CRL & OCSP report for powerrankstore.com

powerrankstore.com

Certificate details for powerrankstore.com (At position 0 in certificate chain)
Serial number:
hex: 7072fa349f0937b2c2da1755
int: 34801320205737876635025807189
Issued by: GlobalSign Domain Validation CA - SHA256 - G3
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: Domain Control Validated
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for powerrankstore.com.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.globalsign.com/gsdomainvalsha2g3.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.globalsign.com/gsdomainvalsha2g3.crl
Size: 512 bytes (DER data)
Response time: 944.5748ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 1

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare, CloudFront
Cache Information: HIT, Miss from cloudfront

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3744d3aae3d30efd-EWR]
Content-Length: [512]
Content-Type: [application/pkix-crl]
Date: [Sun, 25 Jun 2017 03:26:42 GMT]
Etag: [028D]
Expires: [Sat, 01 Jul 2017 03:05:17 GMT]
Last-Modified: [Sat, 24 Jun 2017 03:05:17 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d875112c289b2b27a1d47901c690e78cd1498361202; expires=Mon, 25-Jun-18 03:26:42 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
Via: [1.1 ee4ba2e7eed09e7f30c6ffa712f4bee8.cloudfront.net (CloudFront)]
X-Amz-Cf-Id: [Q7Vr2C9NuSyfIgs1qWHX-c18hrU2ClILE2ca0jXAg5L35fGksBbY4g==]
X-Cache: [Miss from cloudfront]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.globalsign.com/gsdomainvalsha2g3 (GET)Revoked

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsdomainvalsha2g3 (GET)
Size: 1582 bytes (DER data)
Response time: 943.150937ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: GlobalSign Domain Validation CA - SHA256 - G3 OCSP Responder
Issued by: GlobalSign Domain Validation CA - SHA256 - G3
Signing certificate validity: 2017-05-29 - 2017-08-29
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Revoked

