CRL & OCSP report for 0-online.sagepub.com.oasis.unisa.ac.za - oasis.unisa.ac.za (University of South Africa)

oasis.unisa.ac.za

Certificate details for oasis.unisa.ac.za (At position 0 in certificate chain)
Serial number:
hex: 52473d92caa0a068ea971a6d0e1598d5
int: 109366597588326781803279689763542898901
Issued by: Symantec Class 3 Secure Server CA - G4
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: University of South Africa
Organization unit: University Library
State / Province: Gauteng
Locality: Pretoria
Country: ZA
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-online.sagepub.com.oasis.unisa.ac.za.

Certificate Revocation List (CRL)

This CRL was cached at
http://ss.symcb.com/ss.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://ss.symcb.com/ss.crl
Size: 1311150 bytes (DER data)
Response time: 1.87007508s
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 37451

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Sun, 25 Jun 2017 19:14:17 GMT]
Etag: ["68de6bc6c688649b20914cfc3aa90e7c:1498381588"]
Last-Modified: [Sun, 25 Jun 2017 09:06:28 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_REFRESH_HIT from a23-219-93-63.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ss.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ss.symcd.com (POST)
Size: 1608 bytes (DER data)
Response time: 82.346337ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Symantec Class 3 Secure Server CA - G4 OCSP Responder
Issued by: Symantec Class 3 Secure Server CA - G4
Signing certificate validity: 2017-04-26 - 2017-07-25
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 167h24m58s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV+c/AZAQUX2DP
YZBV34RDFIpgKrL1evRDGO8CEFJHPZLKoKBo6pcabQ4VmNU=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGRAoBAKCCBj0wggY5BgkrBgEFBQcwAQEEggYqMIIGJjCBnqIWBBSxoGISCQss
gzE1+S+LOo6EneRx/hgPMjAxNzA2MjQyMTEzMDBaMHMwcTBJMAkGBSsOAwIaBQAE
FNGxZIuMnw3Ra6OKzStQF9X5z8BkBBRfYM9hkFXfhEMUimAqsvV69EMY7wIQUkc9
ksqgoGjqlxptDhWY1YAAGA8yMDE3MDYyNDIxMTMwMFqgERgPMjAxNzA3MDEyMTEz
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQAygCTwHMQf5eXcHzF64kyaXRX6oHzgkcec
ZneSp7LysTnsRDH1lBpZ6Tx63PjjhbAFhfAfaiX6f3PYDd8OrzKdYwwu7lCNGUJA
dBRofiHFn2WEFiff7m09CFEYHfsm9YZYXTpj+N7jEKZb7wPB4laJoXB2PFSEWDep
+A8L3mrnMa+owAQbe7OBfBw+nbfirvrLVQsVnA6VjRCMh457ko052m+wao1RiEka
GSHDbPyab1jKNqmd/cUsCRUxmXgEErDjDInx2AN8lgtzjszGfFOtMQEkroYRRo7A
hK0ZRXqdCEuXntoMLtXtc+mufnd80MgNhwrVJe3p4+vuMBfkgUFhoIIEbTCCBGkw
ggRlMIIDTaADAgECAhAmhiyVanut/6BR70pW8Qs7MA0GCSqGSIb3DQEBCwUAMH4x
CzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0G
A1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEvMC0GA1UEAxMmU3ltYW50ZWMg
Q2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzQwHhcNMTcwNDI2MDAwMDAwWhcN
