CRL & OCSP report for 0-oneview.experian.com.wildpac.wne.edu - wildpac.wne.edu

wildpac.wne.edu

Certificate details for wildpac.wne.edu (At position 0 in certificate chain)
Serial number:
hex: bce69a34d743d147
int: 13611736475514425671
Issued by: Starfield Secure Certificate Authority - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: Domain Control Validated
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-oneview.experian.com.wildpac.wne.edu.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.starfieldtech.com/sfig2s1-47.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.starfieldtech.com/sfig2s1-47.crl
Size: 48936 bytes (DER data)
Response time: 90.007954ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1159

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: Apache

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=259200]
Content-Length: [48936]
Content-Type: [application/pkix-crl]
Date: [Wed, 24 May 2017 13:26:04 GMT]
Etag: ["bf28-5503dde56a240"]
Expires: [Sat, 27 May 2017 13:26:04 GMT]
Last-Modified: [Wed, 24 May 2017 04:52:17 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.starfieldtech.com/ (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.starfieldtech.com/ (POST)
Size: 1847 bytes (DER data)
Response time: 44.926877ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Starfield Validation Authority - G2
Issued by: Starfield Secure Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 30h19m18s

Server and network information

Server Software: Apache

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEowSDBGMEQwQjAJBgUrDgMCGgUABBT1ZqtwV0O1KcYi0gdzcFkHM+uArAQUJUWB
aFAmOD07LSy+zWrZtj2zZmMCCQC85po010PRRw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHMwoBAKCCBywwggcoBgkrBgEFBQcwAQEEggcZMIIHFTCCAQ2hgYswgYgxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxl
MSQwIgYDVQQKExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAqBgNVBAMT
I1N0YXJmaWVsZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyGA8yMDE3MDUyNDEx
MzcwMlowbDBqMEIwCQYFKw4DAhoFAAQU9WarcFdDtSnGItIHc3BZBzPrgKwEFCVF
gWhQJjg9Oy0svs1q2bY9s2ZjAgkAvOaaNNdD0UeAABgPMjAxNzA1MjQxMTM3MDJa
oBEYDzIwMTcwNTI1MjMzNzAyWjANBgkqhkiG9w0BAQUFAAOCAQEAvwhqS2NLwsrm
HBH+WYw9rVZBUROtoYO+TWqqkBjc++YKv7c/6ciXajyrnjNsZh/CKcnu1+V3Q/97
192gd3+RIfciKmjVsgxRnqcKzt8uMwZVYmOqS0fwq/RiN/fmGMtj/q54/ToxaPyQ
wLIs6bBiZLQ4xcCZFKtUb+tcantBQ24lApMaNnu/kwGXT/pGLBIxgr85hXr/5uiL
ejQ51HzAY5WwnV+tIsGeEdm4ljzVpK5wjK9b6Zjzc8pLf81gmet2NO4hsAmMoTFY
dMFZmFr1WsWMY/a80yWpKOFHDMRXEnECHv29tdqjHmrp5OsKGFxClDgLGh7sOYFz
GETZr2TIzKCCBOwwggToMIIE5DCCA8ygAwIBAgIJANyfrJP6/9V/MA0GCSqGSIb3
DQEBCwUAMIHGMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UE
BxMKU2NvdHRzZGFsZTElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywg
SW5jLjEzMDEGA1UECxMqaHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3Jl
cG9zaXRvcnkvMTQwMgYDVQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRl
IEF1dGhvcml0eSAtIEcyMB4XDTE2MTIxMzA3MDAwMFoXDTE3MTIxMzA3MDAwMFow
gYgxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290
dHNkYWxlMSQwIgYDVQQKExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAq
BgNVBAMTI1N0YXJmaWVsZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxK37MN9B3/4QMRIgfjEg4vMmQKA
4WrJYpgyxWO9gfu8J2VTQQAa7YCXNiIiMptoZgttAW05/6iFqIuXp7BfTgUiZ1bp
z3vlSiJ75ecwZg5XJKdYche/+rp8VftGDCHnS84wIO4ocIKnHcythTmDSQ/cn4+y
