CRL & OCSP report for 0-pcs.webofknowledge.com.ujlink.uj.ac.za - ujlink.uj.ac.za (University of Johannesburg)

ujlink.uj.ac.za

Certificate details for ujlink.uj.ac.za (At position 0 in certificate chain)
Serial number:
hex: 58e2eddc98b9386273436d74fabc239e
int: 118150347127638925481710378807444906910
Issued by: thawte SSL CA - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: University of Johannesburg
Organization unit: University of Johannesburg Library
State / Province: Gauteng
Locality: Johannesburg
Country: ZA
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for 0-pcs.webofknowledge.com.ujlink.uj.ac.za.

Certificate Revocation List (CRL)

This CRL was cached at
http://tj.symcb.com/tj.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://tj.symcb.com/tj.crl
Size: 130854 bytes (DER data)
Response time: 52.501761ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3726

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_HIT from a23-217-200-39.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Fri, 28 Apr 2017 12:03:42 GMT]
Etag: ["a367d7ef71e9adb3e8acc26d19abafb2:1493370699"]
Last-Modified: [Fri, 28 Apr 2017 09:11:39 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_HIT from a23-217-200-39.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://tj.symcd.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://tj.symcd.com (GET)
Size: 1414 bytes (DER data)
Response time: 49.627597ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte SSL CA - G2 OCSP Responder
Issued by: thawte SSL CA - G2
Signing certificate validity: 2017-02-04 - 2017-05-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 100h22m11s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-217-200-53.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc%2FlYx1bXFBnllP1ugYHmAQUwk9IV%2FzRT5rAXTh9DgXb2S61UmACEFji7dyYuThic0NtdPq8I54%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc/lYx1bXFBnllP1ugYHmAQUwk9I
V/zRT5rAXTh9DgXb2S61UmACEFji7dyYuThic0NtdPq8I54=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFggoBAKCCBXswggV3BgkrBgEFBQcwAQEEggVoMIIFZDCBnqIWBBTcBj2E7JLw
SFp9H2+JDfoebSfYjRgPMjAxNzA0MjMwMTI2MTVaMHMwcTBJMAkGBSsOAwIaBQAE
FG92W4YBz+VjHVtcUGeWU/W6BgeYBBTCT0hX/NFPmsBdOH0OBdvZLrVSYAIQWOLt
3Ji5OGJzQ210+rwjnoAAGA8yMDE3MDQyMzAxMjYxNVqgERgPMjAxNzA0MzAwMTI2
MTVaMA0GCSqGSIb3DQEBBQUAA4IBAQBbXI3WLrUcc8VfPQT17aimvYQTp/jYJoBA
+J/HYgULFNCX2a7/KCLE3jfQeIkSFD8SB2aUZedV1vCKn6d/ZNHkbKJjYVquPh9c
