CRL & OCSP report for 0-orbis.bvdinfo.com.org.oasis.unisa.ac.za - oasis.unisa.ac.za (University of South Africa)

oasis.unisa.ac.za

Certificate details for oasis.unisa.ac.za (At position 0 in certificate chain)
Serial number:
hex: 52473d92caa0a068ea971a6d0e1598d5
int: 109366597588326781803279689763542898901
Issued by: Symantec Class 3 Secure Server CA - G4
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: University of South Africa
Organization unit: University Library
State / Province: Gauteng
Locality: Pretoria
Country: ZA
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-orbis.bvdinfo.com.org.oasis.unisa.ac.za.

Certificate Revocation List (CRL)

This CRL was cached at
http://ss.symcb.com/ss.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://ss.symcb.com/ss.crl
Size: 1310835 bytes (DER data)
Response time: 719.373086ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 37442

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Sun, 25 Jun 2017 01:43:46 GMT]
Etag: ["12eadc39fb035ffb6de492db9326bb48:1498338687"]
Last-Modified: [Sat, 24 Jun 2017 21:11:27 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_HIT from a23-219-93-108.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ss.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ss.symcd.com (GET)
Size: 1608 bytes (DER data)
Response time: 174.961717ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Symantec Class 3 Secure Server CA - G4 OCSP Responder
Issued by: Symantec Class 3 Secure Server CA - G4
Signing certificate validity: 2017-04-26 - 2017-07-25
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 167h24m58s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)

