CRL & OCSP report for lampelibre.jp

lampelibre.jp

Certificate details for lampelibre.jp (At position 0 in certificate chain)
Serial number:
hex: 1121c2b0987cf4972395fbd6b92521d72edf
int: 1492396966116570787060971004495445783686879
Issued by: GlobalSign Domain Validation CA - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization unit: Domain Control Validated
Country: JP
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for lampelibre.jp.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.globalsign.com/gs/gsdomainvalg2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.globalsign.com/gs/gsdomainvalg2.crl
Size: 14499 bytes (DER data)
Response time: 10.822175ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 379

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare, CloudFront
Cache Information: HIT, Miss from cloudfront

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3647d21c553121b6-EWR]
Content-Length: [14499]
Content-Type: [application/pkix-crl]
Date: [Thu, 25 May 2017 10:30:41 GMT]
Etag: [01565F]
Expires: [Wed, 31 May 2017 14:48:30 GMT]
Last-Modified: [Wed, 24 May 2017 14:48:30 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d1c340cf06e3afc23ea0af01771272e6f1495708241; expires=Fri, 25-May-18 10:30:41 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
Via: [1.1 d2732303fd1054eafb760187913561e3.cloudfront.net (CloudFront)]
X-Amz-Cf-Id: [71j_hoHKv8Sd_kHRIieOm5YabpidEuRluBmVOPR_LJuIK8x1CnZtdg==]
X-Cache: [Miss from cloudfront]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.globalsign.com/gsdomainvalg2 (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsdomainvalg2 (POST)
Size: 1581 bytes (DER data)
Response time: 314.653138ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign Domain Validation CA - G2 OCSP Responder
Issued by: GlobalSign Domain Validation CA - G2
Signing certificate validity: 2017-04-07 - 2017-07-15
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: MISS

