CRL & OCSP report for 0-jump.valueline.com.webpac.lvlspa.org - webpac.lvlspa.org (Bethlehem Area Public Library)

webpac.lvlspa.org

This certificate was cached at
Certificate details for webpac.lvlspa.org (At position 0 in certificate chain)
Serial number:
hex: 1cff7f72d86e4b0ed97b7973c001efd0
int: 38545004545916314287840230392234897360
Issued by: GeoTrust EV SSL CA - G4
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Company registration number: 718975
Organization: Bethlehem Area Public Library
Organization unit: Library
State / Province: Pennsylvania
Locality: Bethlehem
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-jump.valueline.com.webpac.lvlspa.org.

Certificate Revocation List (CRL)

This CRL was cached at
http://gm.symcb.com/gm.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gm.symcb.com/gm.crl
Size: 31115 bytes (DER data)
Response time: 100.69768ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 876

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Mon, 20 Feb 2017 16:38:21 GMT]
Etag: ["509cd0678369c22c2a413ec1ec1ca3bd:1487581554"]
Last-Modified: [Mon, 20 Feb 2017 09:05:54 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gm.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gm.symcd.com (POST)
Size: 1425 bytes (DER data)
Response time: 38.103799ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust EV SSL CA - G4 OCSP Responder
Issued by: GeoTrust EV SSL CA - G4
Signing certificate validity: 2017-02-04 - 2017-05-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 105h28m1s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSqKwMUr2QuEw7WkiXj/yq61z1iMAQU3s9c
ULeuAh8VF6oW6A21KJ1qWvMCEBz/f3LYbksO2Xt5c8AB79A=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFjQoBAKCCBYYwggWCBgkrBgEFBQcwAQEEggVzMIIFbzCBnqIWBBT/5RZxLx4w
Iwcu2l1CZTtItAM2rxgPMjAxNzAyMTgwNzUyNDRaMHMwcTBJMAkGBSsOAwIaBQAE
FKorAxSvZC4TDtaSJeP/KrrXPWIwBBTez1xQt64CHxUXqhboDbUonWpa8wIQHP9/
cthuSw7Ze3lzwAHv0IAAGA8yMDE3MDIxODA3NTI0NFqgERgPMjAxNzAyMjUwNzUy
NDRaMA0GCSqGSIb3DQEBBQUAA4IBAQAWTRQexT/qKX/XycCcqyrHfjb+VrceFJ7P
+9jo9VWvalpXZUQLZIZzidbum65+lH6tFaoaqR1iL9XMy0lkzdBACMdMnuLG34UW
wJgegd4c7Zot34CaR9WSDhTCkPX+WbCST2ch0+atft2GbY1Iu+00VQDikEjmywbx
x4x8xQQ0CqgHFmAUuiBVKcLk9CdP2qU5mGLgTxPdQT8+phzvFYFvNhlSzyWk3mEU
4rNC0hOtyL9MqPpxEAptJ+vRnmrkpsUgGXMP61gRvI7zLPnAcyfeYBXXEARuDoq/
xf3Hw/Q4iEzFjTQ4TwTmOeyu5J1IrNYyJ+IQNWPlRB7Yw/fBMga8oIIDtjCCA7Iw