/2MTY1zSOQ54dBp2ulVOjwcYJajPtcIsUh8J2ONaSgMu7gHT/3J6E1oL5nCs7L1y
dQQ2GcT/7RYwihR04uQP8SrbgBNUFVcF7tDejj/uHNhY+gAGKCsekHqrW7UgukH5
l7Yret1bPi33eT7KoLJudlUUq4lnLndVLg8OzN+JEd8gRmjZNkYGAhV9fwIDAQAB
o4IBDzCCAQswDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAww
CgYIKwYBBQUHAwkwHQYDVR0OBBYEFMWGSiF+2fK1faEBrKxeXf4Vgve/MA8GCSsG
AQUFBzABBQQCBQAwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5zdGFyZmll
bGR0ZWNoLmNvbS9yZXBvc2l0b3J5L21hc3RlcnN0YXJmaWVsZDJpc3N1aW5nLmNy
bDBQBgNVHSAESTBHMEUGC2CGSAGG/W4BBxcBMDYwNAYIKwYBBQUHAgEWKGh0dHA6
Ly9jcmwuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEL
BQADggEBAKQOkxfB5Y9/qADXtCfkwLVMackGfcpF9flGnkj3VAFOlrKYWTqEg1lZ
A4LUrVfg/QpB4/9Bn9UwRDs4DvRA9L9o7Uir6bm1KcKBvkhuuy/sSk4nCbAorz70
A6gQZXyEfenhBbyNNmYQjvxBjGFG+LqGTot11T6QPSF2Svx/vQTUs1CUmrdmB0Li
Uub+AJw2e8oprhAVymp4FiLg7ZIUaEnNfayCIllsAZHHcNwwxwjku7nbR7HTNHm8
rfcU6B3AYRCXP9OohmDQQ1CcS13whSLB2z0Oj9+CTjy9un6GjHpk7JrmgcowdG4r
U/KiZTz2ZmHz4OJqv0d7zknE49hKU3o=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIJANyfrJP6/9V/MA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl
MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq
aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD
VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
MB4XDTE2MTIxMzA3MDAwMFoXDTE3MTIxMzA3MDAwMFowgYgxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSQwIgYDVQQK
ExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAqBgNVBAMTI1N0YXJmaWVs
ZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwxK37MN9B3/4QMRIgfjEg4vMmQKA4WrJYpgyxWO9gfu8J2VT
QQAa7YCXNiIiMptoZgttAW05/6iFqIuXp7BfTgUiZ1bpz3vlSiJ75ecwZg5XJKdY
che/+rp8VftGDCHnS84wIO4ocIKnHcythTmDSQ/cn4+y/2MTY1zSOQ54dBp2ulVO
jwcYJajPtcIsUh8J2ONaSgMu7gHT/3J6E1oL5nCs7L1ydQQ2GcT/7RYwihR04uQP
8SrbgBNUFVcF7tDejj/uHNhY+gAGKCsekHqrW7UgukH5l7Yret1bPi33eT7KoLJu
dlUUq4lnLndVLg8OzN+JEd8gRmjZNkYGAhV9fwIDAQABo4IBDzCCAQswDAYDVR0T
AQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHQYD
VR0OBBYEFMWGSiF+2fK1faEBrKxeXf4Vgve/MA8GCSsGAQUFBzABBQQCBQAwVAYD
VR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9yZXBv
c2l0b3J5L21hc3RlcnN0YXJmaWVsZDJpc3N1aW5nLmNybDBQBgNVHSAESTBHMEUG
C2CGSAGG/W4BBxcBMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly9jcmwuc3RhcmZpZWxk
dGVjaC5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAKQOkxfB5Y9/
qADXtCfkwLVMackGfcpF9flGnkj3VAFOlrKYWTqEg1lZA4LUrVfg/QpB4/9Bn9Uw
RDs4DvRA9L9o7Uir6bm1KcKBvkhuuy/sSk4nCbAorz70A6gQZXyEfenhBbyNNmYQ
jvxBjGFG+LqGTot11T6QPSF2Svx/vQTUs1CUmrdmB0LiUub+AJw2e8oprhAVymp4
FiLg7ZIUaEnNfayCIllsAZHHcNwwxwjku7nbR7HTNHm8rfcU6B3AYRCXP9OohmDQ
Q1CcS13whSLB2z0Oj9+CTjy9un6GjHpk7JrmgcowdG4rU/KiZTz2ZmHz4OJqv0d7
zknE49hKU3o=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=109158, public, no-transform, must-revalidate]
Content-Length: [1847]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 24 May 2017 15:41:58 GMT]
Etag: ["742a0b38d8b69f6a11c5a7cbb7ba6805735d5afb"]
Expires: [Thu, 25 May 2017 23:37:02 GMT]
Last-Modified: [Wed, 24 May 2017 11:37:02 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.starfieldtech.com/ (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.starfieldtech.com/ (GET)
Size: 1847 bytes (DER data)
Response time: 46.588263ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Starfield Validation Authority - G2
Issued by: Starfield Secure Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 30h18m18s

