNTTCBDQSAtIEczIE9DU1AgUmVzcG9u
ZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2olFT+M4RoPHlw4A
HAHIfB8x26fzRZboJicCsoufV1ReyTqZ2rbVqstBOP/gR5EWuOgrE+PmW+yERWnx
dv0dmDzO9W5GirHe+4Fu4l7L8qFhFAmJD7sB059fQ1cf0c35YDzgzRMOIo5lkQJ8
ZyYF8cRQzjv2ycVZML969KvH9Mwc4xbWn3KfGPl1UcaiUcxdmfqgen1pbKvyf9Xw
DNMD/NMvAgVu/u5twT9iy0d1e/YKoXUN4GoH+HMzZY5J7fgy+u+sPxpFQ9yFhVqe
iKoyv6d7Acc72t3bgmbldvq2gAaX5SWFHLaalle6RFtUTQSyRxznDus5fwZazwLb
bJbhLwIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBswGaQXMBUx
EzARBgNVBAMTClRHVi1ELTI4MzAwHwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4
m6N8WnwwHQYDVR0OBBYEFCDUPXiIvlhuFXX8cILkC1ecl9r4MAwGA1UdEwEB/wQC
MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3
DQEBCwUAA4IBAQAZs8uP3cDnKIJc/shrPVbNvbqsSFtTVK3YtR6JpreTmkp6Msdl
GhibFOPnfJ79d8HuQIsVWVR6sFjxrL4om2wwb4nUFM6iqP3w/xX7dUeiRvrTd3AA
JZcJCW3XcxfPL2uyBVg7/gksMMV04UyGW1zoSybKJylIGfo4FmOeGJW89wXioyAE
gTHyBZGEC2PQDwIPBkbitcyER8KMItLCFShEUtn642kFhKkiluJGn5UIhaXUwzIy
+2Qb4q2/b6mFksze4PVTOJcugHxjwEC0Alw2c7/feZ9ZujaABjtzYVTmroOflIL9
ZCie8GXhAF59ePKfo/LQ8iJor4qA/dWeqnxI
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDqDCCApCgAwIBAgIQFEdoJrkzNAO0kmIonlebZzANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU
R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTYxMTE5MDAwMDAwWhcNMTcwMjE3MjM1
OTU5WjAuMSwwKgYDVQQDEyNHZW9UcnVzdCBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3Bv
bmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANqJRU/jOEaDx5cO
ABwByHwfMdun80WW6CYnArKLn1dUXsk6mdq21arLQTj/4EeRFrjoKxPj5lvshEVp
8Xb9HZg8zvVuRoqx3vuBbuJey/KhYRQJiQ+7AdOfX0NXH9HN+WA84M0TDiKOZZEC
fGcmBfHEUM479snFWTC/evSrx/TMHOMW1p9ynxj5dVHGolHMXZn6oHp9aWyr8n/V
8AzTA/zTLwIFbv7ubcE/YstHdXv2CqF1DeBqB/hzM2WOSe34MvrvrD8aRUPchYVa
noiqMr+newHHO9rd24Jm5Xb6toAGl+UlhRy2mpZXukRbVE0Eskcc5w7rOX8GWs8C
22yW4S8CAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAV
MRMwEQYDVQQDEwpUR1YtRC0yODMwMB8GA1UdIwQYMBaAFNJv95b0hT9yPDB9I9qF
eJujfFp8MB0GA1UdDgQWBBQg1D14iL5YbhV1/HCC5AtXnJfa+DAMBgNVHRMBAf8E
AjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG
9w0BAQsFAAOCAQEAGbPLj93A5yiCXP7Iaz1Wzb26rEhbU1St2LUeiaa3k5pKejLH
ZRoYmxTj53ye/XfB7kCLFVlUerBY8ay+KJtsMG+J1BTOoqj98P8V+3VHokb603dw
ACWXCQlt13MXzy9rsgVYO/4JLDDFdOFMhltc6EsmyicpSBn6OBZjnhiVvPcF4qMg
BIEx8gWRhAtj0A8CDwZG4rXMhEfCjCLSwhUoRFLZ+uNpBYSpIpbiRp+VCIWl1MMy
MvtkG+Ktv2+phZLM3uD1UziXLoB8Y8BAtAJcNnO/33mfWbo2gAY7c2FU5q6Dn5SC
/WQonvBl4QBefXjyn6Py0PIiaK+KgP3Vnqp8SA==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=603859, public, no-transform, must-revalidate]
Content-Length: [1419]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 18 Jan 2017 14:00:59 GMT]
Expires: [Wed, 25 Jan 2017 13:45:18 GMT]
Last-Modified: [Wed, 18 Jan 2017 13:45:18 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust SSL CA - G3 (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust SSL CA - G3 (At position 1 in certificate chain)
Serial number:
hex: 23a6f
int: 146031
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://g1.symcb.com/crls/gtglobal.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://g1.symcb.com/crls/gtglobal.crl
Size: 665 bytes (DER data)
Response time: 27.727556ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 12

