CRL & OCSP report for 0-naturalmedicines.therapeuticresearch.com.topcat.switchinc.org - koha.switchinc.org

koha.switchinc.org

Certificate details for koha.switchinc.org (At position 0 in certificate chain)
Serial number:
hex: 5df951bc7a9f1fcf9419aaf242e3d944
int: 124912743333794337352589522895257196868
Issued by: GeoTrust DV SSL CA - G3
Public Key Algorithm: RSA
Not valid before:
Not valid after:
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-naturalmedicines.therapeuticresearch.com.topcat.switchinc.org.

Certificate Revocation List (CRL)

This CRL was cached at
http://gt.symcb.com/gt.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://gt.symcb.com/gt.crl
Size: 136034 bytes (DER data)
Response time: 96.103704ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3873

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Sun, 25 Jun 2017 19:09:55 GMT]
Etag: ["d5c6ca911e3e9bef0191e6de876ec539:1498381562"]
Last-Modified: [Sun, 25 Jun 2017 09:06:02 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://gt.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gt.symcd.com (POST)
Size: 1455 bytes (DER data)
Response time: 283.593408ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: GeoTrust DV SSL CA - G3 OCSP Responder
Issued by: GeoTrust DV SSL CA - G3
Signing certificate validity: 2017-04-05 - 2017-07-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 116h47m14s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRYPS8usrA85jHipK5UlO17MFVDRgQUrWUi
hZDQO+OhSYs3+fELHV8XoHcCEF35Ubx6nx/PlBmq8kLj2UQ=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFqwoBAKCCBaQwggWgBgkrBgEFBQcwAQEEggWRMIIFjTCBnqIWBBSj7DW5EzBv
a5jfQ0qnFTMZxg7+hRgPMjAxNzA2MjExMjIwMjlaMHMwcTBJMAkGBSsOAwIaBQAE
FFg9Ly6ysDzmMeKkrlSU7XswVUNGBBStZSKFkNA746FJizf58QsdXxegdwIQXflR
vHqfH8+UGaryQuPZRIAAGA8yMDE3MDYyMTEyMjAyOVqgERgPMjAxNzA2MjgxMjIw
MjlaMA0GCSqGSIb3DQEBBQUAA4IBAQDCv2lF3mI6pEnFNq9KyTiu9ZCUrAiLvGz6
UHeinP4tDxmDjexlArvZUkSAiLaBtb0Vov4p0abXhmxNDc73uZK+mjmxqZq+IhNZ
Uh+8JLyIWYfOm4L8ghiTNTFmBpNfOgo1934hTaFl+w5uXyOjZ05/aT88Bs7G41OF
KRYclVfHL6fdKhAwc6Zp+zSRJ8J/UAqSEnpMHrgnhSGdCj9iNImkaaW3QYDqeXvJ
UoTWgKh8H0rNkQdBCuvlXDIKcLPYR8Q/KfC+cP1z1GBZp55K8Q64UY5GTvXFjAfw
noGYznoeSPqfBPK2xxn9CTV3mvtd9FvvivO6lNm525oh55keKCJYoIID1DCCA9Aw
ggPMMIICtKADAgECAhBmR3bqglT/GApRVHN6IMBuMA0GCSqGSIb3DQEBCwUAMGYx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEgMB4GA1UEAxMXR2VvVHJ1c3QgRFYgU1NMIENB
IC0gRzMwHhcNMTcwNDA1MDAwMDAwWhcNMTcwNzA0MjM1OTU5WjAxMS8wLQYDVQQD
EyZHZW9UcnVzdCBEViBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpV8w3BtczaJ7SKsUH85BcvOz0JcStm
nPHUbDAmsg5TbZJDOYCtz5tsviioOTg7gxUBxy/AzhgQNxMcAkyleYOsKWcJJsxx
GEJiZJxy8nSdCoOVBMI5gyY+KK71lgtvOPg/neM+UCzylnH1Y4IIPFSv/1+T8L3N
OdN5LXtdzHQxSmfiKmTOR1bVmCoOdrzi1/LpjkrBrvsWF+nCCDeTj6CiS6Pbln6p
M2veuszAipV64oO5MqjgxwKG0/w03du7wJxKgZN1uOcrEk+hclGHFMgBJK2tS82g