Server and network information

Server Software: Apache

URL used for GET request

http://ocsp.starfieldtech.com/MEowSDBGMEQwQjAJBgUrDgMCGgUABBT1ZqtwV0O1KcYi0gdzcFkHM%2BuArAQUJUWBaFAmOD07LSy%2BzWrZtj2zZmMCCQC85po010PRRw%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEowSDBGMEQwQjAJBgUrDgMCGgUABBT1ZqtwV0O1KcYi0gdzcFkHM+uArAQUJUWB
aFAmOD07LSy+zWrZtj2zZmMCCQC85po010PRRw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHMwoBAKCCBywwggcoBgkrBgEFBQcwAQEEggcZMIIHFTCCAQ2hgYswgYgxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxl
MSQwIgYDVQQKExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAqBgNVBAMT
I1N0YXJmaWVsZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyGA8yMDE3MDUyNDEx
MzcwMlowbDBqMEIwCQYFKw4DAhoFAAQU9WarcFdDtSnGItIHc3BZBzPrgKwEFCVF
gWhQJjg9Oy0svs1q2bY9s2ZjAgkAvOaaNNdD0UeAABgPMjAxNzA1MjQxMTM3MDJa
oBEYDzIwMTcwNTI1MjMzNzAyWjANBgkqhkiG9w0BAQUFAAOCAQEAvwhqS2NLwsrm
HBH+WYw9rVZBUROtoYO+TWqqkBjc++YKv7c/6ciXajyrnjNsZh/CKcnu1+V3Q/97
192gd3+RIfciKmjVsgxRnqcKzt8uMwZVYmOqS0fwq/RiN/fmGMtj/q54/ToxaPyQ
wLIs6bBiZLQ4xcCZFKtUb+tcantBQ24lApMaNnu/kwGXT/pGLBIxgr85hXr/5uiL
ejQ51HzAY5WwnV+tIsGeEdm4ljzVpK5wjK9b6Zjzc8pLf81gmet2NO4hsAmMoTFY
dMFZmFr1WsWMY/a80yWpKOFHDMRXEnECHv29tdqjHmrp5OsKGFxClDgLGh7sOYFz
GETZr2TIzKCCBOwwggToMIIE5DCCA8ygAwIBAgIJANyfrJP6/9V/MA0GCSqGSIb3
DQEBCwUAMIHGMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UE
BxMKU2NvdHRzZGFsZTElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywg
SW5jLjEzMDEGA1UECxMqaHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3Jl
cG9zaXRvcnkvMTQwMgYDVQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRl
IEF1dGhvcml0eSAtIEcyMB4XDTE2MTIxMzA3MDAwMFoXDTE3MTIxMzA3MDAwMFow
gYgxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290
dHNkYWxlMSQwIgYDVQQKExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAq
BgNVBAMTI1N0YXJmaWVsZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxK37MN9B3/4QMRIgfjEg4vMmQKA
4WrJYpgyxWO9gfu8J2VTQQAa7YCXNiIiMptoZgttAW05/6iFqIuXp7BfTgUiZ1bp
z3vlSiJ75ecwZg5XJKdYche/+rp8VftGDCHnS84wIO4ocIKnHcythTmDSQ/cn4+y
/2MTY1zSOQ54dBp2ulVOjwcYJajPtcIsUh8J2ONaSgMu7gHT/3J6E1oL5nCs7L1y
dQQ2GcT/7RYwihR04uQP8SrbgBNUFVcF7tDejj/uHNhY+gAGKCsekHqrW7UgukH5
l7Yret1bPi33eT7KoLJudlUUq4lnLndVLg8OzN+JEd8gRmjZNkYGAhV9fwIDAQAB
o4IBDzCCAQswDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAww
CgYIKwYBBQUHAwkwHQYDVR0OBBYEFMWGSiF+2fK1faEBrKxeXf4Vgve/MA8GCSsG
AQUFBzABBQQCBQAwVAYDVR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5zdGFyZmll
bGR0ZWNoLmNvbS9yZXBvc2l0b3J5L21hc3RlcnN0YXJmaWVsZDJpc3N1aW5nLmNy
bDBQBgNVHSAESTBHMEUGC2CGSAGG/W4BBxcBMDYwNAYIKwYBBQUHAgEWKGh0dHA6