ggOuMIIClqADAgECAhBLZTFHFR3KvKFDJfmxNVmuMA0GCSqGSIb3DQEBCwUAMEcx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdH
ZW9UcnVzdCBFViBTU0wgQ0EgLSBHNDAeFw0xNzAyMDQwMDAwMDBaFw0xNzA1MDUy
MzU5NTlaMDExLzAtBgNVBAMTJkdlb1RydXN0IEVWIFNTTCBDQSAtIEc0IE9DU1Ag
UmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWHuXgAX
LU5vFS2uouXXtBbWCSB5PbP7LjcsxCDyAHRKzOXSty7rQ1g0VsYaIxl7yQXPpRuq
9EzuKLLUg2IvQqOflcPrXJGYBOBrRCxvXy+Y6nNE/wOHLkM5CfXBn+PR4Cz4nz2U
NtMFAScUZD3BJfGaVx6t8+Rz6dkOhU/1fSUUBW7Vp3QNX6jrb/ViOdixkEu+VHMG
AHrVNK3N0QlExlkdXHM3z1rSDNkLxHmekUGqkESqybUUgnZSIvxYho322cvplaLS
QdeYBELLbrxhddi5O4f609Y5TbyFAi3dLxaHetA049QgrPKi5K6dp74x1JphC0VO
FZyylXuTxTKskQIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBsw
GaQXMBUxEzARBgNVBAMTClRHVi1ELTM4NTQwHwYDVR0jBBgwFoAU3s9cULeuAh8V
F6oW6A21KJ1qWvMwHQYDVR0OBBYEFP/lFnEvHjAjBy7aXUJlO0i0AzavMAwGA1Ud
EwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0G
CSqGSIb3DQEBCwUAA4IBAQB92zPEdJMNvgPmToCRkJXCd75k6Bh5RXd5gvMAuCNv
CuWgzcw5b2i2c9fAPEQs1yUudT4HJ5nwwxa25MThoQdvDZGxhE6DXu2ZCIBte8iF
JMrOvmg1vZTOLKBw1Ak47NUXDOq5yqgdCcJOjiXUGx3lRX/fsuzVNUTSkWyx25oW
yWDYy/H8uvgsmSEUB/D8Zf/wkQsVh02HSWO7fGrk4D99mw4LamOuV0opf2l4MXYv
wMRbxu9up2ui+cR/GXHeCTSQ+8zLLRN6Xr+AgprHMUrxGHaxxrefzie1PPUpRudT
WakhTHc6rlqzIWRQmapLTlKKH9MO6EjHl0kNjjDJyoJ2
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDrjCCApagAwIBAgIQS2UxRxUdyryhQyX5sTVZrjANBgkqhkiG9w0BAQsFADBH
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX
R2VvVHJ1c3QgRVYgU1NMIENBIC0gRzQwHhcNMTcwMjA0MDAwMDAwWhcNMTcwNTA1
MjM1OTU5WjAxMS8wLQYDVQQDEyZHZW9UcnVzdCBFViBTU0wgQ0EgLSBHNCBPQ1NQ
IFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMlh7l4A
Fy1ObxUtrqLl17QW1gkgeT2z+y43LMQg8gB0Sszl0rcu60NYNFbGGiMZe8kFz6Ub
qvRM7iiy1INiL0Kjn5XD61yRmATga0Qsb18vmOpzRP8Dhy5DOQn1wZ/j0eAs+J89
lDbTBQEnFGQ9wSXxmlcerfPkc+nZDoVP9X0lFAVu1ad0DV+o62/1YjnYsZBLvlRz
BgB61TStzdEJRMZZHVxzN89a0gzZC8R5npFBqpBEqsm1FIJ2UiL8WIaN9tnL6ZWi
0kHXmARCy268YXXYuTuH+tPWOU28hQIt3S8Wh3rQNOPUIKzyouSunae+MdSaYQtF
ThWcspV7k8UyrJECAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQb
MBmkFzAVMRMwEQYDVQQDEwpUR1YtRC0zODU0MB8GA1UdIwQYMBaAFN7PXFC3rgIf
FReqFugNtSidalrzMB0GA1UdDgQWBBT/5RZxLx4wIwcu2l1CZTtItAM2rzAMBgNV
HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAN
BgkqhkiG9w0BAQsFAAOCAQEAfdszxHSTDb4D5k6AkZCVwne+ZOgYeUV3eYLzALgj
bwrloM3MOW9otnPXwDxELNclLnU+ByeZ8MMWtuTE4aEHbw2RsYROg17tmQiAbXvI
hSTKzr5oNb2UziygcNQJOOzVFwzqucqoHQnCTo4l1Bsd5UV/37Ls1TVE0pFssdua
