CRL & OCSP report for www.reliancemutual.com (Reliance Capital Asset Management Ltd.)

www.reliancemutual.com

Certificate details for www.reliancemutual.com (At position 0 in certificate chain)
Serial number:
hex: 4c214180
int: 1277247872
Issued by: Entrust Certification Authority - L1E
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Company registration number: U65910MH1995PLC220793
Organization: Reliance Capital Asset Management Ltd.
State / Province: Maharashtra
Locality: Mumbai
Country: IN
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for www.reliancemutual.com.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.entrust.net/level1e.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.entrust.net/level1e.crl
Size: 988 bytes (DER data)
Response time: 680.27181ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 10

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Content Delivery Network (CDN): Akamai
Cache Information: TCP_REFRESH_MISS from a23-219-93-206.deploy.akamaitechnologies.com (AkamaiGHost/8.3.4.1.2-20081415) (S)

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [no-cache]
Content-Length: [988]
Content-Type: [application/x-pkcs7-crl]
Date: [Tue, 27 Jun 2017 00:04:02 GMT]
Expires: [Tue, 27 Jun 2017 00:04:02 GMT]
Last-Modified: [Mon, 26 Jun 2017 23:00:02 GMT]
Pragma: [no-cache]
X-Cache: [TCP_REFRESH_MISS from a23-219-93-206.deploy.akamaitechnologies.com (AkamaiGHost/8.3.4.1.2-20081415) (S)]
X-Frame-Options: [DENY]
  • Content-Type in response is set 'application/x-pkcs7-crl' and should be replaced with 'application/pkix-crl' (RFC 5280, section 4.2.1.13)
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.entrust.net (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.entrust.net (POST)
Size: 1939 bytes (DER data)
Response time: 710.87211ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Entrust Validation Authority
Issued by: Entrust Certification Authority - L1E
Signing certificate validity: 2015-06-29 - 2018-06-29
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 59m50s