Ly9jcmwuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEL
BQADggEBAKQOkxfB5Y9/qADXtCfkwLVMackGfcpF9flGnkj3VAFOlrKYWTqEg1lZ
A4LUrVfg/QpB4/9Bn9UwRDs4DvRA9L9o7Uir6bm1KcKBvkhuuy/sSk4nCbAorz70
A6gQZXyEfenhBbyNNmYQjvxBjGFG+LqGTot11T6QPSF2Svx/vQTUs1CUmrdmB0Li
Uub+AJw2e8oprhAVymp4FiLg7ZIUaEnNfayCIllsAZHHcNwwxwjku7nbR7HTNHm8
rfcU6B3AYRCXP9OohmDQQ1CcS13whSLB2z0Oj9+CTjy9un6GjHpk7JrmgcowdG4r
U/KiZTz2ZmHz4OJqv0d7zknE49hKU3o=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIJANyfrJP6/9V/MA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl
MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq
aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD
VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
MB4XDTE2MTIxMzA3MDAwMFoXDTE3MTIxMzA3MDAwMFowgYgxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSQwIgYDVQQK
ExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAqBgNVBAMTI1N0YXJmaWVs
ZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwxK37MN9B3/4QMRIgfjEg4vMmQKA4WrJYpgyxWO9gfu8J2VT
QQAa7YCXNiIiMptoZgttAW05/6iFqIuXp7BfTgUiZ1bpz3vlSiJ75ecwZg5XJKdY
che/+rp8VftGDCHnS84wIO4ocIKnHcythTmDSQ/cn4+y/2MTY1zSOQ54dBp2ulVO
jwcYJajPtcIsUh8J2ONaSgMu7gHT/3J6E1oL5nCs7L1ydQQ2GcT/7RYwihR04uQP
8SrbgBNUFVcF7tDejj/uHNhY+gAGKCsekHqrW7UgukH5l7Yret1bPi33eT7KoLJu
dlUUq4lnLndVLg8OzN+JEd8gRmjZNkYGAhV9fwIDAQABo4IBDzCCAQswDAYDVR0T
AQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHQYD
VR0OBBYEFMWGSiF+2fK1faEBrKxeXf4Vgve/MA8GCSsGAQUFBzABBQQCBQAwVAYD
VR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9yZXBv
c2l0b3J5L21hc3RlcnN0YXJmaWVsZDJpc3N1aW5nLmNybDBQBgNVHSAESTBHMEUG
C2CGSAGG/W4BBxcBMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly9jcmwuc3RhcmZpZWxk
dGVjaC5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAKQOkxfB5Y9/
qADXtCfkwLVMackGfcpF9flGnkj3VAFOlrKYWTqEg1lZA4LUrVfg/QpB4/9Bn9Uw
RDs4DvRA9L9o7Uir6bm1KcKBvkhuuy/sSk4nCbAorz70A6gQZXyEfenhBbyNNmYQ
jvxBjGFG+LqGTot11T6QPSF2Svx/vQTUs1CUmrdmB0LiUub+AJw2e8oprhAVymp4
FiLg7ZIUaEnNfayCIllsAZHHcNwwxwjku7nbR7HTNHm8rfcU6B3AYRCXP9OohmDQ
Q1CcS13whSLB2z0Oj9+CTjy9un6GjHpk7JrmgcowdG4rU/KiZTz2ZmHz4OJqv0d7
zknE49hKU3o=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=109098, public, no-transform, must-revalidate]
Content-Length: [1847]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 24 May 2017 15:43:02 GMT]
Etag: ["742a0b38d8b69f6a11c5a7cbb7ba6805735d5afb"]
Expires: [Thu, 25 May 2017 23:37:02 GMT]
Last-Modified: [Wed, 24 May 2017 11:37:02 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Go Daddy Secure Certificate Authority - G2 (CA Certificate)

