CRL & OCSP report for 0-muse.jhu.edu.lion.hsc.edu - lion.hsc.edu (Hampden Sydney College)

lion.hsc.edu

This certificate was cached at
Certificate details for lion.hsc.edu (At position 0 in certificate chain)
Serial number:
hex: bd0af4c5cdbef548ee173b792867458
int: 15705061171968814738560964382045926488
Issued by: GeoTrust SSL CA - G3
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Hampden Sydney College
State / Province: Virginia
Locality: Hampden Sydney
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-muse.jhu.edu.lion.hsc.edu.

Certificate Revocation List (CRL)

This CRL was cached at
http://gn.symcb.com/gn.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gn.symcb.com/gn.crl
Size: 132327 bytes (DER data)
Response time: 9.961625ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3768

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Thu, 23 Feb 2017 09:31:59 GMT]
Etag: ["386169c5499bd36401962963e6a55ba8:1487840756"]
Last-Modified: [Thu, 23 Feb 2017 09:05:56 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gn.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gn.symcd.com (POST)
Size: 1419 bytes (DER data)
Response time: 93.179251ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust SSL CA - G3 OCSP Responder
Issued by: GeoTrust SSL CA - G3
Signing certificate validity: 2017-02-10 - 2017-05-11
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 166h50m32s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSxiwsBl1MHLHQ30p2z4Y2jbM5X4AQU0m/3
lvSFP3I8MH0j2oV4m6N8WnwCEAvQr0xc2+9UjuFzt5KGdFg=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFhwoBAKCCBYAwggV8BgkrBgEFBQcwAQEEggVtMIIFaTCBnqIWBBRWNNwsHJIH
mQlwIx9AII73BM7MuhgPMjAxNzAyMTgxOTE3MjJaMHMwcTBJMAkGBSsOAwIaBQAE
FLGLCwGXUwcsdDfSnbPhjaNszlfgBBTSb/eW9IU/cjwwfSPahXibo3xafAIQC9Cv
TFzb71SO4XO3koZ0WIAAGA8yMDE3MDIxODE5MTcyMlqgERgPMjAxNzAyMjUxOTE3
MjJaMA0GCSqGSIb3DQEBBQUAA4IBAQAcoPIADJ4CaljublwLHgEuQBlIydhRGbev
W5yqVi2AwHxdJmAXlYIIaHBgeZVvml/IueTM8/H96qu0hsf5d3vGwPvhDVXUk4B3
qLaKcimSAwpMAAcYDijP7aAgPwg+lwLsaD21ZBVGAj90BFMJKzNXiK2Chk08BeJf
LexHRqcDvt4oGk9GccSeDOSX7SKQBMGPWtXsBqoooRMDZod5YqVB/uaTYCXIW2rb
VxE9PGELW+Q1dURJ0lCtv05Yz2jb4SnkrVLBQtZxbi5gf/JCSgE36+u8eTUw3ZSk
Yp7z8CWxx2/ldjIEUUORqbxW56E7oae4siJ7lEkldmLz0mDT/NtmoIIDsDCCA6ww
ggOoMIICkKADAgECAhBIoLEeYLuDKlQryulV3tNPMA0GCSqGSIb3DQEBCwUAMEQx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQDExRH
ZW9UcnVzdCBTU0wgQ0EgLSBHMzAeFw0xNzAyMTAwMDAwMDBaFw0xNzA1MTEyMzU5
NTlaMC4xLDAqBgNVBAMTI0dlb1RydXN0IFNTTCBDQSAtIEczIE9DU1AgUmVzcG9u
ZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SviDsOtCJwb77vO
YFAKRfC0vZEOwzZqIbnqqcAwVmMvL/44SgP9YYwGPM59P99mYDrjjrRW/pM+T8xz