Fslg2Mvx/Lr4LJkhFAfw/GX/8JELFYdNh0lju3xq5OA/fZsOC2pjrldKKX9peDF2
L8DEW8bvbqdrovnEfxlx3gk0kPvMyy0Tel6/gIKaxzFK8Rh2sca3n84ntTz1KUbn
U1mpIUx3Oq5asyFkUJmqS05Sih/TDuhIx5dJDY4wycqCdg==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=379681, public, no-transform, must-revalidate]
Content-Length: [1425]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Mon, 20 Feb 2017 22:24:43 GMT]
Expires: [Sat, 25 Feb 2017 07:52:44 GMT]
Last-Modified: [Sat, 18 Feb 2017 07:52:44 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gm.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gm.symcd.com (GET)
Size: 1425 bytes (DER data)
Response time: 64.440543ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust EV SSL CA - G4 OCSP Responder
Issued by: GeoTrust EV SSL CA - G4
Signing certificate validity: 2017-02-04 - 2017-05-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 105h28m1s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSqKwMUr2QuEw7WkiXj%2Fyq61z1iMAQU3s9cULeuAh8VF6oW6A21KJ1qWvMCEBz%2Ff3LYbksO2Xt5c8AB79A%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSqKwMUr2QuEw7WkiXj/yq61z1iMAQU3s9c
ULeuAh8VF6oW6A21KJ1qWvMCEBz/f3LYbksO2Xt5c8AB79A=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFjQoBAKCCBYYwggWCBgkrBgEFBQcwAQEEggVzMIIFbzCBnqIWBBT/5RZxLx4w
Iwcu2l1CZTtItAM2rxgPMjAxNzAyMTgwNzUyNDRaMHMwcTBJMAkGBSsOAwIaBQAE
FKorAxSvZC4TDtaSJeP/KrrXPWIwBBTez1xQt64CHxUXqhboDbUonWpa8wIQHP9/
cthuSw7Ze3lzwAHv0IAAGA8yMDE3MDIxODA3NTI0NFqgERgPMjAxNzAyMjUwNzUy
NDRaMA0GCSqGSIb3DQEBBQUAA4IBAQAWTRQexT/qKX/XycCcqyrHfjb+VrceFJ7P
+9jo9VWvalpXZUQLZIZzidbum65+lH6tFaoaqR1iL9XMy0lkzdBACMdMnuLG34UW
wJgegd4c7Zot34CaR9WSDhTCkPX+WbCST2ch0+atft2GbY1Iu+00VQDikEjmywbx
x4x8xQQ0CqgHFmAUuiBVKcLk9CdP2qU5mGLgTxPdQT8+phzvFYFvNhlSzyWk3mEU
4rNC0hOtyL9MqPpxEAptJ+vRnmrkpsUgGXMP61gRvI7zLPnAcyfeYBXXEARuDoq/
xf3Hw/Q4iEzFjTQ4TwTmOeyu5J1IrNYyJ+IQNWPlRB7Yw/fBMga8oIIDtjCCA7Iw
ggOuMIIClqADAgECAhBLZTFHFR3KvKFDJfmxNVmuMA0GCSqGSIb3DQEBCwUAMEcx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdH
ZW9UcnVzdCBFViBTU0wgQ0EgLSBHNDAeFw0xNzAyMDQwMDAwMDBaFw0xNzA1MDUy
MzU5NTlaMDExLzAtBgNVBAMTJkdlb1RydXN0IEVWIFNTTCBDQSAtIEc0IE9DU1Ag
UmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWHuXgAX
LU5vFS2uouXXtBbWCSB5PbP7LjcsxCDyAHRKzOXSty7rQ1g0VsYaIxl7yQXPpRuq
9EzuKLLUg2IvQqOflcPrXJGYBOBrRCxvXy+Y6nNE/wOHLkM5CfXBn+PR4Cz4nz2U
NtMFAScUZD3BJfGaVx6t8+Rz6dkOhU/1fSUUBW7Vp3QNX6jrb/ViOdixkEu+VHMG
AHrVNK3N0QlExlkdXHM3z1rSDNkLxHmekUGqkESqybUUgnZSIvxYho322cvplaLS