Certificate details for Go Daddy Secure Certificate Authority - G2 (At position 1 in certificate chain)
Serial number:
hex: 7
int: 7
Issued by: Go Daddy Root Certificate Authority - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GoDaddy.com, Inc.
Organization unit: http://certs.godaddy.com/repository/
State / Province: Arizona
Locality: Scottsdale
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.godaddy.com/gdroot-g2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.godaddy.com/gdroot-g2.crl
Size: 462 bytes (DER data)
Response time: 44.838932ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 0

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: Apache

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=259200]
Content-Length: [462]
Content-Type: [application/pkix-crl]
Date: [Wed, 24 May 2017 15:38:58 GMT]
Etag: ["1ce-54ebba2754ac0"]
Expires: [Sat, 27 May 2017 15:38:58 GMT]
Last-Modified: [Fri, 05 May 2017 00:04:35 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.godaddy.com/ (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.godaddy.com/ (POST)
Size: 1730 bytes (DER data)
Response time: 48.279893ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Go Daddy Root Validation Authority - G2
Issued by: Go Daddy Root Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 33h10m28s

Server and network information

Server Software: Apache

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEIwQDA+MDwwOjAJBgUrDgMCGgUABBQdI2+OBkuXH93foRUj4a7lAr4rGwQUOpqF
BxBnKLbv9r0FQW4gwZTaD94CAQc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGvgoBAKCCBrcwggazBgkrBgEFBQcwAQEEggakMIIGoDCB/6GBhTCBgjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUx
GjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTAwLgYDVQQDEydHbyBEYWRkeSBS
b290IFZhbGlkYXRpb24gQXV0aG9yaXR5IC0gRzIYDzIwMTcwNTIzMTc0NDAzWjBk
MGIwOjAJBgUrDgMCGgUABBQdI2+OBkuXH93foRUj4a7lAr4rGwQUOpqFBxBnKLbv
9r0FQW4gwZTaD94CAQeAABgPMjAxNzA1MjMxNzQ0MDNaoBEYDzIwMTcwNTI1MDU0
NDAzWjANBgkqhkiG9w0BAQUFAAOCAQEAuPzRCw9tFwTAuJmktwLWJoDsIxDGD59d
NqSTcpfxnNgW7nQUQBvy37pmJ5a3a3Bisn7vfFLSY0fBVUDXfcf3g+foUpYqBtEK
H6qWRGcU66hnFyHWozWuVn5NeYh2RuroqtxapjVjOtjjhKWwbOied6UgvJhcrHrs
kIyl+Hxen8Mn4VzEqcHvpx1td6k5mkffiTaPGSKBwYg4MnMU27FA3pApnu+sRsDZ
BtgQLTD6dI2SzsXFtkBWRuqeO9JBwUzdplm+PFaWvBRXnPPcro7gf/y05dVhJiSH
SAvayb5x0DUIIqHNqLuFeZ4mVXqwkT7Dj0cjYlTvsoGJUvTO0Et2KqCCBIYwggSC
MIIEfjCCA2agAwIBAgIIAlR8ANLxDDcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0x
NzEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
MDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBH
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4
xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ew
X04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5
g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNa
C+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6
q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIV
fX8CAwEAAaOB9DCB8TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978w
DwYJKwYBBQUHMAEFBAIFADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmdv
ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LWcyLmNybDBKBgNVHSAEQzBBMD8G
C2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRkeS5j
b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD3O7aHU0cx8Ued53GtJ
JB/vo1RAf2ZmxW3Q3wUxG/ON/dGDXOMRFDEwla5UluC3zWWytZ1Go9WVaN1k8w5Q
7dN1puQIVbbOwy2OYtZlbqQT9RnPwMwwYSyfb9QNdDdPurf0eClCr/Q54fk5BKBy
rmw3msFD53d39C/GVbP3ulhLKIo64A68ENIJpFrBG2iQSFEBv1ohbRedCn11bD2b
d82aOnwWKlPVx87RLOo3UiU/MNRsCdlhzEPF14FNPpvmdPO5NweVBCfj7iOqMeNw
D8pauPYhnpApYDVfkDffUAbUr7YrdSxjJvZHt3D2rgU+kkYJc+hC3ze30906Xg0P
wkI=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEfjCCA2agAwIBAgIIAlR8ANLxDDcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0x
NzEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
MDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBH
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4
xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ew
X04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5
g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNa
C+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6
q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIV
fX8CAwEAAaOB9DCB8TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978w
DwYJKwYBBQUHMAEFBAIFADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmdv
ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LWcyLmNybDBKBgNVHSAEQzBBMD8G
C2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRkeS5j
b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD3O7aHU0cx8Ued53GtJ
JB/vo1RAf2ZmxW3Q3wUxG/ON/dGDXOMRFDEwla5UluC3zWWytZ1Go9WVaN1k8w5Q
7dN1puQIVbbOwy2OYtZlbqQT9RnPwMwwYSyfb9QNdDdPurf0eClCr/Q54fk5BKBy
rmw3msFD53d39C/GVbP3ulhLKIo64A68ENIJpFrBG2iQSFEBv1ohbRedCn11bD2b
d82aOnwWKlPVx87RLOo3UiU/MNRsCdlhzEPF14FNPpvmdPO5NweVBCfj7iOqMeNw
D8pauPYhnpApYDVfkDffUAbUr7YrdSxjJvZHt3D2rgU+kkYJc+hC3ze30906Xg0P
wkI=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=119428, public, no-transform, must-revalidate]
Content-Length: [1730]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 23 May 2017 18:48:49 GMT]
Etag: ["9a04be179eb48989272ea3fa905fc33abc698421"]
Expires: [Thu, 25 May 2017 05:44:03 GMT]
Last-Modified: [Tue, 23 May 2017 17:44:03 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.godaddy.com/ (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.godaddy.com/ (GET)
Size: 1730 bytes (DER data)
Response time: 45.813456ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Go Daddy Root Validation Authority - G2
Issued by: Go Daddy Root Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 33h11m48s