dLh/CvEemEPdSMGvcZx5N1a035yX/Q2PW0YONCwJ/O8rHYNn/peNX3iMNcZce9ji
CBptqad597pNzvxWhz2ZO3OudY8XC52iDSqys7XhkTZX+EvmBvhl5Bta6FER9FmR
laOGC5AROsPifnCsTqPZ239Psx/58MQdrQjqtzBX5CSL98TPbVvhS2cADjZ3XXMB
CH6pbkfG1wtCiNKf3JftvlPDz5ExJ0HhYvnTkAEnYNME2tzdh3IXpDQ4erTVkcut
cIfZpQIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBswGaQXMBUx
EzARBgNVBAMTClRHVi1ELTM5MzEwHwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4
m6N8WnwwHQYDVR0OBBYEFFY03CwckgeZCXAjH0AgjvcEzsy6MAwGA1UdEwEB/wQC
MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3
DQEBCwUAA4IBAQCbJlF7IX1riYNmEXmIRTDCs/BXslOmWfN3aGdHV/PKQ96ReRsx
XFeS8Vfl2cQ7z3ZgtcwFXRwxfcrKDQVHldvla7Hep+hyFxzRKB1rUpt/QUaUVJLc
Wz4YHTFFsKsIbdB1UcOYso75E1DnJntzqiu6nfgSaUW3O0JVGk1sojwY7gvjo8rF
7lyXraeSr/Uw1v97HzVYHG8QOGNXau8wUqcnSDdrCk/ODpK5VJScAOxDnI8aGQKm
XPujujKMoMaU/HTNfUQ1u6jwgsZInj9UC3+rfR7Nmlcg3OEeijK9q8/+ZG1PA4Hs
HrZqQHQwG+NFyc9vOWvYWarWIRURBR1uA3z8
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDqDCCApCgAwIBAgIQSKCxHmC7gypUK8rpVd7TTzANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU
R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTcwMjEwMDAwMDAwWhcNMTcwNTExMjM1
OTU5WjAuMSwwKgYDVQQDEyNHZW9UcnVzdCBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3Bv
bmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPUr4g7DrQicG++7
zmBQCkXwtL2RDsM2aiG56qnAMFZjLy/+OEoD/WGMBjzOfT/fZmA64460Vv6TPk/M
c3S4fwrxHphD3UjBr3GceTdWtN+cl/0Nj1tGDjQsCfzvKx2DZ/6XjV94jDXGXHvY
4ggabamnefe6Tc78Voc9mTtzrnWPFwudog0qsrO14ZE2V/hL5gb4ZeQbWuhREfRZ
kZWjhguQETrD4n5wrE6j2dt/T7Mf+fDEHa0I6rcwV+Qki/fEz21b4UtnAA42d11z
AQh+qW5HxtcLQojSn9yX7b5Tw8+RMSdB4WL505ABJ2DTBNrc3YdyF6Q0OHq01ZHL
rXCH2aUCAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAV
MRMwEQYDVQQDEwpUR1YtRC0zOTMxMB8GA1UdIwQYMBaAFNJv95b0hT9yPDB9I9qF
eJujfFp8MB0GA1UdDgQWBBRWNNwsHJIHmQlwIx9AII73BM7MujAMBgNVHRMBAf8E
AjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG
9w0BAQsFAAOCAQEAmyZReyF9a4mDZhF5iEUwwrPwV7JTplnzd2hnR1fzykPekXkb
MVxXkvFX5dnEO892YLXMBV0cMX3Kyg0FR5Xb5Wux3qfochcc0Sgda1Kbf0FGlFSS
3Fs+GB0xRbCrCG3QdVHDmLKO+RNQ5yZ7c6orup34EmlFtztCVRpNbKI8GO4L46PK
xe5cl62nkq/1MNb/ex81WBxvEDhjV2rvMFKnJ0g3awpPzg6SuVSUnADsQ5yPGhkC
plz7o7oyjKDGlPx0zX1ENbuo8ILGSJ4/VAt/q30ezZpXINzhHooyvavP/mRtTwOB
7B62akB0MBvjRcnPbzlr2Fmq1iEVEQUdbgN8/A==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=600632, public, no-transform, must-revalidate]
Content-Length: [1419]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sat, 18 Feb 2017 20:26:50 GMT]
Expires: [Sat, 25 Feb 2017 19:17:22 GMT]
Last-Modified: [Sat, 18 Feb 2017 19:17:22 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gn.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gn.symcd.com (GET)
Size: 1419 bytes (DER data)