S3KZz9CqefYHjAFjadMP5PrCuiaqYhK5KzMMCuYuVXRNie2CsXgEh/ldZAW8SEs/
2WUg+XZ8wEWWlDEELNkPWJObDJrr6MKCk6gYot1lbC3hhMDPsKJ2flCKzMiFMH6D
QKTmQD0UNycu6338WzS5PZQ8fyR6LOGj6oanEFSFpiRMAr9Au+LUvXGvcxvpLs02
nQcF+ZDBpUgT1feimU13vDdditYd3zzkL+Cokx+QsUnzFBmendCSoIIDqzCCA6cw
ggOjMIICi6ADAgECAhAoRSY7/1N11QlKWAK2fgyRMA0GCSqGSIb3DQEBCwUAMEEx
CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xGzAZBgNVBAMTEnRo
YXd0ZSBTU0wgQ0EgLSBHMjAeFw0xNzAyMDQwMDAwMDBaFw0xNzA1MDUyMzU5NTla
MCwxKjAoBgNVBAMTIXRoYXd0ZSBTU0wgQ0EgLSBHMiBPQ1NQIFJlc3BvbmRlcjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCv4N/h3+VMTnsLyJbB1IFw
6hYShJKzxrOy1L+GE60F8RsFW1EgHjOGGWTe/WDd5YscQy8cbA41QMoFzHx3qeZy
inPMpiFCdD+HhOyOjZumZc2HfeOfmndXxVc6e8dDS64uzJawtKh6AZxbT0yI/noF
lckH+7nw6iFlxSMflhQbH3mua2oauHjMxNbw12hbMGLgJAn6OiIMF0h2XxF7FuVQ
Ngq4y2ICrYVf/DXicxWkiJomRd8VG1r1bfcU4W7eVGLgy83wuN6dO3VgniKoTrWC
40Di2IRdFdhNrdacq9JOon29xDSpRkCwu/GOUDJcjAHQJVEdnFsBpqjLFcSjqVcC
AwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAVMRMwEQYD
VQQDEwpUR1YtRC0zODU4MB8GA1UdIwQYMBaAFMJPSFf80U+awF04fQ4F29kutVJg
MB0GA1UdDgQWBBTcBj2E7JLwSFp9H2+JDfoebSfYjTAMBgNVHRMBAf8EAjAAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF
AAOCAQEALp7BXATVKbsXupOyIBYjn4G93/7UOGBFDPqY4GNAh0AV1Infd7hgC+GE
TDK4dtGwiLGs4PoaUtj3kqE6+c98uRLcEj2W+JWjQidKVptBLsmQrxvcYw0gowG5
hJHRDRzuQR/BYz7FJHAnJTl8EYfsdl1hfybzL/wWpZeLv/nOFOGiqbsxEGjJ6gMY
CCwZXanMXyyC9T9TFWiejhar8rCLN7xDJpg7vr9NByVcNGgaLvupKjuwd8tzCaBB
XhEK/T0bJ4/WtOyjEQCawIOqgq/MF+m7eZatsIyLSDyQoPeeyUiYkf78ymJaX3R8
LOjiNtqrmldU2ZhF1/Hobsd6ynSRpQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIQKEUmO/9TddUJSlgCtn4MkTANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwMjA0MDAwMDAwWhcNMTcwNTA1MjM1OTU5
WjAsMSowKAYDVQQDEyF0aGF3dGUgU1NMIENBIC0gRzIgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwr+Df4d/lTE57C8iWwdSB
cOoWEoSSs8azstS/hhOtBfEbBVtRIB4zhhlk3v1g3eWLHEMvHGwONUDKBcx8d6nm
copzzKYhQnQ/h4Tsjo2bpmXNh33jn5p3V8VXOnvHQ0uuLsyWsLSoegGcW09MiP56
BZXJB/u58OohZcUjH5YUGx95rmtqGrh4zMTW8NdoWzBi4CQJ+joiDBdIdl8Rexbl
UDYKuMtiAq2FX/w14nMVpIiaJkXfFRta9W33FOFu3lRi4MvN8LjenTt1YJ4iqE61
guNA4tiEXRXYTa3WnKvSTqJ9vcQ0qUZAsLvxjlAyXIwB0CVRHZxbAaaoyxXEo6lX
AgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcwFTETMBEG
A1UEAxMKVEdWLUQtMzg1ODAfBgNVHSMEGDAWgBTCT0hX/NFPmsBdOH0OBdvZLrVS
YDAdBgNVHQ4EFgQU3AY9hOyS8EhafR9viQ36Hm0n2I0wDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBAC6ewVwE1Sm7F7qTsiAWI5+Bvd/+1DhgRQz6mOBjQIdAFdSJ33e4YAvh
hEwyuHbRsIixrOD6GlLY95KhOvnPfLkS3BI9lviVo0InSlabQS7JkK8b3GMNIKMB