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: MISS

URL used for GET request

http://ocsp2.globalsign.com/gsdomainvalsha2g3/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBTkJrHpDjzXcmq2v4rT7Ui1Pq8dzAQUPYCCecVIgqPDEu7fmQ9XNUie0MsCDHBy%2BjSfCTeywtoXVQ%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME0wSzBJMEcwRTAJBgUrDgMCGgUABBTkJrHpDjzXcmq2v4rT7Ui1Pq8dzAQUPYCC
ecVIgqPDEu7fmQ9XNUie0MsCDHBy+jSfCTeywtoXVQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGKgoBAKCCBiMwggYfBgkrBgEFBQcwAQEEggYQMIIGDDCBsqIWBBRy7UC62K7x
unuZPs0P2++yc/TRsBgPMjAxNzA2MjUwMzI2NDJaMIGGMIGDMEUwCQYFKw4DAhoF
AAQU5Cax6Q4813Jqtr+K0+1ItT6vHcwEFD2AgnnFSIKjwxLu35kPVzVIntDLAgxw
cvo0nwk3ssLaF1WhFhgPMjAxNjAxMjkwMTQ0MTlaoAMKAQAYDzIwMTcwNjI1MDMy
NjQyWqARGA8yMDE3MDYyOTAzMjY0MlowDQYJKoZIhvcNAQELBQADggEBADtd9Zd3
SY+LAoKt1iNAhUoQKI62mjvG2Et38p8KTcytZwBPSci3ypzaG4RfNQZVrCAR2kJa
ezNnJgoJMNApY0n8OTdU2QvwjNRoHoOpO61tNQGE9IAh2nanLYVqjIOqQPO91R5l
K+dPqvEcmZRGYcYJ3QFIy1+aWAHnz6tGvj5EfVDT+Oo9VsZHIoq6sR5NK2+2uEBf
+v2jFrEZNRnyWlLWN4H6sjdTtJoQRWu3+zfetYyTFeXOpfuUvCh2C/UpPo9ut/bN
XaH34KgQz6EPmp/Ks6zwAO2MMduxwvL8nKDU5XitiKbA+GjE6zK27du2c6/ogxvL
9KA6h7Pa0wAmY5SgggQ/MIIEOzCCBDcwggMfoAMCAQICDGlRccxi8WCxuh0DAzAN
BgkqhkiG9w0BAQsFADBgMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2ln
biBudi1zYTE2MDQGA1UEAxMtR2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBD
QSAtIFNIQTI1NiAtIEczMB4XDTE3MDUyOTAzMzMyNFoXDTE3MDgyOTAzMzMyNFow
gYgxCzAJBgNVBAYTAlNHMRswGQYDVQQKExJHbG9iYWxTaWduIFB0ZSBMdGQxFTAT
BgNVBAUTDDIwMTcwNTI5MDAwNzFFMEMGA1UEAxM8R2xvYmFsU2lnbiBEb21haW4g
VmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEczIE9DU1AgUmVzcG9uZGVyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxbBZdn1MhmR8/sDTFgQKnw6409N
OL3fo+cjZWQ3LSc/srSZI/UBKROsvOfvHIy1tbELmartUAK7FjWzEmi8TdS05gHb
RkpPF7T8M58pXddFRRGHxr+FJKcseuikHlTaIYhDgbclqeE1a/ZAECz5wlILXzX7
R4NEPaxZjjfh1o3HfFM9UPKIoaBuAP+mdtBaVVXt64QcKbQ5osdLNiD8EA/v7dZd
tepkA9h2DuIIAzlB4ZPYwXHE1MwHAvnctNzeCYKnu5oPxrgZH1jtiqkNoIRFqWqE
fMr+HcyyeibBvqteA6GeLOcxBqdHNlj79lQtIsbwrpBnFk01ksFyTY2WVQIDAQAB
o4HHMIHEMB0GA1UdDgQWBBRy7UC62K7xunuZPs0P2++yc/TRsDAfBgNVHSMEGDAW
gBQ9gIJ5xUiCo8MS7t+ZD1c1SJ7QyzAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARF
MEMwQQYJKwYBBAGgMgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2Jh
bHNpZ24uY29tL3JlcG9zaXRvcnkvMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAK
BggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAQEAcPsLE5A6Nvgwhh2IIbxOeHZW
0/eskHYCC8jNG8kMQeoExs+kvH7YHy/NhriwwQ+9Hxe407m3gvO87UGh0qHBB+4k
VW9kv+vy64dkTKcJ3BXWcwdCW2P6g+UjctYH1XSgsbKygPIA0Feu2XzlMBGEMZxf
A/iVgrq0t8cxUdWA2lbjTdNtPdJMdZNEIAtkYmtZiqtIwl3ayrTtSBslyKeulF3/
ouObKtbn7UXS/hf2ZMmnqg9Tk+g+pBOyR7bnHH3t7KZEt/dD8D/kY/Dxh091U8yr
bDyaaUC9VcXALfkYhnKwPyUCZjDt6pJXin+z0q7G8isNU+6Ndk6msLdhSVSeOQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIENzCCAx+gAwIBAgIMaVFxzGLxYLG6HQMDMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwHhcN
MTcwNTI5MDMzMzI0WhcNMTcwODI5MDMzMzI0WjCBiDELMAkGA1UEBhMCU0cxGzAZ
BgNVBAoTEkdsb2JhbFNpZ24gUHRlIEx0ZDEVMBMGA1UEBRMMMjAxNzA1MjkwMDA3
MUUwQwYDVQQDEzxHbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hB
MjU2IC0gRzMgT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC/FsFl2fUyGZHz+wNMWBAqfDrjT004vd+j5yNlZDctJz+ytJkj9QEp
E6y85+8cjLW1sQuZqu1QArsWNbMSaLxN1LTmAdtGSk8XtPwznyld10VFEYfGv4Uk
pyx66KQeVNohiEOBtyWp4TVr9kAQLPnCUgtfNftHg0Q9rFmON+HWjcd8Uz1Q8oih
oG4A/6Z20FpVVe3rhBwptDmix0s2IPwQD+/t1l216mQD2HYO4ggDOUHhk9jBccTU
zAcC+dy03N4Jgqe7mg/GuBkfWO2KqQ2ghEWpaoR8yv4dzLJ6JsG+q14DoZ4s5zEG
p0c2WPv2VC0ixvCukGcWTTWSwXJNjZZVAgMBAAGjgccwgcQwHQYDVR0OBBYEFHLt
QLrYrvG6e5k+zQ/b77Jz9NGwMB8GA1UdIwQYMBaAFD2AgnnFSIKjwxLu35kPVzVI
ntDLMA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAy
BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
eS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3
DQEBCwUAA4IBAQBw+wsTkDo2+DCGHYghvE54dlbT96yQdgILyM0byQxB6gTGz6S8
ftgfL82GuLDBD70fF7jTubeC87ztQaHSocEH7iRVb2S/6/Lrh2RMpwncFdZzB0Jb
Y/qD5SNy1gfVdKCxsrKA8gDQV67ZfOUwEYQxnF8D+JWCurS3xzFR1YDaVuNN0209
0kx1k0QgC2Ria1mKq0jCXdrKtO1IGyXIp66UXf+i45sq1uftRdL+F/ZkyaeqD1OT
6D6kE7JHtuccfe3spkS390PwP+Rj8PGHT3VTzKtsPJppQL1VxcAt+RiGcrA/JQJm
MO3qkleKf7PSrsbyKw1T7o12Tqawt2FJVJ45
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [MISS]
Cf-Ray: [3744d3aae694472e-EWR]
Content-Length: [1582]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:26:42 GMT]
Etag: ["5ba7390b72d9342b262f884276dcbd8ebd740703"]
Expires: [Thu, 29 Jun 2017 03:26:42 GMT]
Last-Modified: [Sun, 25 Jun 2017 03:26:42 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=dabcd3d32bef3b8ac8421af72c98217811498361202; expires=Mon, 25-Jun-18 03:26:42 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp2.globalsign.com/gsdomainvalsha2g3 (POST)Revoked