Response time: 123.355841ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust SSL CA - G3 OCSP Responder
Issued by: GeoTrust SSL CA - G3
Signing certificate validity: 2017-02-10 - 2017-05-11
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 166h50m32s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSxiwsBl1MHLHQ30p2z4Y2jbM5X4AQU0m%2F3lvSFP3I8MH0j2oV4m6N8WnwCEAvQr0xc2%2B9UjuFzt5KGdFg%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBSxiwsBl1MHLHQ30p2z4Y2jbM5X4AQU0m/3
lvSFP3I8MH0j2oV4m6N8WnwCEAvQr0xc2+9UjuFzt5KGdFg=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFhwoBAKCCBYAwggV8BgkrBgEFBQcwAQEEggVtMIIFaTCBnqIWBBRWNNwsHJIH
mQlwIx9AII73BM7MuhgPMjAxNzAyMTgxOTE3MjJaMHMwcTBJMAkGBSsOAwIaBQAE
FLGLCwGXUwcsdDfSnbPhjaNszlfgBBTSb/eW9IU/cjwwfSPahXibo3xafAIQC9Cv
TFzb71SO4XO3koZ0WIAAGA8yMDE3MDIxODE5MTcyMlqgERgPMjAxNzAyMjUxOTE3
MjJaMA0GCSqGSIb3DQEBBQUAA4IBAQAcoPIADJ4CaljublwLHgEuQBlIydhRGbev
W5yqVi2AwHxdJmAXlYIIaHBgeZVvml/IueTM8/H96qu0hsf5d3vGwPvhDVXUk4B3
qLaKcimSAwpMAAcYDijP7aAgPwg+lwLsaD21ZBVGAj90BFMJKzNXiK2Chk08BeJf
LexHRqcDvt4oGk9GccSeDOSX7SKQBMGPWtXsBqoooRMDZod5YqVB/uaTYCXIW2rb
VxE9PGELW+Q1dURJ0lCtv05Yz2jb4SnkrVLBQtZxbi5gf/JCSgE36+u8eTUw3ZSk
Yp7z8CWxx2/ldjIEUUORqbxW56E7oae4siJ7lEkldmLz0mDT/NtmoIIDsDCCA6ww
ggOoMIICkKADAgECAhBIoLEeYLuDKlQryulV3tNPMA0GCSqGSIb3DQEBCwUAMEQx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQDExRH
ZW9UcnVzdCBTU0wgQ0EgLSBHMzAeFw0xNzAyMTAwMDAwMDBaFw0xNzA1MTEyMzU5
NTlaMC4xLDAqBgNVBAMTI0dlb1RydXN0IFNTTCBDQSAtIEczIE9DU1AgUmVzcG9u
ZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SviDsOtCJwb77vO
YFAKRfC0vZEOwzZqIbnqqcAwVmMvL/44SgP9YYwGPM59P99mYDrjjrRW/pM+T8xz
dLh/CvEemEPdSMGvcZx5N1a035yX/Q2PW0YONCwJ/O8rHYNn/peNX3iMNcZce9ji
CBptqad597pNzvxWhz2ZO3OudY8XC52iDSqys7XhkTZX+EvmBvhl5Bta6FER9FmR
laOGC5AROsPifnCsTqPZ239Psx/58MQdrQjqtzBX5CSL98TPbVvhS2cADjZ3XXMB
CH6pbkfG1wtCiNKf3JftvlPDz5ExJ0HhYvnTkAEnYNME2tzdh3IXpDQ4erTVkcut
cIfZpQIDAQABo4GrMIGoMA8GCSsGAQUFBzABBQQCBQAwIgYDVR0RBBswGaQXMBUx
EzARBgNVBAMTClRHVi1ELTM5MzEwHwYDVR0jBBgwFoAU0m/3lvSFP3I8MH0j2oV4
m6N8WnwwHQYDVR0OBBYEFFY03CwckgeZCXAjH0AgjvcEzsy6MAwGA1UdEwEB/wQC
MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3
DQEBCwUAA4IBAQCbJlF7IX1riYNmEXmIRTDCs/BXslOmWfN3aGdHV/PKQ96ReRsx
XFeS8Vfl2cQ7z3ZgtcwFXRwxfcrKDQVHldvla7Hep+hyFxzRKB1rUpt/QUaUVJLc
Wz4YHTFFsKsIbdB1UcOYso75E1DnJntzqiu6nfgSaUW3O0JVGk1sojwY7gvjo8rF
7lyXraeSr/Uw1v97HzVYHG8QOGNXau8wUqcnSDdrCk/ODpK5VJScAOxDnI8aGQKm
XPujujKMoMaU/HTNfUQ1u6jwgsZInj9UC3+rfR7Nmlcg3OEeijK9q8/+ZG1PA4Hs
HrZqQHQwG+NFyc9vOWvYWarWIRURBR1uA3z8
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDqDCCApCgAwIBAgIQSKCxHmC7gypUK8rpVd7TTzANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU
R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTcwMjEwMDAwMDAwWhcNMTcwNTExMjM1
OTU5WjAuMSwwKgYDVQQDEyNHZW9UcnVzdCBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3Bv
bmRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPUr4g7DrQicG++7
zmBQCkXwtL2RDsM2aiG56qnAMFZjLy/+OEoD/WGMBjzOfT/fZmA64460Vv6TPk/M
c3S4fwrxHphD3UjBr3GceTdWtN+cl/0Nj1tGDjQsCfzvKx2DZ/6XjV94jDXGXHvY
4ggabamnefe6Tc78Voc9mTtzrnWPFwudog0qsrO14ZE2V/hL5gb4ZeQbWuhREfRZ
kZWjhguQETrD4n5wrE6j2dt/T7Mf+fDEHa0I6rcwV+Qki/fEz21b4UtnAA42d11z
AQh+qW5HxtcLQojSn9yX7b5Tw8+RMSdB4WL505ABJ2DTBNrc3YdyF6Q0OHq01ZHL
rXCH2aUCAwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAV
MRMwEQYDVQQDEwpUR1YtRC0zOTMxMB8GA1UdIwQYMBaAFNJv95b0hT9yPDB9I9qF
eJujfFp8MB0GA1UdDgQWBBRWNNwsHJIHmQlwIx9AII73BM7MujAMBgNVHRMBAf8E
AjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG
9w0BAQsFAAOCAQEAmyZReyF9a4mDZhF5iEUwwrPwV7JTplnzd2hnR1fzykPekXkb
MVxXkvFX5dnEO892YLXMBV0cMX3Kyg0FR5Xb5Wux3qfochcc0Sgda1Kbf0FGlFSS
3Fs+GB0xRbCrCG3QdVHDmLKO+RNQ5yZ7c6orup34EmlFtztCVRpNbKI8GO4L46PK
xe5cl62nkq/1MNb/ex81WBxvEDhjV2rvMFKnJ0g3awpPzg6SuVSUnADsQ5yPGhkC
plz7o7oyjKDGlPx0zX1ENbuo8ILGSJ4/VAt/q30ezZpXINzhHooyvavP/mRtTwOB
7B62akB0MBvjRcnPbzlr2Fmq1iEVEQUdbgN8/A==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=600632, public, no-transform, must-revalidate]
Content-Length: [1419]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sat, 18 Feb 2017 20:26:50 GMT]
Expires: [Sat, 25 Feb 2017 19:17:22 GMT]
Last-Modified: [Sat, 18 Feb 2017 19:17:22 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust SSL CA - G3 (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust SSL CA - G3 (At position 1 in certificate chain)
Serial number:
hex: 23a6f
int: 146031
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://g1.symcb.com/crls/gtglobal.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://g1.symcb.com/crls/gtglobal.crl
Size: 665 bytes (DER data)
Response time: 33.472994ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 12

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Thu, 23 Feb 2017 09:31:59 GMT]
Etag: ["cdfed412ffc55736da7d26dd6e325304:1480525813"]
Last-Modified: [Wed, 30 Nov 2016 17:10:13 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://g2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (POST)
Size: 1377 bytes (DER data)
Response time: 14.293324ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 140h59m43s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6bw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzAyMjIwNjMxNDFaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjpv
gAAYDzIwMTcwMjIyMDYzMTQxWqARGA8yMDE3MDMwMTA2MzE0MVowDQYJKoZIhvcN