Server and network information

Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-215-131-63.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEUwQzBBMD8wPTAJBgUrDgMCGgUABBSibb/xv9lph7oCC99XjpqWXu4cjgQUW0GK
ssRDwb2/yFRBVZ3glq3/uaECBEwhQYA=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHjwoBAKCCB4gwggeEBgkrBgEFBQcwAQEEggd1MIIHcTCCAVihgdswgdgxCzAJ
BgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkwNwYDVQQLEzB3d3cu
ZW50cnVzdC5uZXQvcnBhIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVuY2UxHzAd
BgNVBAsTFihjKSAyMDA5IEVudHJ1c3QsIEluYy4xLjAsBgNVBAMTJUVudHJ1c3Qg
Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUUxJTAjBgNVBAMTHEVudHJ1c3Qg
VmFsaWRhdGlvbiBBdXRob3JpdHkYDzIwMTcwNjI2MjI1MDEzWjBnMGUwPTAJBgUr
DgMCGgUABBSibb/xv9lph7oCC99XjpqWXu4cjgQUW0GKssRDwb2/yFRBVZ3glq3/
uaECBEwhQYCAABgPMjAxNzA2MjYwNzU2MDlaoBEYDzIwMTcwNzAzMjI1MDEzWjAN
BgkqhkiG9w0BAQUFAAOCAQEAH8LEBtqcgS9zS4U3iLZWgjg6swwE4Zh4MzryIIGO
DuzdT1hPeC17goaOk3IE7gJnJMmtBx18QyHr18bJj6zhX7HxsPNIvmgYDbwWpRiK
+xENG+jF+iGuxMj6+UROzyaOK/uXVdOdhDo0hLsKiOvzUAtBtzsZdREnhzU6QAch
1ZYzHRZrtliPfJtiTWahMPzxIKEC2NAuaW5BlP5TyjWYAGfIQhMAUIOk6bI4nz5j
V5DrOyK5ascyfdNBH18YutijkZK12V7OfM51IMZ9CSAYTwVDxaEZlKMjdzVSIXxZ
ySqQb9QO7XV5WYg1pWv87Qxfz7H4Sp5GFCb3UXQnhXaiF6CCBP0wggT5MIIE9TCC
A92gAwIBAgIETCF72zANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMCVVMxFjAU
BgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9y
cGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIw
MDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eSAtIEwxRTAeFw0xNTA2MjkxMjMyNTNaFw0xODA2MjkyMTI5MDha
MIHYMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjE5MDcGA1UE
CxMwd3d3LmVudHJ1c3QubmV0L3JwYSBpcyBpbmNvcnBvcmF0ZWQgYnkgcmVmZXJl
bmNlMR8wHQYDVQQLExYoYykgMjAwOSBFbnRydXN0LCBJbmMuMS4wLAYDVQQDEyVF
bnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gTDFFMSUwIwYDVQQDExxF
bnRydXN0IFZhbGlkYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAydqJVenrg9VMqV5B4iJAbalp0DfqQaTUJXu3G5+h6rXjkj+Z
PpXv7QimlUzYDgsvmXYNUapOwBAJGKUXWttnKdznQUDdddOiem9p2TjDLrkP2Uw+
bYQ2jmisO1teqWscWFzIGuSL3or591V52XHv64ll4ALvZkJfNqhUpzbCAgUVk7Mi
8VmJySIemHy0gYzcRIkqnYl+jrh89c+a2hNXYZRkyqq5wBQPb+z9KU5holP/Y9e6
UYaiDoDgH5cmRcGerBiYeb/bSOXV1IYcDmbj2OOsx8G5WEhgHQN48VsyMc4xLMcj
F1GcZ4OZyGcEv8Hu8t51/9uC/w5EzOSYXgOkMwIDAQABo4HrMIHoMAsGA1UdDwQE
AwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMDMGCCsG
AQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQw
MwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFl
LmNybDAfBgNVHSMEGDAWgBRbQYqyxEPBvb/IVEFVneCWrf+5oTAdBgNVHQ4EFgQU
1QIEttegqC2zvRIlq1LU0eWWjcQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOC
AQEATlfSfSx2zp0khoOxt+tMuWjPL9vgmCvSGQvu06SVwmCSsORHW+S9bwDob9qH