uYSR0Q0c7kEfwWM+xSRwJyU5fBGH7HZdYX8m8y/8FqWXi7/5zhThoqm7MRBoyeoD
GAgsGV2pzF8sgvU/UxVono4Wq/Kwize8QyaYO76/TQclXDRoGi77qSo7sHfLcwmg
QV4RCv09GyeP1rTsoxEAmsCDqoKvzBfpu3mWrbCMi0g8kKD3nslImJH+/MpiWl90
fCzo4jbaq5pXVNmYRdfx6G7Hesp0kaU=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=361331, public, no-transform, must-revalidate]
Content-Length: [1414]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 25 Apr 2017 21:04:04 GMT]
Expires: [Sun, 30 Apr 2017 01:26:15 GMT]
Last-Modified: [Sun, 23 Apr 2017 01:26:15 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-217-200-53.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://tj.symcd.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://tj.symcd.com (POST)
Size: 1414 bytes (DER data)
Response time: 13.693453ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte SSL CA - G2 OCSP Responder
Issued by: thawte SSL CA - G2
Signing certificate validity: 2017-02-04 - 2017-05-05
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 100h22m11s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-217-200-53.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBRvdluGAc/lYx1bXFBnllP1ugYHmAQUwk9I
V/zRT5rAXTh9DgXb2S61UmACEFji7dyYuThic0NtdPq8I54=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIFggoBAKCCBXswggV3BgkrBgEFBQcwAQEEggVoMIIFZDCBnqIWBBTcBj2E7JLw
SFp9H2+JDfoebSfYjRgPMjAxNzA0MjMwMTI2MTVaMHMwcTBJMAkGBSsOAwIaBQAE
FG92W4YBz+VjHVtcUGeWU/W6BgeYBBTCT0hX/NFPmsBdOH0OBdvZLrVSYAIQWOLt
3Ji5OGJzQ210+rwjnoAAGA8yMDE3MDQyMzAxMjYxNVqgERgPMjAxNzA0MzAwMTI2
MTVaMA0GCSqGSIb3DQEBBQUAA4IBAQBbXI3WLrUcc8VfPQT17aimvYQTp/jYJoBA
+J/HYgULFNCX2a7/KCLE3jfQeIkSFD8SB2aUZedV1vCKn6d/ZNHkbKJjYVquPh9c
S3KZz9CqefYHjAFjadMP5PrCuiaqYhK5KzMMCuYuVXRNie2CsXgEh/ldZAW8SEs/
2WUg+XZ8wEWWlDEELNkPWJObDJrr6MKCk6gYot1lbC3hhMDPsKJ2flCKzMiFMH6D
QKTmQD0UNycu6338WzS5PZQ8fyR6LOGj6oanEFSFpiRMAr9Au+LUvXGvcxvpLs02
nQcF+ZDBpUgT1feimU13vDdditYd3zzkL+Cokx+QsUnzFBmendCSoIIDqzCCA6cw
ggOjMIICi6ADAgECAhAoRSY7/1N11QlKWAK2fgyRMA0GCSqGSIb3DQEBCwUAMEEx
CzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xGzAZBgNVBAMTEnRo
YXd0ZSBTU0wgQ0EgLSBHMjAeFw0xNzAyMDQwMDAwMDBaFw0xNzA1MDUyMzU5NTla
MCwxKjAoBgNVBAMTIXRoYXd0ZSBTU0wgQ0EgLSBHMiBPQ1NQIFJlc3BvbmRlcjCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCv4N/h3+VMTnsLyJbB1IFw
6hYShJKzxrOy1L+GE60F8RsFW1EgHjOGGWTe/WDd5YscQy8cbA41QMoFzHx3qeZy
inPMpiFCdD+HhOyOjZumZc2HfeOfmndXxVc6e8dDS64uzJawtKh6AZxbT0yI/noF
lckH+7nw6iFlxSMflhQbH3mua2oauHjMxNbw12hbMGLgJAn6OiIMF0h2XxF7FuVQ