AQEFBQADggEBAFpamZ2tcGJWlaQ1vjtylX1BkSy3M0xc5F8mF/6Fpcd1NlQSytmH
czHcfjvSNkNG1+GGiXLwx2dBKqCOUPeTyDEAdSEnUS2j5JbHVotOoCCIWZVvBjNT
s2KhV+YwjX1KM4wfuvvaOt60+LDUquOs0PoduUngWoo/stC7Xzl/FpE1kAMb3UyE
WFSnQdrE7meMaUDWvgjRD91s6HVk2rexzuy695aKrEMev8WfK+1BpIwmRZJM6jxJ
UhQDPFLrF5INJ86hfvyHra2Suv1zvBoFYnIDeCRvzonhJiEt4qvgwmht/Td+iVew
tQfHsChHnnWGy5cSx5fAvhDGbqIhS45+IyigggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=507583, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 23 Feb 2017 09:31:59 GMT]
Expires: [Wed, 1 Mar 2017 06:31:41 GMT]
Last-Modified: [Wed, 22 Feb 2017 06:31:41 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 1s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://g2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://g2.symcb.com (GET)
Size: 1377 bytes (DER data)
Response time: 5.39467ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: GeoTrust Global CA TGV OCSP Responder 5
Issued by: GeoTrust Global CA
Signing certificate validity: 2016-12-08 - 2017-12-14
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 141h0m59s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)

URL used for GET request

http:/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkqw0GRtsnCuD5V8sCXEROgByACAwI6bw%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBSxtDkXkBa3l3lQEfFgudSiPNvt7gQUAPkq
w0GRtsnCuD5V8sCXEROgByACAwI6bw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFXQoBAKCCBVYwggVSBgkrBgEFBQcwAQEEggVDMIIFPzCBkaIWBBRW5FQnU+as
qXGB3YYiHprkenLEKhgPMjAxNzAyMjIwNjMxNDFaMGYwZDA8MAkGBSsOAwIaBQAE
FLG0OReQFreXeVAR8WC51KI82+3uBBQA+SrDQZG2ycK4PlXywJcRE6AHIAIDAjpv
gAAYDzIwMTcwMjIyMDYzMTQxWqARGA8yMDE3MDMwMTA2MzE0MVowDQYJKoZIhvcN
AQEFBQADggEBAFpamZ2tcGJWlaQ1vjtylX1BkSy3M0xc5F8mF/6Fpcd1NlQSytmH
czHcfjvSNkNG1+GGiXLwx2dBKqCOUPeTyDEAdSEnUS2j5JbHVotOoCCIWZVvBjNT
s2KhV+YwjX1KM4wfuvvaOt60+LDUquOs0PoduUngWoo/stC7Xzl/FpE1kAMb3UyE
WFSnQdrE7meMaUDWvgjRD91s6HVk2rexzuy695aKrEMev8WfK+1BpIwmRZJM6jxJ
UhQDPFLrF5INJ86hfvyHra2Suv1zvBoFYnIDeCRvzonhJiEt4qvgwmht/Td+iVew
tQfHsChHnnWGy5cSx5fAvhDGbqIhS45+IyigggOTMIIDjzCCA4swggJzoAMCAQIC
EAEAAI8cK5YV9Xm5GF4OwmcwDQYJKoZIhvcNAQELBQAwQjELMAkGA1UEBhMCVVMx
FjAUBgNVBAoTDUdlb1RydXN0IEluYy4xGzAZBgNVBAMTEkdlb1RydXN0IEdsb2Jh
bCBDQTAeFw0xNjEyMDgxMTI1MzVaFw0xNzEyMTQxMTI1MzVaMDIxMDAuBgNVBAMT
J0dlb1RydXN0IEdsb2JhbCBDQSBUR1YgT0NTUCBSZXNwb25kZXIgNTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbsx72ex4lTCJDy3iHAy47zLOB03z8E
ucSDZIQMjk1A5aZfqz0MU5HHLOsi76EQo6uYR2R2rl9jgQ1EMbe0TidFyTrhse63
rmEyzQusz7sEjnsvckT7K/9j6DLmlFB/6oEhAgwfCONYbrDOfQHBCtd7e+x6STm0
WeKCF4/QqS+C5ZTUEzsNjhcAqeAMZnWEoyyJ6OpCiF9vDblCGa9nlh3SwW+nxKTq
qqiMlz9ZXN8//IHrectIKszEXXlpvtr4wJAz0KrUDfENqEbKNouP0fv1Ueno5Z7t
