CRL & OCSP report for *.ads-gdn.com

*.ads-gdn.com

Certificate details for *.ads-gdn.com (At position 0 in certificate chain)
Serial number:
hex: 2b5e8a2eba15e2
int: 12207371581003234
Issued by: Starfield Secure Certificate Authority - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: Domain Control Validated
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for *.ads-gdn.com.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.starfieldtech.com/sfig2s1-12.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.starfieldtech.com/sfig2s1-12.crl
Size: 0 bytes (DER data)
Response time: 0s

Raw CRL response headers

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.starfieldtech.com/ (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.starfieldtech.com/ (POST)
Size: 1845 bytes (DER data)
Response time: 118.699951ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Starfield Validation Authority - G2
Issued by: Starfield Secure Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 33h29m33s

Server and network information

Server Software: Apache

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEgwRjBEMEIwQDAJBgUrDgMCGgUABBT1ZqtwV0O1KcYi0gdzcFkHM+uArAQUJUWB
aFAmOD07LSy+zWrZtj2zZmMCByteii66FeI=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHMQoBAKCCByowggcmBgkrBgEFBQcwAQEEggcXMIIHEzCCAQuhgYswgYgxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxl
MSQwIgYDVQQKExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAqBgNVBAMT
I1N0YXJmaWVsZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyGA8yMDE3MDYyODE1
MDAzMVowajBoMEAwCQYFKw4DAhoFAAQU9WarcFdDtSnGItIHc3BZBzPrgKwEFCVF
gWhQJjg9Oy0svs1q2bY9s2ZjAgcrXoouuhXigAAYDzIwMTcwNjI4MTUwMDMxWqAR
GA8yMDE3MDYzMDAzMDAzMVowDQYJKoZIhvcNAQEFBQADggEBAKVI54J7fxdah3kT
PQzicLxcOrfWpLu11mnRecb4ytFjc9ewl2Iw78A1W6meJCSqLoPLUsPmIg+nGmM1
whQhEvJL23SaKX6AAWtj4dv76JhK+Ip7GamvEs6XuvArJNOkWq+QBYz/ppmTFELc
uj6Mt2jgTS6VL14cbUz7JrVM/qNv8zyZ3VITu4/klgqT6OFTIuVXTGDMxc1UxzCm
fXexQV/Xoel2h45t+7ja5lLUMp5Tdaezb1UATiLk7uUt0RpFzuzS34mVb3R8+8Pv
k5/9iSbj8fPzqXTW66z+SkZ/lMd7Y6L2tYU4bJHYeEF9Xah3fRI/jQn6V+8ARxp5
v9Oo2jigggTsMIIE6DCCBOQwggPMoAMCAQICCQDcn6yT+v/VfzANBgkqhkiG9w0B
AQsFADCBxjELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcT
ClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIElu
Yy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0cy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBv
c2l0b3J5LzE0MDIGA1UEAxMrU3RhcmZpZWxkIFNlY3VyZSBDZXJ0aWZpY2F0ZSBB
dXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0xNzEyMTMwNzAwMDBaMIGI
MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRz
ZGFsZTEkMCIGA1UEChMbU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgTExDMSwwKgYD
VQQDEyNTdGFyZmllbGQgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBHMjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4xIOLzJkCgOFq
yWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ewX04FImdW6c97
5Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5g0kP3J+Psv9j
E2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNaC+ZwrOy9cnUE
NhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6q1u1ILpB+Ze2
K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIVfX8CAwEAAaOC
AQ8wggELMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMBMGA1UdJQQMMAoG