Server and network information

Server Software: Apache

URL used for GET request

http://ocsp.godaddy.com/MEIwQDA%2BMDwwOjAJBgUrDgMCGgUABBQdI2%2BOBkuXH93foRUj4a7lAr4rGwQUOpqFBxBnKLbv9r0FQW4gwZTaD94CAQc%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEIwQDA+MDwwOjAJBgUrDgMCGgUABBQdI2+OBkuXH93foRUj4a7lAr4rGwQUOpqF
BxBnKLbv9r0FQW4gwZTaD94CAQc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGvgoBAKCCBrcwggazBgkrBgEFBQcwAQEEggakMIIGoDCB/6GBhTCBgjELMAkG
A1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUx
GjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTAwLgYDVQQDEydHbyBEYWRkeSBS
b290IFZhbGlkYXRpb24gQXV0aG9yaXR5IC0gRzIYDzIwMTcwNTIzMTc0NDAzWjBk
MGIwOjAJBgUrDgMCGgUABBQdI2+OBkuXH93foRUj4a7lAr4rGwQUOpqFBxBnKLbv
9r0FQW4gwZTaD94CAQeAABgPMjAxNzA1MjMxNzQ0MDNaoBEYDzIwMTcwNTI1MDU0
NDAzWjANBgkqhkiG9w0BAQUFAAOCAQEAuPzRCw9tFwTAuJmktwLWJoDsIxDGD59d
NqSTcpfxnNgW7nQUQBvy37pmJ5a3a3Bisn7vfFLSY0fBVUDXfcf3g+foUpYqBtEK
H6qWRGcU66hnFyHWozWuVn5NeYh2RuroqtxapjVjOtjjhKWwbOied6UgvJhcrHrs
kIyl+Hxen8Mn4VzEqcHvpx1td6k5mkffiTaPGSKBwYg4MnMU27FA3pApnu+sRsDZ
BtgQLTD6dI2SzsXFtkBWRuqeO9JBwUzdplm+PFaWvBRXnPPcro7gf/y05dVhJiSH
SAvayb5x0DUIIqHNqLuFeZ4mVXqwkT7Dj0cjYlTvsoGJUvTO0Et2KqCCBIYwggSC
MIIEfjCCA2agAwIBAgIIAlR8ANLxDDcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0x
NzEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
MDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBH
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4
xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ew
X04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5
g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNa
C+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6
q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIV
fX8CAwEAAaOB9DCB8TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978w
DwYJKwYBBQUHMAEFBAIFADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmdv
ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LWcyLmNybDBKBgNVHSAEQzBBMD8G
C2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRkeS5j
b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD3O7aHU0cx8Ued53GtJ
JB/vo1RAf2ZmxW3Q3wUxG/ON/dGDXOMRFDEwla5UluC3zWWytZ1Go9WVaN1k8w5Q
7dN1puQIVbbOwy2OYtZlbqQT9RnPwMwwYSyfb9QNdDdPurf0eClCr/Q54fk5BKBy
rmw3msFD53d39C/GVbP3ulhLKIo64A68ENIJpFrBG2iQSFEBv1ohbRedCn11bD2b
d82aOnwWKlPVx87RLOo3UiU/MNRsCdlhzEPF14FNPpvmdPO5NweVBCfj7iOqMeNw
D8pauPYhnpApYDVfkDffUAbUr7YrdSxjJvZHt3D2rgU+kkYJc+hC3ze30906Xg0P
wkI=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEfjCCA2agAwIBAgIIAlR8ANLxDDcwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRow
GAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UEAxMoR28gRGFkZHkgUm9v
dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0x
NzEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTET
MBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4x
MDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBH
MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4
xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ew
X04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5
g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNa
C+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6
q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIV
fX8CAwEAAaOB9DCB8TAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDATBgNV
HSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z8rV9oQGsrF5d/hWC978w
DwYJKwYBBQUHMAEFBAIFADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmdv
ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LWcyLmNybDBKBgNVHSAEQzBBMD8G
C2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9jcmwuZ29kYWRkeS5j
b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAD3O7aHU0cx8Ued53GtJ
JB/vo1RAf2ZmxW3Q3wUxG/ON/dGDXOMRFDEwla5UluC3zWWytZ1Go9WVaN1k8w5Q
7dN1puQIVbbOwy2OYtZlbqQT9RnPwMwwYSyfb9QNdDdPurf0eClCr/Q54fk5BKBy
rmw3msFD53d39C/GVbP3ulhLKIo64A68ENIJpFrBG2iQSFEBv1ohbRedCn11bD2b
d82aOnwWKlPVx87RLOo3UiU/MNRsCdlhzEPF14FNPpvmdPO5NweVBCfj7iOqMeNw
D8pauPYhnpApYDVfkDffUAbUr7YrdSxjJvZHt3D2rgU+kkYJc+hC3ze30906Xg0P
wkI=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=119508, public, no-transform, must-revalidate]
Content-Length: [1730]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 23 May 2017 18:47:25 GMT]
Etag: ["9a04be179eb48989272ea3fa905fc33abc698421"]
Expires: [Thu, 25 May 2017 05:44:03 GMT]
Last-Modified: [Tue, 23 May 2017 17:44:03 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Go Daddy Root Certificate Authority - G2 (CA Certificate)