ue3CnHtCF+QxOQXDS3rKrQJcesKMrFC9+M5frbQuLSGz9ee/xCfnWW0CAwEAAaOB
jDCBiTAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1luMrMTjAPBgkrBgEFBQcw
AQUEAgUAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDAMBgNV
HRMBAf8EAjAAMCIGA1UdEQQbMBmkFzAVMRMwEQYDVQQDEwpUR1YtT0ZGLTU3MA0G
CSqGSIb3DQEBCwUAA4IBAQAEbWTM2eKR1XlWe9ui17q87Hk6NYXKQGwj/ss1ue8Q
1cnoA2/Mo1gG1Q/8LHJ97vK5yw65afq8M5mPbxdl/57jZTUF1kDmgEgvUde3O+h2
ZLIHPx1q2W2WDLT2ltYvaHaNr0Hnkb8MCQ27Z728Fsn5+Ilh/bDoA+NHEqlcfycq
oGKksT60iqnogUz/WZNUbzzBQD6NlpomMZUTOcF3/5L3Fe1OKkF1nGXW2QTW/mLZ
5Eviy4ZQTzQ34koPA5qC1nsWQ1zOE57jR8IJMC+mYQdFb71gehA8O0lB7fL6Kysj
zycnBkNHgJ9LQDd67gQ30FxfmbAnHV1xxWakX8lXTvIf
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDizCCAnOgAwIBAgIQAQAAjxwrlhX1ebkYXg7CZzANBgkqhkiG9w0BAQsFADBC
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS
R2VvVHJ1c3QgR2xvYmFsIENBMB4XDTE2MTIwODExMjUzNVoXDTE3MTIxNDExMjUz
NVowMjEwMC4GA1UEAxMnR2VvVHJ1c3QgR2xvYmFsIENBIFRHViBPQ1NQIFJlc3Bv
bmRlciA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuzHvZ7HiVMI
kPLeIcDLjvMs4HTfPwS5xINkhAyOTUDlpl+rPQxTkccs6yLvoRCjq5hHZHauX2OB
DUQxt7ROJ0XJOuGx7reuYTLNC6zPuwSOey9yRPsr/2PoMuaUUH/qgSECDB8I41hu
sM59AcEK13t77HpJObRZ4oIXj9CpL4LllNQTOw2OFwCp4AxmdYSjLIno6kKIX28N
uUIZr2eWHdLBb6fEpOqqqIyXP1lc3z/8get5y0gqzMRdeWm+2vjAkDPQqtQN8Q2o
Rso2i4/R+/VR6ejlnu257cKce0IX5DE5BcNLesqtAlx6woysUL34zl+ttC4tIbP1
57/EJ+dZbQIDAQABo4GMMIGJMB8GA1UdIwQYMBaAFMB6mGiNifurBWQMEX2qfWW4
ysxOMA8GCSsGAQUFBzABBQQCBQAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0P
AQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwIgYDVR0RBBswGaQXMBUxEzARBgNVBAMT
ClRHVi1PRkYtNTcwDQYJKoZIhvcNAQELBQADggEBAARtZMzZ4pHVeVZ726LXurzs
eTo1hcpAbCP+yzW57xDVyegDb8yjWAbVD/wscn3u8rnLDrlp+rwzmY9vF2X/nuNl
NQXWQOaASC9R17c76HZksgc/HWrZbZYMtPaW1i9odo2vQeeRvwwJDbtnvbwWyfn4
iWH9sOgD40cSqVx/JyqgYqSxPrSKqeiBTP9Zk1RvPMFAPo2WmiYxlRM5wXf/kvcV
7U4qQXWcZdbZBNb+YtnkS+LLhlBPNDfiSg8DmoLWexZDXM4TnuNHwgkwL6ZhB0Vv
vWB6EDw7SUHt8vorKyPPJycGQ0eAn0tAN3ruBDfQXF+ZsCcdXXHFZqRfyVdO8h8=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=507659, public, no-transform, must-revalidate]
Content-Length: [1377]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Thu, 23 Feb 2017 09:31:59 GMT]
Expires: [Wed, 1 Mar 2017 06:31:41 GMT]
Last-Modified: [Wed, 22 Feb 2017 06:31:41 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/8.2.2.1.1-19192351) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 1m17s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust Global CA (CA Certificate)

This certificate was cached at
Certificate details for GeoTrust Global CA (At position 2 in certificate chain)
Serial number:
hex: 23456
int: 144470
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.