Ngq4y2ICrYVf/DXicxWkiJomRd8VG1r1bfcU4W7eVGLgy83wuN6dO3VgniKoTrWC
40Di2IRdFdhNrdacq9JOon29xDSpRkCwu/GOUDJcjAHQJVEdnFsBpqjLFcSjqVcC
AwEAAaOBqzCBqDAPBgkrBgEFBQcwAQUEAgUAMCIGA1UdEQQbMBmkFzAVMRMwEQYD
VQQDEwpUR1YtRC0zODU4MB8GA1UdIwQYMBaAFMJPSFf80U+awF04fQ4F29kutVJg
MB0GA1UdDgQWBBTcBj2E7JLwSFp9H2+JDfoebSfYjTAMBgNVHRMBAf8EAjAAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF
AAOCAQEALp7BXATVKbsXupOyIBYjn4G93/7UOGBFDPqY4GNAh0AV1Infd7hgC+GE
TDK4dtGwiLGs4PoaUtj3kqE6+c98uRLcEj2W+JWjQidKVptBLsmQrxvcYw0gowG5
hJHRDRzuQR/BYz7FJHAnJTl8EYfsdl1hfybzL/wWpZeLv/nOFOGiqbsxEGjJ6gMY
CCwZXanMXyyC9T9TFWiejhar8rCLN7xDJpg7vr9NByVcNGgaLvupKjuwd8tzCaBB
XhEK/T0bJ4/WtOyjEQCawIOqgq/MF+m7eZatsIyLSDyQoPeeyUiYkf78ymJaX3R8
LOjiNtqrmldU2ZhF1/Hobsd6ynSRpQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIQKEUmO/9TddUJSlgCtn4MkTANBgkqhkiG9w0BAQsFADBB
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
aGF3dGUgU1NMIENBIC0gRzIwHhcNMTcwMjA0MDAwMDAwWhcNMTcwNTA1MjM1OTU5
WjAsMSowKAYDVQQDEyF0aGF3dGUgU1NMIENBIC0gRzIgT0NTUCBSZXNwb25kZXIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwr+Df4d/lTE57C8iWwdSB
cOoWEoSSs8azstS/hhOtBfEbBVtRIB4zhhlk3v1g3eWLHEMvHGwONUDKBcx8d6nm
copzzKYhQnQ/h4Tsjo2bpmXNh33jn5p3V8VXOnvHQ0uuLsyWsLSoegGcW09MiP56
BZXJB/u58OohZcUjH5YUGx95rmtqGrh4zMTW8NdoWzBi4CQJ+joiDBdIdl8Rexbl
UDYKuMtiAq2FX/w14nMVpIiaJkXfFRta9W33FOFu3lRi4MvN8LjenTt1YJ4iqE61
guNA4tiEXRXYTa3WnKvSTqJ9vcQ0qUZAsLvxjlAyXIwB0CVRHZxbAaaoyxXEo6lX
AgMBAAGjgaswgagwDwYJKwYBBQUHMAEFBAIFADAiBgNVHREEGzAZpBcwFTETMBEG
A1UEAxMKVEdWLUQtMzg1ODAfBgNVHSMEGDAWgBTCT0hX/NFPmsBdOH0OBdvZLrVS
YDAdBgNVHQ4EFgQU3AY9hOyS8EhafR9viQ36Hm0n2I0wDAYDVR0TAQH/BAIwADAT
BgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQEL
BQADggEBAC6ewVwE1Sm7F7qTsiAWI5+Bvd/+1DhgRQz6mOBjQIdAFdSJ33e4YAvh
hEwyuHbRsIixrOD6GlLY95KhOvnPfLkS3BI9lviVo0InSlabQS7JkK8b3GMNIKMB
uYSR0Q0c7kEfwWM+xSRwJyU5fBGH7HZdYX8m8y/8FqWXi7/5zhThoqm7MRBoyeoD
GAgsGV2pzF8sgvU/UxVono4Wq/Kwize8QyaYO76/TQclXDRoGi77qSo7sHfLcwmg
QV4RCv09GyeP1rTsoxEAmsCDqoKvzBfpu3mWrbCMi0g8kKD3nslImJH+/MpiWl90
fCzo4jbaq5pXVNmYRdfx6G7Hesp0kaU=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=361331, public, no-transform, must-revalidate]
Content-Length: [1414]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 25 Apr 2017 21:04:04 GMT]
Expires: [Sun, 30 Apr 2017 01:26:15 GMT]
Last-Modified: [Sun, 23 Apr 2017 01:26:15 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MISS from a23-217-200-53.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