URL used for GET request

http://ss.symcd.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV%2Bc%2FAZAQUX2DPYZBV34RDFIpgKrL1evRDGO8CEFJHPZLKoKBo6pcabQ4VmNU%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV+c/AZAQUX2DP
YZBV34RDFIpgKrL1evRDGO8CEFJHPZLKoKBo6pcabQ4VmNU=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGRAoBAKCCBj0wggY5BgkrBgEFBQcwAQEEggYqMIIGJjCBnqIWBBSxoGISCQss
gzE1+S+LOo6EneRx/hgPMjAxNzA2MjQyMTEzMDBaMHMwcTBJMAkGBSsOAwIaBQAE
FNGxZIuMnw3Ra6OKzStQF9X5z8BkBBRfYM9hkFXfhEMUimAqsvV69EMY7wIQUkc9
ksqgoGjqlxptDhWY1YAAGA8yMDE3MDYyNDIxMTMwMFqgERgPMjAxNzA3MDEyMTEz
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQAygCTwHMQf5eXcHzF64kyaXRX6oHzgkcec
ZneSp7LysTnsRDH1lBpZ6Tx63PjjhbAFhfAfaiX6f3PYDd8OrzKdYwwu7lCNGUJA
dBRofiHFn2WEFiff7m09CFEYHfsm9YZYXTpj+N7jEKZb7wPB4laJoXB2PFSEWDep
+A8L3mrnMa+owAQbe7OBfBw+nbfirvrLVQsVnA6VjRCMh457ko052m+wao1RiEka
GSHDbPyab1jKNqmd/cUsCRUxmXgEErDjDInx2AN8lgtzjszGfFOtMQEkroYRRo7A
hK0ZRXqdCEuXntoMLtXtc+mufnd80MgNhwrVJe3p4+vuMBfkgUFhoIIEbTCCBGkw
ggRlMIIDTaADAgECAhAmhiyVanut/6BR70pW8Qs7MA0GCSqGSIb3DQEBCwUAMH4x
CzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0G
A1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEvMC0GA1UEAxMmU3ltYW50ZWMg
Q2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzQwHhcNMTcwNDI2MDAwMDAwWhcN
MTcwNzI1MjM1OTU5WjBAMT4wPAYDVQQDEzVTeW1hbnRlYyBDbGFzcyAzIFNlY3Vy
ZSBTZXJ2ZXIgQ0EgLSBHNCBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBALsgS3+9Sj2PqxDjyyl9sxg6LCoqj8sjDivVH1t6pUhT
CTEiMfUL0x2tnI0P52pQFh8S5drDaNV9RXT5LKCmoLGF5szUqDXsj9poHI3Xcs6G
3p8xLMUuzQmXk8q3y5Ju3ieudq0uPhAvzjrAhHME0ktDniROTWw5juPsCWin+IWj
lJO+kXebP7whP2vbaVW0QR7cBc4+Q41NYbH4HTJqMolJ0G0wJDrxKeeUssIa2DEy
gN+5fp76HTyngsViDm6OgdiDFF/VDOp5gupn78MH/wYf6T5BeI+NDHZoSKTvBMyx
a8mGu2De3oKxEFHdYhefdSXIoE6eqnnX+QcFjxnxjX0CAwEAAaOCARswggEXMA8G
CSsGAQUFBzABBQQCBQAwIQYDVR0RBBowGKQWMBQxEjAQBgNVBAMTCVRHVi1FLTk3
NzAfBgNVHSMEGDAWgBRfYM9hkFXfhEMUimAqsvV69EMY7zAdBgNVHQ4EFgQUsaBi
EgkLLIMxNfkvizqOhJ3kcf4wDAYDVR0TAQH/BAIwADBuBgNVHSAEZzBlMGMGC2CG
SAGG+EUBBxcDMFQwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20v
Y3BzMCoGCCsGAQUFBwICMB4aHCAgaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9ycGEw
EwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB
CwUAA4IBAQB4D4DK9XVeo2T0xUXWkg0e/mwJq/BKBuqupOQeETt71ERuCQSdxvrd
nEKO7de9XjNOewhApFFTyuwrI3EOHylIvwyXwEg0m7mRhAqwrgq4qAge6nX0xedt
C+lDhjWUcRweUCXUhBqeYo1g/0wlws1AXHI+ipSJNqsGe5d1LyK+o2hDE+27pp5e
baFXm+Ubrk9EDnH82Okm3JTsIsXNvNcV45CMT55iSZm7cTLJALSHexh3GpD6Kl60
XwdzbMy8V8HAi4H/BVYLgbY2FdFf3t6o2ZcqYz96RSSlqg6+H9nBwEFi9v+PjtP+
8Oc2lnsrUjk6ygeOAxE+lWWNOG80d/hG
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEZTCCA02gAwIBAgIQJoYslWp7rf+gUe9KVvELOzANBgkqhkiG9w0BAQsFADB+
MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj
IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE3MDQyNjAwMDAwMFoX
DTE3MDcyNTIzNTk1OVowQDE+MDwGA1UEAxM1U3ltYW50ZWMgQ2xhc3MgMyBTZWN1
cmUgU2VydmVyIENBIC0gRzQgT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC7IEt/vUo9j6sQ48spfbMYOiwqKo/LIw4r1R9beqVI
UwkxIjH1C9MdrZyND+dqUBYfEuXaw2jVfUV0+SygpqCxhebM1Kg17I/aaByN13LO
ht6fMSzFLs0Jl5PKt8uSbt4nrnatLj4QL846wIRzBNJLQ54kTk1sOY7j7Alop/iF
o5STvpF3mz+8IT9r22lVtEEe3AXOPkONTWGx+B0yajKJSdBtMCQ68SnnlLLCGtgx
MoDfuX6e+h08p4LFYg5ujoHYgxRf1QzqeYLqZ+/DB/8GH+k+QXiPjQx2aEik7wTM