MTcwNzI1MjM1OTU5WjBAMT4wPAYDVQQDEzVTeW1hbnRlYyBDbGFzcyAzIFNlY3Vy
ZSBTZXJ2ZXIgQ0EgLSBHNCBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBALsgS3+9Sj2PqxDjyyl9sxg6LCoqj8sjDivVH1t6pUhT
CTEiMfUL0x2tnI0P52pQFh8S5drDaNV9RXT5LKCmoLGF5szUqDXsj9poHI3Xcs6G
3p8xLMUuzQmXk8q3y5Ju3ieudq0uPhAvzjrAhHME0ktDniROTWw5juPsCWin+IWj
lJO+kXebP7whP2vbaVW0QR7cBc4+Q41NYbH4HTJqMolJ0G0wJDrxKeeUssIa2DEy
gN+5fp76HTyngsViDm6OgdiDFF/VDOp5gupn78MH/wYf6T5BeI+NDHZoSKTvBMyx
a8mGu2De3oKxEFHdYhefdSXIoE6eqnnX+QcFjxnxjX0CAwEAAaOCARswggEXMA8G
CSsGAQUFBzABBQQCBQAwIQYDVR0RBBowGKQWMBQxEjAQBgNVBAMTCVRHVi1FLTk3
NzAfBgNVHSMEGDAWgBRfYM9hkFXfhEMUimAqsvV69EMY7zAdBgNVHQ4EFgQUsaBi
EgkLLIMxNfkvizqOhJ3kcf4wDAYDVR0TAQH/BAIwADBuBgNVHSAEZzBlMGMGC2CG
SAGG+EUBBxcDMFQwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20v
Y3BzMCoGCCsGAQUFBwICMB4aHCAgaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9ycGEw
EwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB
CwUAA4IBAQB4D4DK9XVeo2T0xUXWkg0e/mwJq/BKBuqupOQeETt71ERuCQSdxvrd
nEKO7de9XjNOewhApFFTyuwrI3EOHylIvwyXwEg0m7mRhAqwrgq4qAge6nX0xedt
C+lDhjWUcRweUCXUhBqeYo1g/0wlws1AXHI+ipSJNqsGe5d1LyK+o2hDE+27pp5e
baFXm+Ubrk9EDnH82Okm3JTsIsXNvNcV45CMT55iSZm7cTLJALSHexh3GpD6Kl60
XwdzbMy8V8HAi4H/BVYLgbY2FdFf3t6o2ZcqYz96RSSlqg6+H9nBwEFi9v+PjtP+
8Oc2lnsrUjk6ygeOAxE+lWWNOG80d/hG
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEZTCCA02gAwIBAgIQJoYslWp7rf+gUe9KVvELOzANBgkqhkiG9w0BAQsFADB+
MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj
IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE3MDQyNjAwMDAwMFoX
DTE3MDcyNTIzNTk1OVowQDE+MDwGA1UEAxM1U3ltYW50ZWMgQ2xhc3MgMyBTZWN1
cmUgU2VydmVyIENBIC0gRzQgT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC7IEt/vUo9j6sQ48spfbMYOiwqKo/LIw4r1R9beqVI
UwkxIjH1C9MdrZyND+dqUBYfEuXaw2jVfUV0+SygpqCxhebM1Kg17I/aaByN13LO
ht6fMSzFLs0Jl5PKt8uSbt4nrnatLj4QL846wIRzBNJLQ54kTk1sOY7j7Alop/iF
o5STvpF3mz+8IT9r22lVtEEe3AXOPkONTWGx+B0yajKJSdBtMCQ68SnnlLLCGtgx
MoDfuX6e+h08p4LFYg5ujoHYgxRf1QzqeYLqZ+/DB/8GH+k+QXiPjQx2aEik7wTM
sWvJhrtg3t6CsRBR3WIXn3UlyKBOnqp51/kHBY8Z8Y19AgMBAAGjggEbMIIBFzAP
BgkrBgEFBQcwAQUEAgUAMCEGA1UdEQQaMBikFjAUMRIwEAYDVQQDEwlUR1YtRS05
NzcwHwYDVR0jBBgwFoAUX2DPYZBV34RDFIpgKrL1evRDGO8wHQYDVR0OBBYEFLGg
YhIJCyyDMTX5L4s6joSd5HH+MAwGA1UdEwEB/wQCMAAwbgYDVR0gBGcwZTBjBgtg
hkgBhvhFAQcXAzBUMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29t
L2NwczAqBggrBgEFBQcCAjAeGhwgIGh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBh
MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0B
AQsFAAOCAQEAeA+AyvV1XqNk9MVF1pINHv5sCavwSgbqrqTkHhE7e9REbgkEncb6
3ZxCju3XvV4zTnsIQKRRU8rsKyNxDh8pSL8Ml8BINJu5kYQKsK4KuKgIHup19MXn
bQvpQ4Y1lHEcHlAl1IQanmKNYP9MJcLNQFxyPoqUiTarBnuXdS8ivqNoQxPtu6ae
Xm2hV5vlG65PRA5x/NjpJtyU7CLFzbzXFeOQjE+eYkmZu3EyyQC0h3sYdxqQ+ipe
tF8Hc2zMvFfBwIuB/wVWC4G2NhXRX97eqNmXKmM/ekUkpaoOvh/ZwcBBYvb/j47T