thawte SSL CA - G2 (CA Certificate)

Certificate details for thawte SSL CA - G2 (At position 1 in certificate chain)
Serial number:
hex: 1687d6886de2300685233dbf11bf6597
int: 29948327227862944430780750156152137111
Issued by: thawte Primary Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: thawte, Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://t1.symcb.com/ThawtePCA.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://t1.symcb.com/ThawtePCA.crl
Size: 537 bytes (DER data)
Response time: 46.024268ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1

Relevant server response headers

Date:
Last Modified:

Server and network information

Server Software: Apache
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-217-200-71.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

Raw CRL response headers

Accept-Ranges: [bytes]
Content-Type: [application/pkix-crl]
Date: [Fri, 28 Apr 2017 12:03:42 GMT]
Etag: ["9a0c909d0279c1bbdf66260ef952850c:1490320987"]
Last-Modified: [Fri, 24 Mar 2017 02:01:25 GMT]
Server: [Apache]
Vary: [Accept-Encoding]
X-Cache: [TCP_MEM_HIT from a23-217-200-71.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • Expires cache header not set (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://t2.symcb.com (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://t2.symcb.com (POST)
Size: 1504 bytes (DER data)
Response time: 13.793237ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte Primary Root OCSP Responder Certificate 5
Issued by: thawte Primary Root CA
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 139h36m1s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-217-200-53.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (S)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD/yl6nWPkczAQUe1tF
z6/Oy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG/ZZc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF3AoBAKCCBdUwggXRBgkrBgEFBQcwAQEEggXCMIIFvjCBnqIWBBSy2bdAZSGF
dJEJzQWJNOXg5SwcIxgPMjAxNzA0MjcwNzM5NDNaMHMwcTBJMAkGBSsOAwIaBQAE
FDAXimvD1LuYJsIQcP/KXqdY+RzMBBR7W0XPr87Lev0xkhpqtvNG61dIUAIQFofW
iG3iMAaFIz2/Eb9ll4AAGA8yMDE3MDQyNzA3Mzk0M1qgERgPMjAxNzA1MDQwNzM5
NDNaMA0GCSqGSIb3DQEBBQUAA4IBAQBYjdRcNshl4JgStVG8EW4DV7sGKL5zgFOt
1qivLyP/wdc6Z24SYm/Xp7uKC2hqmUYdeuhOrtA06eng/a0XlU0oXTV00ie3KKfm
cFiluGl/KVbl/rhmHZPmBBHyiNhDWvtjKH8oKrYFf/SWwEgY2rHYHi1fiL/sKdjy
nZcoi/uG+n7Qbpbhi/HpUefO3bWme63yZbEnB8jOsaXHtTzTkqibpk1q89u5sx6r
hTjitcsV04nnK50DeWezkqZ5VGo4ZWLQLXjDi5VlfUhSOZPQvL6bXdQjIGY6tGVe
Qv0CRNSpbM6UYFkowUUi5ke5VxG7vtqzWGdkf6FHFcZr8WGI7ZYxoIIEBTCCBAEw
ggP9MIIC5aADAgECAhBqIaLOBLu8Jqunme8AdApUMA0GCSqGSIb3DQEBBQUAMIGp
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYDVQQLEy8oYykgMjAw
NiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UE
AxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTAeFw0xNjExMjIwMDAwMDBaFw0xNzEy
MTQyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4x
OTA3BgNVBAMTMHRoYXd0ZSBQcmltYXJ5IFJvb3QgT0NTUCBSZXNwb25kZXIgQ2Vy
dGlmaWNhdGUgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwOc/CD