JuphhATnwF2Yy5+9d4dFukh+3y0zfXgYCvrG2Y0c9IcqplolArLqYSECAwEAAaOB
qjCBpzAPBgkrBgEFBQcwAQUEAgUAMCEGA1UdEQQaMBikFjAUMRIwEAYDVQQDEwlU
R1YtRS02NzMwHwYDVR0jBBgwFoAUrWUihZDQO+OhSYs3+fELHV8XoHcwHQYDVR0O
BBYEFKPsNbkTMG9rmN9DSqcVMxnGDv6FMAwGA1UdEwEB/wQCMAAwEwYDVR0lBAww
CgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCl
QIxbIQPX/uF5VuHJc6CUq3xUcQX88Y/Ll9nfkLmaQOX2aQsCfQKCI4qmnEws3HZ3
qcNpnB4bQNXV7JnB6G1L9GzHWfyX8JaPJWOVtzMamQO4b7y1L6U4aeNpKsj2O55f
a5KRVM5PeNb2uSER65m0hy0Td7JJSbAFMkn3WU9VJocxM/lUVyM6octI9Kwf52iM
UzrBC+6lbE7yRaz8Z9eCuk+EgGHC13kvTPO85rr7cdJ/gC4p1M+PnVPJrYOgLXyt
OWOU5DX6L0ZpNbLULc3oUlWsPyprE8mLk1CVRoFh/G4dET2iXrNjYG3nUrg4RUFX
hglXYnIKaUsh8tKVrh3j
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDzDCCArSgAwIBAgIQZkd26oJU/xgKUVRzeiDAbjANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMU
RG9tYWluIFZhbGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBD
QSAtIEczMB4XDTE3MDQwNTAwMDAwMFoXDTE3MDcwNDIzNTk1OVowMTEvMC0GA1UE
AxMmR2VvVHJ1c3QgRFYgU1NMIENBIC0gRzMgT0NTUCBSZXNwb25kZXIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKVfMNwbXM2ie0irFB/OQXLzs9CXEr
Zpzx1GwwJrIOU22SQzmArc+bbL4oqDk4O4MVAccvwM4YEDcTHAJMpXmDrClnCSbM
cRhCYmSccvJ0nQqDlQTCOYMmPiiu9ZYLbzj4P53jPlAs8pZx9WOCCDxUr/9fk/C9
zTnTeS17Xcx0MUpn4ipkzkdW1ZgqDna84tfy6Y5Kwa77Fhfpwgg3k4+gokuj25Z+
qTNr3rrMwIqVeuKDuTKo4McChtP8NN3bu8CcSoGTdbjnKxJPoXJRhxTIASStrUvN
oCbqYYQE58BdmMufvXeHRbpIft8tM314GAr6xtmNHPSHKqZaJQKy6mEhAgMBAAGj
gaowgacwDwYJKwYBBQUHMAEFBAIFADAhBgNVHREEGjAYpBYwFDESMBAGA1UEAxMJ
VEdWLUUtNjczMB8GA1UdIwQYMBaAFK1lIoWQ0DvjoUmLN/nxCx1fF6B3MB0GA1Ud
DgQWBBSj7DW5EzBva5jfQ0qnFTMZxg7+hTAMBgNVHRMBAf8EAjAAMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEA
pUCMWyED1/7heVbhyXOglKt8VHEF/PGPy5fZ35C5mkDl9mkLAn0CgiOKppxMLNx2
d6nDaZweG0DV1eyZwehtS/Rsx1n8l/CWjyVjlbczGpkDuG+8tS+lOGnjaSrI9jue
X2uSkVTOT3jW9rkhEeuZtIctE3eySUmwBTJJ91lPVSaHMTP5VFcjOqHLSPSsH+do
jFM6wQvupWxO8kWs/GfXgrpPhIBhwtd5L0zzvOa6+3HSf4AuKdTPj51Tya2DoC18
rTljlOQ1+i9GaTWy1C3N6FJVrD8qaxPJi5NQlUaBYfxuHRE9ol6zY2Bt51K4OEVB
V4YJV2JyCmlLIfLSla4d4w==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=420434, public, no-transform, must-revalidate]
Content-Length: [1455]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 23 Jun 2017 15:33:15 GMT]
Expires: [Wed, 28 Jun 2017 12:20:29 GMT]
Last-Modified: [Wed, 21 Jun 2017 12:20:29 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://gt.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://gt.symcd.com (GET)
Size: 1455 bytes (DER data)
Response time: 537.864252ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: GeoTrust DV SSL CA - G3 OCSP Responder
Issued by: GeoTrust DV SSL CA - G3
Signing certificate validity: 2017-04-05 - 2017-07-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 116h47m14s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

