CRL & OCSP report for 0-jump.valueline.com.webpac.lvlspa.org - webpac.lvlspa.org (Bethlehem Area Public Library)

webpac.lvlspa.org

This certificate was cached at
Certificate details for webpac.lvlspa.org (At position 0 in certificate chain)
Serial number:
hex: 1cff7f72d86e4b0ed97b7973c001efd0
int: 38545004545916314287840230392234897360
Issued by: GeoTrust EV SSL CA - G4
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Company registration number: 718975
Organization: Bethlehem Area Public Library
Organization unit: Library
State / Province: Pennsylvania
Locality: Bethlehem
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-jump.valueline.com.webpac.lvlspa.org.

Certificate Revocation List (CRL)

This CRL was cached at
http://gm.symcb.com/gm.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gm.symcb.com/gm.crl
Size: 31605 bytes (DER data)
Response time: 113.723979ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 890

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a165-254-35-190.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Fri, 20 Jan 2017 16:39:53 GMT]
Etag: ["1a84ccc401f82ebd67b5d99ec859daf4:1484903159"]
Last-Modified: [Fri, 20 Jan 2017 09:05:59 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a165-254-35-190.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gm.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gm.symcd.com (POST)
Size: 1425 bytes (DER data)
Response time: 20.808152ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust EV SSL CA - G4 OCSP Responder
Issued by: GeoTrust EV SSL CA - G4
Signing certificate validity: 2016-11-13 - 2017-02-11
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 126h18m50s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a165-254-48-159.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSqKwMUr2QuEw7WkiXj/yq61z1iMAQU3s9c
ULeuAh8VF6oW6A21KJ1qWvMCEBz/f3LYbksO2Xt5c8AB79A=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFjQoBAKCCBYYwggWCBgkrBgEFBQcwAQEEggVzMIIFbzCBnqIWBBSPiMjqwzrn
jhC7Qe+Zx8POJBotZRgPMjAxNzAxMTkwMjU1MDVaMHMwcTBJMAkGBSsOAwIaBQAE
FKorAxSvZC4TDtaSJeP/KrrXPWIwBBTez1xQt64CHxUXqhboDbUonWpa8wIQHP9/
cthuSw7Ze3lzwAHv0IAAGA8yMDE3MDExOTAyNTUwNVqgERgPMjAxNzAxMjYwMjU1
MDVaMA0GCSqGSIb3DQEBBQUAA4IBAQChrv/ODgGRWLXkaQ2WRvS6GdAs1vvvDIpe
nSGz6DuKN/spF1NipbusAJL3+E8UPnwYtkfvHnZN+5U64R5AG6hh74mCFr0hLbCs
983DqGIuxtr+H++oagOshQGkP7te65d7IsX4lUcbTHP2pmcAmVOOrA/0zwm4Oz6J
+XlFQ0fyiH+1F+JVMTBGRpDQEns89fWbuMwADrW7MfVfopIWNzHsRGHnX9DmlmAe