T/ilVz6H2rkWETL80qIX5ttu5I16yxgPVYUP2Qy1D6dpiw9JZb0Tw134T58HpV+B
e3HSYDvEwPLyCBgKDNGAQ4RTEvuVDAJXhDHFDe+tE3wUWX0QCsmqMqXTc/BI18Zx
1vekmip6OnwyEoRdlaIeRv1qFLOGj9NqcQrh3CN/4SJb/DnWmTQta4gODnKS/ADF
WRs/wB3rqPDBZhBLBqywq6YRmzcz6hb/dpddqcTp7tDtEHmw+BDWTl/92a2YwJAw
9mKjfzqNYZa37ydH0MYioCjreLj++js4ZCM+av59twiH//GjaqSaQnW2z7rKM/5A
5tBowI+SWtr93p8CAwEAAaNqMGgwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYB
BQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREE
GzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MTANBgkqhkiG9w0BAQUFAAOCAQEA
MZQVzAXoEbM5j6fQNNDzrTvMeEMlOlf8ShOg6pa5Y6/s9m+3nEqxRZhdJXtqn7YI
2736XikAfsn7cVikARa66mlLn6QxdnbUHX/TUpJf2/nZqCb2T80lmSjOfLwBzdgD
9N4MUzs16ivcuEEEJhuBhtcp/66+oEQqdXdLejHG61bRkhnqrW6U9sGBPhoQw2Hq
G3zclM6IlNJX+LYxOuDDD/5SbKAbcy+QBsue7Yf5XG7lZacI9CVFreoggA+YR8VQ
SVChJNc4k3ALASLz2OckP2X/357OiJFcsoqNdeo70ZLPLS4U/gOn60QiAnxonBCJ
PjZyT4sg074MlhPJSGR+HA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIQaiGizgS7vCarp5nvAHQKVDANBgkqhkiG9w0BAQUFADCB
qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcx
MjE0MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
MTkwNwYDVQQDEzB0aGF3dGUgUHJpbWFyeSBSb290IE9DU1AgUmVzcG9uZGVyIENl
cnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDnPw
g0/4pVc+h9q5FhEy/NKiF+bbbuSNessYD1WFD9kMtQ+naYsPSWW9E8Nd+E+fB6Vf
gXtx0mA7xMDy8ggYCgzRgEOEUxL7lQwCV4QxxQ3vrRN8FFl9EArJqjKl03PwSNfG
cdb3pJoqejp8MhKEXZWiHkb9ahSzho/TanEK4dwjf+EiW/w51pk0LWuIDg5ykvwA
xVkbP8Ad66jwwWYQSwassKumEZs3M+oW/3aXXanE6e7Q7RB5sPgQ1k5f/dmtmMCQ
MPZio386jWGWt+8nR9DGIqAo63i4/vo7OGQjPmr+fbcIh//xo2qkmkJ1ts+6yjP+
QObQaMCPklra/d6fAgMBAAGjajBoMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsG
AQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwIgYDVR0R
BBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTEwDQYJKoZIhvcNAQEFBQADggEB
ADGUFcwF6BGzOY+n0DTQ8607zHhDJTpX/EoToOqWuWOv7PZvt5xKsUWYXSV7ap+2
CNu9+l4pAH7J+3FYpAEWuuppS5+kMXZ21B1/01KSX9v52agm9k/NJZkozny8Ac3Y
A/TeDFM7Neor3LhBBCYbgYbXKf+uvqBEKnV3S3oxxutW0ZIZ6q1ulPbBgT4aEMNh
6ht83JTOiJTSV/i2MTrgww/+UmygG3MvkAbLnu2H+Vxu5WWnCPQlRa3qIIAPmEfF
UElQoSTXOJNwCwEi89jnJD9l/9+ezoiRXLKKjXXqO9GSzy0uFP4Dp+tEIgJ8aJwQ
iT42ck+LINO+DJYTyUhkfhw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=502561, public, no-transform, must-revalidate]
Content-Length: [1504]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 28 Apr 2017 12:03:42 GMT]
Expires: [Thu, 4 May 2017 07:39:43 GMT]
Last-Modified: [Thu, 27 Apr 2017 07:39:43 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_REFRESH_MISS from a23-217-200-53.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (S)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://t2.symcb.com (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://t2.symcb.com (GET)
Size: 1504 bytes (DER data)
Response time: 49.482508ms
Signature algorithm: SHA1WithRSA
Signature type: CA Deligated
Signed by: thawte Primary Root OCSP Responder Certificate 5
Issued by: thawte Primary Root CA
Signing certificate validity: 2016-11-22 - 2017-12-14
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 139h39m30s