/vDnNpZ7K1I5OsoHjgMRPpVljThvNHf4Rg==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=602698, public, no-transform, must-revalidate]
Content-Length: [1608]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sat, 24 Jun 2017 21:48:02 GMT]
Expires: [Sat, 1 Jul 2017 21:13:00 GMT]
Last-Modified: [Sat, 24 Jun 2017 21:13:00 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ss.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ss.symcd.com (GET)
Size: 1608 bytes (DER data)
Response time: 174.961717ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Symantec Class 3 Secure Server CA - G4 OCSP Responder
Issued by: Symantec Class 3 Secure Server CA - G4
Signing certificate validity: 2017-04-26 - 2017-07-25
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 167h24m58s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)

URL used for GET request

http://ss.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV%2Bc%2FAZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEFJHPZLKoKBo6pcabQ4VmNU%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV+c/AZAQUX2DP
YZBV34RDFIpgKrL1evRDGO8CEFJHPZLKoKBo6pcabQ4VmNU=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGRAoBAKCCBj0wggY5BgkrBgEFBQcwAQEEggYqMIIGJjCBnqIWBBSxoGISCQss
gzE1+S+LOo6EneRx/hgPMjAxNzA2MjQyMTEzMDBaMHMwcTBJMAkGBSsOAwIaBQAE
FNGxZIuMnw3Ra6OKzStQF9X5z8BkBBRfYM9hkFXfhEMUimAqsvV69EMY7wIQUkc9
ksqgoGjqlxptDhWY1YAAGA8yMDE3MDYyNDIxMTMwMFqgERgPMjAxNzA3MDEyMTEz
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQAygCTwHMQf5eXcHzF64kyaXRX6oHzgkcec
ZneSp7LysTnsRDH1lBpZ6Tx63PjjhbAFhfAfaiX6f3PYDd8OrzKdYwwu7lCNGUJA
dBRofiHFn2WEFiff7m09CFEYHfsm9YZYXTpj+N7jEKZb7wPB4laJoXB2PFSEWDep
+A8L3mrnMa+owAQbe7OBfBw+nbfirvrLVQsVnA6VjRCMh457ko052m+wao1RiEka
GSHDbPyab1jKNqmd/cUsCRUxmXgEErDjDInx2AN8lgtzjszGfFOtMQEkroYRRo7A
hK0ZRXqdCEuXntoMLtXtc+mufnd80MgNhwrVJe3p4+vuMBfkgUFhoIIEbTCCBGkw
ggRlMIIDTaADAgECAhAmhiyVanut/6BR70pW8Qs7MA0GCSqGSIb3DQEBCwUAMH4x
CzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0G
A1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEvMC0GA1UEAxMmU3ltYW50ZWMg
Q2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzQwHhcNMTcwNDI2MDAwMDAwWhcN
MTcwNzI1MjM1OTU5WjBAMT4wPAYDVQQDEzVTeW1hbnRlYyBDbGFzcyAzIFNlY3Vy
ZSBTZXJ2ZXIgQ0EgLSBHNCBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBALsgS3+9Sj2PqxDjyyl9sxg6LCoqj8sjDivVH1t6pUhT
CTEiMfUL0x2tnI0P52pQFh8S5drDaNV9RXT5LKCmoLGF5szUqDXsj9poHI3Xcs6G
3p8xLMUuzQmXk8q3y5Ju3ieudq0uPhAvzjrAhHME0ktDniROTWw5juPsCWin+IWj
lJO+kXebP7whP2vbaVW0QR7cBc4+Q41NYbH4HTJqMolJ0G0wJDrxKeeUssIa2DEy
gN+5fp76HTyngsViDm6OgdiDFF/VDOp5gupn78MH/wYf6T5BeI+NDHZoSKTvBMyx
a8mGu2De3oKxEFHdYhefdSXIoE6eqnnX+QcFjxnxjX0CAwEAAaOCARswggEXMA8G
CSsGAQUFBzABBQQCBQAwIQYDVR0RBBowGKQWMBQxEjAQBgNVBAMTCVRHVi1FLTk3
NzAfBgNVHSMEGDAWgBRfYM9hkFXfhEMUimAqsvV69EMY7zAdBgNVHQ4EFgQUsaBi