Certificate details for Go Daddy Root Certificate Authority - G2 (At position 2 in certificate chain)
Serial number:
hex: 1be715
int: 1828629
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GoDaddy.com, Inc.
State / Province: Arizona
Locality: Scottsdale
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.godaddy.com/gdroot.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.godaddy.com/gdroot.crl
Size: 429 bytes (DER data)
Response time: 49.272881ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 0

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: Apache

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [max-age=259200]
Content-Length: [429]
Content-Type: [application/pkix-crl]
Date: [Tue, 23 May 2017 18:47:07 GMT]
Etag: ["1ad-54ebba2754ac0"]
Expires: [Fri, 26 May 2017 18:47:07 GMT]
Last-Modified: [Fri, 05 May 2017 00:04:35 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.godaddy.com/ (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.godaddy.com/ (POST)
Size: 1697 bytes (DER data)
Response time: 45.349733ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Go Daddy Root Validation Authority - G1
Signing certificate validity: 2016-12-13 - 2021-12-13
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 30h27m5s

Server and network information

Server Software: Apache

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBTkIInKBAzXkF0Qh0pel3lfHJ9GPAQU0sSw
0pHUTBFxs2HLPaH+3ahq1OMCAxvnFQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGnQoBAKCCBpYwggaSBgkrBgEFBQcwAQEEggaDMIIGfzCCAQGhgYUwgYIxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxl
MRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEwMC4GA1UEAxMnR28gRGFkZHkg
Um9vdCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcxGA8yMDE3MDUyMzA5NDY0MFow
ZjBkMDwwCQYFKw4DAhoFAAQU5CCJygQM15BdEIdKXpd5XxyfRjwEFNLEsNKR1EwR
cbNhyz2h/t2oatTjAgMb5xWAABgPMjAxNzA1MjMwOTQ2NDBaoBEYDzIwMTcwNTI0
MjE0NjQwWjANBgkqhkiG9w0BAQUFAAOCAQEAHZpj8l51Jwb5c0D2NndbEo56T4Ug
GLjSKkLN/z8QikjL2bfNL+IXCWWBh2frC9bBe1fX2weY3zMRTYxo5rjjGbNlZHUO
E8rWuxOGEhi+0COEG7PbwC6hs8En47tW3+lMYY+LtWm+wPkN7Vn+xK8kTpUEAOyS
EkNzFRt18FvXE7gfPPjiYD6knzTcZuK6pGHK63LI54w0LLN3c1wPIMDKofqvZl5O
5rOvfj8+8DkByexud/qOV4GQIKkscO/n7QNYAegrjykd28GKUcwQj0qmT5TUsDpi
yr6WM/+/eOO5i+1y9+z/0WCXcQ7i9ESXK3Sur6LzfyBD3L0sOWn+eJi3daCCBGIw
ggReMIIEWjCCA0KgAwIBAgIIMWfLr8L9cr4wDQYJKoZIhvcNAQEFBQAwYzELMAkG
A1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8G
A1UECxMoR28gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
Fw0xNjEyMTMwNzAwMDBaFw0yMTEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQ
MA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMR
R29EYWRkeS5jb20sIEluYy4xMDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRh
dGlvbiBBdXRob3JpdHkgLSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMSt+zDfQd/+EDESIH4xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYi
IjKbaGYLbQFtOf+ohaiLl6ewX04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7
Rgwh50vOMCDuKHCCpx3MrYU5g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XC
LFIfCdjjWkoDLu4B0/9yehNaC+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVX
Be7Q3o4/7hzYWPoABigrHpB6q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53
VS4PDszfiRHfIEZo2TZGBgIVfX8CAwEAAaOB8TCB7jAMBgNVHRMBAf8EAjAAMA4G
A1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZK
IX7Z8rV9oQGsrF5d/hWC978wDwYJKwYBBQUHMAEFBAIFADA9BgNVHR8ENjA0MDKg
MKAuhixodHRwOi8vY3JsLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LmNy
bDBKBgNVHSAEQzBBMD8GC2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6
Ly9jcmwuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEFBQADggEB
AMjCZqOPhWdi/2RJ2LJGvTcyyyQKmoKt5qu9Py+qjep/EjUFOS1G4j3Jh8RjCNjQ
8mOPlVdnD1Xihr3WAJhqMI+a4epBwotbTwpBPiKmxu2tOGzFWkKY2lHdcknQoznl
dnfc9g8nYykMfTA7G0dmfu5fTifjoqqAXBDWedj4fRWnlBiT4/wKt9NmIaDtVu6W
xjyahAfnkjnbLUzNkPTpHG/BKY4o/x27q6RoislZXORj+VPqNFrJh+dTA8jqtRyW
zlnvnGZikVOwaT1Qe+gGeUMELGq1HEfaWAah5EUFAdmOsX1j79ABntWcLkQzkXOV
KJys0Rn4fwTkXE31+b3XDOE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEWjCCA0KgAwIBAgIIMWfLr8L9cr4wDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UE
BhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UE
CxMoR28gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x
NjEyMTMwNzAwMDBaFw0yMTEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4G
A1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29E
YWRkeS5jb20sIEluYy4xMDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlv
biBBdXRob3JpdHkgLSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMMSt+zDfQd/+EDESIH4xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKb
aGYLbQFtOf+ohaiLl6ewX04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh
50vOMCDuKHCCpx3MrYU5g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIf
CdjjWkoDLu4B0/9yehNaC+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q
3o4/7hzYWPoABigrHpB6q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4P
DszfiRHfIEZo2TZGBgIVfX8CAwEAAaOB8TCB7jAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z
8rV9oQGsrF5d/hWC978wDwYJKwYBBQUHMAEFBAIFADA9BgNVHR8ENjA0MDKgMKAu
hixodHRwOi8vY3JsLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LmNybDBK
BgNVHSAEQzBBMD8GC2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9j
cmwuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEFBQADggEBAMjC
ZqOPhWdi/2RJ2LJGvTcyyyQKmoKt5qu9Py+qjep/EjUFOS1G4j3Jh8RjCNjQ8mOP
lVdnD1Xihr3WAJhqMI+a4epBwotbTwpBPiKmxu2tOGzFWkKY2lHdcknQoznldnfc
9g8nYykMfTA7G0dmfu5fTifjoqqAXBDWedj4fRWnlBiT4/wKt9NmIaDtVu6Wxjya
hAfnkjnbLUzNkPTpHG/BKY4o/x27q6RoislZXORj+VPqNFrJh+dTA8jqtRyWzlnv
nGZikVOwaT1Qe+gGeUMELGq1HEfaWAah5EUFAdmOsX1j79ABntWcLkQzkXOVKJys
0Rn4fwTkXE31+b3XDOE=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=109625, public, no-transform, must-revalidate]
Content-Length: [1697]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 23 May 2017 13:43:25 GMT]
Etag: ["e043ff6e15ee3446dfe37f9795ec42a6e7b42f82"]
Expires: [Wed, 24 May 2017 21:46:40 GMT]
Last-Modified: [Tue, 23 May 2017 09:46:40 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.godaddy.com/ (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.godaddy.com/ (GET)
Size: 1697 bytes (DER data)
Response time: 46.609697ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: Go Daddy Root Validation Authority - G1
Signing certificate validity: 2016-12-13 - 2021-12-13
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 30h26m7s