Server and network information

Server Software: nginx/1.10.2
Content Delivery Network (CDN): Akamai
Cache Information: TCP_MEM_HIT from a23-217-200-68.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)

URL used for GET request

http:/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD%2Fyl6nWPkczAQUe1tFz6%2FOy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG%2FZZc%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFEwTzBNMEswSTAJBgUrDgMCGgUABBQwF4prw9S7mCbCEHD/yl6nWPkczAQUe1tF
z6/Oy3r9MZIaarbzRutXSFACEBaH1oht4jAGhSM9vxG/ZZc=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF3AoBAKCCBdUwggXRBgkrBgEFBQcwAQEEggXCMIIFvjCBnqIWBBSy2bdAZSGF
dJEJzQWJNOXg5SwcIxgPMjAxNzA0MjcwNzM5NDNaMHMwcTBJMAkGBSsOAwIaBQAE
FDAXimvD1LuYJsIQcP/KXqdY+RzMBBR7W0XPr87Lev0xkhpqtvNG61dIUAIQFofW
iG3iMAaFIz2/Eb9ll4AAGA8yMDE3MDQyNzA3Mzk0M1qgERgPMjAxNzA1MDQwNzM5
NDNaMA0GCSqGSIb3DQEBBQUAA4IBAQBYjdRcNshl4JgStVG8EW4DV7sGKL5zgFOt
1qivLyP/wdc6Z24SYm/Xp7uKC2hqmUYdeuhOrtA06eng/a0XlU0oXTV00ie3KKfm
cFiluGl/KVbl/rhmHZPmBBHyiNhDWvtjKH8oKrYFf/SWwEgY2rHYHi1fiL/sKdjy
nZcoi/uG+n7Qbpbhi/HpUefO3bWme63yZbEnB8jOsaXHtTzTkqibpk1q89u5sx6r
hTjitcsV04nnK50DeWezkqZ5VGo4ZWLQLXjDi5VlfUhSOZPQvL6bXdQjIGY6tGVe
Qv0CRNSpbM6UYFkowUUi5ke5VxG7vtqzWGdkf6FHFcZr8WGI7ZYxoIIEBTCCBAEw
ggP9MIIC5aADAgECAhBqIaLOBLu8Jqunme8AdApUMA0GCSqGSIb3DQEBBQUAMIGp
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMSgwJgYDVQQLEx9D
ZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYDVQQLEy8oYykgMjAw
NiB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UE
AxMWdGhhd3RlIFByaW1hcnkgUm9vdCBDQTAeFw0xNjExMjIwMDAwMDBaFw0xNzEy
MTQyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4x
OTA3BgNVBAMTMHRoYXd0ZSBQcmltYXJ5IFJvb3QgT0NTUCBSZXNwb25kZXIgQ2Vy
dGlmaWNhdGUgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwOc/CD
T/ilVz6H2rkWETL80qIX5ttu5I16yxgPVYUP2Qy1D6dpiw9JZb0Tw134T58HpV+B
e3HSYDvEwPLyCBgKDNGAQ4RTEvuVDAJXhDHFDe+tE3wUWX0QCsmqMqXTc/BI18Zx
1vekmip6OnwyEoRdlaIeRv1qFLOGj9NqcQrh3CN/4SJb/DnWmTQta4gODnKS/ADF
WRs/wB3rqPDBZhBLBqywq6YRmzcz6hb/dpddqcTp7tDtEHmw+BDWTl/92a2YwJAw
9mKjfzqNYZa37ydH0MYioCjreLj++js4ZCM+av59twiH//GjaqSaQnW2z7rKM/5A
5tBowI+SWtr93p8CAwEAAaNqMGgwEwYDVR0lBAwwCgYIKwYBBQUHAwkwDwYJKwYB
BQUHMAEFBAIFADAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAiBgNVHREE
GzAZpBcwFTETMBEGA1UEAxMKVEdWLU9GRi01MTANBgkqhkiG9w0BAQUFAAOCAQEA
MZQVzAXoEbM5j6fQNNDzrTvMeEMlOlf8ShOg6pa5Y6/s9m+3nEqxRZhdJXtqn7YI
2736XikAfsn7cVikARa66mlLn6QxdnbUHX/TUpJf2/nZqCb2T80lmSjOfLwBzdgD
9N4MUzs16ivcuEEEJhuBhtcp/66+oEQqdXdLejHG61bRkhnqrW6U9sGBPhoQw2Hq