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Tue, 17 Jan 2017 05:41:15 GMT]
Etag: ["cdfed412ffc55736da7d26dd6e325304:1480525813"]
Last-Modified: [Wed, 30 Nov 2016 17:10:13 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://g2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (GET)
Size: 1377 bytes (DER data)
Response time: 5.607311ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 155h9m7s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

URL used for GET request

http:/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6bw%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6bw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzAxMTYxNjQ5NTZaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjpv
gAAYDzIwMTcwMTE2MTY0OTU2WqARGA8yMDE3MDEyMzE2NDk1NlowDQYJKoZIhvcN
AQEFBQADggEBAJynHGfQ9WBg/C0Qy/Ma3qrlA77sVezSsWfYN0t/Fo5zTV5daDiB
y7x7j97EqcxEd5tpOiOc7w8CYezpnVBYHcLc/0YmccBOGqIqiwwWHX7BTfsXUq59
ZdxgON/1xGsJOG4HjBHDcnv4sA5JwYmPjE2Ek/bdx1HSCJ0o6U4QGosPNioevpZT
laQrqbWzIr+UtXLYBQMJXngWZPjGven4hc/s6zBNqxA5I/prLRjYlPmMecIQHvnD
Q8Eav0l68Zkfr2xV9SCX7boyxu4Gm4r/nz3xA6xjzxldy06jpc9Fhg4mLiNnDMvH
yGR0Z36MECk4dZX6GkEDrAk/S7jm2ylspmSgggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=558547, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 17 Jan 2017 05:41:15 GMT]
Expires: [Mon, 23 Jan 2017 16:49:56 GMT]
Last-Modified: [Mon, 16 Jan 2017 16:49:56 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 26s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://g2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (POST)
Size: 1377 bytes (DER data)
Response time: 5.823457ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 155h9m44s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6bw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzAxMTYxNjQ5NTZaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjpv
gAAYDzIwMTcwMTE2MTY0OTU2WqARGA8yMDE3MDEyMzE2NDk1NlowDQYJKoZIhvcN
AQEFBQADggEBAJynHGfQ9WBg/C0Qy/Ma3qrlA77sVezSsWfYN0t/Fo5zTV5daDiB
y7x7j97EqcxEd5tpOiOc7w8CYezpnVBYHcLc/0YmccBOGqIqiwwWHX7BTfsXUq59
ZdxgON/1xGsJOG4HjBHDcnv4sA5JwYmPjE2Ek/bdx1HSCJ0o6U4QGosPNioevpZT
laQrqbWzIr+UtXLYBQMJXngWZPjGven4hc/s6zBNqxA5I/prLRjYlPmMecIQHvnD
Q8Eav0l68Zkfr2xV9SCX7boyxu4Gm4r/nz3xA6xjzxldy06jpc9Fhg4mLiNnDMvH
yGR0Z36MECk4dZX6GkEDrAk/S7jm2ylspmSgggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=558584, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 17 Jan 2017 05:41:15 GMT]
Expires: [Mon, 23 Jan 2017 16:49:56 GMT]
Last-Modified: [Mon, 16 Jan 2017 16:49:56 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 1m3s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust Global CA (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust Global CA (At position 2 in certificate chain)
Serial number:
hex: 23456
int: 144470
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.