EgkLLIMxNfkvizqOhJ3kcf4wDAYDVR0TAQH/BAIwADBuBgNVHSAEZzBlMGMGC2CG
SAGG+EUBBxcDMFQwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20v
Y3BzMCoGCCsGAQUFBwICMB4aHCAgaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9ycGEw
EwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB
CwUAA4IBAQB4D4DK9XVeo2T0xUXWkg0e/mwJq/BKBuqupOQeETt71ERuCQSdxvrd
nEKO7de9XjNOewhApFFTyuwrI3EOHylIvwyXwEg0m7mRhAqwrgq4qAge6nX0xedt
C+lDhjWUcRweUCXUhBqeYo1g/0wlws1AXHI+ipSJNqsGe5d1LyK+o2hDE+27pp5e
baFXm+Ubrk9EDnH82Okm3JTsIsXNvNcV45CMT55iSZm7cTLJALSHexh3GpD6Kl60
XwdzbMy8V8HAi4H/BVYLgbY2FdFf3t6o2ZcqYz96RSSlqg6+H9nBwEFi9v+PjtP+
8Oc2lnsrUjk6ygeOAxE+lWWNOG80d/hG
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEZTCCA02gAwIBAgIQJoYslWp7rf+gUe9KVvELOzANBgkqhkiG9w0BAQsFADB+
MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj
IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE3MDQyNjAwMDAwMFoX
DTE3MDcyNTIzNTk1OVowQDE+MDwGA1UEAxM1U3ltYW50ZWMgQ2xhc3MgMyBTZWN1
cmUgU2VydmVyIENBIC0gRzQgT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC7IEt/vUo9j6sQ48spfbMYOiwqKo/LIw4r1R9beqVI
UwkxIjH1C9MdrZyND+dqUBYfEuXaw2jVfUV0+SygpqCxhebM1Kg17I/aaByN13LO
ht6fMSzFLs0Jl5PKt8uSbt4nrnatLj4QL846wIRzBNJLQ54kTk1sOY7j7Alop/iF
o5STvpF3mz+8IT9r22lVtEEe3AXOPkONTWGx+B0yajKJSdBtMCQ68SnnlLLCGtgx
MoDfuX6e+h08p4LFYg5ujoHYgxRf1QzqeYLqZ+/DB/8GH+k+QXiPjQx2aEik7wTM
sWvJhrtg3t6CsRBR3WIXn3UlyKBOnqp51/kHBY8Z8Y19AgMBAAGjggEbMIIBFzAP
BgkrBgEFBQcwAQUEAgUAMCEGA1UdEQQaMBikFjAUMRIwEAYDVQQDEwlUR1YtRS05
NzcwHwYDVR0jBBgwFoAUX2DPYZBV34RDFIpgKrL1evRDGO8wHQYDVR0OBBYEFLGg
YhIJCyyDMTX5L4s6joSd5HH+MAwGA1UdEwEB/wQCMAAwbgYDVR0gBGcwZTBjBgtg
hkgBhvhFAQcXAzBUMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29t
L2NwczAqBggrBgEFBQcCAjAeGhwgIGh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBh
MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0B
AQsFAAOCAQEAeA+AyvV1XqNk9MVF1pINHv5sCavwSgbqrqTkHhE7e9REbgkEncb6
3ZxCju3XvV4zTnsIQKRRU8rsKyNxDh8pSL8Ml8BINJu5kYQKsK4KuKgIHup19MXn
bQvpQ4Y1lHEcHlAl1IQanmKNYP9MJcLNQFxyPoqUiTarBnuXdS8ivqNoQxPtu6ae
Xm2hV5vlG65PRA5x/NjpJtyU7CLFzbzXFeOQjE+eYkmZu3EyyQC0h3sYdxqQ+ipe
tF8Hc2zMvFfBwIuB/wVWC4G2NhXRX97eqNmXKmM/ekUkpaoOvh/ZwcBBYvb/j47T
/vDnNpZ7K1I5OsoHjgMRPpVljThvNHf4Rg==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=602698, public, no-transform, must-revalidate]
Content-Length: [1608]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sat, 24 Jun 2017 21:48:02 GMT]
Expires: [Sat, 1 Jul 2017 21:13:00 GMT]
Last-Modified: [Sat, 24 Jun 2017 21:13:00 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Symantec Class 3 Secure Server CA - G4 (CA Certificate)

Certificate details for Symantec Class 3 Secure Server CA - G4 (At position 1 in certificate chain)
Serial number:
hex: 513fb9743870b73440418d30930699ff
int: 107998343814376832458216740669838760447
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Symantec Corporation