G3zclM6IlNJX+LYxOuDDD/5SbKAbcy+QBsue7Yf5XG7lZacI9CVFreoggA+YR8VQ
SVChJNc4k3ALASLz2OckP2X/357OiJFcsoqNdeo70ZLPLS4U/gOn60QiAnxonBCJ
PjZyT4sg074MlhPJSGR+HA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIID/TCCAuWgAwIBAgIQaiGizgS7vCarp5nvAHQKVDANBgkqhkiG9w0BAQUFADCB
qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTYxMTIyMDAwMDAwWhcNMTcx
MjE0MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
MTkwNwYDVQQDEzB0aGF3dGUgUHJpbWFyeSBSb290IE9DU1AgUmVzcG9uZGVyIENl
cnRpZmljYXRlIDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMDnPw
g0/4pVc+h9q5FhEy/NKiF+bbbuSNessYD1WFD9kMtQ+naYsPSWW9E8Nd+E+fB6Vf
gXtx0mA7xMDy8ggYCgzRgEOEUxL7lQwCV4QxxQ3vrRN8FFl9EArJqjKl03PwSNfG
cdb3pJoqejp8MhKEXZWiHkb9ahSzho/TanEK4dwjf+EiW/w51pk0LWuIDg5ykvwA
xVkbP8Ad66jwwWYQSwassKumEZs3M+oW/3aXXanE6e7Q7RB5sPgQ1k5f/dmtmMCQ
MPZio386jWGWt+8nR9DGIqAo63i4/vo7OGQjPmr+fbcIh//xo2qkmkJ1ts+6yjP+
QObQaMCPklra/d6fAgMBAAGjajBoMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsG
AQUFBzABBQQCBQAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwIgYDVR0R
BBswGaQXMBUxEzARBgNVBAMTClRHVi1PRkYtNTEwDQYJKoZIhvcNAQEFBQADggEB
ADGUFcwF6BGzOY+n0DTQ8607zHhDJTpX/EoToOqWuWOv7PZvt5xKsUWYXSV7ap+2
CNu9+l4pAH7J+3FYpAEWuuppS5+kMXZ21B1/01KSX9v52agm9k/NJZkozny8Ac3Y
A/TeDFM7Neor3LhBBCYbgYbXKf+uvqBEKnV3S3oxxutW0ZIZ6q1ulPbBgT4aEMNh
6ht83JTOiJTSV/i2MTrgww/+UmygG3MvkAbLnu2H+Vxu5WWnCPQlRa3qIIAPmEfF
UElQoSTXOJNwCwEi89jnJD9l/9+ezoiRXLKKjXXqO9GSzy0uFP4Dp+tEIgJ8aJwQ
iT42ck+LINO+DJYTyUhkfhw=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=502770, public, no-transform, must-revalidate]
Content-Length: [1504]
Content-Transfer-Encoding: [binary]
Content-Type: [application/ocsp-response]
Date: [Fri, 28 Apr 2017 12:03:42 GMT]
Expires: [Thu, 4 May 2017 07:39:43 GMT]
Last-Modified: [Thu, 27 Apr 2017 07:39:43 GMT]
Server: [nginx/1.10.2]
X-Cache: [TCP_MEM_HIT from a23-217-200-68.deploy.akamaitechnologies.com (AkamaiGHost/8.3.2.1-19774280) (-)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header outlives NextUpdate with 3m29s
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

thawte Primary Root CA (CA Certificate)

Certificate details for thawte Primary Root CA (At position 2 in certificate chain)
Serial number:
hex: 344ed55720d5edec49f42fce37db2b6d
int: 69529181992039203566298953787712940909
Issued by: thawte Primary Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: thawte, Inc.
Organization unit: Certification Services Division
Organization unit: (c) 2006 thawte, Inc. - For authorized use only
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.