sWvJhrtg3t6CsRBR3WIXn3UlyKBOnqp51/kHBY8Z8Y19AgMBAAGjggEbMIIBFzAP
BgkrBgEFBQcwAQUEAgUAMCEGA1UdEQQaMBikFjAUMRIwEAYDVQQDEwlUR1YtRS05
NzcwHwYDVR0jBBgwFoAUX2DPYZBV34RDFIpgKrL1evRDGO8wHQYDVR0OBBYEFLGg
YhIJCyyDMTX5L4s6joSd5HH+MAwGA1UdEwEB/wQCMAAwbgYDVR0gBGcwZTBjBgtg
hkgBhvhFAQcXAzBUMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29t
L2NwczAqBggrBgEFBQcCAjAeGhwgIGh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBh
MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0B
AQsFAAOCAQEAeA+AyvV1XqNk9MVF1pINHv5sCavwSgbqrqTkHhE7e9REbgkEncb6
3ZxCju3XvV4zTnsIQKRRU8rsKyNxDh8pSL8Ml8BINJu5kYQKsK4KuKgIHup19MXn
bQvpQ4Y1lHEcHlAl1IQanmKNYP9MJcLNQFxyPoqUiTarBnuXdS8ivqNoQxPtu6ae
Xm2hV5vlG65PRA5x/NjpJtyU7CLFzbzXFeOQjE+eYkmZu3EyyQC0h3sYdxqQ+ipe
tF8Hc2zMvFfBwIuB/wVWC4G2NhXRX97eqNmXKmM/ekUkpaoOvh/ZwcBBYvb/j47T
/vDnNpZ7K1I5OsoHjgMRPpVljThvNHf4Rg==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=602698, public, no-transform, must-revalidate]
Content-Length: [1608]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sat, 24 Jun 2017 21:48:02 GMT]
Expires: [Sat, 1 Jul 2017 21:13:00 GMT]
Last-Modified: [Sat, 24 Jun 2017 21:13:00 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ss.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ss.symcd.com (POST)
Size: 1608 bytes (DER data)
Response time: 82.346337ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Symantec Class 3 Secure Server CA - G4 OCSP Responder
Issued by: Symantec Class 3 Secure Server CA - G4
Signing certificate validity: 2017-04-26 - 2017-07-25
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 167h24m58s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBTRsWSLjJ8N0Wujis0rUBfV+c/AZAQUX2DP
YZBV34RDFIpgKrL1evRDGO8CEFJHPZLKoKBo6pcabQ4VmNU=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGRAoBAKCCBj0wggY5BgkrBgEFBQcwAQEEggYqMIIGJjCBnqIWBBSxoGISCQss
gzE1+S+LOo6EneRx/hgPMjAxNzA2MjQyMTEzMDBaMHMwcTBJMAkGBSsOAwIaBQAE
FNGxZIuMnw3Ra6OKzStQF9X5z8BkBBRfYM9hkFXfhEMUimAqsvV69EMY7wIQUkc9
ksqgoGjqlxptDhWY1YAAGA8yMDE3MDYyNDIxMTMwMFqgERgPMjAxNzA3MDEyMTEz
MDBaMA0GCSqGSIb3DQEBBQUAA4IBAQAygCTwHMQf5eXcHzF64kyaXRX6oHzgkcec
ZneSp7LysTnsRDH1lBpZ6Tx63PjjhbAFhfAfaiX6f3PYDd8OrzKdYwwu7lCNGUJA
dBRofiHFn2WEFiff7m09CFEYHfsm9YZYXTpj+N7jEKZb7wPB4laJoXB2PFSEWDep
+A8L3mrnMa+owAQbe7OBfBw+nbfirvrLVQsVnA6VjRCMh457ko052m+wao1RiEka
GSHDbPyab1jKNqmd/cUsCRUxmXgEErDjDInx2AN8lgtzjszGfFOtMQEkroYRRo7A
hK0ZRXqdCEuXntoMLtXtc+mufnd80MgNhwrVJe3p4+vuMBfkgUFhoIIEbTCCBGkw
ggRlMIIDTaADAgECAhAmhiyVanut/6BR70pW8Qs7MA0GCSqGSIb3DQEBCwUAMH4x
CzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0G
A1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEvMC0GA1UEAxMmU3ltYW50ZWMg
Q2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzQwHhcNMTcwNDI2MDAwMDAwWhcN
MTcwNzI1MjM1OTU5WjBAMT4wPAYDVQQDEzVTeW1hbnRlYyBDbGFzcyAzIFNlY3Vy
ZSBTZXJ2ZXIgQ0EgLSBHNCBPQ1NQIFJlc3BvbmRlcjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBALsgS3+9Sj2PqxDjyyl9sxg6LCoqj8sjDivVH1t6pUhT
CTEiMfUL0x2tnI0P52pQFh8S5drDaNV9RXT5LKCmoLGF5szUqDXsj9poHI3Xcs6G
3p8xLMUuzQmXk8q3y5Ju3ieudq0uPhAvzjrAhHME0ktDniROTWw5juPsCWin+IWj
lJO+kXebP7whP2vbaVW0QR7cBc4+Q41NYbH4HTJqMolJ0G0wJDrxKeeUssIa2DEy
gN+5fp76HTyngsViDm6OgdiDFF/VDOp5gupn78MH/wYf6T5BeI+NDHZoSKTvBMyx
a8mGu2De3oKxEFHdYhefdSXIoE6eqnnX+QcFjxnxjX0CAwEAAaOCARswggEXMA8G