Organization unit: Symantec Trust Network
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://s1.symcb.com/pca3-g5.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://s1.symcb.com/pca3-g5.crl
Size: 571 bytes (DER data)
Response time: 1.153855958s
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-215-131-61.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Sun, 25 Jun 2017 19:16:13 GMT]
Etag: ["780c45f8cd93c167efbbaecd13f130d4:1498266187"]
Last-Modified: [Sat, 24 Jun 2017 00:54:07 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-215-131-61.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://s2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://s2.symcb.com (POST)
Size: 1763 bytes (DER data)
Response time: 947.879365ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Symantec Class 3 PCA - G5 OCSP Responder Certificate 5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 114h33m46s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD+Oyl+0LhPg9JxyQm4gQUf9Nl
p8Ld7LvwMAnzQzn6Aq8zMTMCEFE/uXQ4cLc0QEGNMJMGmf8=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIG3woBAKCCBtgwggbUBgkrBgEFBQcwAQEEggbFMIIGwTCBnqIWBBSQV0mkqBQX
kkwRYz2FfxNyvss3WhgPMjAxNzA2MjMxMzQzMDZaMHMwcTBJMAkGBSsOAwIaBQAE
FLnpsocChQP47KX7QuE+D0nHJCbiBBR/02Wnwt3su/AwCfNDOfoCrzMxMwIQUT+5
dDhwtzRAQY0wkwaZ/4AAGA8yMDE3MDYyMzEzNDMwNlqgERgPMjAxNzA2MzAxMzQz
MDZaMA0GCSqGSIb3DQEBBQUAA4IBAQBFBmQ34h4Z6FIeMp7Q8iiHIkbrrmQ8Tv7a
f+7QFR2Qlr+VT4zhJf/uqljG4HionuvwNrpDtt0EnGfvXamcmSySr/2VonMcuK6s
imEuhRnhyP8RNFoemKW3yHeTMxI0K7lvRl0p13XtRmQ+UY2pUxkyn1eVomXAiGsF
AUITrobSJ+O4wMtubBEUx8hvcJ7xqewSbmgY+/B8EPe67UJK8ajviKTyjBuC12MK
XoaBw+pTAkeCdNVMqt/Dvv+LejpX520rJnhNDINm6fsP9VvGfa2L1SIEHkn0lMNw
EK/bIuRoQ4jWrdI9Mv5+92YvB/9//jUTbgrSyumox3xgLflm3AtsoIIFCDCCBQQw
ggUAMIID6KADAgECAhBegKApA8bSjw2IPI2R/lTmMA0GCSqGSIb3DQEBBQUAMIHK
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsT
FlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA2IFZlcmlT
aWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZl
cmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdHkgLSBHNTAeFw0xNjExMjIwMDAwMDBaFw0xNzEyMTQyMzU5NTlaMIGOMQsw
CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxPzA9BgNVBAMTNlN5bWFudGVjIENs
YXNzIDMgUENBIC0gRzUgT0NTUCBSZXNwb25kZXIgQ2VydGlmaWNhdGUgNTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKus48ejAx2d5OuOkBmO8gS4pszt
8W2iz3wKtJEX477WzDFyVVpOrWIQ1x0LhJWsdMUgZJP4Fu4InU+VFa5OWfdsUp0S
ayC8Ual6x2cENCgsuwaoUnCLNw2xBDBDAmqMKVoW5hb1/pq3lSt+4gYzv8iweNti
Gi0H2pqGwitTXjA8Nu2mGSH4KAPIMn0S0htUvmZYfZ0FhDbNjswoxumZMf696yPn
H0jCh3xguXl5FzxCrXqbcSQAhP0dgu11ES3U0Ev6IQ0LwsjfgnmJwTiz2y0tuvzW
zD/XLNNbvluii9g12GXvNL7JquIKRAqIdKQ7EZsX+SkKSvIR9gBcZlaa8kcCAwEA
AaOCARowggEWMAwGA1UdEwEB/wQCMAAwbAYDVR0gBGUwYzBhBgtghkgBhvhFAQcX
AzBSMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29tL2NwczAoBggr
BgEFBQcCAjAcGhpodHRwOi8vd3d3LnN5bWF1dGguY29tL3JwYTATBgNVHSUEDDAK
BggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDwYJKwYBBQUHMAEFBAIFADAiBgNV
HREEGzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MDAdBgNVHQ4EFgQUkFdJpKgU
F5JMEWM9hX8Tcr7LN1owHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMw
DQYJKoZIhvcNAQEFBQADggEBADx3TgsGZ9TU1FPRb8Ew9gv8YbDGqCoQxyspWLhU
tmnlJB20v08UjaCOOqm5R46EUt5q20++48jOhmO7M/SZKKPUoft5zE5LJjzgqlV4
QY8pAztecC5EEo0nfinPziS79FZacG/5is4Ogn25LwXaluQ11ZIe8NwTgySeLWKu
UV/cW2STVkrjczfg/i315quNHatQ49FUabhuCdEsmpDAX6MXWQgGr9TpX013D4Iv
TvC4Ybky6xFHj9eINHEkLzyrxrvmNhAgtn+m7fQ14H42X+NWDOBZ7a0UN2Bl46wP
KgTweDBW4KopH+VIYRwt8XjKjMiKkTMHxIU//xr1OCcvg+c=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIQXoCgKQPG0o8NiDyNkf5U5jANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMTYxMTIyMDAwMDAwWhcNMTcxMjE0MjM1OTU5WjCBjjEL
MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMT8wPQYDVQQDEzZTeW1hbnRlYyBD
bGFzcyAzIFBDQSAtIEc1IE9DU1AgUmVzcG9uZGVyIENlcnRpZmljYXRlIDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrrOPHowMdneTrjpAZjvIEuKbM
7fFtos98CrSRF+O+1swxclVaTq1iENcdC4SVrHTFIGST+BbuCJ1PlRWuTln3bFKd
EmsgvFGpesdnBDQoLLsGqFJwizcNsQQwQwJqjClaFuYW9f6at5UrfuIGM7/IsHjb
YhotB9qahsIrU14wPDbtphkh+CgDyDJ9EtIbVL5mWH2dBYQ2zY7MKMbpmTH+vesj
5x9Iwod8YLl5eRc8Qq16m3EkAIT9HYLtdREt1NBL+iENC8LI34J5icE4s9stLbr8
1sw/1yzTW75boovYNdhl7zS+yariCkQKiHSkOxGbF/kpCkryEfYAXGZWmvJHAgMB
AAGjggEaMIIBFjAMBgNVHRMBAf8EAjAAMGwGA1UdIARlMGMwYQYLYIZIAYb4RQEH
FwMwUjAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYI
KwYBBQUHAgIwHBoaaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9ycGEwEwYDVR0lBAww
CgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA8GCSsGAQUFBzABBQQCBQAwIgYD
VR0RBBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTAwHQYDVR0OBBYEFJBXSaSo
FBeSTBFjPYV/E3K+yzdaMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEz
MA0GCSqGSIb3DQEBBQUAA4IBAQA8d04LBmfU1NRT0W/BMPYL/GGwxqgqEMcrKVi4
VLZp5SQdtL9PFI2gjjqpuUeOhFLeattPvuPIzoZjuzP0mSij1KH7ecxOSyY84KpV
eEGPKQM7XnAuRBKNJ34pz84ku/RWWnBv+YrODoJ9uS8F2pbkNdWSHvDcE4Mkni1i
rlFf3Ftkk1ZK43M34P4t9earjR2rUOPRVGm4bgnRLJqQwF+jF1kIBq/U6V9Ndw+C
L07wuGG5MusRR4/XiDRxJC88q8a75jYQILZ/pu30NeB+Nl/jVgzgWe2tFDdgZeOs
DyoE8HgwVuCqKR/lSGEcLfF4yozIipEzB8SFP/8a9TgnL4Pn
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=412426, public, no-transform, must-revalidate]
Content-Length: [1763]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 19:12:28 GMT]
Expires: [Fri, 30 Jun 2017 13:43:06 GMT]
Last-Modified: [Fri, 23 Jun 2017 13:43:06 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m8s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://s2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://s2.symcb.com (GET)
Size: 1763 bytes (DER data)