QdeYBELLbrxhddi5O4f609Y5TbyFAi3dLxaHetA049QgrPKi5K6dp74x1JphC0VO
FZyylXuTxTKskQIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBsw
GaQXMBUxEzARBgNVBAMTClRHVi1ELTM4NTQwHwYDVR0jBBgwFoAU3s9cULeuAh8V
F6oW6A21KJ1qWvMwHQYDVR0OBBYEFP/lFnEvHjAjBy7aXUJlO0i0AzavMAwGA1Ud
EwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0G
CSqGSIb3DQEBCwUAA4IBAQB92zPEdJMNvgPmToCRkJXCd75k6Bh5RXd5gvMAuCNv
CuWgzcw5b2i2c9fAPEQs1yUudT4HJ5nwwxa25MThoQdvDZGxhE6DXu2ZCIBte8iF
JMrOvmg1vZTOLKBw1Ak47NUXDOq5yqgdCcJOjiXUGx3lRX/fsuzVNUTSkWyx25oW
yWDYy/H8uvgsmSEUB/D8Zf/wkQsVh02HSWO7fGrk4D99mw4LamOuV0opf2l4MXYv
wMRbxu9up2ui+cR/GXHeCTSQ+8zLLRN6Xr+AgprHMUrxGHaxxrefzie1PPUpRudT
WakhTHc6rlqzIWRQmapLTlKKH9MO6EjHl0kNjjDJyoJ2
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDrjCCApagAwIBAgIQS2UxRxUdyryhQyX5sTVZrjANBgkqhkiG9w0BAQsFADBH
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX
R2VvVHJ1c3QgRVYgU1NMIENBIC0gRzQwHhcNMTcwMjA0MDAwMDAwWhcNMTcwNTA1
MjM1OTU5WjAxMS8wLQYDVQQDEyZHZW9UcnVzdCBFViBTU0wgQ0EgLSBHNCBPQ1NQ
IFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMlh7l4A
Fy1ObxUtrqLl17QW1gkgeT2z+y43LMQg8gB0Sszl0rcu60NYNFbGGiMZe8kFz6Ub
qvRM7iiy1INiL0Kjn5XD61yRmATga0Qsb18vmOpzRP8Dhy5DOQn1wZ/j0eAs+J89
lDbTBQEnFGQ9wSXxmlcerfPkc+nZDoVP9X0lFAVu1ad0DV+o62/1YjnYsZBLvlRz
BgB61TStzdEJRMZZHVxzN89a0gzZC8R5npFBqpBEqsm1FIJ2UiL8WIaN9tnL6ZWi
0kHXmARCy268YXXYuTuH+tPWOU28hQIt3S8Wh3rQNOPUIKzyouSunae+MdSaYQtF
ThWcspV7k8UyrJECAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQb
MBmkFzAVMRMwEQYDVQQDEwpUR1YtRC0zODU0MB8GA1UdIwQYMBaAFN7PXFC3rgIf
FReqFugNtSidalrzMB0GA1UdDgQWBBT/5RZxLx4wIwcu2l1CZTtItAM2rzAMBgNV
HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAN
BgkqhkiG9w0BAQsFAAOCAQEAfdszxHSTDb4D5k6AkZCVwne+ZOgYeUV3eYLzALgj
bwrloM3MOW9otnPXwDxELNclLnU+ByeZ8MMWtuTE4aEHbw2RsYROg17tmQiAbXvI
hSTKzr5oNb2UziygcNQJOOzVFwzqucqoHQnCTo4l1Bsd5UV/37Ls1TVE0pFssdua
Fslg2Mvx/Lr4LJkhFAfw/GX/8JELFYdNh0lju3xq5OA/fZsOC2pjrldKKX9peDF2
L8DEW8bvbqdrovnEfxlx3gk0kPvMyy0Tel6/gIKaxzFK8Rh2sca3n84ntTz1KUbn
U1mpIUx3Oq5asyFkUJmqS05Sih/TDuhIx5dJDY4wycqCdg==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=379681, public, no-transform, must-revalidate]
Content-Length: [1425]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Mon, 20 Feb 2017 22:24:43 GMT]
Expires: [Sat, 25 Feb 2017 07:52:44 GMT]
Last-Modified: [Sat, 18 Feb 2017 07:52:44 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust EV SSL CA - G4 (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust EV SSL CA - G4 (At position 1 in certificate chain)