URL used for GET request

http://gt.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRYPS8usrA85jHipK5UlO17MFVDRgQUrWUihZDQO%2BOhSYs3%2BfELHV8XoHcCEF35Ubx6nx%2FPlBmq8kLj2UQ%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRYPS8usrA85jHipK5UlO17MFVDRgQUrWUi
hZDQO+OhSYs3+fELHV8XoHcCEF35Ubx6nx/PlBmq8kLj2UQ=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFqwoBAKCCBaQwggWgBgkrBgEFBQcwAQEEggWRMIIFjTCBnqIWBBSj7DW5EzBv
a5jfQ0qnFTMZxg7+hRgPMjAxNzA2MjExMjIwMjlaMHMwcTBJMAkGBSsOAwIaBQAE
FFg9Ly6ysDzmMeKkrlSU7XswVUNGBBStZSKFkNA746FJizf58QsdXxegdwIQXflR
vHqfH8+UGaryQuPZRIAAGA8yMDE3MDYyMTEyMjAyOVqgERgPMjAxNzA2MjgxMjIw
MjlaMA0GCSqGSIb3DQEBBQUAA4IBAQDCv2lF3mI6pEnFNq9KyTiu9ZCUrAiLvGz6
UHeinP4tDxmDjexlArvZUkSAiLaBtb0Vov4p0abXhmxNDc73uZK+mjmxqZq+IhNZ
Uh+8JLyIWYfOm4L8ghiTNTFmBpNfOgo1934hTaFl+w5uXyOjZ05/aT88Bs7G41OF
KRYclVfHL6fdKhAwc6Zp+zSRJ8J/UAqSEnpMHrgnhSGdCj9iNImkaaW3QYDqeXvJ
UoTWgKh8H0rNkQdBCuvlXDIKcLPYR8Q/KfC+cP1z1GBZp55K8Q64UY5GTvXFjAfw
noGYznoeSPqfBPK2xxn9CTV3mvtd9FvvivO6lNm525oh55keKCJYoIID1DCCA9Aw
ggPMMIICtKADAgECAhBmR3bqglT/GApRVHN6IMBuMA0GCSqGSIb3DQEBCwUAMGYx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEgMB4GA1UEAxMXR2VvVHJ1c3QgRFYgU1NMIENB
IC0gRzMwHhcNMTcwNDA1MDAwMDAwWhcNMTcwNzA0MjM1OTU5WjAxMS8wLQYDVQQD
EyZHZW9UcnVzdCBEViBTU0wgQ0EgLSBHMyBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpV8w3BtczaJ7SKsUH85BcvOz0JcStm
nPHUbDAmsg5TbZJDOYCtz5tsviioOTg7gxUBxy/AzhgQNxMcAkyleYOsKWcJJsxx
GEJiZJxy8nSdCoOVBMI5gyY+KK71lgtvOPg/neM+UCzylnH1Y4IIPFSv/1+T8L3N
OdN5LXtdzHQxSmfiKmTOR1bVmCoOdrzi1/LpjkrBrvsWF+nCCDeTj6CiS6Pbln6p
M2veuszAipV64oO5MqjgxwKG0/w03du7wJxKgZN1uOcrEk+hclGHFMgBJK2tS82g
JuphhATnwF2Yy5+9d4dFukh+3y0zfXgYCvrG2Y0c9IcqplolArLqYSECAwEAAaOB
qjCBpzAPBgkrBgEFBQcwAQUEAgUAMCEGA1UdEQQaMBikFjAUMRIwEAYDVQQDEwlU
R1YtRS02NzMwHwYDVR0jBBgwFoAUrWUihZDQO+OhSYs3+fELHV8XoHcwHQYDVR0O
BBYEFKPsNbkTMG9rmN9DSqcVMxnGDv6FMAwGA1UdEwEB/wQCMAAwEwYDVR0lBAww
CgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCl
QIxbIQPX/uF5VuHJc6CUq3xUcQX88Y/Ll9nfkLmaQOX2aQsCfQKCI4qmnEws3HZ3
qcNpnB4bQNXV7JnB6G1L9GzHWfyX8JaPJWOVtzMamQO4b7y1L6U4aeNpKsj2O55f
a5KRVM5PeNb2uSER65m0hy0Td7JJSbAFMkn3WU9VJocxM/lUVyM6octI9Kwf52iM
UzrBC+6lbE7yRaz8Z9eCuk+EgGHC13kvTPO85rr7cdJ/gC4p1M+PnVPJrYOgLXyt