E5w1TM6MrPfRR0Z2/rSuuIeqBLrqQBusjF8lazgDu14B9v2MfdinND9UqMPtabyd
tvoP0zerNTlQO+4xMkHecIgHTk0ItBc7phv+rSUNBE2KyUgYx0+moIIDtjCCA7Iw
ggOuMIIClqADAgECAhAdXlZWRZ7G0Ac/M0WmoP1hMA0GCSqGSIb3DQEBCwUAMEcx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdH
ZW9UcnVzdCBFViBTU0wgQ0EgLSBHNDAeFw0xNjExMTMwMDAwMDBaFw0xNzAyMTEy
MzU5NTlaMDExLzAtBgNVBAMTJkdlb1RydXN0IEVWIFNTTCBDQSAtIEc0IE9DU1Ag
UmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42rsLuCF
yH+pMecpHLXku14QgL7foqiO+IVDSTpVFd/hgX93l57r+XGeDaHbo3JVjbkeeMCu
prFA5TCRwDn5cn7XlaXppBCP0IaqF50cjN2/ZIUKTcUwuar0Jq38nDvjrvBsuvrP
3liSirz8C1//4lRgzbBy3iQ/dh/cf0uAeaNeUcZwrUFAY7Gm7Gmua19YA7pnnJMk
y77Qw+QSQKIslCdkQsLvWDtSgLXWpFVXJe7u9ZMWA4spSr0FSkulOnxUmhNge1Pl
zqVZBEvA36ULqucfWzeg158ijAfvrg467Yu54gJpvwVbbN66mXUUMWd2/SK2SsNm
IR+nUr1Fk9jrfwIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBsw
GaQXMBUxEzARBgNVBAMTClRHVi1ELTI3NjkwHwYDVR0jBBgwFoAU3s9cULeuAh8V
F6oW6A21KJ1qWvMwHQYDVR0OBBYEFI+IyOrDOueOELtB75nHw84kGi1lMAwGA1Ud
EwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0G
CSqGSIb3DQEBCwUAA4IBAQAC4rGNHPjwuZKG3whYBah7r7xLxI5iY4yCOyhuCiHi
+U+Aztw/G7pcPo8n9ejorhIuxaTjJsmTBHFFywNBT4azCNs7AJLV+2VJVVXpR5tQ
DYFUJf0IV84mMdA+VVfwIQszdaWEfmikh2yzKM2K55opb1wHEZitiktUMdgHxL7t
zU5bh9gtQl1QEMrlsoioF265uaJFYCqAVoQ/O054ipJUBzk4LrKJO1rXysOharG+
nCjF4GuY06EZptMeMQEcn18RDtvyjnMj23j/0lwuNsba2OXxpNpvux57WYISQ14n
xIzc9kfVvt0UCsNEPwOMifnFsyg2yKGXrwk5+JIqRdvM
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDrjCCApagAwIBAgIQHV5WVkWextAHPzNFpqD9YTANBgkqhkiG9w0BAQsFADBH
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX
R2VvVHJ1c3QgRVYgU1NMIENBIC0gRzQwHhcNMTYxMTEzMDAwMDAwWhcNMTcwMjEx
MjM1OTU5WjAxMS8wLQYDVQQDEyZHZW9UcnVzdCBFViBTU0wgQ0EgLSBHNCBPQ1NQ
IFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAONq7C7g
hch/qTHnKRy15LteEIC+36KojviFQ0k6VRXf4YF/d5ee6/lxng2h26NyVY25HnjA
rqaxQOUwkcA5+XJ+15Wl6aQQj9CGqhedHIzdv2SFCk3FMLmq9Cat/Jw7467wbLr6
z95Ykoq8/Atf/+JUYM2wct4kP3Yf3H9LgHmjXlHGcK1BQGOxpuxprmtfWAO6Z5yT
JMu+0MPkEkCiLJQnZELC71g7UoC11qRVVyXu7vWTFgOLKUq9BUpLpTp8VJoTYHtT
5c6lWQRLwN+lC6rnH1s3oNefIowH764OOu2LueICab8FW2zeupl1FDFndv0itkrD
ZiEfp1K9RZPY638CAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQb
MBmkFzAVMRMwEQYDVQQDEwpUR1YtRC0yNzY5MB8GA1UdIwQYMBaAFN7PXFC3rgIf
FReqFugNtSidalrzMB0GA1UdDgQWBBSPiMjqwzrnjhC7Qe+Zx8POJBotZTAMBgNV
HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAuKxjRz48LmSht8IWAWoe6+8S8SOYmOMgjsobgoh
4vlPgM7cPxu6XD6PJ/Xo6K4SLsWk4ybJkwRxRcsDQU+GswjbOwCS1ftlSVVV6Ueb
UA2BVCX9CFfOJjHQPlVX8CELM3WlhH5opIdssyjNiueaKW9cBxGYrYpLVDHYB8S+