Serial number:
hex: 6e8a90ebcff0448a720d0805d082a544
int: 146934555852773531829332059263122711876
Issued by: GeoTrust Primary Certification Authority
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://g1.symcb.com/GeoTrustPCA.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://g1.symcb.com/GeoTrustPCA.crl
Size: 525 bytes (DER data)
Response time: 13.544303ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_HIT from a23-215-131-111.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Mon, 06 Feb 2017 10:28:31 GMT]
Etag: ["55800c4c9017a0d25cdf343bf14e5a2f:1482269716"]
Last-Modified: [Tue, 20 Dec 2016 21:35:16 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_REFRESH_HIT from a23-215-131-111.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://g2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (GET)
Size: 1427 bytes (DER data)
Response time: 6.513961ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Primary CA OCSP-TGV Responder Certificate 5
Issued by: GeoTrust Primary Certification Authority
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 133h29m53s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR6EHhJ4XUaQA4N26wwyKpLEnXRrAQULNVQQZcVi%2FCPNmFbSvtr2ZnJM5ICEG6KkOvP8ESKcg0IBdCCpUQ%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBR6EHhJ4XUaQA4N26wwyKpLEnXRrAQULNVQ
QZcVi/CPNmFbSvtr2ZnJM5ICEG6KkOvP8ESKcg0IBdCCpUQ=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFjwoBAKCCBYgwggWEBgkrBgEFBQcwAQEEggV1MIIFcTCBnqIWBBTyjhwtYtpD
ZRABmw2LPhURo1HeHBgPMjAxNzAyMTUyMjU2NDBaMHMwcTBJMAkGBSsOAwIaBQAE
FHoQeEnhdRpADg3brDDIqksSddGsBBQs1VBBlxWL8I82YVtK+2vZmckzkgIQboqQ
68/wRIpyDQgF0IKlRIAAGA8yMDE3MDIxNTIyNTY0MFqgERgPMjAxNzAyMjIyMjU2
NDBaMA0GCSqGSIb3DQEBBQUAA4IBAQCQQo44GZ9W0tqn+R96NKoDI8IfGF23KQgh
O8/N9BUkXyw2z8tAKy9dJuXOyCIUg0eDnCDJ2qIvBw60AD4AVlGYTx2yMPocMaXx
nF6sope4V4Q+3FMypMHemR14l3iHJP7LW/WF0mB8E9BHPGMFJNyVkCxDdyS6oFQZ
nxzq3SGw1Eii4eQMO8aac5Gp3fBMw40uvZb3ZmWVq8eQvQJbNpSZpUrigqKmDeGh
EALdXpIcilna7NnyZ7T96+wBGrhViniOH7Ag1bkCKMLlvFd+opJsR+lpD8eWcSf8
r8xfccI1E3fupOEl0e2S5xvzCdUHzlyXdqlW5E8L1Zcmh20bAQQAoIIDuDCCA7Qw
ggOwMIICmKADAgECAhBwUL0zocCXyUmrpZrqbf+NMA0GCSqGSIb3DQEBBQUAMFgx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhH
ZW9UcnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MTEy
MjAwMDAwMFoXDTE3MTIxNDIzNTk1OVowZDELMAkGA1UEBhMCVVMxFjAUBgNVBAoT