CCsGAQUFBwMJMB0GA1UdDgQWBBTFhkohftnytX2hAaysXl3+FYL3vzAPBgkrBgEF
BQcwAQUEAgUAMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuc3RhcmZpZWxk
dGVjaC5jb20vcmVwb3NpdG9yeS9tYXN0ZXJzdGFyZmllbGQyaXNzdWluZy5jcmww
UAYDVR0gBEkwRzBFBgtghkgBhv1uAQcXATA2MDQGCCsGAQUFBwIBFihodHRwOi8v
Y3JsLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUA
A4IBAQCkDpMXweWPf6gA17Qn5MC1TGnJBn3KRfX5Rp5I91QBTpaymFk6hINZWQOC
1K1X4P0KQeP/QZ/VMEQ7OA70QPS/aO1Iq+m5tSnCgb5Ibrsv7EpOJwmwKK8+9AOo
EGV8hH3p4QW8jTZmEI78QYxhRvi6hk6LddU+kD0hdkr8f70E1LNQlJq3ZgdC4lLm
/gCcNnvKKa4QFcpqeBYi4O2SFGhJzX2sgiJZbAGRx3DcMMcI5Lu520ex0zR5vK33
FOgdwGEQlz/TqIZg0ENQnEtd8IUiwds9Do/fgk48vbp+hox6ZOya5oHKMHRuK1Py
omU89mZh8+Diar9He85JxOPYSlN6
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIJANyfrJP6/9V/MA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl
MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq
aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD
VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
MB4XDTE2MTIxMzA3MDAwMFoXDTE3MTIxMzA3MDAwMFowgYgxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSQwIgYDVQQK
ExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAqBgNVBAMTI1N0YXJmaWVs
ZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwxK37MN9B3/4QMRIgfjEg4vMmQKA4WrJYpgyxWO9gfu8J2VT
QQAa7YCXNiIiMptoZgttAW05/6iFqIuXp7BfTgUiZ1bpz3vlSiJ75ecwZg5XJKdY
che/+rp8VftGDCHnS84wIO4ocIKnHcythTmDSQ/cn4+y/2MTY1zSOQ54dBp2ulVO
jwcYJajPtcIsUh8J2ONaSgMu7gHT/3J6E1oL5nCs7L1ydQQ2GcT/7RYwihR04uQP
8SrbgBNUFVcF7tDejj/uHNhY+gAGKCsekHqrW7UgukH5l7Yret1bPi33eT7KoLJu
dlUUq4lnLndVLg8OzN+JEd8gRmjZNkYGAhV9fwIDAQABo4IBDzCCAQswDAYDVR0T
AQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHQYD
VR0OBBYEFMWGSiF+2fK1faEBrKxeXf4Vgve/MA8GCSsGAQUFBzABBQQCBQAwVAYD
VR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9yZXBv
c2l0b3J5L21hc3RlcnN0YXJmaWVsZDJpc3N1aW5nLmNybDBQBgNVHSAESTBHMEUG
C2CGSAGG/W4BBxcBMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly9jcmwuc3RhcmZpZWxk
dGVjaC5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAKQOkxfB5Y9/
qADXtCfkwLVMackGfcpF9flGnkj3VAFOlrKYWTqEg1lZA4LUrVfg/QpB4/9Bn9Uw
RDs4DvRA9L9o7Uir6bm1KcKBvkhuuy/sSk4nCbAorz70A6gQZXyEfenhBbyNNmYQ
jvxBjGFG+LqGTot11T6QPSF2Svx/vQTUs1CUmrdmB0LiUub+AJw2e8oprhAVymp4
FiLg7ZIUaEnNfayCIllsAZHHcNwwxwjku7nbR7HTNHm8rfcU6B3AYRCXP9OohmDQ
Q1CcS13whSLB2z0Oj9+CTjy9un6GjHpk7JrmgcowdG4rU/KiZTz2ZmHz4OJqv0d7
zknE49hKU3o=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=120573, public, no-transform, must-revalidate]
Content-Length: [1845]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 28 Jun 2017 15:45:12 GMT]
Etag: ["513e553630bf73774a5b3cea712f57b9c76ae0e4"]
Expires: [Fri, 30 Jun 2017 03:00:31 GMT]
Last-Modified: [Wed, 28 Jun 2017 15:00:31 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.starfieldtech.com/ (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.starfieldtech.com/ (GET)
Size: 1845 bytes (DER data)
Response time: 118.593192ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Starfield Validation Authority - G2
Issued by: Starfield Secure Certificate Authority - G2
Signing certificate validity: 2016-12-13 - 2017-12-13
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 33h30m53s