CSsGAQUFBzABBQQCBQAwIQYDVR0RBBowGKQWMBQxEjAQBgNVBAMTCVRHVi1FLTk3
NzAfBgNVHSMEGDAWgBRfYM9hkFXfhEMUimAqsvV69EMY7zAdBgNVHQ4EFgQUsaBi
EgkLLIMxNfkvizqOhJ3kcf4wDAYDVR0TAQH/BAIwADBuBgNVHSAEZzBlMGMGC2CG
SAGG+EUBBxcDMFQwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20v
Y3BzMCoGCCsGAQUFBwICMB4aHCAgaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9ycGEw
EwYDVR0lBAwwCgYIKwYBBQUHAwkwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEB
CwUAA4IBAQB4D4DK9XVeo2T0xUXWkg0e/mwJq/BKBuqupOQeETt71ERuCQSdxvrd
nEKO7de9XjNOewhApFFTyuwrI3EOHylIvwyXwEg0m7mRhAqwrgq4qAge6nX0xedt
C+lDhjWUcRweUCXUhBqeYo1g/0wlws1AXHI+ipSJNqsGe5d1LyK+o2hDE+27pp5e
baFXm+Ubrk9EDnH82Okm3JTsIsXNvNcV45CMT55iSZm7cTLJALSHexh3GpD6Kl60
XwdzbMy8V8HAi4H/BVYLgbY2FdFf3t6o2ZcqYz96RSSlqg6+H9nBwEFi9v+PjtP+
8Oc2lnsrUjk6ygeOAxE+lWWNOG80d/hG
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEZTCCA02gAwIBAgIQJoYslWp7rf+gUe9KVvELOzANBgkqhkiG9w0BAQsFADB+
MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVj
IENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MB4XDTE3MDQyNjAwMDAwMFoX
DTE3MDcyNTIzNTk1OVowQDE+MDwGA1UEAxM1U3ltYW50ZWMgQ2xhc3MgMyBTZWN1
cmUgU2VydmVyIENBIC0gRzQgT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC7IEt/vUo9j6sQ48spfbMYOiwqKo/LIw4r1R9beqVI
UwkxIjH1C9MdrZyND+dqUBYfEuXaw2jVfUV0+SygpqCxhebM1Kg17I/aaByN13LO
ht6fMSzFLs0Jl5PKt8uSbt4nrnatLj4QL846wIRzBNJLQ54kTk1sOY7j7Alop/iF
o5STvpF3mz+8IT9r22lVtEEe3AXOPkONTWGx+B0yajKJSdBtMCQ68SnnlLLCGtgx
MoDfuX6e+h08p4LFYg5ujoHYgxRf1QzqeYLqZ+/DB/8GH+k+QXiPjQx2aEik7wTM
sWvJhrtg3t6CsRBR3WIXn3UlyKBOnqp51/kHBY8Z8Y19AgMBAAGjggEbMIIBFzAP
BgkrBgEFBQcwAQUEAgUAMCEGA1UdEQQaMBikFjAUMRIwEAYDVQQDEwlUR1YtRS05
NzcwHwYDVR0jBBgwFoAUX2DPYZBV34RDFIpgKrL1evRDGO8wHQYDVR0OBBYEFLGg
YhIJCyyDMTX5L4s6joSd5HH+MAwGA1UdEwEB/wQCMAAwbgYDVR0gBGcwZTBjBgtg
hkgBhvhFAQcXAzBUMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29t
L2NwczAqBggrBgEFBQcCAjAeGhwgIGh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBh
MBMGA1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0B
AQsFAAOCAQEAeA+AyvV1XqNk9MVF1pINHv5sCavwSgbqrqTkHhE7e9REbgkEncb6
3ZxCju3XvV4zTnsIQKRRU8rsKyNxDh8pSL8Ml8BINJu5kYQKsK4KuKgIHup19MXn
bQvpQ4Y1lHEcHlAl1IQanmKNYP9MJcLNQFxyPoqUiTarBnuXdS8ivqNoQxPtu6ae
Xm2hV5vlG65PRA5x/NjpJtyU7CLFzbzXFeOQjE+eYkmZu3EyyQC0h3sYdxqQ+ipe
tF8Hc2zMvFfBwIuB/wVWC4G2NhXRX97eqNmXKmM/ekUkpaoOvh/ZwcBBYvb/j47T
/vDnNpZ7K1I5OsoHjgMRPpVljThvNHf4Rg==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=602698, public, no-transform, must-revalidate]
Content-Length: [1608]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Sat, 24 Jun 2017 21:48:02 GMT]
Expires: [Sat, 1 Jul 2017 21:13:00 GMT]
Last-Modified: [Sat, 24 Jun 2017 21:13:00 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-85.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Symantec Class 3 Secure Server CA - G4 (CA Certificate)

Certificate details for Symantec Class 3 Secure Server CA - G4 (At position 1 in certificate chain)
Serial number:
hex: 513fb9743870b73440418d30930699ff
int: 107998343814376832458216740669838760447
Issued by: VeriSign Class 3 Public Primary Certification Authority - G5
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Symantec Corporation
Organization unit: Symantec Trust Network
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.