DUdlb1RydXN0IEluYy4xPTA7BgNVBAMTNEdlb1RydXN0IFByaW1hcnkgQ0EgT0NT
UC1UR1YgUmVzcG9uZGVyIENlcnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbOfeeibZvJXV1IXAyNlvE4x8K5gB+vuckhUnw4KhwqZYM
ziP+a60aP5RJXxEtIqKp935ST0K4TUZHkKHMpR7eQquWAV7kXiDBt59EhgfA8NK0
Ip9kjFW1G8rQxhKweyOB9ksnBrMmq8116ibFEJJxrfFZyiimrCVz9QlSlpBvsMxN
kMEvkGV4bpOZ3w/FVuTolj/i9j4k9LbKitC+GcV+PFjUaVwVGgks/RXAHAf0i582
aR3HwaTw74tshUW7wGXrzaRc9rb5AnRXp947zGALb635K6u9/knCln2ryA/92x1g
zM9/1g/vtfX5oYp4oukzkCwA5FPkiWZZG/PZ7LdvAgMBAAGjajBoMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNV
HQ8BAf8EBAMCB4AwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTIw
DQYJKoZIhvcNAQEFBQADggEBAAQ+SAzV1boNkuiKMatO4AbbhK/MIwXaHUUDyscV
s9n6OpWRLSvGg/nj8gBvlAlsh19hYbutDktgN+E8WVhp8d4ntah/j9nteQikkU/B
EHurFIH7qnrSuLnVldgbTLsbZWXmABX59/cWrgkTLlfcYaA7yTKmZGWzgPab5kH+
hQjdpFO/8UxBekIDSLgd8kkZHH8qize7vn90FfhDUfMuXyCD/OSUWYJGXmE05t5u
jSqk/OB3yPakeb+mZDA0rERwUZL5nL72gx3U+0WzFGuTMpBJAlugosr9n0TLR7Lh
wvlbRJ57Y+IJvIqAUne7FCCStBYX7itX7sMZ9BGgy/yKLZE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDsDCCApigAwIBAgIQcFC9M6HAl8lJq6Wa6m3/jTANBgkqhkiG9w0BAQUFADBY
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjEx
MjIwMDAwMDBaFw0xNzEyMTQyMzU5NTlaMGQxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
Ew1HZW9UcnVzdCBJbmMuMT0wOwYDVQQDEzRHZW9UcnVzdCBQcmltYXJ5IENBIE9D
U1AtVEdWIFJlc3BvbmRlciBDZXJ0aWZpY2F0ZSA1MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAmzn3nom2byV1dSFwMjZbxOMfCuYAfr7nJIVJ8OCocKmW
DM4j/mutGj+USV8RLSKiqfd+Uk9CuE1GR5ChzKUe3kKrlgFe5F4gwbefRIYHwPDS
tCKfZIxVtRvK0MYSsHsjgfZLJwazJqvNdeomxRCSca3xWcoopqwlc/UJUpaQb7DM
TZDBL5BleG6Tmd8PxVbk6JY/4vY+JPS2yorQvhnFfjxY1GlcFRoJLP0VwBwH9Iuf
Nmkdx8Gk8O+LbIVFu8Bl682kXPa2+QJ0V6feO8xgC2+t+Survf5JwpZ9q8gP/dsd
YMzPf9YP77X1+aGKeKLpM5AsAORT5IlmWRvz2ey3bwIDAQABo2owaDATBgNVHSUE
DDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMAwGA1UdEwEB/wQCMAAwDgYD
VR0PAQH/BAQDAgeAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTUy
MA0GCSqGSIb3DQEBBQUAA4IBAQAEPkgM1dW6DZLoijGrTuAG24SvzCMF2h1FA8rH
FbPZ+jqVkS0rxoP54/IAb5QJbIdfYWG7rQ5LYDfhPFlYafHeJ7Wof4/Z7XkIpJFP
wRB7qxSB+6p60ri51ZXYG0y7G2Vl5gAV+ff3Fq4JEy5X3GGgO8kypmRls4D2m+ZB
/oUI3aRTv/FMQXpCA0i4HfJJGRx/Kos3u75/dBX4Q1HzLl8gg/zklFmCRl5hNObe
bo0qpPzgd8j2pHm/pmQwNKxEcFGS+Zy+9oMd1PtFsxRrkzKQSQJboKLK/Z9Ey0ey
4cL5W0See2PiCbyKgFJ3uxQgkrQWF+4rV+7DGfQRoMv8ii2R
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=480593, public, no-transform, must-revalidate]