7c1OW4fYLUJdUBDK5bKIqBduubmiRWAqgFaEPztOeIqSVAc5OC6yiTta18rDoWqx
vpwoxeBrmNOhGabTHjEBHJ9fEQ7b8o5zI9t4/9JcLjbG2tjl8aTab7see1mCEkNe
J8SM3PZH1b7dFArDRD8DjIn5xbMoNsihl68JOfiSKkXbzA==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=454730, public, no-transform, must-revalidate]
Content-Length: [1425]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 20:36:15 GMT]
Expires: [Thu, 26 Jan 2017 02:55:05 GMT]
Last-Modified: [Thu, 19 Jan 2017 02:55:05 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a165-254-48-159.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gm.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gm.symcd.com (GET)
Size: 1425 bytes (DER data)
Response time: 30.498569ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust EV SSL CA - G4 OCSP Responder
Issued by: GeoTrust EV SSL CA - G4
Signing certificate validity: 2016-11-13 - 2017-02-11
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 126h23m25s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a165-254-48-153.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSqKwMUr2QuEw7WkiXj%2Fyq61z1iMAQU3s9cULeuAh8VF6oW6A21KJ1qWvMCEBz%2Ff3LYbksO2Xt5c8AB79A%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSqKwMUr2QuEw7WkiXj/yq61z1iMAQU3s9c
ULeuAh8VF6oW6A21KJ1qWvMCEBz/f3LYbksO2Xt5c8AB79A=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFjQoBAKCCBYYwggWCBgkrBgEFBQcwAQEEggVzMIIFbzCBnqIWBBSPiMjqwzrn
jhC7Qe+Zx8POJBotZRgPMjAxNzAxMTkwMjU1MDVaMHMwcTBJMAkGBSsOAwIaBQAE
FKorAxSvZC4TDtaSJeP/KrrXPWIwBBTez1xQt64CHxUXqhboDbUonWpa8wIQHP9/
cthuSw7Ze3lzwAHv0IAAGA8yMDE3MDExOTAyNTUwNVqgERgPMjAxNzAxMjYwMjU1
MDVaMA0GCSqGSIb3DQEBBQUAA4IBAQChrv/ODgGRWLXkaQ2WRvS6GdAs1vvvDIpe
nSGz6DuKN/spF1NipbusAJL3+E8UPnwYtkfvHnZN+5U64R5AG6hh74mCFr0hLbCs
983DqGIuxtr+H++oagOshQGkP7te65d7IsX4lUcbTHP2pmcAmVOOrA/0zwm4Oz6J
+XlFQ0fyiH+1F+JVMTBGRpDQEns89fWbuMwADrW7MfVfopIWNzHsRGHnX9DmlmAe
E5w1TM6MrPfRR0Z2/rSuuIeqBLrqQBusjF8lazgDu14B9v2MfdinND9UqMPtabyd
tvoP0zerNTlQO+4xMkHecIgHTk0ItBc7phv+rSUNBE2KyUgYx0+moIIDtjCCA7Iw
ggOuMIIClqADAgECAhAdXlZWRZ7G0Ac/M0WmoP1hMA0GCSqGSIb3DQEBCwUAMEcx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdH
ZW9UcnVzdCBFViBTU0wgQ0EgLSBHNDAeFw0xNjExMTMwMDAwMDBaFw0xNzAyMTEy
MzU5NTlaMDExLzAtBgNVBAMTJkdlb1RydXN0IEVWIFNTTCBDQSAtIEc0IE9DU1Ag
UmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42rsLuCF
yH+pMecpHLXku14QgL7foqiO+IVDSTpVFd/hgX93l57r+XGeDaHbo3JVjbkeeMCu
prFA5TCRwDn5cn7XlaXppBCP0IaqF50cjN2/ZIUKTcUwuar0Jq38nDvjrvBsuvrP
3liSirz8C1//4lRgzbBy3iQ/dh/cf0uAeaNeUcZwrUFAY7Gm7Gmua19YA7pnnJMk