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBRFZY2iAXRAL/SLOmrAvGkggJXHygQUlq36
sFu5g2QqdsIcimnaQtz+/SgCEhEhwrCYfPSXI5X71rklIdcu3w==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGKQoBAKCCBiIwggYeBgkrBgEFBQcwAQEEggYPMIIGCzCBxqIWBBRynJ3Kbqe2
WJznWRSmq+Q/aKwX9xgPMjAxNzA1MjUxMDMwNDFaMIGaMIGXMEswCQYFKw4DAhoF
AAQURWWNogF0QC/0izpqwLxpIICVx8oEFJat+rBbuYNkKnbCHIpp2kLc/v0oAhIR
IcKwmHz0lyOV+9a5JSHXLt+AABgPMjAxNzA1MjUxMDMwNDFaoBEYDzIwMTcwNTI5
MTAzMDQxWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNTI1MTAzMDQxWjANBgkq
hkiG9w0BAQsFAAOCAQEAYB4udB5+djlA36RpfaMHwY4G1MYNegB2CeSpOS+ZWp21
3YMY5Oi5vww8QZYgRUeGVdy0uJ53AqxDnToqERzx6rBW8NFcEOdLT/buiZ7OasoT
Z3hNbcqiUlVwYPAkXj+dzP/zbN6aI++OTJYU7u9yaTePVZZF+jkJiswjQR2W77iy
eR0z7Jc28OqTecWf2EzmrdtpriXFeCTFISM+8+e1jj+RP2JJtiPZshZi8yp15PPe
8hS/SKCALIwn6QeF1WB4VDsly+0QkdNPac/jwNzXDQ1t9t2WTB+xt3mdt6B5zDty
wXZCQW3xAexkzrFYeHk/kkT0aWYH88LqbcMhk6CjiqCCBCowggQmMIIEIjCCAwqg
AwIBAgIMfX2W6W5EqUSOjdVCMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRHbG9iYWxTaWdu
IERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIwHhcNMTcwNDA3MDAwMDAwWhcNMTcw
NzE1MDAwMDAwWjB9MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
di1zYTEVMBMGA1UEBRMMMjAxNjEyMDcxNjEzMTwwOgYDVQQDEzNHbG9iYWxTaWdu
IERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIgT0NTUCBSZXNwb25kZXIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnn0tWr64LKqW2O71f1NZ7fdFWXvmi
75f7j8X/vepWw/ynz+Ett5KsjsslIUGA9jVps5nB4ysdJQFwdosHL0GZsYB8GdDZ
UuUslI8OjfdLWS34cRQu1hUwOi5GO+GIcV6vP3uRxoo7o0safK/Vaf7ocCoStxr4
oQIek55kY5lD0kp2jR/d+6kdCeJ5vY2In0VM3+UCAvbk6rNlMXwNbUO941brtZ34
/CYtIVpI+Y7mIqkBBVDcvlJXU5sqsxAFJvvHqCQ1AZdO+zEhnyD1e3jxSJqRSRTa
wdIHjdGf5CknOBjJCM7urbqdg+BLdc7o/HGPqibZKrcgmeAMRjhJhVNBAgMBAAGj
gccwgcQwHQYDVR0OBBYEFHKcncpup7ZYnOdZFKar5D9orBf3MB8GA1UdIwQYMBaA
FJat+rBbuYNkKnbCHIpp2kLc/v0oMA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUw
QzBBBgkrBgEEAaAyAV8wNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFs
c2lnbi5jb20vcmVwb3NpdG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoG
CCsGAQUFBwMJMA0GCSqGSIb3DQEBBQUAA4IBAQBxDp5sYtlYBmbRwDhDCcGP6L2L
55lPdAmqgdefEnCcwQk0NG/tfnPLomgQWNVasMropqwBRUWxrazldT4ugBQ9nH/Q
RNKRFnbrgjIhGl62F2/N9KuMhBUQzz+sl0mxkcVue6fYjf7C8YvtFHfxTktVrit2
2mYueuI703OFf1wN8Kye9LIJWBVaTgHQ0oEtQfqLDJAo+t88/yyDOyZMZeWplCR4
lPO3V92+/nA0XZE0toYCY1nDhM0XBxnLVZw1SB/jBQI/KF4M+8E/BQgpvGGIwLEL
rXNYZMBuL0j+4KO7v7wDZ4J/kzH9ODc6pC4eMhGlm9L9HHTKBFa3DsnxL3Yp
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEIjCCAwqgAwIBAgIMfX2W6W5EqUSOjdVCMA0GCSqGSIb3DQEBBQUAMFcxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRH
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIwHhcNMTcwNDA3MDAw
MDAwWhcNMTcwNzE1MDAwMDAwWjB9MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xv
YmFsU2lnbiBudi1zYTEVMBMGA1UEBRMMMjAxNjEyMDcxNjEzMTwwOgYDVQQDEzNH
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIgT0NTUCBSZXNwb25k
ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnn0tWr64LKqW2O71f
1NZ7fdFWXvmi75f7j8X/vepWw/ynz+Ett5KsjsslIUGA9jVps5nB4ysdJQFwdosH
L0GZsYB8GdDZUuUslI8OjfdLWS34cRQu1hUwOi5GO+GIcV6vP3uRxoo7o0safK/V
af7ocCoStxr4oQIek55kY5lD0kp2jR/d+6kdCeJ5vY2In0VM3+UCAvbk6rNlMXwN
bUO941brtZ34/CYtIVpI+Y7mIqkBBVDcvlJXU5sqsxAFJvvHqCQ1AZdO+zEhnyD1
e3jxSJqRSRTawdIHjdGf5CknOBjJCM7urbqdg+BLdc7o/HGPqibZKrcgmeAMRjhJ
hVNBAgMBAAGjgccwgcQwHQYDVR0OBBYEFHKcncpup7ZYnOdZFKar5D9orBf3MB8G
A1UdIwQYMBaAFJat+rBbuYNkKnbCHIpp2kLc/v0oMA8GCSsGAQUFBzABBQQCBQAw
TAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93
d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBBQUAA4IBAQBxDp5sYtlYBmbR
wDhDCcGP6L2L55lPdAmqgdefEnCcwQk0NG/tfnPLomgQWNVasMropqwBRUWxrazl
dT4ugBQ9nH/QRNKRFnbrgjIhGl62F2/N9KuMhBUQzz+sl0mxkcVue6fYjf7C8Yvt
FHfxTktVrit22mYueuI703OFf1wN8Kye9LIJWBVaTgHQ0oEtQfqLDJAo+t88/yyD
OyZMZeWplCR4lPO3V92+/nA0XZE0toYCY1nDhM0XBxnLVZw1SB/jBQI/KF4M+8E/
BQgpvGGIwLELrXNYZMBuL0j+4KO7v7wDZ4J/kzH9ODc6pC4eMhGlm9L9HHTKBFa3
DsnxL3Yp
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [MISS]
Cf-Ray: [3647d21c50bc077f-EWR]
Content-Length: [1581]
Content-Type: [application/ocsp-response]
Date: [Thu, 25 May 2017 10:30:41 GMT]
Etag: ["69e84a30ad5c485607f45a58f6a8f2deb1498658"]
Expires: [Mon, 29 May 2017 10:30:41 GMT]
Last-Modified: [Thu, 25 May 2017 10:30:41 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d65d9d07d014b86e88eca9884a30b55c81495708241; expires=Fri, 25-May-18 10:30:41 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp2.globalsign.com/gsdomainvalg2 (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsdomainvalg2 (GET)
Size: 1581 bytes (DER data)
Response time: 508.398284ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign Domain Validation CA - G2 OCSP Responder
Issued by: GlobalSign Domain Validation CA - G2
Signing certificate validity: 2017-04-07 - 2017-07-15
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