Server and network information

Server Software: Apache

URL used for GET request

http://ocsp.starfieldtech.com/MEgwRjBEMEIwQDAJBgUrDgMCGgUABBT1ZqtwV0O1KcYi0gdzcFkHM%2BuArAQUJUWBaFAmOD07LSy%2BzWrZtj2zZmMCByteii66FeI%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEgwRjBEMEIwQDAJBgUrDgMCGgUABBT1ZqtwV0O1KcYi0gdzcFkHM+uArAQUJUWB
aFAmOD07LSy+zWrZtj2zZmMCByteii66FeI=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHMQoBAKCCByowggcmBgkrBgEFBQcwAQEEggcXMIIHEzCCAQuhgYswgYgxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxl
MSQwIgYDVQQKExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAqBgNVBAMT
I1N0YXJmaWVsZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyGA8yMDE3MDYyODE1
MDAzMVowajBoMEAwCQYFKw4DAhoFAAQU9WarcFdDtSnGItIHc3BZBzPrgKwEFCVF
gWhQJjg9Oy0svs1q2bY9s2ZjAgcrXoouuhXigAAYDzIwMTcwNjI4MTUwMDMxWqAR
GA8yMDE3MDYzMDAzMDAzMVowDQYJKoZIhvcNAQEFBQADggEBAKVI54J7fxdah3kT
PQzicLxcOrfWpLu11mnRecb4ytFjc9ewl2Iw78A1W6meJCSqLoPLUsPmIg+nGmM1
whQhEvJL23SaKX6AAWtj4dv76JhK+Ip7GamvEs6XuvArJNOkWq+QBYz/ppmTFELc
uj6Mt2jgTS6VL14cbUz7JrVM/qNv8zyZ3VITu4/klgqT6OFTIuVXTGDMxc1UxzCm
fXexQV/Xoel2h45t+7ja5lLUMp5Tdaezb1UATiLk7uUt0RpFzuzS34mVb3R8+8Pv
k5/9iSbj8fPzqXTW66z+SkZ/lMd7Y6L2tYU4bJHYeEF9Xah3fRI/jQn6V+8ARxp5
v9Oo2jigggTsMIIE6DCCBOQwggPMoAMCAQICCQDcn6yT+v/VfzANBgkqhkiG9w0B
AQsFADCBxjELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcT
ClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIElu
Yy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0cy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBv
c2l0b3J5LzE0MDIGA1UEAxMrU3RhcmZpZWxkIFNlY3VyZSBDZXJ0aWZpY2F0ZSBB
dXRob3JpdHkgLSBHMjAeFw0xNjEyMTMwNzAwMDBaFw0xNzEyMTMwNzAwMDBaMIGI
MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRz
ZGFsZTEkMCIGA1UEChMbU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgTExDMSwwKgYD
VQQDEyNTdGFyZmllbGQgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBHMjCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMSt+zDfQd/+EDESIH4xIOLzJkCgOFq
yWKYMsVjvYH7vCdlU0EAGu2AlzYiIjKbaGYLbQFtOf+ohaiLl6ewX04FImdW6c97
5Uoie+XnMGYOVySnWHIXv/q6fFX7Rgwh50vOMCDuKHCCpx3MrYU5g0kP3J+Psv9j
E2Nc0jkOeHQadrpVTo8HGCWoz7XCLFIfCdjjWkoDLu4B0/9yehNaC+ZwrOy9cnUE
NhnE/+0WMIoUdOLkD/Eq24ATVBVXBe7Q3o4/7hzYWPoABigrHpB6q1u1ILpB+Ze2
K3rdWz4t93k+yqCybnZVFKuJZy53VS4PDszfiRHfIEZo2TZGBgIVfX8CAwEAAaOC
AQ8wggELMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMBMGA1UdJQQMMAoG
CCsGAQUFBwMJMB0GA1UdDgQWBBTFhkohftnytX2hAaysXl3+FYL3vzAPBgkrBgEF
BQcwAQUEAgUAMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuc3RhcmZpZWxk
dGVjaC5jb20vcmVwb3NpdG9yeS9tYXN0ZXJzdGFyZmllbGQyaXNzdWluZy5jcmww
UAYDVR0gBEkwRzBFBgtghkgBhv1uAQcXATA2MDQGCCsGAQUFBwIBFihodHRwOi8v