y77Qw+QSQKIslCdkQsLvWDtSgLXWpFVXJe7u9ZMWA4spSr0FSkulOnxUmhNge1Pl
zqVZBEvA36ULqucfWzeg158ijAfvrg467Yu54gJpvwVbbN66mXUUMWd2/SK2SsNm
IR+nUr1Fk9jrfwIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBsw
GaQXMBUxEzARBgNVBAMTClRHVi1ELTI3NjkwHwYDVR0jBBgwFoAU3s9cULeuAh8V
F6oW6A21KJ1qWvMwHQYDVR0OBBYEFI+IyOrDOueOELtB75nHw84kGi1lMAwGA1Ud
EwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0G
CSqGSIb3DQEBCwUAA4IBAQAC4rGNHPjwuZKG3whYBah7r7xLxI5iY4yCOyhuCiHi
+U+Aztw/G7pcPo8n9ejorhIuxaTjJsmTBHFFywNBT4azCNs7AJLV+2VJVVXpR5tQ
DYFUJf0IV84mMdA+VVfwIQszdaWEfmikh2yzKM2K55opb1wHEZitiktUMdgHxL7t
zU5bh9gtQl1QEMrlsoioF265uaJFYCqAVoQ/O054ipJUBzk4LrKJO1rXysOharG+
nCjF4GuY06EZptMeMQEcn18RDtvyjnMj23j/0lwuNsba2OXxpNpvux57WYISQ14n
xIzc9kfVvt0UCsNEPwOMifnFsyg2yKGXrwk5+JIqRdvM
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDrjCCApagAwIBAgIQHV5WVkWextAHPzNFpqD9YTANBgkqhkiG9w0BAQsFADBH
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMX
R2VvVHJ1c3QgRVYgU1NMIENBIC0gRzQwHhcNMTYxMTEzMDAwMDAwWhcNMTcwMjEx
MjM1OTU5WjAxMS8wLQYDVQQDEyZHZW9UcnVzdCBFViBTU0wgQ0EgLSBHNCBPQ1NQ
IFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAONq7C7g
hch/qTHnKRy15LteEIC+36KojviFQ0k6VRXf4YF/d5ee6/lxng2h26NyVY25HnjA
rqaxQOUwkcA5+XJ+15Wl6aQQj9CGqhedHIzdv2SFCk3FMLmq9Cat/Jw7467wbLr6
z95Ykoq8/Atf/+JUYM2wct4kP3Yf3H9LgHmjXlHGcK1BQGOxpuxprmtfWAO6Z5yT
JMu+0MPkEkCiLJQnZELC71g7UoC11qRVVyXu7vWTFgOLKUq9BUpLpTp8VJoTYHtT
5c6lWQRLwN+lC6rnH1s3oNefIowH764OOu2LueICab8FW2zeupl1FDFndv0itkrD
ZiEfp1K9RZPY638CAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQb
MBmkFzAVMRMwEQYDVQQDEwpUR1YtRC0yNzY5MB8GA1UdIwQYMBaAFN7PXFC3rgIf
FReqFugNtSidalrzMB0GA1UdDgQWBBSPiMjqwzrnjhC7Qe+Zx8POJBotZTAMBgNV
HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAuKxjRz48LmSht8IWAWoe6+8S8SOYmOMgjsobgoh
4vlPgM7cPxu6XD6PJ/Xo6K4SLsWk4ybJkwRxRcsDQU+GswjbOwCS1ftlSVVV6Ueb
UA2BVCX9CFfOJjHQPlVX8CELM3WlhH5opIdssyjNiueaKW9cBxGYrYpLVDHYB8S+
7c1OW4fYLUJdUBDK5bKIqBduubmiRWAqgFaEPztOeIqSVAc5OC6yiTta18rDoWqx
vpwoxeBrmNOhGabTHjEBHJ9fEQ7b8o5zI9t4/9JcLjbG2tjl8aTab7see1mCEkNe
J8SM3PZH1b7dFArDRD8DjIn5xbMoNsihl68JOfiSKkXbzA==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=455005, public, no-transform, must-revalidate]
Content-Length: [1425]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 20:36:15 GMT]
Expires: [Thu, 26 Jan 2017 02:55:05 GMT]
Last-Modified: [Thu, 19 Jan 2017 02:55:05 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a165-254-48-153.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 4m35s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust EV SSL CA - G4 (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust EV SSL CA - G4 (At position 1 in certificate chain)