URL used for GET request

http://ocsp2.globalsign.com/gsdomainvalg2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRFZY2iAXRAL%2FSLOmrAvGkggJXHygQUlq36sFu5g2QqdsIcimnaQtz%2B%2FSgCEhEhwrCYfPSXI5X71rklIdcu3w%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBRFZY2iAXRAL/SLOmrAvGkggJXHygQUlq36
sFu5g2QqdsIcimnaQtz+/SgCEhEhwrCYfPSXI5X71rklIdcu3w==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGKQoBAKCCBiIwggYeBgkrBgEFBQcwAQEEggYPMIIGCzCBxqIWBBRynJ3Kbqe2
WJznWRSmq+Q/aKwX9xgPMjAxNzA1MjUxMDMwNDFaMIGaMIGXMEswCQYFKw4DAhoF
AAQURWWNogF0QC/0izpqwLxpIICVx8oEFJat+rBbuYNkKnbCHIpp2kLc/v0oAhIR
IcKwmHz0lyOV+9a5JSHXLt+AABgPMjAxNzA1MjUxMDMwNDFaoBEYDzIwMTcwNTI5
MTAzMDQxWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNTI1MTAzMDQxWjANBgkq
hkiG9w0BAQsFAAOCAQEAYB4udB5+djlA36RpfaMHwY4G1MYNegB2CeSpOS+ZWp21
3YMY5Oi5vww8QZYgRUeGVdy0uJ53AqxDnToqERzx6rBW8NFcEOdLT/buiZ7OasoT
Z3hNbcqiUlVwYPAkXj+dzP/zbN6aI++OTJYU7u9yaTePVZZF+jkJiswjQR2W77iy
eR0z7Jc28OqTecWf2EzmrdtpriXFeCTFISM+8+e1jj+RP2JJtiPZshZi8yp15PPe
8hS/SKCALIwn6QeF1WB4VDsly+0QkdNPac/jwNzXDQ1t9t2WTB+xt3mdt6B5zDty
wXZCQW3xAexkzrFYeHk/kkT0aWYH88LqbcMhk6CjiqCCBCowggQmMIIEIjCCAwqg
AwIBAgIMfX2W6W5EqUSOjdVCMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRHbG9iYWxTaWdu
IERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIwHhcNMTcwNDA3MDAwMDAwWhcNMTcw
NzE1MDAwMDAwWjB9MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
di1zYTEVMBMGA1UEBRMMMjAxNjEyMDcxNjEzMTwwOgYDVQQDEzNHbG9iYWxTaWdu
IERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIgT0NTUCBSZXNwb25kZXIwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnn0tWr64LKqW2O71f1NZ7fdFWXvmi
75f7j8X/vepWw/ynz+Ett5KsjsslIUGA9jVps5nB4ysdJQFwdosHL0GZsYB8GdDZ
UuUslI8OjfdLWS34cRQu1hUwOi5GO+GIcV6vP3uRxoo7o0safK/Vaf7ocCoStxr4
oQIek55kY5lD0kp2jR/d+6kdCeJ5vY2In0VM3+UCAvbk6rNlMXwNbUO941brtZ34
/CYtIVpI+Y7mIqkBBVDcvlJXU5sqsxAFJvvHqCQ1AZdO+zEhnyD1e3jxSJqRSRTa
wdIHjdGf5CknOBjJCM7urbqdg+BLdc7o/HGPqibZKrcgmeAMRjhJhVNBAgMBAAGj
gccwgcQwHQYDVR0OBBYEFHKcncpup7ZYnOdZFKar5D9orBf3MB8GA1UdIwQYMBaA
FJat+rBbuYNkKnbCHIpp2kLc/v0oMA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUw
QzBBBgkrBgEEAaAyAV8wNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFs
c2lnbi5jb20vcmVwb3NpdG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoG
CCsGAQUFBwMJMA0GCSqGSIb3DQEBBQUAA4IBAQBxDp5sYtlYBmbRwDhDCcGP6L2L
55lPdAmqgdefEnCcwQk0NG/tfnPLomgQWNVasMropqwBRUWxrazldT4ugBQ9nH/Q
RNKRFnbrgjIhGl62F2/N9KuMhBUQzz+sl0mxkcVue6fYjf7C8YvtFHfxTktVrit2
2mYueuI703OFf1wN8Kye9LIJWBVaTgHQ0oEtQfqLDJAo+t88/yyDOyZMZeWplCR4