Content-Length: [1427]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 17 Feb 2017 09:30:56 GMT]
Expires: [Wed, 22 Feb 2017 22:56:40 GMT]
Last-Modified: [Wed, 15 Feb 2017 22:56:40 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 4m9s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://g2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (POST)
Size: 1427 bytes (DER data)
Response time: 13.196355ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Primary CA OCSP-TGV Responder Certificate 5
Issued by: GeoTrust Primary Certification Authority
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 133h29m22s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBR6EHhJ4XUaQA4N26wwyKpLEnXRrAQULNVQ
QZcVi/CPNmFbSvtr2ZnJM5ICEG6KkOvP8ESKcg0IBdCCpUQ=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFjwoBAKCCBYgwggWEBgkrBgEFBQcwAQEEggV1MIIFcTCBnqIWBBTyjhwtYtpD
ZRABmw2LPhURo1HeHBgPMjAxNzAyMTUyMjU2NDBaMHMwcTBJMAkGBSsOAwIaBQAE
FHoQeEnhdRpADg3brDDIqksSddGsBBQs1VBBlxWL8I82YVtK+2vZmckzkgIQboqQ
68/wRIpyDQgF0IKlRIAAGA8yMDE3MDIxNTIyNTY0MFqgERgPMjAxNzAyMjIyMjU2
NDBaMA0GCSqGSIb3DQEBBQUAA4IBAQCQQo44GZ9W0tqn+R96NKoDI8IfGF23KQgh
O8/N9BUkXyw2z8tAKy9dJuXOyCIUg0eDnCDJ2qIvBw60AD4AVlGYTx2yMPocMaXx
nF6sope4V4Q+3FMypMHemR14l3iHJP7LW/WF0mB8E9BHPGMFJNyVkCxDdyS6oFQZ
nxzq3SGw1Eii4eQMO8aac5Gp3fBMw40uvZb3ZmWVq8eQvQJbNpSZpUrigqKmDeGh
EALdXpIcilna7NnyZ7T96+wBGrhViniOH7Ag1bkCKMLlvFd+opJsR+lpD8eWcSf8
r8xfccI1E3fupOEl0e2S5xvzCdUHzlyXdqlW5E8L1Zcmh20bAQQAoIIDuDCCA7Qw
ggOwMIICmKADAgECAhBwUL0zocCXyUmrpZrqbf+NMA0GCSqGSIb3DQEBBQUAMFgx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhH
ZW9UcnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MTEy
MjAwMDAwMFoXDTE3MTIxNDIzNTk1OVowZDELMAkGA1UEBhMCVVMxFjAUBgNVBAoT
DUdlb1RydXN0IEluYy4xPTA7BgNVBAMTNEdlb1RydXN0IFByaW1hcnkgQ0EgT0NT
UC1UR1YgUmVzcG9uZGVyIENlcnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbOfeeibZvJXV1IXAyNlvE4x8K5gB+vuckhUnw4KhwqZYM
ziP+a60aP5RJXxEtIqKp935ST0K4TUZHkKHMpR7eQquWAV7kXiDBt59EhgfA8NK0
Ip9kjFW1G8rQxhKweyOB9ksnBrMmq8116ibFEJJxrfFZyiimrCVz9QlSlpBvsMxN
kMEvkGV4bpOZ3w/FVuTolj/i9j4k9LbKitC+GcV+PFjUaVwVGgks/RXAHAf0i582
aR3HwaTw74tshUW7wGXrzaRc9rb5AnRXp947zGALb635K6u9/knCln2ryA/92x1g
zM9/1g/vtfX5oYp4oukzkCwA5FPkiWZZG/PZ7LdvAgMBAAGjajBoMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNV
HQ8BAf8EBAMCB4AwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTIw
DQYJKoZIhvcNAQEFBQADggEBAAQ+SAzV1boNkuiKMatO4AbbhK/MIwXaHUUDyscV