Serial number:
hex: 6e8a90ebcff0448a720d0805d082a544
int: 146934555852773531829332059263122711876
Issued by: GeoTrust Primary Certification Authority
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://g1.symcb.com/GeoTrustPCA.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://g1.symcb.com/GeoTrustPCA.crl
Size: 525 bytes (DER data)
Response time: 4.324227ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a165-254-35-190.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Fri, 20 Jan 2017 16:39:53 GMT]
Etag: ["55800c4c9017a0d25cdf343bf14e5a2f:1482269716"]
Last-Modified: [Tue, 20 Dec 2016 21:35:16 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a165-254-35-190.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://g2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (GET)
Size: 1427 bytes (DER data)
Response time: 4.458097ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Primary CA OCSP-TGV Responder Certificate 5
Issued by: GeoTrust Primary Certification Authority
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 150h54m26s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a165-254-35-191.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBR6EHhJ4XUaQA4N26wwyKpLEnXRrAQULNVQQZcVi%2FCPNmFbSvtr2ZnJM5ICEG6KkOvP8ESKcg0IBdCCpUQ%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBR6EHhJ4XUaQA4N26wwyKpLEnXRrAQULNVQ
QZcVi/CPNmFbSvtr2ZnJM5ICEG6KkOvP8ESKcg0IBdCCpUQ=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFjwoBAKCCBYgwggWEBgkrBgEFBQcwAQEEggV1MIIFcTCBnqIWBBTyjhwtYtpD
ZRABmw2LPhURo1HeHBgPMjAxNzAxMTkyMzMwNDNaMHMwcTBJMAkGBSsOAwIaBQAE
FHoQeEnhdRpADg3brDDIqksSddGsBBQs1VBBlxWL8I82YVtK+2vZmckzkgIQboqQ
68/wRIpyDQgF0IKlRIAAGA8yMDE3MDExOTIzMzA0M1qgERgPMjAxNzAxMjYyMzMw
NDNaMA0GCSqGSIb3DQEBBQUAA4IBAQAOZ7zLbRUp1JOzeTw5bZXQaIH//3pCrDgu
dqwXRt5PEzmBbdJ0qQUE0Hud1OQf8jGqGxLRVedAOBCxeniA74MGqcNr/eL24zYg
md4FZSI/gzjO70DSyQ4acy2uLEMcl+3PO++nhqZ7STzTTxlYcMXylHtr59gaiaC/
UWFL9Xphu19F/4f5jjKQIFse0AhzbslGMc1oHFa4vOc10hLntZaivaWu5jHcNhOX
zOrEXK4qatYVrB0ep0EZtNDfKgJJSjSqQa38t6Smix+QmlUSuaz2++myvfUtB9fq
NW3HSv+FidEFCuERq1L4DNlOj+P7+r/hVrCtskAfiiNFul7rMXWxoIIDuDCCA7Qw
ggOwMIICmKADAgECAhBwUL0zocCXyUmrpZrqbf+NMA0GCSqGSIb3DQEBBQUAMFgx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhH
ZW9UcnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MTEy
MjAwMDAwMFoXDTE3MTIxNDIzNTk1OVowZDELMAkGA1UEBhMCVVMxFjAUBgNVBAoT