lPO3V92+/nA0XZE0toYCY1nDhM0XBxnLVZw1SB/jBQI/KF4M+8E/BQgpvGGIwLEL
rXNYZMBuL0j+4KO7v7wDZ4J/kzH9ODc6pC4eMhGlm9L9HHTKBFa3DsnxL3Yp
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEIjCCAwqgAwIBAgIMfX2W6W5EqUSOjdVCMA0GCSqGSIb3DQEBBQUAMFcxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRH
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIwHhcNMTcwNDA3MDAw
MDAwWhcNMTcwNzE1MDAwMDAwWjB9MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xv
YmFsU2lnbiBudi1zYTEVMBMGA1UEBRMMMjAxNjEyMDcxNjEzMTwwOgYDVQQDEzNH
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gRzIgT0NTUCBSZXNwb25k
ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnn0tWr64LKqW2O71f
1NZ7fdFWXvmi75f7j8X/vepWw/ynz+Ett5KsjsslIUGA9jVps5nB4ysdJQFwdosH
L0GZsYB8GdDZUuUslI8OjfdLWS34cRQu1hUwOi5GO+GIcV6vP3uRxoo7o0safK/V
af7ocCoStxr4oQIek55kY5lD0kp2jR/d+6kdCeJ5vY2In0VM3+UCAvbk6rNlMXwN
bUO941brtZ34/CYtIVpI+Y7mIqkBBVDcvlJXU5sqsxAFJvvHqCQ1AZdO+zEhnyD1
e3jxSJqRSRTawdIHjdGf5CknOBjJCM7urbqdg+BLdc7o/HGPqibZKrcgmeAMRjhJ
hVNBAgMBAAGjgccwgcQwHQYDVR0OBBYEFHKcncpup7ZYnOdZFKar5D9orBf3MB8G
A1UdIwQYMBaAFJat+rBbuYNkKnbCHIpp2kLc/v0oMA8GCSsGAQUFBzABBQQCBQAw
TAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8wNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93
d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMG
A1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBBQUAA4IBAQBxDp5sYtlYBmbR
wDhDCcGP6L2L55lPdAmqgdefEnCcwQk0NG/tfnPLomgQWNVasMropqwBRUWxrazl
dT4ugBQ9nH/QRNKRFnbrgjIhGl62F2/N9KuMhBUQzz+sl0mxkcVue6fYjf7C8Yvt
FHfxTktVrit22mYueuI703OFf1wN8Kye9LIJWBVaTgHQ0oEtQfqLDJAo+t88/yyD
OyZMZeWplCR4lPO3V92+/nA0XZE0toYCY1nDhM0XBxnLVZw1SB/jBQI/KF4M+8E/
BQgpvGGIwLELrXNYZMBuL0j+4KO7v7wDZ4J/kzH9ODc6pC4eMhGlm9L9HHTKBFa3
DsnxL3Yp
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3647d21c54ae1870-EWR]
Content-Length: [1581]
Content-Type: [application/ocsp-response]
Date: [Thu, 25 May 2017 10:30:41 GMT]
Etag: ["69e84a30ad5c485607f45a58f6a8f2deb1498658"]
Expires: [Mon, 29 May 2017 10:30:41 GMT]
Last-Modified: [Thu, 25 May 2017 10:30:41 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d349f1d0eb9890f1a05ea08207b01c4a71495708241; expires=Fri, 25-May-18 10:30:41 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GlobalSign Domain Validation CA - G2 (CA Certificate)

Certificate details for GlobalSign Domain Validation CA - G2 (At position 1 in certificate chain)
Serial number:
hex: 400000000012f4ee14143
int: 4835703278459819397300547
Issued by: GlobalSign Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.