CLrM2Sd0piMgEq3fcElEk7ijF+qTuAXuf0Fll0eAVoT98+AREWpqmGE6xIc73KKC
b/omx76WfWOkKm22tJclUCjVQgCRrzonsruVelvGs8yMju+u5y0KtnST4Y/rlpes
OmJFkIinJM5GT/poCuyl+OgK1WZ/BEnaN4hoL0BH8V8LjbKIvvgCs1VezQB7V+vg
BLBhep8350EGAvOdnMfoRPMgl+JI6qXOYCMSVGiEAtz38kRxKV8+5lWPaoplvE6z
0Dq2Jc3BORxCjzj/uK5sQ0V2UA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIETCF72zANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eSAtIEwxRTAeFw0xNTA2MjkxMjMyNTNaFw0xODA2Mjky
MTI5MDhaMIHYMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjE5
MDcGA1UECxMwd3d3LmVudHJ1c3QubmV0L3JwYSBpcyBpbmNvcnBvcmF0ZWQgYnkg
cmVmZXJlbmNlMR8wHQYDVQQLExYoYykgMjAwOSBFbnRydXN0LCBJbmMuMS4wLAYD
VQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gTDFFMSUwIwYD
VQQDExxFbnRydXN0IFZhbGlkYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAydqJVenrg9VMqV5B4iJAbalp0DfqQaTUJXu3G5+h
6rXjkj+ZPpXv7QimlUzYDgsvmXYNUapOwBAJGKUXWttnKdznQUDdddOiem9p2TjD
LrkP2Uw+bYQ2jmisO1teqWscWFzIGuSL3or591V52XHv64ll4ALvZkJfNqhUpzbC
AgUVk7Mi8VmJySIemHy0gYzcRIkqnYl+jrh89c+a2hNXYZRkyqq5wBQPb+z9KU5h
olP/Y9e6UYaiDoDgH5cmRcGerBiYeb/bSOXV1IYcDmbj2OOsx8G5WEhgHQN48Vsy
Mc4xLMcjF1GcZ4OZyGcEv8Hu8t51/9uC/w5EzOSYXgOkMwIDAQABo4HrMIHoMAsG
A1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUA
MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
dC5uZXQwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9s
ZXZlbDFlLmNybDAfBgNVHSMEGDAWgBRbQYqyxEPBvb/IVEFVneCWrf+5oTAdBgNV
HQ4EFgQU1QIEttegqC2zvRIlq1LU0eWWjcQwCQYDVR0TBAIwADANBgkqhkiG9w0B
AQUFAAOCAQEATlfSfSx2zp0khoOxt+tMuWjPL9vgmCvSGQvu06SVwmCSsORHW+S9
bwDob9qHCLrM2Sd0piMgEq3fcElEk7ijF+qTuAXuf0Fll0eAVoT98+AREWpqmGE6
xIc73KKCb/omx76WfWOkKm22tJclUCjVQgCRrzonsruVelvGs8yMju+u5y0KtnST
4Y/rlpesOmJFkIinJM5GT/poCuyl+OgK1WZ/BEnaN4hoL0BH8V8LjbKIvvgCs1Ve
zQB7V+vgBLBhep8350EGAvOdnMfoRPMgl+JI6qXOYCMSVGiEAtz38kRxKV8+5lWP
aoplvE6z0Dq2Jc3BORxCjzj/uK5sQ0V2UA==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate, max-age=3590]
Content-Length: [1939]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 27 Jun 2017 00:04:02 GMT]
Etag: ["107AEDD8FD9B0D9733E542DC585A7AF808089F0F"]
Expires: [Tue, 27 Jun 2017 01:03:52 GMT]
Last-Modified: [Mon, 26 Jun 2017 22:50:13 GMT]
X-Cache: [TCP_MISS from a23-215-131-63.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.entrust.net (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.entrust.net (GET)
Size: 1939 bytes (DER data)
Response time: 703.581756ms
Signature algorithm: SHA1WithRSA
Signature type: CA Delegated
Signed by: Entrust Validation Authority
Issued by: Entrust Certification Authority - L1E
Signing certificate validity: 2015-06-29 - 2018-06-29
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 1h0m0s