Response time: 973.782798ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Symantec Class 3 PCA - G5 OCSP Responder Certificate 5
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 114h33m48s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

URL used for GET request

http://s2.symcb.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD%2BOyl%2B0LhPg9JxyQm4gQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMCEFE%2FuXQ4cLc0QEGNMJMGmf8%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBS56bKHAoUD+Oyl+0LhPg9JxyQm4gQUf9Nl
p8Ld7LvwMAnzQzn6Aq8zMTMCEFE/uXQ4cLc0QEGNMJMGmf8=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIG3woBAKCCBtgwggbUBgkrBgEFBQcwAQEEggbFMIIGwTCBnqIWBBSQV0mkqBQX
kkwRYz2FfxNyvss3WhgPMjAxNzA2MjMxMzQzMDZaMHMwcTBJMAkGBSsOAwIaBQAE
FLnpsocChQP47KX7QuE+D0nHJCbiBBR/02Wnwt3su/AwCfNDOfoCrzMxMwIQUT+5
dDhwtzRAQY0wkwaZ/4AAGA8yMDE3MDYyMzEzNDMwNlqgERgPMjAxNzA2MzAxMzQz
MDZaMA0GCSqGSIb3DQEBBQUAA4IBAQBFBmQ34h4Z6FIeMp7Q8iiHIkbrrmQ8Tv7a
f+7QFR2Qlr+VT4zhJf/uqljG4HionuvwNrpDtt0EnGfvXamcmSySr/2VonMcuK6s
imEuhRnhyP8RNFoemKW3yHeTMxI0K7lvRl0p13XtRmQ+UY2pUxkyn1eVomXAiGsF
AUITrobSJ+O4wMtubBEUx8hvcJ7xqewSbmgY+/B8EPe67UJK8ajviKTyjBuC12MK
XoaBw+pTAkeCdNVMqt/Dvv+LejpX520rJnhNDINm6fsP9VvGfa2L1SIEHkn0lMNw
EK/bIuRoQ4jWrdI9Mv5+92YvB/9//jUTbgrSyumox3xgLflm3AtsoIIFCDCCBQQw
ggUAMIID6KADAgECAhBegKApA8bSjw2IPI2R/lTmMA0GCSqGSIb3DQEBBQUAMIHK
MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsT
FlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA2IFZlcmlT
aWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZl
cmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdHkgLSBHNTAeFw0xNjExMjIwMDAwMDBaFw0xNzEyMTQyMzU5NTlaMIGOMQsw
CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxPzA9BgNVBAMTNlN5bWFudGVjIENs
YXNzIDMgUENBIC0gRzUgT0NTUCBSZXNwb25kZXIgQ2VydGlmaWNhdGUgNTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKus48ejAx2d5OuOkBmO8gS4pszt
8W2iz3wKtJEX477WzDFyVVpOrWIQ1x0LhJWsdMUgZJP4Fu4InU+VFa5OWfdsUp0S
ayC8Ual6x2cENCgsuwaoUnCLNw2xBDBDAmqMKVoW5hb1/pq3lSt+4gYzv8iweNti
Gi0H2pqGwitTXjA8Nu2mGSH4KAPIMn0S0htUvmZYfZ0FhDbNjswoxumZMf696yPn
H0jCh3xguXl5FzxCrXqbcSQAhP0dgu11ES3U0Ev6IQ0LwsjfgnmJwTiz2y0tuvzW
zD/XLNNbvluii9g12GXvNL7JquIKRAqIdKQ7EZsX+SkKSvIR9gBcZlaa8kcCAwEA
AaOCARowggEWMAwGA1UdEwEB/wQCMAAwbAYDVR0gBGUwYzBhBgtghkgBhvhFAQcX
AzBSMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29tL2NwczAoBggr
BgEFBQcCAjAcGhpodHRwOi8vd3d3LnN5bWF1dGguY29tL3JwYTATBgNVHSUEDDAK
BggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDwYJKwYBBQUHMAEFBAIFADAiBgNV
HREEGzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MDAdBgNVHQ4EFgQUkFdJpKgU
F5JMEWM9hX8Tcr7LN1owHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMw
DQYJKoZIhvcNAQEFBQADggEBADx3TgsGZ9TU1FPRb8Ew9gv8YbDGqCoQxyspWLhU
tmnlJB20v08UjaCOOqm5R46EUt5q20++48jOhmO7M/SZKKPUoft5zE5LJjzgqlV4