DUdlb1RydXN0IEluYy4xPTA7BgNVBAMTNEdlb1RydXN0IFByaW1hcnkgQ0EgT0NT
UC1UR1YgUmVzcG9uZGVyIENlcnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbOfeeibZvJXV1IXAyNlvE4x8K5gB+vuckhUnw4KhwqZYM
ziP+a60aP5RJXxEtIqKp935ST0K4TUZHkKHMpR7eQquWAV7kXiDBt59EhgfA8NK0
Ip9kjFW1G8rQxhKweyOB9ksnBrMmq8116ibFEJJxrfFZyiimrCVz9QlSlpBvsMxN
kMEvkGV4bpOZ3w/FVuTolj/i9j4k9LbKitC+GcV+PFjUaVwVGgks/RXAHAf0i582
aR3HwaTw74tshUW7wGXrzaRc9rb5AnRXp947zGALb635K6u9/knCln2ryA/92x1g
zM9/1g/vtfX5oYp4oukzkCwA5FPkiWZZG/PZ7LdvAgMBAAGjajBoMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNV
HQ8BAf8EBAMCB4AwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTIw
DQYJKoZIhvcNAQEFBQADggEBAAQ+SAzV1boNkuiKMatO4AbbhK/MIwXaHUUDyscV
s9n6OpWRLSvGg/nj8gBvlAlsh19hYbutDktgN+E8WVhp8d4ntah/j9nteQikkU/B
EHurFIH7qnrSuLnVldgbTLsbZWXmABX59/cWrgkTLlfcYaA7yTKmZGWzgPab5kH+
hQjdpFO/8UxBekIDSLgd8kkZHH8qize7vn90FfhDUfMuXyCD/OSUWYJGXmE05t5u
jSqk/OB3yPakeb+mZDA0rERwUZL5nL72gx3U+0WzFGuTMpBJAlugosr9n0TLR7Lh
wvlbRJ57Y+IJvIqAUne7FCCStBYX7itX7sMZ9BGgy/yKLZE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDsDCCApigAwIBAgIQcFC9M6HAl8lJq6Wa6m3/jTANBgkqhkiG9w0BAQUFADBY
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjEx
MjIwMDAwMDBaFw0xNzEyMTQyMzU5NTlaMGQxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
Ew1HZW9UcnVzdCBJbmMuMT0wOwYDVQQDEzRHZW9UcnVzdCBQcmltYXJ5IENBIE9D
U1AtVEdWIFJlc3BvbmRlciBDZXJ0aWZpY2F0ZSA1MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAmzn3nom2byV1dSFwMjZbxOMfCuYAfr7nJIVJ8OCocKmW
DM4j/mutGj+USV8RLSKiqfd+Uk9CuE1GR5ChzKUe3kKrlgFe5F4gwbefRIYHwPDS
tCKfZIxVtRvK0MYSsHsjgfZLJwazJqvNdeomxRCSca3xWcoopqwlc/UJUpaQb7DM
TZDBL5BleG6Tmd8PxVbk6JY/4vY+JPS2yorQvhnFfjxY1GlcFRoJLP0VwBwH9Iuf
Nmkdx8Gk8O+LbIVFu8Bl682kXPa2+QJ0V6feO8xgC2+t+Survf5JwpZ9q8gP/dsd
YMzPf9YP77X1+aGKeKLpM5AsAORT5IlmWRvz2ey3bwIDAQABo2owaDATBgNVHSUE
DDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMAwGA1UdEwEB/wQCMAAwDgYD
VR0PAQH/BAQDAgeAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTUy
MA0GCSqGSIb3DQEBBQUAA4IBAQAEPkgM1dW6DZLoijGrTuAG24SvzCMF2h1FA8rH
FbPZ+jqVkS0rxoP54/IAb5QJbIdfYWG7rQ5LYDfhPFlYafHeJ7Wof4/Z7XkIpJFP
wRB7qxSB+6p60ri51ZXYG0y7G2Vl5gAV+ff3Fq4JEy5X3GGgO8kypmRls4D2m+ZB
/oUI3aRTv/FMQXpCA0i4HfJJGRx/Kos3u75/dBX4Q1HzLl8gg/zklFmCRl5hNObe
bo0qpPzgd8j2pHm/pmQwNKxEcFGS+Zy+9oMd1PtFsxRrkzKQSQJboKLK/Z9Ey0ey
4cL5W0See2PiCbyKgFJ3uxQgkrQWF+4rV+7DGfQRoMv8ii2R
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=543266, public, no-transform, must-revalidate]
Content-Length: [1427]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 16:39:53 GMT]
