CRL & OCSP report for www.antidoping.org.sg (Singapore Sports Council)

www.antidoping.org.sg

Certificate details for www.antidoping.org.sg (At position 0 in certificate chain)
Serial number:
hex: 1121364760ce2c9910046c2f06fd550ab84b
int: 1492210327876610629527016885458666204608587
Issued by: GlobalSign Organization Validation CA - SHA256 - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Singapore Sports Council
State / Province: Singapore
Locality: Singapore
Country: SG
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Check certificate compliance for www.antidoping.org.sg.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
Size: 130146 bytes (DER data)
Response time: 18.296295ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3994

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare, CloudFront
Cache Information: HIT, Miss from cloudfront

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3761d8cd92a00ed9-EWR]
Content-Length: [130146]
Content-Type: [application/pkix-crl]
Date: [Wed, 28 Jun 2017 15:58:19 GMT]
Etag: [E4BC]
Expires: [Wed, 05 Jul 2017 08:06:01 GMT]
Last-Modified: [Wed, 28 Jun 2017 08:06:01 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=dc7689f3543a2552dd201ed9a148690b11498665499; expires=Thu, 28-Jun-18 15:58:19 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
Via: [1.1 d2732303fd1054eafb760187913561e3.cloudfront.net (CloudFront)]
X-Amz-Cf-Id: [pmUvT_BsArhsmQjvm5WqvMjSaVID5NBDqMf1Wnhcm5t_htoHDeCz7Q==]
X-Cache: [Miss from cloudfront]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Issuer field is byte-for-byte equivalent with issuers subject
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.globalsign.com/gsorganizationvalsha2g2 (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsorganizationvalsha2g2 (POST)
Size: 1614 bytes (DER data)
Response time: 753.28174ms
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: GlobalSign Organization Validation CA - SHA256 - G2 - OCSP Responder
Issued by: GlobalSign Organization Validation CA - SHA256 - G2
Signing certificate validity: 2017-05-04 - 2017-08-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: MISS