Server and network information

Content Delivery Network (CDN): Akamai
Cache Information: TCP_MISS from a23-215-131-87.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)

URL used for GET request

http://ocsp.entrust.net/MEUwQzBBMD8wPTAJBgUrDgMCGgUABBSibb%2Fxv9lph7oCC99XjpqWXu4cjgQUW0GKssRDwb2%2FyFRBVZ3glq3%2FuaECBEwhQYA%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEUwQzBBMD8wPTAJBgUrDgMCGgUABBSibb/xv9lph7oCC99XjpqWXu4cjgQUW0GK
ssRDwb2/yFRBVZ3glq3/uaECBEwhQYA=
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIHjwoBAKCCB4gwggeEBgkrBgEFBQcwAQEEggd1MIIHcTCCAVihgdswgdgxCzAJ
BgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkwNwYDVQQLEzB3d3cu
ZW50cnVzdC5uZXQvcnBhIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVuY2UxHzAd
BgNVBAsTFihjKSAyMDA5IEVudHJ1c3QsIEluYy4xLjAsBgNVBAMTJUVudHJ1c3Qg
Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUUxJTAjBgNVBAMTHEVudHJ1c3Qg
VmFsaWRhdGlvbiBBdXRob3JpdHkYDzIwMTcwNjI2MjI1MDEzWjBnMGUwPTAJBgUr
DgMCGgUABBSibb/xv9lph7oCC99XjpqWXu4cjgQUW0GKssRDwb2/yFRBVZ3glq3/
uaECBEwhQYCAABgPMjAxNzA2MjYwNzU2MDlaoBEYDzIwMTcwNzAzMjI1MDEzWjAN
BgkqhkiG9w0BAQUFAAOCAQEAH8LEBtqcgS9zS4U3iLZWgjg6swwE4Zh4MzryIIGO
DuzdT1hPeC17goaOk3IE7gJnJMmtBx18QyHr18bJj6zhX7HxsPNIvmgYDbwWpRiK
+xENG+jF+iGuxMj6+UROzyaOK/uXVdOdhDo0hLsKiOvzUAtBtzsZdREnhzU6QAch
1ZYzHRZrtliPfJtiTWahMPzxIKEC2NAuaW5BlP5TyjWYAGfIQhMAUIOk6bI4nz5j
V5DrOyK5ascyfdNBH18YutijkZK12V7OfM51IMZ9CSAYTwVDxaEZlKMjdzVSIXxZ
ySqQb9QO7XV5WYg1pWv87Qxfz7H4Sp5GFCb3UXQnhXaiF6CCBP0wggT5MIIE9TCC
A92gAwIBAgIETCF72zANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMCVVMxFjAU
BgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9y
cGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIw
MDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9u
IEF1dGhvcml0eSAtIEwxRTAeFw0xNTA2MjkxMjMyNTNaFw0xODA2MjkyMTI5MDha
MIHYMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjE5MDcGA1UE
CxMwd3d3LmVudHJ1c3QubmV0L3JwYSBpcyBpbmNvcnBvcmF0ZWQgYnkgcmVmZXJl
bmNlMR8wHQYDVQQLExYoYykgMjAwOSBFbnRydXN0LCBJbmMuMS4wLAYDVQQDEyVF
bnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gTDFFMSUwIwYDVQQDExxF
bnRydXN0IFZhbGlkYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAydqJVenrg9VMqV5B4iJAbalp0DfqQaTUJXu3G5+h6rXjkj+Z
PpXv7QimlUzYDgsvmXYNUapOwBAJGKUXWttnKdznQUDdddOiem9p2TjDLrkP2Uw+
bYQ2jmisO1teqWscWFzIGuSL3or591V52XHv64ll4ALvZkJfNqhUpzbCAgUVk7Mi
8VmJySIemHy0gYzcRIkqnYl+jrh89c+a2hNXYZRkyqq5wBQPb+z9KU5holP/Y9e6
UYaiDoDgH5cmRcGerBiYeb/bSOXV1IYcDmbj2OOsx8G5WEhgHQN48VsyMc4xLMcj
F1GcZ4OZyGcEv8Hu8t51/9uC/w5EzOSYXgOkMwIDAQABo4HrMIHoMAsGA1UdDwQE
AwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUAMDMGCCsG
AQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQw
MwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9sZXZlbDFl
LmNybDAfBgNVHSMEGDAWgBRbQYqyxEPBvb/IVEFVneCWrf+5oTAdBgNVHQ4EFgQU
1QIEttegqC2zvRIlq1LU0eWWjcQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOC
AQEATlfSfSx2zp0khoOxt+tMuWjPL9vgmCvSGQvu06SVwmCSsORHW+S9bwDob9qH
CLrM2Sd0piMgEq3fcElEk7ijF+qTuAXuf0Fll0eAVoT98+AREWpqmGE6xIc73KKC
b/omx76WfWOkKm22tJclUCjVQgCRrzonsruVelvGs8yMju+u5y0KtnST4Y/rlpes