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsdomainvalsha2g3 (POST)
Size: 1582 bytes (DER data)
Response time: 1.433516572s
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: GlobalSign Domain Validation CA - SHA256 - G3 OCSP Responder
Issued by: GlobalSign Domain Validation CA - SHA256 - G3
Signing certificate validity: 2017-05-29 - 2017-08-29
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Revoked

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME0wSzBJMEcwRTAJBgUrDgMCGgUABBTkJrHpDjzXcmq2v4rT7Ui1Pq8dzAQUPYCC
ecVIgqPDEu7fmQ9XNUie0MsCDHBy+jSfCTeywtoXVQ==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGKgoBAKCCBiMwggYfBgkrBgEFBQcwAQEEggYQMIIGDDCBsqIWBBRy7UC62K7x
unuZPs0P2++yc/TRsBgPMjAxNzA2MjUwMzI2NDJaMIGGMIGDMEUwCQYFKw4DAhoF
AAQU5Cax6Q4813Jqtr+K0+1ItT6vHcwEFD2AgnnFSIKjwxLu35kPVzVIntDLAgxw
cvo0nwk3ssLaF1WhFhgPMjAxNjAxMjkwMTQ0MTlaoAMKAQAYDzIwMTcwNjI1MDMy
NjQyWqARGA8yMDE3MDYyOTAzMjY0MlowDQYJKoZIhvcNAQELBQADggEBADtd9Zd3
SY+LAoKt1iNAhUoQKI62mjvG2Et38p8KTcytZwBPSci3ypzaG4RfNQZVrCAR2kJa
ezNnJgoJMNApY0n8OTdU2QvwjNRoHoOpO61tNQGE9IAh2nanLYVqjIOqQPO91R5l
K+dPqvEcmZRGYcYJ3QFIy1+aWAHnz6tGvj5EfVDT+Oo9VsZHIoq6sR5NK2+2uEBf
+v2jFrEZNRnyWlLWN4H6sjdTtJoQRWu3+zfetYyTFeXOpfuUvCh2C/UpPo9ut/bN
XaH34KgQz6EPmp/Ks6zwAO2MMduxwvL8nKDU5XitiKbA+GjE6zK27du2c6/ogxvL
9KA6h7Pa0wAmY5SgggQ/MIIEOzCCBDcwggMfoAMCAQICDGlRccxi8WCxuh0DAzAN
BgkqhkiG9w0BAQsFADBgMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2ln
biBudi1zYTE2MDQGA1UEAxMtR2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBD
QSAtIFNIQTI1NiAtIEczMB4XDTE3MDUyOTAzMzMyNFoXDTE3MDgyOTAzMzMyNFow
gYgxCzAJBgNVBAYTAlNHMRswGQYDVQQKExJHbG9iYWxTaWduIFB0ZSBMdGQxFTAT
BgNVBAUTDDIwMTcwNTI5MDAwNzFFMEMGA1UEAxM8R2xvYmFsU2lnbiBEb21haW4g
VmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEczIE9DU1AgUmVzcG9uZGVyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxbBZdn1MhmR8/sDTFgQKnw6409N
OL3fo+cjZWQ3LSc/srSZI/UBKROsvOfvHIy1tbELmartUAK7FjWzEmi8TdS05gHb
RkpPF7T8M58pXddFRRGHxr+FJKcseuikHlTaIYhDgbclqeE1a/ZAECz5wlILXzX7
R4NEPaxZjjfh1o3HfFM9UPKIoaBuAP+mdtBaVVXt64QcKbQ5osdLNiD8EA/v7dZd
tepkA9h2DuIIAzlB4ZPYwXHE1MwHAvnctNzeCYKnu5oPxrgZH1jtiqkNoIRFqWqE
fMr+HcyyeibBvqteA6GeLOcxBqdHNlj79lQtIsbwrpBnFk01ksFyTY2WVQIDAQAB
o4HHMIHEMB0GA1UdDgQWBBRy7UC62K7xunuZPs0P2++yc/TRsDAfBgNVHSMEGDAW
gBQ9gIJ5xUiCo8MS7t+ZD1c1SJ7QyzAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARF
MEMwQQYJKwYBBAGgMgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2Jh
bHNpZ24uY29tL3JlcG9zaXRvcnkvMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAK
BggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAQEAcPsLE5A6Nvgwhh2IIbxOeHZW