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h
8b0cFilTHMDMfTuDAEDmGnwCEhEhNkdgziyZEARsLwb9VQq4Sw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGSgoBAKCCBkMwggY/BgkrBgEFBQcwAQEEggYwMIIGLDCBxqIWBBScTQCZAA6L
sAGBdaG68NAl16AcRxgPMjAxNzA2MjgxNTU4MjBaMIGaMIGXMEswCQYFKw4DAhoF
AAQUDJ5NnD3t74TYkelyx8+EBrwZewcEFJbeYfG9HBYpUxzAzH07gwBA5hp8AhIR
ITZHYM4smRAEbC8G/VUKuEuAABgPMjAxNzA2MjgxNTU4MjBaoBEYDzIwMTcwNzAy
MTU1ODIwWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNjI4MTU1ODIwWjANBgkq
hkiG9w0BAQsFAAOCAQEANJ9ScjUyHwD3BH2KGgmaqykI+Qbcrx0z/XXu5DIooxdK
QhkdAf5rqz2WmBcqA0z7UVKDUCnaYL6MB1MuQeQGtejgAXbJZ/d5VROvyEiHcjy5
JvjpBX2eo7IchBQrHWGjaoSKifYb1+lQIMvioKqEv8ux49Dc4XhL8sIkIbYjgJt5
9OnFGId6cJPQxEHYNct8XSpCgACm67Ma4u5GgfsnZ//sTRHyWwF9qz5EfdH1OhI5
So24wnpeIs1IBxYTngOckJyDkD9CjO8dnsW9hJtJrXtzmg6xGQytKYjOKDYIYfuv
2W905IgcYGlh7ClrDCI4MTAd3cKx+8OGHcF03VDpdqCCBEswggRHMIIEQzCCAyug
AwIBAgIMT5PxckEbzcevB5fpMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWdu
IE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTcw
NTA0MDgxMDI5WhcNMTcwODA0MDgxMDI5WjCBjjELMAkGA1UEBhMCQkUxGTAXBgNV
BAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwNTA0MDAxODFNMEsG
A1UEAxNER2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSAtIFNI
QTI1NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSQ5fPMGrj2VLO26fr3gWL1zATIshlqCbeNieKZJb6+l+pCgUX
9TjwkapZ9c63wS+dyXp/oy1oaa9rGOC5/Zqu7US3FLml1fz/g+11FwY+aBvBufxU
Mi6Sfg/xKju/1p92HV6iIWTsqOr3DMr6OINw2mWmom1l1RWUPqzuVpbhpWwTB7tQ
GTaGVoHFR+XTO1ibB3/cuf4GMTJVFilE0UUobGRR6g2HNjfNEECqnR0c/cds8JQZ
QZ4+bOnzvbzd9G0F1GU72LGTgLdu9n6QkFdigT+ii2dF1Yy4kJi5s2HgS035Rs4T
gn2BcW87U+UEHGAv1hJzkpjrljYc942hR+thAgMBAAGjgccwgcQwHQYDVR0OBBYE
FJxNAJkADouwAYF1obrw0CXXoBxHMB8GA1UdIwQYMBaAFJbeYfG9HBYpUxzAzH07
gwBA5hp8MA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8w
NDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3Np
dG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqG
SIb3DQEBCwUAA4IBAQAWWtpBlRgFXpKGwwI4SgyXbtukNg1ghV36rI5vBE16xwgT
zjmmaoRf5PmvKXmYbXsZymsRqQP/CbDJdhd8nk7wK8jFFMl/rugE84YpxbfFyPuW
JjDohBnrTFqRw9vFSzaTK+hPNn27XFKCQPFhbMiABez7LyPBm+fe9/s5sGDxFxfJ
/pH5N+aNj1BcSd2MoHCmJNXr16PiXMx4yAiTEzlXYB4Ixr+3EzmFzBbDXGoSFoBw
DAdIRIH+Yycd22QnVtq46qez7UWXyKJKWE3Mvufwp9sKu/e3/Upbh3DMu57JfmyP
d75wYQ5LGDhoERxk7q3Ms1CcP6RG88Q3P7/A+k8/
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEQzCCAyugAwIBAgIMT5PxckEbzcevB5fpMA0GCSqGSIb3DQEBCwUAMGYxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH
bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
RzIwHhcNMTcwNTA0MDgxMDI5WhcNMTcwODA0MDgxMDI5WjCBjjELMAkGA1UEBhMC
QkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwNTA0
MDAxODFNMEsGA1UEAxNER2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlv
biBDQSAtIFNIQTI1NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDSQ5fPMGrj2VLO26fr3gWL1zATIshlqCbeNieK
ZJb6+l+pCgUX9TjwkapZ9c63wS+dyXp/oy1oaa9rGOC5/Zqu7US3FLml1fz/g+11
FwY+aBvBufxUMi6Sfg/xKju/1p92HV6iIWTsqOr3DMr6OINw2mWmom1l1RWUPqzu
VpbhpWwTB7tQGTaGVoHFR+XTO1ibB3/cuf4GMTJVFilE0UUobGRR6g2HNjfNEECq
nR0c/cds8JQZQZ4+bOnzvbzd9G0F1GU72LGTgLdu9n6QkFdigT+ii2dF1Yy4kJi5
s2HgS035Rs4Tgn2BcW87U+UEHGAv1hJzkpjrljYc942hR+thAgMBAAGjgccwgcQw
HQYDVR0OBBYEFJxNAJkADouwAYF1obrw0CXXoBxHMB8GA1UdIwQYMBaAFJbeYfG9
HBYpUxzAzH07gwBA5hp8MA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkr
BgEEAaAyAV8wNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j
b20vcmVwb3NpdG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUF
BwMJMA0GCSqGSIb3DQEBCwUAA4IBAQAWWtpBlRgFXpKGwwI4SgyXbtukNg1ghV36
rI5vBE16xwgTzjmmaoRf5PmvKXmYbXsZymsRqQP/CbDJdhd8nk7wK8jFFMl/rugE
84YpxbfFyPuWJjDohBnrTFqRw9vFSzaTK+hPNn27XFKCQPFhbMiABez7LyPBm+fe
9/s5sGDxFxfJ/pH5N+aNj1BcSd2MoHCmJNXr16PiXMx4yAiTEzlXYB4Ixr+3EzmF
zBbDXGoSFoBwDAdIRIH+Yycd22QnVtq46qez7UWXyKJKWE3Mvufwp9sKu/e3/Upb
h3DMu57JfmyPd75wYQ5LGDhoERxk7q3Ms1CcP6RG88Q3P7/A+k8/
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [MISS]
Cf-Ray: [3761d8cd915021f2-EWR]
Content-Length: [1614]
Content-Type: [application/ocsp-response]
Date: [Wed, 28 Jun 2017 15:58:20 GMT]
Etag: ["937ca6b411c1a9d37803b6cc65ca7631f43848dd"]
Expires: [Sun, 02 Jul 2017 15:58:20 GMT]
Last-Modified: [Wed, 28 Jun 2017 15:58:20 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d9b99563f64c0d9b533c8ab5c437af6941498665499; expires=Thu, 28-Jun-18 15:58:19 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp2.globalsign.com/gsorganizationvalsha2g2 (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsorganizationvalsha2g2 (GET)
Size: 1614 bytes (DER data)
Response time: 1.008783588s
Signature algorithm: SHA256WithRSA
Signature type: CA Delegated
Signed by: GlobalSign Organization Validation CA - SHA256 - G2 - OCSP Responder
Issued by: GlobalSign Organization Validation CA - SHA256 - G2
Signing certificate validity: 2017-05-04 - 2017-08-04
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