OmJFkIinJM5GT/poCuyl+OgK1WZ/BEnaN4hoL0BH8V8LjbKIvvgCs1VezQB7V+vg
BLBhep8350EGAvOdnMfoRPMgl+JI6qXOYCMSVGiEAtz38kRxKV8+5lWPaoplvE6z
0Dq2Jc3BORxCjzj/uK5sQ0V2UA==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIETCF72zANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
Lm5ldC9ycGEgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
KGMpIDIwMDkgRW50cnVzdCwgSW5jLjEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZp
Y2F0aW9uIEF1dGhvcml0eSAtIEwxRTAeFw0xNTA2MjkxMjMyNTNaFw0xODA2Mjky
MTI5MDhaMIHYMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjE5
MDcGA1UECxMwd3d3LmVudHJ1c3QubmV0L3JwYSBpcyBpbmNvcnBvcmF0ZWQgYnkg
cmVmZXJlbmNlMR8wHQYDVQQLExYoYykgMjAwOSBFbnRydXN0LCBJbmMuMS4wLAYD
VQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gTDFFMSUwIwYD
VQQDExxFbnRydXN0IFZhbGlkYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAydqJVenrg9VMqV5B4iJAbalp0DfqQaTUJXu3G5+h
6rXjkj+ZPpXv7QimlUzYDgsvmXYNUapOwBAJGKUXWttnKdznQUDdddOiem9p2TjD
LrkP2Uw+bYQ2jmisO1teqWscWFzIGuSL3or591V52XHv64ll4ALvZkJfNqhUpzbC
AgUVk7Mi8VmJySIemHy0gYzcRIkqnYl+jrh89c+a2hNXYZRkyqq5wBQPb+z9KU5h
olP/Y9e6UYaiDoDgH5cmRcGerBiYeb/bSOXV1IYcDmbj2OOsx8G5WEhgHQN48Vsy
Mc4xLMcjF1GcZ4OZyGcEv8Hu8t51/9uC/w5EzOSYXgOkMwIDAQABo4HrMIHoMAsG
A1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAPBgkrBgEFBQcwAQUEAgUA
MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
dC5uZXQwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9s
ZXZlbDFlLmNybDAfBgNVHSMEGDAWgBRbQYqyxEPBvb/IVEFVneCWrf+5oTAdBgNV
HQ4EFgQU1QIEttegqC2zvRIlq1LU0eWWjcQwCQYDVR0TBAIwADANBgkqhkiG9w0B
AQUFAAOCAQEATlfSfSx2zp0khoOxt+tMuWjPL9vgmCvSGQvu06SVwmCSsORHW+S9
bwDob9qHCLrM2Sd0piMgEq3fcElEk7ijF+qTuAXuf0Fll0eAVoT98+AREWpqmGE6
xIc73KKCb/omx76WfWOkKm22tJclUCjVQgCRrzonsruVelvGs8yMju+u5y0KtnST
4Y/rlpesOmJFkIinJM5GT/poCuyl+OgK1WZ/BEnaN4hoL0BH8V8LjbKIvvgCs1Ve
zQB7V+vgBLBhep8350EGAvOdnMfoRPMgl+JI6qXOYCMSVGiEAtz38kRxKV8+5lWP
aoplvE6z0Dq2Jc3BORxCjzj/uK5sQ0V2UA==
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate, max-age=3600]
Content-Length: [1939]
Content-Transfer-Encoding: [Binary]
Content-Type: [application/ocsp-response]
Date: [Tue, 27 Jun 2017 00:04:02 GMT]
Etag: ["107AEDD8FD9B0D9733E542DC585A7AF808089F0F"]
Expires: [Tue, 27 Jun 2017 01:04:02 GMT]
Last-Modified: [Mon, 26 Jun 2017 22:50:13 GMT]
X-Cache: [TCP_MISS from a23-215-131-87.deploy.akamaitechnologies.com (AkamaiGHost/9.0.0-20100727) (-)]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is not the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is not the same as the NextUpdate field (RFC 5019 section 6.2)

Entrust Certification Authority - L1E (CA Certificate)

Certificate details for Entrust Certification Authority - L1E (At position 1 in certificate chain)
Serial number:
hex: 456b9adc
int: 1164679900
Issued by: Entrust Root Certification Authority
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Entrust, Inc.
Organization unit: www.entrust.net/rpa is incorporated by reference
Organization unit: (c) 2009 Entrust, Inc.
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.