Expires: [Thu, 26 Jan 2017 23:30:43 GMT]
Last-Modified: [Thu, 19 Jan 2017 23:30:43 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a165-254-35-191.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m36s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://g2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (POST)
Size: 1427 bytes (DER data)
Response time: 7.384094ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Primary CA OCSP-TGV Responder Certificate 5
Issued by: GeoTrust Primary Certification Authority
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 150h54m46s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a165-254-35-191.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBR6EHhJ4XUaQA4N26wwyKpLEnXRrAQULNVQ
QZcVi/CPNmFbSvtr2ZnJM5ICEG6KkOvP8ESKcg0IBdCCpUQ=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFjwoBAKCCBYgwggWEBgkrBgEFBQcwAQEEggV1MIIFcTCBnqIWBBTyjhwtYtpD
ZRABmw2LPhURo1HeHBgPMjAxNzAxMTkyMzMwNDNaMHMwcTBJMAkGBSsOAwIaBQAE
FHoQeEnhdRpADg3brDDIqksSddGsBBQs1VBBlxWL8I82YVtK+2vZmckzkgIQboqQ
68/wRIpyDQgF0IKlRIAAGA8yMDE3MDExOTIzMzA0M1qgERgPMjAxNzAxMjYyMzMw
NDNaMA0GCSqGSIb3DQEBBQUAA4IBAQAOZ7zLbRUp1JOzeTw5bZXQaIH//3pCrDgu
dqwXRt5PEzmBbdJ0qQUE0Hud1OQf8jGqGxLRVedAOBCxeniA74MGqcNr/eL24zYg
md4FZSI/gzjO70DSyQ4acy2uLEMcl+3PO++nhqZ7STzTTxlYcMXylHtr59gaiaC/
UWFL9Xphu19F/4f5jjKQIFse0AhzbslGMc1oHFa4vOc10hLntZaivaWu5jHcNhOX
zOrEXK4qatYVrB0ep0EZtNDfKgJJSjSqQa38t6Smix+QmlUSuaz2++myvfUtB9fq
NW3HSv+FidEFCuERq1L4DNlOj+P7+r/hVrCtskAfiiNFul7rMXWxoIIDuDCCA7Qw
ggOwMIICmKADAgECAhBwUL0zocCXyUmrpZrqbf+NMA0GCSqGSIb3DQEBBQUAMFgx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhH
ZW9UcnVzdCBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MTEy
MjAwMDAwMFoXDTE3MTIxNDIzNTk1OVowZDELMAkGA1UEBhMCVVMxFjAUBgNVBAoT
DUdlb1RydXN0IEluYy4xPTA7BgNVBAMTNEdlb1RydXN0IFByaW1hcnkgQ0EgT0NT
UC1UR1YgUmVzcG9uZGVyIENlcnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCbOfeeibZvJXV1IXAyNlvE4x8K5gB+vuckhUnw4KhwqZYM
ziP+a60aP5RJXxEtIqKp935ST0K4TUZHkKHMpR7eQquWAV7kXiDBt59EhgfA8NK0
Ip9kjFW1G8rQxhKweyOB9ksnBrMmq8116ibFEJJxrfFZyiimrCVz9QlSlpBvsMxN
kMEvkGV4bpOZ3w/FVuTolj/i9j4k9LbKitC+GcV+PFjUaVwVGgks/RXAHAf0i582
aR3HwaTw74tshUW7wGXrzaRc9rb5AnRXp947zGALb635K6u9/knCln2ryA/92x1g
zM9/1g/vtfX5oYp4oukzkCwA5FPkiWZZG/PZ7LdvAgMBAAGjajBoMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNV
HQ8BAf8EBAMCB4AwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTIw
DQYJKoZIhvcNAQEFBQADggEBAAQ+SAzV1boNkuiKMatO4AbbhK/MIwXaHUUDyscV