URL used for GET request

http://ocsp2.globalsign.com/gsorganizationvalsha2g2/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCEhEhNkdgziyZEARsLwb9VQq4Sw%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MFMwUTBPME0wSzAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h
8b0cFilTHMDMfTuDAEDmGnwCEhEhNkdgziyZEARsLwb9VQq4Sw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGSgoBAKCCBkMwggY/BgkrBgEFBQcwAQEEggYwMIIGLDCBxqIWBBScTQCZAA6L
sAGBdaG68NAl16AcRxgPMjAxNzA2MjgxNTU4MjBaMIGaMIGXMEswCQYFKw4DAhoF
AAQUDJ5NnD3t74TYkelyx8+EBrwZewcEFJbeYfG9HBYpUxzAzH07gwBA5hp8AhIR
ITZHYM4smRAEbC8G/VUKuEuAABgPMjAxNzA2MjgxNTU4MjBaoBEYDzIwMTcwNzAy
MTU1ODIwWqEiMCAwHgYJKwYBBQUHMAEGBBEYDzIwMTYwNjI4MTU1ODIwWjANBgkq
hkiG9w0BAQsFAAOCAQEANJ9ScjUyHwD3BH2KGgmaqykI+Qbcrx0z/XXu5DIooxdK
QhkdAf5rqz2WmBcqA0z7UVKDUCnaYL6MB1MuQeQGtejgAXbJZ/d5VROvyEiHcjy5
JvjpBX2eo7IchBQrHWGjaoSKifYb1+lQIMvioKqEv8ux49Dc4XhL8sIkIbYjgJt5
9OnFGId6cJPQxEHYNct8XSpCgACm67Ma4u5GgfsnZ//sTRHyWwF9qz5EfdH1OhI5
So24wnpeIs1IBxYTngOckJyDkD9CjO8dnsW9hJtJrXtzmg6xGQytKYjOKDYIYfuv
2W905IgcYGlh7ClrDCI4MTAd3cKx+8OGHcF03VDpdqCCBEswggRHMIIEQzCCAyug
AwIBAgIMT5PxckEbzcevB5fpMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWdu
IE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTcw
NTA0MDgxMDI5WhcNMTcwODA0MDgxMDI5WjCBjjELMAkGA1UEBhMCQkUxGTAXBgNV
BAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwNTA0MDAxODFNMEsG
A1UEAxNER2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSAtIFNI
QTI1NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSQ5fPMGrj2VLO26fr3gWL1zATIshlqCbeNieKZJb6+l+pCgUX
9TjwkapZ9c63wS+dyXp/oy1oaa9rGOC5/Zqu7US3FLml1fz/g+11FwY+aBvBufxU
Mi6Sfg/xKju/1p92HV6iIWTsqOr3DMr6OINw2mWmom1l1RWUPqzuVpbhpWwTB7tQ
GTaGVoHFR+XTO1ibB3/cuf4GMTJVFilE0UUobGRR6g2HNjfNEECqnR0c/cds8JQZ
QZ4+bOnzvbzd9G0F1GU72LGTgLdu9n6QkFdigT+ii2dF1Yy4kJi5s2HgS035Rs4T
gn2BcW87U+UEHGAv1hJzkpjrljYc942hR+thAgMBAAGjgccwgcQwHQYDVR0OBBYE
FJxNAJkADouwAYF1obrw0CXXoBxHMB8GA1UdIwQYMBaAFJbeYfG9HBYpUxzAzH07
gwBA5hp8MA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkrBgEEAaAyAV8w
NDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3Np
dG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqG
SIb3DQEBCwUAA4IBAQAWWtpBlRgFXpKGwwI4SgyXbtukNg1ghV36rI5vBE16xwgT
zjmmaoRf5PmvKXmYbXsZymsRqQP/CbDJdhd8nk7wK8jFFMl/rugE84YpxbfFyPuW
JjDohBnrTFqRw9vFSzaTK+hPNn27XFKCQPFhbMiABez7LyPBm+fe9/s5sGDxFxfJ
/pH5N+aNj1BcSd2MoHCmJNXr16PiXMx4yAiTEzlXYB4Ixr+3EzmFzBbDXGoSFoBw
DAdIRIH+Yycd22QnVtq46qez7UWXyKJKWE3Mvufwp9sKu/e3/Upbh3DMu57JfmyP
d75wYQ5LGDhoERxk7q3Ms1CcP6RG88Q3P7/A+k8/
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEQzCCAyugAwIBAgIMT5PxckEbzcevB5fpMA0GCSqGSIb3DQEBCwUAMGYxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH
bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