QY8pAztecC5EEo0nfinPziS79FZacG/5is4Ogn25LwXaluQ11ZIe8NwTgySeLWKu
UV/cW2STVkrjczfg/i315quNHatQ49FUabhuCdEsmpDAX6MXWQgGr9TpX013D4Iv
TvC4Ybky6xFHj9eINHEkLzyrxrvmNhAgtn+m7fQ14H42X+NWDOBZ7a0UN2Bl46wP
KgTweDBW4KopH+VIYRwt8XjKjMiKkTMHxIU//xr1OCcvg+c=
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIQXoCgKQPG0o8NiDyNkf5U5jANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMTYxMTIyMDAwMDAwWhcNMTcxMjE0MjM1OTU5WjCBjjEL
MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMT8wPQYDVQQDEzZTeW1hbnRlYyBD
bGFzcyAzIFBDQSAtIEc1IE9DU1AgUmVzcG9uZGVyIENlcnRpZmljYXRlIDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrrOPHowMdneTrjpAZjvIEuKbM
7fFtos98CrSRF+O+1swxclVaTq1iENcdC4SVrHTFIGST+BbuCJ1PlRWuTln3bFKd
EmsgvFGpesdnBDQoLLsGqFJwizcNsQQwQwJqjClaFuYW9f6at5UrfuIGM7/IsHjb
YhotB9qahsIrU14wPDbtphkh+CgDyDJ9EtIbVL5mWH2dBYQ2zY7MKMbpmTH+vesj
5x9Iwod8YLl5eRc8Qq16m3EkAIT9HYLtdREt1NBL+iENC8LI34J5icE4s9stLbr8
1sw/1yzTW75boovYNdhl7zS+yariCkQKiHSkOxGbF/kpCkryEfYAXGZWmvJHAgMB
AAGjggEaMIIBFjAMBgNVHRMBAf8EAjAAMGwGA1UdIARlMGMwYQYLYIZIAYb4RQEH
FwMwUjAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYI
KwYBBQUHAgIwHBoaaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9ycGEwEwYDVR0lBAww
CgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA8GCSsGAQUFBzABBQQCBQAwIgYD
VR0RBBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTAwHQYDVR0OBBYEFJBXSaSo
FBeSTBFjPYV/E3K+yzdaMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEz
MA0GCSqGSIb3DQEBBQUAA4IBAQA8d04LBmfU1NRT0W/BMPYL/GGwxqgqEMcrKVi4
VLZp5SQdtL9PFI2gjjqpuUeOhFLeattPvuPIzoZjuzP0mSij1KH7ecxOSyY84KpV
eEGPKQM7XnAuRBKNJ34pz84ku/RWWnBv+YrODoJ9uS8F2pbkNdWSHvDcE4Mkni1i
rlFf3Ftkk1ZK43M34P4t9earjR2rUOPRVGm4bgnRLJqQwF+jF1kIBq/U6V9Ndw+C
L07wuGG5MusRR4/XiDRxJC88q8a75jYQILZ/pu30NeB+Nl/jVgzgWe2tFDdgZeOs
DyoE8HgwVuCqKR/lSGEcLfF4yozIipEzB8SFP/8a9TgnL4Pn
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=412428, public, no-transform, must-revalidate]
Content-Length: [1763]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 19:12:28 GMT]
Expires: [Fri, 30 Jun 2017 13:43:06 GMT]
Last-Modified: [Fri, 23 Jun 2017 13:43:06 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-219-93-86.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m10s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

VeriSign Class 3 Public Primary Certification Authority - G5 (CA Certificate)

Certificate details for VeriSign Class 3 Public Primary Certification Authority - G5 (At position 2 in certificate chain)
Serial number:
hex: 18dad19e267de8bb4a2158cdcc6b3b4a
int: 33037644167568058970164719475676101450
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: VeriSign, Inc.
Organization unit: VeriSign Trust Network
Organization unit: (c) 2006 VeriSign, Inc. - For authorized use only
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.