s9n6OpWRLSvGg/nj8gBvlAlsh19hYbutDktgN+E8WVhp8d4ntah/j9nteQikkU/B
EHurFIH7qnrSuLnVldgbTLsbZWXmABX59/cWrgkTLlfcYaA7yTKmZGWzgPab5kH+
hQjdpFO/8UxBekIDSLgd8kkZHH8qize7vn90FfhDUfMuXyCD/OSUWYJGXmE05t5u
jSqk/OB3yPakeb+mZDA0rERwUZL5nL72gx3U+0WzFGuTMpBJAlugosr9n0TLR7Lh
wvlbRJ57Y+IJvIqAUne7FCCStBYX7itX7sMZ9BGgy/yKLZE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDsDCCApigAwIBAgIQcFC9M6HAl8lJq6Wa6m3/jTANBgkqhkiG9w0BAQUFADBY
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjEx
MjIwMDAwMDBaFw0xNzEyMTQyMzU5NTlaMGQxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
Ew1HZW9UcnVzdCBJbmMuMT0wOwYDVQQDEzRHZW9UcnVzdCBQcmltYXJ5IENBIE9D
U1AtVEdWIFJlc3BvbmRlciBDZXJ0aWZpY2F0ZSA1MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAmzn3nom2byV1dSFwMjZbxOMfCuYAfr7nJIVJ8OCocKmW
DM4j/mutGj+USV8RLSKiqfd+Uk9CuE1GR5ChzKUe3kKrlgFe5F4gwbefRIYHwPDS
tCKfZIxVtRvK0MYSsHsjgfZLJwazJqvNdeomxRCSca3xWcoopqwlc/UJUpaQb7DM
TZDBL5BleG6Tmd8PxVbk6JY/4vY+JPS2yorQvhnFfjxY1GlcFRoJLP0VwBwH9Iuf
Nmkdx8Gk8O+LbIVFu8Bl682kXPa2+QJ0V6feO8xgC2+t+Survf5JwpZ9q8gP/dsd
YMzPf9YP77X1+aGKeKLpM5AsAORT5IlmWRvz2ey3bwIDAQABo2owaDATBgNVHSUE
DDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMAwGA1UdEwEB/wQCMAAwDgYD
VR0PAQH/BAQDAgeAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTUy
MA0GCSqGSIb3DQEBBQUAA4IBAQAEPkgM1dW6DZLoijGrTuAG24SvzCMF2h1FA8rH
FbPZ+jqVkS0rxoP54/IAb5QJbIdfYWG7rQ5LYDfhPFlYafHeJ7Wof4/Z7XkIpJFP
wRB7qxSB+6p60ri51ZXYG0y7G2Vl5gAV+ff3Fq4JEy5X3GGgO8kypmRls4D2m+ZB
/oUI3aRTv/FMQXpCA0i4HfJJGRx/Kos3u75/dBX4Q1HzLl8gg/zklFmCRl5hNObe
bo0qpPzgd8j2pHm/pmQwNKxEcFGS+Zy+9oMd1PtFsxRrkzKQSQJboKLK/Z9Ey0ey
4cL5W0See2PiCbyKgFJ3uxQgkrQWF+4rV+7DGfQRoMv8ii2R
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=480562, public, no-transform, must-revalidate]
Content-Length: [1427]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 17 Feb 2017 09:30:56 GMT]
Expires: [Wed, 22 Feb 2017 22:56:40 GMT]
Last-Modified: [Wed, 15 Feb 2017 22:56:40 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m38s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust Primary Certification Authority (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust Primary Certification Authority (At position 2 in certificate chain)
Serial number:
hex: 18acb56afd69b6153a636cafdafac4a1
int: 32798226551256963324313806436981982369
Issued by: GeoTrust Primary Certification Authority
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.