0/eskHYCC8jNG8kMQeoExs+kvH7YHy/NhriwwQ+9Hxe407m3gvO87UGh0qHBB+4k
VW9kv+vy64dkTKcJ3BXWcwdCW2P6g+UjctYH1XSgsbKygPIA0Feu2XzlMBGEMZxf
A/iVgrq0t8cxUdWA2lbjTdNtPdJMdZNEIAtkYmtZiqtIwl3ayrTtSBslyKeulF3/
ouObKtbn7UXS/hf2ZMmnqg9Tk+g+pBOyR7bnHH3t7KZEt/dD8D/kY/Dxh091U8yr
bDyaaUC9VcXALfkYhnKwPyUCZjDt6pJXin+z0q7G8isNU+6Ndk6msLdhSVSeOQ==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIENzCCAx+gAwIBAgIMaVFxzGLxYLG6HQMDMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwHhcN
MTcwNTI5MDMzMzI0WhcNMTcwODI5MDMzMzI0WjCBiDELMAkGA1UEBhMCU0cxGzAZ
BgNVBAoTEkdsb2JhbFNpZ24gUHRlIEx0ZDEVMBMGA1UEBRMMMjAxNzA1MjkwMDA3
MUUwQwYDVQQDEzxHbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hB
MjU2IC0gRzMgT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC/FsFl2fUyGZHz+wNMWBAqfDrjT004vd+j5yNlZDctJz+ytJkj9QEp
E6y85+8cjLW1sQuZqu1QArsWNbMSaLxN1LTmAdtGSk8XtPwznyld10VFEYfGv4Uk
pyx66KQeVNohiEOBtyWp4TVr9kAQLPnCUgtfNftHg0Q9rFmON+HWjcd8Uz1Q8oih
oG4A/6Z20FpVVe3rhBwptDmix0s2IPwQD+/t1l216mQD2HYO4ggDOUHhk9jBccTU
zAcC+dy03N4Jgqe7mg/GuBkfWO2KqQ2ghEWpaoR8yv4dzLJ6JsG+q14DoZ4s5zEG
p0c2WPv2VC0ixvCukGcWTTWSwXJNjZZVAgMBAAGjgccwgcQwHQYDVR0OBBYEFHLt
QLrYrvG6e5k+zQ/b77Jz9NGwMB8GA1UdIwQYMBaAFD2AgnnFSIKjwxLu35kPVzVI
ntDLMA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAy
BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
eS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3
DQEBCwUAA4IBAQBw+wsTkDo2+DCGHYghvE54dlbT96yQdgILyM0byQxB6gTGz6S8
ftgfL82GuLDBD70fF7jTubeC87ztQaHSocEH7iRVb2S/6/Lrh2RMpwncFdZzB0Jb
Y/qD5SNy1gfVdKCxsrKA8gDQV67ZfOUwEYQxnF8D+JWCurS3xzFR1YDaVuNN0209
0kx1k0QgC2Ria1mKq0jCXdrKtO1IGyXIp66UXf+i45sq1uftRdL+F/ZkyaeqD1OT
6D6kE7JHtuccfe3spkS390PwP+Rj8PGHT3VTzKtsPJppQL1VxcAt+RiGcrA/JQJm
MO3qkleKf7PSrsbyKw1T7o12Tqawt2FJVJ45
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3744d3aae62221f8-EWR]
Content-Length: [1582]
Content-Type: [application/ocsp-response]
Date: [Sun, 25 Jun 2017 03:26:42 GMT]
Etag: ["5ba7390b72d9342b262f884276dcbd8ebd740703"]
Expires: [Thu, 29 Jun 2017 03:26:42 GMT]
Last-Modified: [Sun, 25 Jun 2017 03:26:42 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d6a2b83886cf62af566a9d35867eeed631498361202; expires=Mon, 25-Jun-18 03:26:42 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GlobalSign Domain Validation CA - SHA256 - G3 (CA Certificate)

Certificate details for GlobalSign Domain Validation CA - SHA256 - G3 (At position 1 in certificate chain)
Serial number:
hex: 4707b100f41822434ec05b8c7b7f
int: 1440660458996309441122145202371455
Issued by: GlobalSign Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.