RzIwHhcNMTcwNTA0MDgxMDI5WhcNMTcwODA0MDgxMDI5WjCBjjELMAkGA1UEBhMC
QkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTcwNTA0
MDAxODFNMEsGA1UEAxNER2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlv
biBDQSAtIFNIQTI1NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDSQ5fPMGrj2VLO26fr3gWL1zATIshlqCbeNieK
ZJb6+l+pCgUX9TjwkapZ9c63wS+dyXp/oy1oaa9rGOC5/Zqu7US3FLml1fz/g+11
FwY+aBvBufxUMi6Sfg/xKju/1p92HV6iIWTsqOr3DMr6OINw2mWmom1l1RWUPqzu
VpbhpWwTB7tQGTaGVoHFR+XTO1ibB3/cuf4GMTJVFilE0UUobGRR6g2HNjfNEECq
nR0c/cds8JQZQZ4+bOnzvbzd9G0F1GU72LGTgLdu9n6QkFdigT+ii2dF1Yy4kJi5
s2HgS035Rs4Tgn2BcW87U+UEHGAv1hJzkpjrljYc942hR+thAgMBAAGjgccwgcQw
HQYDVR0OBBYEFJxNAJkADouwAYF1obrw0CXXoBxHMB8GA1UdIwQYMBaAFJbeYfG9
HBYpUxzAzH07gwBA5hp8MA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkr
BgEEAaAyAV8wNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j
b20vcmVwb3NpdG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUF
BwMJMA0GCSqGSIb3DQEBCwUAA4IBAQAWWtpBlRgFXpKGwwI4SgyXbtukNg1ghV36
rI5vBE16xwgTzjmmaoRf5PmvKXmYbXsZymsRqQP/CbDJdhd8nk7wK8jFFMl/rugE
84YpxbfFyPuWJjDohBnrTFqRw9vFSzaTK+hPNn27XFKCQPFhbMiABez7LyPBm+fe
9/s5sGDxFxfJ/pH5N+aNj1BcSd2MoHCmJNXr16PiXMx4yAiTEzlXYB4Ixr+3EzmF
zBbDXGoSFoBwDAdIRIH+Yycd22QnVtq46qez7UWXyKJKWE3Mvufwp9sKu/e3/Upb
h3DMu57JfmyPd75wYQ5LGDhoERxk7q3Ms1CcP6RG88Q3P7/A+k8/
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3761d8cd94021870-EWR]
Content-Length: [1614]
Content-Type: [application/ocsp-response]
Date: [Wed, 28 Jun 2017 15:58:20 GMT]
Etag: ["937ca6b411c1a9d37803b6cc65ca7631f43848dd"]
Expires: [Sun, 02 Jul 2017 15:58:20 GMT]
Last-Modified: [Wed, 28 Jun 2017 15:58:20 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=dc3b9fb95037b7f12a5e092f382df9f8d1498665499; expires=Thu, 28-Jun-18 15:58:19 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP requests is smaller than 255 bytes
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • OCSP response is valid for at least 8 hours (Microsoft)
  • OCSP response is available at least 8 hours before the current period expires or at ½ the validity if valid for more than 16 hours (Microsoft)
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GlobalSign Organization Validation CA - SHA256 - G2 (CA Certificate)

Certificate details for GlobalSign Organization Validation CA - SHA256 - G2 (At position 1 in certificate chain)
Serial number:
hex: 40000000001444ef04247
int: 4835703278459909592597063
Issued by: GlobalSign Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This certificate contains no information about authoritative CRL(s) or OCSP servers

Check the revocation status for another website

Created by Paul van Brouwershaven
© 2015 - 2017 Digitorus B.V.
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.