s9n6OpWRLSvGg/nj8gBvlAlsh19hYbutDktgN+E8WVhp8d4ntah/j9nteQikkU/B
EHurFIH7qnrSuLnVldgbTLsbZWXmABX59/cWrgkTLlfcYaA7yTKmZGWzgPab5kH+
hQjdpFO/8UxBekIDSLgd8kkZHH8qize7vn90FfhDUfMuXyCD/OSUWYJGXmE05t5u
jSqk/OB3yPakeb+mZDA0rERwUZL5nL72gx3U+0WzFGuTMpBJAlugosr9n0TLR7Lh
wvlbRJ57Y+IJvIqAUne7FCCStBYX7itX7sMZ9BGgy/yKLZE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDsDCCApigAwIBAgIQcFC9M6HAl8lJq6Wa6m3/jTANBgkqhkiG9w0BAQUFADBY
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjEx
MjIwMDAwMDBaFw0xNzEyMTQyMzU5NTlaMGQxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
Ew1HZW9UcnVzdCBJbmMuMT0wOwYDVQQDEzRHZW9UcnVzdCBQcmltYXJ5IENBIE9D
U1AtVEdWIFJlc3BvbmRlciBDZXJ0aWZpY2F0ZSA1MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAmzn3nom2byV1dSFwMjZbxOMfCuYAfr7nJIVJ8OCocKmW
DM4j/mutGj+USV8RLSKiqfd+Uk9CuE1GR5ChzKUe3kKrlgFe5F4gwbefRIYHwPDS
tCKfZIxVtRvK0MYSsHsjgfZLJwazJqvNdeomxRCSca3xWcoopqwlc/UJUpaQb7DM
TZDBL5BleG6Tmd8PxVbk6JY/4vY+JPS2yorQvhnFfjxY1GlcFRoJLP0VwBwH9Iuf
Nmkdx8Gk8O+LbIVFu8Bl682kXPa2+QJ0V6feO8xgC2+t+Survf5JwpZ9q8gP/dsd
YMzPf9YP77X1+aGKeKLpM5AsAORT5IlmWRvz2ey3bwIDAQABo2owaDATBgNVHSUE
DDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMAwGA1UdEwEB/wQCMAAwDgYD
VR0PAQH/BAQDAgeAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTUy
MA0GCSqGSIb3DQEBBQUAA4IBAQAEPkgM1dW6DZLoijGrTuAG24SvzCMF2h1FA8rH
FbPZ+jqVkS0rxoP54/IAb5QJbIdfYWG7rQ5LYDfhPFlYafHeJ7Wof4/Z7XkIpJFP
wRB7qxSB+6p60ri51ZXYG0y7G2Vl5gAV+ff3Fq4JEy5X3GGgO8kypmRls4D2m+ZB
/oUI3aRTv/FMQXpCA0i4HfJJGRx/Kos3u75/dBX4Q1HzLl8gg/zklFmCRl5hNObe
bo0qpPzgd8j2pHm/pmQwNKxEcFGS+Zy+9oMd1PtFsxRrkzKQSQJboKLK/Z9Ey0ey
4cL5W0See2PiCbyKgFJ3uxQgkrQWF+4rV+7DGfQRoMv8ii2R
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=543286, public, no-transform, must-revalidate]
Content-Length: [1427]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 16:39:53 GMT]
Expires: [Thu, 26 Jan 2017 23:30:43 GMT]
Last-Modified: [Thu, 19 Jan 2017 23:30:43 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a165-254-35-191.deploy.akamaitechnologies.com (AkamaiGHost/8.2.0.0.2-18911410) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m56s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust Primary Certification Authority (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust Primary Certification Authority (At position 2 in certificate chain)
Serial number:
hex: 18acb56afd69b6153a636cafdafac4a1
int: 32798226551256963324313806436981982369
Issued by: GeoTrust Primary Certification Authority
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.