Y3JsLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUA
A4IBAQCkDpMXweWPf6gA17Qn5MC1TGnJBn3KRfX5Rp5I91QBTpaymFk6hINZWQOC
1K1X4P0KQeP/QZ/VMEQ7OA70QPS/aO1Iq+m5tSnCgb5Ibrsv7EpOJwmwKK8+9AOo
EGV8hH3p4QW8jTZmEI78QYxhRvi6hk6LddU+kD0hdkr8f70E1LNQlJq3ZgdC4lLm
/gCcNnvKKa4QFcpqeBYi4O2SFGhJzX2sgiJZbAGRx3DcMMcI5Lu520ex0zR5vK33
FOgdwGEQlz/TqIZg0ENQnEtd8IUiwds9Do/fgk48vbp+hox6ZOya5oHKMHRuK1Py
omU89mZh8+Diar9He85JxOPYSlN6
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIJANyfrJP6/9V/MA0GCSqGSIb3DQEBCwUAMIHGMQswCQYD
VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEl
MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEzMDEGA1UECxMq
aHR0cDovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTQwMgYD
VQQDEytTdGFyZmllbGQgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcy
MB4XDTE2MTIxMzA3MDAwMFoXDTE3MTIxMzA3MDAwMFowgYgxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSQwIgYDVQQK
ExtTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBMTEMxLDAqBgNVBAMTI1N0YXJmaWVs
ZCBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwxK37MN9B3/4QMRIgfjEg4vMmQKA4WrJYpgyxWO9gfu8J2VT
QQAa7YCXNiIiMptoZgttAW05/6iFqIuXp7BfTgUiZ1bpz3vlSiJ75ecwZg5XJKdY
che/+rp8VftGDCHnS84wIO4ocIKnHcythTmDSQ/cn4+y/2MTY1zSOQ54dBp2ulVO
jwcYJajPtcIsUh8J2ONaSgMu7gHT/3J6E1oL5nCs7L1ydQQ2GcT/7RYwihR04uQP
8SrbgBNUFVcF7tDejj/uHNhY+gAGKCsekHqrW7UgukH5l7Yret1bPi33eT7KoLJu
dlUUq4lnLndVLg8OzN+JEd8gRmjZNkYGAhV9fwIDAQABo4IBDzCCAQswDAYDVR0T
AQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwkwHQYD
VR0OBBYEFMWGSiF+2fK1faEBrKxeXf4Vgve/MA8GCSsGAQUFBzABBQQCBQAwVAYD
VR0fBE0wSzBJoEegRYZDaHR0cDovL2NybC5zdGFyZmllbGR0ZWNoLmNvbS9yZXBv
c2l0b3J5L21hc3RlcnN0YXJmaWVsZDJpc3N1aW5nLmNybDBQBgNVHSAESTBHMEUG
C2CGSAGG/W4BBxcBMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly9jcmwuc3RhcmZpZWxk
dGVjaC5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAKQOkxfB5Y9/
qADXtCfkwLVMackGfcpF9flGnkj3VAFOlrKYWTqEg1lZA4LUrVfg/QpB4/9Bn9Uw
RDs4DvRA9L9o7Uir6bm1KcKBvkhuuy/sSk4nCbAorz70A6gQZXyEfenhBbyNNmYQ
jvxBjGFG+LqGTot11T6QPSF2Svx/vQTUs1CUmrdmB0LiUub+AJw2e8oprhAVymp4
FiLg7ZIUaEnNfayCIllsAZHHcNwwxwjku7nbR7HTNHm8rfcU6B3AYRCXP9OohmDQ
Q1CcS13whSLB2z0Oj9+CTjy9un6GjHpk7JrmgcowdG4rU/KiZTz2ZmHz4OJqv0d7
zknE49hKU3o=
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=120653, public, no-transform, must-revalidate]
Content-Length: [1845]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Wed, 28 Jun 2017 15:43:47 GMT]
Etag: ["513e553630bf73774a5b3cea712f57b9c76ae0e4"]
Expires: [Fri, 30 Jun 2017 03:00:31 GMT]
Last-Modified: [Wed, 28 Jun 2017 15:00:31 GMT]
P3p: [CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"]
Server: [Apache]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.