Server and network information

Server Software: Apache

URL used for GET request

http://ocsp.godaddy.com/MEQwQjBAMD4wPDAJBgUrDgMCGgUABBTkIInKBAzXkF0Qh0pel3lfHJ9GPAQU0sSw0pHUTBFxs2HLPaH%2B3ahq1OMCAxvnFQ%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEQwQjBAMD4wPDAJBgUrDgMCGgUABBTkIInKBAzXkF0Qh0pel3lfHJ9GPAQU0sSw
0pHUTBFxs2HLPaH+3ahq1OMCAxvnFQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGnQoBAKCCBpYwggaSBgkrBgEFBQcwAQEEggaDMIIGfzCCAQGhgYUwgYIxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxl
MRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEwMC4GA1UEAxMnR28gRGFkZHkg
Um9vdCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcxGA8yMDE3MDUyMzA5NDY0MFow
ZjBkMDwwCQYFKw4DAhoFAAQU5CCJygQM15BdEIdKXpd5XxyfRjwEFNLEsNKR1EwR
cbNhyz2h/t2oatTjAgMb5xWAABgPMjAxNzA1MjMwOTQ2NDBaoBEYDzIwMTcwNTI0
MjE0NjQwWjANBgkqhkiG9w0BAQUFAAOCAQEAHZpj8l51Jwb5c0D2NndbEo56T4Ug
GLjSKkLN/z8QikjL2bfNL+IXCWWBh2frC9bBe1fX2weY3zMRTYxo5rjjGbNlZHUO
E8rWuxOGEhi+0COEG7PbwC6hs8En47tW3+lMYY+LtWm+wPkN7Vn+xK8kTpUEAOyS
EkNzFRt18FvXE7gfPPjiYD6knzTcZuK6pGHK63LI54w0LLN3c1wPIMDKofqvZl5O
5rOvfj8+8DkByexud/qOV4GQIKkscO/n7QNYAegrjykd28GKUcwQj0qmT5TUsDpi
yr6WM/+/eOO5i+1y9+z/0WCXcQ7i9ESXK3Sur6LzfyBD3L0sOWn+eJi3daCCBGIw
ggReMIIEWjCCA0KgAwIBAgIIMWfLr8L9cr4wDQYJKoZIhvcNAQEFBQAwYzELMAkG
A1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8G
A1UECxMoR28gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
Fw0xNjEyMTMwNzAwMDBaFw0yMTEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQ
MA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMR
R29EYWRkeS5jb20sIEluYy4xMDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRh
dGlvbiBBdXRob3JpdHkgLSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMSt+zDfQd/+EDESIH4xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYi
IjKbaGYLbQFtOf+ohaiLl6ewX04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7
Rgwh50vOMCDuKHCCpx3MrYU5g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XC
LFIfCdjjWkoDLu4B0/9yehNaC+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVX
Be7Q3o4/7hzYWPoABigrHpB6q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53
VS4PDszfiRHfIEZo2TZGBgIVfX8CAwEAAaOB8TCB7jAMBgNVHRMBAf8EAjAAMA4G
A1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZK
IX7Z8rV9oQGsrF5d/hWC978wDwYJKwYBBQUHMAEFBAIFADA9BgNVHR8ENjA0MDKg
MKAuhixodHRwOi8vY3JsLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LmNy
bDBKBgNVHSAEQzBBMD8GC2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6
Ly9jcmwuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEFBQADggEB
AMjCZqOPhWdi/2RJ2LJGvTcyyyQKmoKt5qu9Py+qjep/EjUFOS1G4j3Jh8RjCNjQ
8mOPlVdnD1Xihr3WAJhqMI+a4epBwotbTwpBPiKmxu2tOGzFWkKY2lHdcknQoznl
dnfc9g8nYykMfTA7G0dmfu5fTifjoqqAXBDWedj4fRWnlBiT4/wKt9NmIaDtVu6W
xjyahAfnkjnbLUzNkPTpHG/BKY4o/x27q6RoislZXORj+VPqNFrJh+dTA8jqtRyW
zlnvnGZikVOwaT1Qe+gGeUMELGq1HEfaWAah5EUFAdmOsX1j79ABntWcLkQzkXOV
KJys0Rn4fwTkXE31+b3XDOE=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEWjCCA0KgAwIBAgIIMWfLr8L9cr4wDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UE
BhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UE
CxMoR28gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x
NjEyMTMwNzAwMDBaFw0yMTEyMTMwNzAwMDBaMIGCMQswCQYDVQQGEwJVUzEQMA4G
A1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29E
YWRkeS5jb20sIEluYy4xMDAuBgNVBAMTJ0dvIERhZGR5IFJvb3QgVmFsaWRhdGlv
biBBdXRob3JpdHkgLSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMMSt+zDfQd/+EDESIH4xIOLzJkCgOFqyWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKb
aGYLbQFtOf+ohaiLl6ewX04FImdW6c975Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh
50vOMCDuKHCCpx3MrYU5g0kP3J+Psv9jE2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIf
CdjjWkoDLu4B0/9yehNaC+ZwrOy9cnUENhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q
3o4/7hzYWPoABigrHpB6q1u1ILpB+Ze2K3rdWz4t93k+yqCybnZVFKuJZy53VS4P
DszfiRHfIEZo2TZGBgIVfX8CAwEAAaOB8TCB7jAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcDCTAdBgNVHQ4EFgQUxYZKIX7Z
8rV9oQGsrF5d/hWC978wDwYJKwYBBQUHMAEFBAIFADA9BgNVHR8ENjA0MDKgMKAu
hixodHRwOi8vY3JsLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2Ryb290LmNybDBK
BgNVHSAEQzBBMD8GC2CGSAGG/W0BBxcBMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly9j
cmwuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEFBQADggEBAMjC
ZqOPhWdi/2RJ2LJGvTcyyyQKmoKt5qu9Py+qjep/EjUFOS1G4j3Jh8RjCNjQ8mOP
lVdnD1Xihr3WAJhqMI+a4epBwotbTwpBPiKmxu2tOGzFWkKY2lHdcknQoznldnfc
9g8nYykMfTA7G0dmfu5fTifjoqqAXBDWedj4fRWnlBiT4/wKt9NmIaDtVu6Wxjya
hAfnkjnbLUzNkPTpHG/BKY4o/x27q6RoislZXORj+VPqNFrJh+dTA8jqtRyWzlnv
nGZikVOwaT1Qe+gGeUMELGq1HEfaWAah5EUFAdmOsX1j79ABntWcLkQzkXOVKJys
0Rn4fwTkXE31+b3XDOE=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=109567, public, no-transform, must-revalidate]
Content-Length: [1697]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 23 May 2017 13:44:26 GMT]
Etag: ["e043ff6e15ee3446dfe37f9795ec42a6e7b42f82"]
Expires: [Wed, 24 May 2017 21:46:40 GMT]
Last-Modified: [Tue, 23 May 2017 09:46:40 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

[The Go Daddy Group, Inc.] (CA Certificate)

Certificate details for certificate with serial number 0 (At position 3 in certificate chain)
Serial number:
hex: 0
int: 0
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: The Go Daddy Group, Inc.
Organization unit: Go Daddy Class 2 Certification Authority
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.