OWOU5DX6L0ZpNbLULc3oUlWsPyprE8mLk1CVRoFh/G4dET2iXrNjYG3nUrg4RUFX
hglXYnIKaUsh8tKVrh3j
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDzDCCArSgAwIBAgIQZkd26oJU/xgKUVRzeiDAbjANBgkqhkiG9w0BAQsFADBm
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMU
RG9tYWluIFZhbGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBD
QSAtIEczMB4XDTE3MDQwNTAwMDAwMFoXDTE3MDcwNDIzNTk1OVowMTEvMC0GA1UE
AxMmR2VvVHJ1c3QgRFYgU1NMIENBIC0gRzMgT0NTUCBSZXNwb25kZXIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKVfMNwbXM2ie0irFB/OQXLzs9CXEr
Zpzx1GwwJrIOU22SQzmArc+bbL4oqDk4O4MVAccvwM4YEDcTHAJMpXmDrClnCSbM
cRhCYmSccvJ0nQqDlQTCOYMmPiiu9ZYLbzj4P53jPlAs8pZx9WOCCDxUr/9fk/C9
zTnTeS17Xcx0MUpn4ipkzkdW1ZgqDna84tfy6Y5Kwa77Fhfpwgg3k4+gokuj25Z+
qTNr3rrMwIqVeuKDuTKo4McChtP8NN3bu8CcSoGTdbjnKxJPoXJRhxTIASStrUvN
oCbqYYQE58BdmMufvXeHRbpIft8tM314GAr6xtmNHPSHKqZaJQKy6mEhAgMBAAGj
gaowgacwDwYJKwYBBQUHMAEFBAIFADAhBgNVHREEGjAYpBYwFDESMBAGA1UEAxMJ
VEdWLUUtNjczMB8GA1UdIwQYMBaAFK1lIoWQ0DvjoUmLN/nxCx1fF6B3MB0GA1Ud
DgQWBBSj7DW5EzBva5jfQ0qnFTMZxg7+hTAMBgNVHRMBAf8EAjAAMBMGA1UdJQQM
MAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsFAAOCAQEA
pUCMWyED1/7heVbhyXOglKt8VHEF/PGPy5fZ35C5mkDl9mkLAn0CgiOKppxMLNx2
d6nDaZweG0DV1eyZwehtS/Rsx1n8l/CWjyVjlbczGpkDuG+8tS+lOGnjaSrI9jue
X2uSkVTOT3jW9rkhEeuZtIctE3eySUmwBTJJ91lPVSaHMTP5VFcjOqHLSPSsH+do
jFM6wQvupWxO8kWs/GfXgrpPhIBhwtd5L0zzvOa6+3HSf4AuKdTPj51Tya2DoC18
rTljlOQ1+i9GaTWy1C3N6FJVrD8qaxPJi5NQlUaBYfxuHRE9ol6zY2Bt51K4OEVB
V4YJV2JyCmlLIfLSla4d4w==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=420434, public, no-transform, must-revalidate]
Content-Length: [1455]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 23 Jun 2017 15:33:15 GMT]
Expires: [Wed, 28 Jun 2017 12:20:29 GMT]
Last-Modified: [Wed, 21 Jun 2017 12:20:29 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GeoTrust DV SSL CA - G3 (CA Certificate)

Certificate details for GeoTrust DV SSL CA - G3 (At position 1 in certificate chain)
Serial number:
hex: 23a73
int: 146035
Issued by: GeoTrust Global CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GeoTrust Inc.
Organization unit: Domain Validated SSL
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.